Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C725F/4E8D2B5C5D4411EA94C97D11C4F9AE02/A66B641E5D4511EAA8469113C4F9AE02.roa
File: A66B641E5D4511EAA8469113C4F9AE02.roa (raw, json)
Hash identifier: xsGeEvF7pHRb5L282iNwyqaBM+JrOJ1dK/PKHfz+dlM=
Subject key identifier: 6A:5B:91:F3:DE:08:80:03:AE:22:71:71:A2:70:E6:FC:FB:28:B3:9C
Certificate issuer: /CN=A91C725F/serialNumber=CC72E1797B2204D8EC69EC98C41739CC8C664C9C
Certificate serial: 093A
Authority key identifier: CC:72:E1:79:7B:22:04:D8:EC:69:EC:98:C4:17:39:CC:8C:66:4C:9C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zHLheXsiBNjsaeyYxBc5zIxmTJw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C725F/4E8D2B5C5D4411EA94C97D11C4F9AE02/A66B641E5D4511EAA8469113C4F9AE02.roa
Signing time: Thu 31 Aug 2023 20:27:54 +0000
ROA not before: Thu 31 Aug 2023 20:27:54 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 134585
IP address blocks: 103.120.192.0/22 maxlen: 22
103.120.192.0/24 maxlen: 24
103.120.193.0/24 maxlen: 24
103.120.194.0/24 maxlen: 24
103.120.195.0/24 maxlen: 24
2403:5bc0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2362 (0x93a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C725F/serialNumber=CC72E1797B2204D8EC69EC98C41739CC8C664C9C
Validity
Not Before: Aug 31 20:27:54 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64f0f7ca-afdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5c:2e:59:a7:b5:3e:0d:4b:d2:18:29:3d:ea:
93:1f:3a:68:e0:e7:24:9e:72:8e:1d:87:b3:23:30:
70:3a:80:9d:5d:c4:b4:15:60:83:a7:86:60:1f:a7:
a6:37:88:f1:58:54:2b:b0:9f:03:5f:de:f4:e5:da:
ef:59:23:12:99:14:93:fa:9c:03:ba:18:8f:5b:ae:
d5:53:91:3e:2e:08:9b:e7:c5:6e:ec:a8:76:36:ca:
83:87:ae:fb:e5:3a:63:f3:38:13:6d:5a:28:94:6a:
24:63:2d:68:31:e8:4f:7a:c6:a0:d1:2e:b4:c1:d9:
0c:68:89:fa:3e:ce:6c:7c:62:82:b1:5f:23:42:63:
33:87:bf:9b:d7:54:a0:54:4e:86:cf:0f:f5:14:fa:
52:cd:15:41:42:08:1e:06:fc:33:95:59:46:99:1d:
6b:e5:eb:e6:43:10:5e:33:e9:be:f6:5e:41:49:28:
e8:83:cf:05:26:56:1c:bb:b8:19:56:8a:9b:19:60:
5f:6c:e0:a9:ea:f9:28:1b:54:f7:de:16:8c:a0:ac:
7d:20:f8:a7:f1:29:17:72:98:d7:2b:16:50:db:8a:
f1:22:6b:41:5d:5c:53:e5:79:11:9f:7c:64:5b:89:
f9:ec:51:2c:cd:3c:e6:3f:5f:ba:3a:ff:00:d8:71:
08:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:5B:91:F3:DE:08:80:03:AE:22:71:71:A2:70:E6:FC:FB:28:B3:9C
X509v3 Authority Key Identifier:
keyid:CC:72:E1:79:7B:22:04:D8:EC:69:EC:98:C4:17:39:CC:8C:66:4C:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C725F/4E8D2B5C5D4411EA94C97D11C4F9AE02/zHLheXsiBNjsaeyYxBc5zIxmTJw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zHLheXsiBNjsaeyYxBc5zIxmTJw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C725F/4E8D2B5C5D4411EA94C97D11C4F9AE02/A66B641E5D4511EAA8469113C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.120.192.0/22
