Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7633/81DB5F821D7F11EB8AECD529C4F9AE02/5043AE2A244811EEAEC85625C4F9AE02.roa
File: 5043AE2A244811EEAEC85625C4F9AE02.roa (raw, json)
Hash identifier: OSj15+5H2utyo3XFmZetP9R+hVnSGrnozbx3l7MXXV4=
Subject key identifier: 19:B5:19:32:0C:DD:6C:EC:AD:D9:A3:66:12:07:40:51:F2:D3:34:77
Certificate issuer: /CN=A91C7633/serialNumber=F1293940856BFD03AAA12C2DC952AEEB5486B1D8
Certificate serial: 0607
Authority key identifier: F1:29:39:40:85:6B:FD:03:AA:A1:2C:2D:C9:52:AE:EB:54:86:B1:D8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Sk5QIVr_QOqoSwtyVKu61SGsdg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7633/81DB5F821D7F11EB8AECD529C4F9AE02/5043AE2A244811EEAEC85625C4F9AE02.roa
Signing time: Mon 17 Jul 2023 02:19:10 +0000
ROA not before: Mon 17 Jul 2023 02:19:10 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 133579
IP address blocks: 101.100.131.0/24 maxlen: 24
101.100.132.0/24 maxlen: 24
101.100.133.0/24 maxlen: 24
101.100.134.0/24 maxlen: 24
101.100.135.0/24 maxlen: 24
101.100.136.0/24 maxlen: 24
101.100.137.0/24 maxlen: 24
101.100.138.0/24 maxlen: 24
101.100.139.0/24 maxlen: 24
101.100.140.0/24 maxlen: 24
101.100.141.0/24 maxlen: 24
101.100.142.0/24 maxlen: 24
101.100.143.0/24 maxlen: 24
101.100.144.0/24 maxlen: 24
101.100.145.0/24 maxlen: 24
101.100.146.0/24 maxlen: 24
101.100.147.0/24 maxlen: 24
101.100.148.0/24 maxlen: 24
101.100.149.0/24 maxlen: 24
101.100.150.0/24 maxlen: 24
101.100.151.0/24 maxlen: 24
101.100.152.0/24 maxlen: 24
101.100.153.0/24 maxlen: 24
101.100.154.0/24 maxlen: 24
101.100.155.0/24 maxlen: 24
101.100.156.0/24 maxlen: 24
101.100.158.0/24 maxlen: 24
101.100.159.0/24 maxlen: 24
103.237.40.0/24 maxlen: 24
103.237.41.0/24 maxlen: 24
103.237.42.0/24 maxlen: 24
103.237.43.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1543 (0x607)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7633/serialNumber=F1293940856BFD03AAA12C2DC952AEEB5486B1D8
Validity
Not Before: Jul 17 02:19:10 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=64b4a51e-2149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:10:e7:51:50:a1:67:74:bc:c0:8f:d6:db:2b:
5e:e8:22:1e:14:57:c7:57:f7:84:7c:23:f2:5c:01:
45:dd:41:16:45:65:13:c5:e3:8c:d4:44:df:94:dc:
01:3f:ae:19:d9:84:18:b4:b5:66:a9:3c:9c:66:8c:
65:2f:c6:19:37:71:3c:50:bd:e3:88:95:30:d3:7e:
4d:2d:74:26:e9:d1:55:de:75:8d:f6:22:26:46:7b:
15:e4:69:42:ea:2c:d9:54:96:ef:74:0e:fd:34:00:
8f:2d:75:c7:5a:ad:d8:50:ea:1a:43:52:82:17:65:
4a:1b:1f:c9:9f:5c:1d:fa:a5:5b:0f:e6:c4:2b:28:
4b:19:44:f9:b7:2d:cc:22:cf:02:11:da:f2:f3:8d:
f2:b1:97:2c:0e:60:4d:d2:e8:a6:f1:02:ee:dc:78:
7e:46:c7:c5:0b:76:67:ae:be:b9:f8:74:cb:c8:53:
ec:c9:c8:4a:c9:a9:3c:43:fb:63:7c:6a:40:f6:b7:
09:2c:de:2a:25:28:f0:24:60:41:75:f2:18:f4:46:
d9:5e:ac:3f:cd:a3:84:12:52:c4:e4:e6:9f:6a:2b:
e1:80:dd:a9:bb:72:ed:c2:c1:34:3e:13:0f:60:f0:
f2:6e:b0:36:eb:ba:b8:02:13:24:80:0c:eb:91:3b:
b5:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:B5:19:32:0C:DD:6C:EC:AD:D9:A3:66:12:07:40:51:F2:D3:34:77
X509v3 Authority Key Identifier:
keyid:F1:29:39:40:85:6B:FD:03:AA:A1:2C:2D:C9:52:AE:EB:54:86:B1:D8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7633/81DB5F821D7F11EB8AECD529C4F9AE02/8Sk5QIVr_QOqoSwtyVKu61SGsdg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Sk5QIVr_QOqoSwtyVKu61SGsdg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7633/81DB5F821D7F11EB8AECD529C4F9AE02/5043AE2A244811EEAEC85625C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.100.131.0-101.100.156.255
101.100.158.0/23
103.237.40.0/22
Signature Algorithm: sha256WithRSAEncryption
53:6e:d5:46:2d:33:c9:c7:9d:98:d0:11:e2:b7:09:23:ca:10:
32:06:af:fe:53:1a:0c:73:92:88:f6:7a:9f:54:40:68:36:fb:
05:78:4f:ed:0f:0b:6a:58:8b:4a:9f:a8:d2:41:ff:67:5c:34:
75:b5:04:cb:83:b9:4c:64:7d:17:fe:d9:2d:a6:2b:85:d8:ff:
eb:26:1a:ac:37:46:14:fc:0e:b7:38:96:4a:fd:bf:db:09:58:
4c:ad:be:a4:ec:9b:08:4f:98:61:f2:ab:77:8c:51:a1:3b:37:
fc:25:43:7d:ee:fc:6d:a5:15:c8:96:fb:12:6c:9a:bf:8b:05:
37:f8:f0:95:13:d2:e0:14:0d:7a:41:1a:23:2d:f5:62:08:0a:
0b:f5:ee:4f:e6:8d:ec:7d:ae:13:e2:4c:09:4c:b0:7f:d4:e0:
f9:4b:82:36:0f:9e:c2:23:4e:b5:00:82:1e:05:70:38:56:8f:
4b:8c:ef:21:30:db:d1:40:93:fc:12:4b:89:35:62:41:d3:de:
41:93:7d:e1:50:1d:72:ff:bd:eb:bf:23:ad:10:ef:cb:f3:81:
91:65:42:8b:bd:1b:81:92:9b:1a:6c:77:f2:83:cd:4f:28:5a:
b5:eb:fc:23:45:2f:28:ef:d6:b7:17:a8:52:24:d3:eb:c6:ee:
83:dd:7d:e5
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICBgcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qzc2MzMxMTAvBgNVBAUTKEYxMjkzOTQwODU2QkZEMDNBQUExMkMyREM5NTJBRUVC
NTQ4NkIxRDgwHhcNMjMwNzE3MDIxOTEwWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGI0YTUxZS0yMTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0hDnUVChZ3S8wI/W2yte6CIeFFfHV/eEfCPyXAFF3UEWRWUTxeOM1ETflNwB
P64Z2YQYtLVmqTycZoxlL8YZN3E8UL3jiJUw035NLXQm6dFV3nWN9iImRnsV5GlC
6izZVJbvdA79NACPLXXHWq3YUOoaQ1KCF2VKGx/Jn1wd+qVbD+bEKyhLGUT5ty3M
Is8CEdry843ysZcsDmBN0uim8QLu3Hh+RsfFC3Znrr65+HTLyFPsychKyak8Q/tj
fGpA9rcJLN4qJSjwJGBBdfIY9EbZXqw/zaOEElLE5OafaivhgN2pu3LtwsE0PhMP
YPDybrA267q4AhMkgAzrkTu1tQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFBm1GTIM
3WzsrdmjZhIHQFHy0zR3MB8GA1UdIwQYMBaAFPEpOUCFa/0DqqEsLclSrutUhrHY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzYzMy84MURCNUY4MjFE
N0YxMUVCOEFFQ0Q1MjlDNEY5QUUwMi84U2s1UUlWcl9RT3FvU3d0eVZLdTYxU0dz
ZGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhTazVRSVZyX1FPcW9Td3R5Vkt1NjFTR3NkZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qzc2MzMvODFEQjVGODIxRDdGMTFFQjhBRUNENTI5QzRGOUFFMDIvNTA0M0FFMkEy
NDQ4MTFFRUFFQzg1NjI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBowDAMEAGVkgwMEAGVknAMEAWVkngMEAmftKDANBgkqhkiG9w0B
AQsFAAOCAQEAU27VRi0zycedmNAR4rcJI8oQMgav/lMaDHOSiPZ6n1RAaDb7BXhP
7Q8LaliLSp+o0kH/Z1w0dbUEy4O5TGR9F/7ZLaYrhdj/6yYarDdGFPwOtziWSv2/
2wlYTK2+pOybCE+YYfKrd4xRoTs3/CVDfe78baUVyJb7Emyav4sFN/jwlRPS4BQN
ekEaIy31YggKC/XuT+aN7H2uE+JMCUywf9Tg+UuCNg+ewiNOtQCCHgVwOFaPS4zv
ITDb0UCT/BJLiTViQdPeQZN94VAdcv+9678jrRDvy/OBkWVCi70bgZKbGmx38oPN
Tyhatev8I0UvKO/WtxeoUiTT68bug9195Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org