IPv6:
2403:5bc0::/32
Signature Algorithm: sha256WithRSAEncryption
99:08:58:c8:76:b4:24:d3:7b:19:88:76:1a:cf:35:06:57:a6:
e3:d1:41:43:86:0b:d3:a5:38:c0:39:ad:4d:e3:99:0d:9b:c8:
66:0f:be:52:b0:3b:89:da:0b:4c:d1:12:20:f7:3d:68:4f:ad:
db:44:3d:67:14:0f:5a:e4:b6:13:e0:62:6d:35:af:37:86:b6:
f5:27:ee:1f:b1:c6:61:4b:d4:7a:91:88:ed:58:02:61:0a:ef:
d7:e5:32:7b:56:01:c9:e6:12:df:0b:d1:17:39:af:3d:e5:6f:
c3:b7:3e:ec:ad:de:0d:a7:f4:ea:ec:f6:7f:53:bd:37:eb:c2:
65:13:ee:db:ad:a7:b2:4e:b2:ac:f0:38:d7:e6:50:d4:eb:e8:
ac:40:17:94:23:96:79:15:49:d5:aa:b7:46:e0:36:9a:ee:dc:
91:5e:60:84:83:4e:f0:2a:59:f9:7f:df:f7:7b:59:7d:0b:3a:
06:1b:c4:b0:86:34:1b:a4:cc:40:d3:62:8b:61:07:77:82:d2:
61:84:17:87:69:16:0f:a5:7e:c8:0d:8f:22:e3:a6:80:8f:e9:
93:ae:25:a3:5e:5b:dd:50:d4:37:d4:a5:e1:e6:4c:c5:94:f9:
68:b1:64:21:f9:7d:1d:8c:98:a8:8b:9c:f9:c5:9a:42:57:c9:
79:8e:6f:35
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCTowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzcyNUYxMTAvBgNVBAUTKENDNzJFMTc5N0IyMjA0RDhFQzY5RUM5OEM0MTczOUND
OEM2NjRDOUMwHhcNMjMwODMxMjAyNzU0WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGYwZjdjYS1hZmRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvFwuWae1Pg1L0hgpPeqTHzpo4OcknnKOHYezIzBwOoCdXcS0FWCDp4ZgH6em
N4jxWFQrsJ8DX9705drvWSMSmRST+pwDuhiPW67VU5E+Lgib58Vu7Kh2NsqDh677
5Tpj8zgTbVoolGokYy1oMehPesag0S60wdkMaIn6Ps5sfGKCsV8jQmMzh7+b11Sg
VE6Gzw/1FPpSzRVBQggeBvwzlVlGmR1r5evmQxBeM+m+9l5BSSjog88FJlYcu7gZ
VoqbGWBfbOCp6vkoG1T33haMoKx9IPin8SkXcpjXKxZQ24rxImtBXVxT5XkRn3xk
W4n57FEszTzmP1+6Ov8A2HEIkQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFGpbkfPe
CIADriJxcaJw5vz7KLOcMB8GA1UdIwQYMBaAFMxy4Xl7IgTY7GnsmMQXOcyMZkyc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzI1Ri80RThEMkI1QzVE
NDQxMUVBOTRDOTdEMTFDNEY5QUUwMi96SExoZVhzaUJOanNhZXlZeEJjNXpJeG1U
SncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pITGhlWHNpQk5qc2FleVl4QmM1ekl4bVRKdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzcyNUYvNEU4RDJCNUM1RDQ0MTFFQTk0Qzk3RDExQzRGOUFFMDIvQTY2QjY0MUU1
RDQ1MTFFQUE4NDY5MTEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJneMAwDQQCAAIwBwMFACQDW8AwDQYJKoZIhvcNAQELBQAD
ggEBAJkIWMh2tCTTexmIdhrPNQZXpuPRQUOGC9OlOMA5rU3jmQ2byGYPvlKwO4na
C0zREiD3PWhPrdtEPWcUD1rkthPgYm01rzeGtvUn7h+xxmFL1HqRiO1YAmEK79fl
MntWAcnmEt8L0Rc5rz3lb8O3Puyt3g2n9Ors9n9TvTfrwmUT7tutp7JOsqzwONfm
UNTr6KxAF5QjlnkVSdWqt0bgNpru3JFeYISDTvAqWfl/3/d7WX0LOgYbxLCGNBuk
zEDTYothB3eC0mGEF4dpFg+lfsgNjyLjpoCP6ZOuJaNeW91Q1DfUpeHmTMWU+Wix
ZCH5fR2MmKiLnPnFmkJXyXmObzU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org