Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7633/81DB5F821D7F11EB8AECD529C4F9AE02/7BF8EFE01E2311EB94EBF277C4F9AE02.roa
File: 7BF8EFE01E2311EB94EBF277C4F9AE02.roa (raw, json)
Hash identifier: xLQL+nPoSiF9qD71PmNI/gTjFG5DzfuWfaAKoTKeDtg=
Subject key identifier: 18:DE:1E:3A:1D:84:E8:A9:14:EC:79:10:76:DA:F2:28:07:9F:80:AF
Certificate issuer: /CN=A91C7633/serialNumber=F1293940856BFD03AAA12C2DC952AEEB5486B1D8
Certificate serial: 053B
Authority key identifier: F1:29:39:40:85:6B:FD:03:AA:A1:2C:2D:C9:52:AE:EB:54:86:B1:D8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Sk5QIVr_QOqoSwtyVKu61SGsdg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7633/81DB5F821D7F11EB8AECD529C4F9AE02/7BF8EFE01E2311EB94EBF277C4F9AE02.roa
Signing time: Mon 05 Sep 2022 12:19:55 +0000
ROA not before: Mon 05 Sep 2022 12:19:55 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 133579
IP address blocks: 101.100.128.0/24 maxlen: 24
101.100.129.0/24 maxlen: 24
101.100.130.0/24 maxlen: 24
101.100.131.0/24 maxlen: 24
101.100.132.0/24 maxlen: 24
101.100.133.0/24 maxlen: 24
101.100.134.0/24 maxlen: 24
101.100.135.0/24 maxlen: 24
101.100.136.0/24 maxlen: 24
101.100.137.0/24 maxlen: 24
101.100.138.0/24 maxlen: 24
101.100.139.0/24 maxlen: 24
101.100.140.0/24 maxlen: 24
101.100.141.0/24 maxlen: 24
101.100.142.0/24 maxlen: 24
101.100.143.0/24 maxlen: 24
101.100.144.0/24 maxlen: 24
101.100.145.0/24 maxlen: 24
101.100.146.0/24 maxlen: 24
101.100.147.0/24 maxlen: 24
101.100.148.0/24 maxlen: 24
101.100.149.0/24 maxlen: 24
101.100.150.0/24 maxlen: 24
101.100.151.0/24 maxlen: 24
101.100.152.0/24 maxlen: 24
101.100.153.0/24 maxlen: 24
101.100.154.0/24 maxlen: 24
101.100.155.0/24 maxlen: 24
101.100.156.0/24 maxlen: 24
101.100.158.0/24 maxlen: 24
101.100.159.0/24 maxlen: 24
103.237.40.0/24 maxlen: 24
103.237.41.0/24 maxlen: 24
103.237.42.0/24 maxlen: 24
103.237.43.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1339 (0x53b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7633/serialNumber=F1293940856BFD03AAA12C2DC952AEEB5486B1D8
Validity
Not Before: Sep 5 12:19:55 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=6315e96a-fd97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:37:74:30:f7:5e:55:14:92:6e:ad:49:14:96:
2a:ed:be:63:c2:22:46:aa:70:90:ac:e3:be:fd:7d:
85:56:5b:7f:92:1c:11:2e:c5:82:82:8c:cc:d4:2b:
af:cf:b6:e9:4f:5c:e3:03:47:08:f5:9c:61:ec:9c:
aa:13:15:47:33:f9:d4:34:44:df:73:f6:43:00:f6:
c6:2e:5d:8e:95:6a:d4:06:ed:60:db:81:84:62:9e:
95:76:0e:ab:fe:9d:79:60:cd:4b:b0:2d:ab:12:fa:
45:52:4e:96:35:81:60:4c:ad:49:4e:2d:d9:98:eb:
c2:ff:e9:02:ed:48:5c:71:e6:ef:fc:ce:ca:54:54:
a1:b9:93:40:2c:e4:4e:78:10:9d:5b:5a:67:6c:b8:
3f:0f:97:91:be:21:95:a7:c3:3a:d8:8d:ec:14:8f:
43:9e:fb:a7:86:df:80:cf:6f:ee:4f:23:b9:f2:76:
22:9d:fa:00:f5:f3:d8:f4:aa:df:74:74:91:a5:9b:
76:00:60:81:1f:22:e1:f7:14:d0:34:6b:b0:0f:3e:
35:b7:84:30:fd:23:4e:e7:c0:fe:95:5c:5f:25:ef:
fb:67:5f:d5:39:5d:e7:0c:e6:3d:7f:68:8d:ae:00:
e1:66:d5:9d:7b:a6:f9:97:1f:5a:7e:82:0b:8b:20:
1d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:DE:1E:3A:1D:84:E8:A9:14:EC:79:10:76:DA:F2:28:07:9F:80:AF
X509v3 Authority Key Identifier:
keyid:F1:29:39:40:85:6B:FD:03:AA:A1:2C:2D:C9:52:AE:EB:54:86:B1:D8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7633/81DB5F821D7F11EB8AECD529C4F9AE02/8Sk5QIVr_QOqoSwtyVKu61SGsdg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Sk5QIVr_QOqoSwtyVKu61SGsdg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7633/81DB5F821D7F11EB8AECD529C4F9AE02/7BF8EFE01E2311EB94EBF277C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.100.128.0-101.100.156.255
101.100.158.0/23
103.237.40.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:ba:77:94:4b:fe:c6:81:3a:81:f2:71:80:a5:ab:85:e1:de:
53:36:60:36:d4:7a:df:da:a9:68:2c:c8:e4:33:5f:f9:d4:a2:
9a:12:1b:d8:dd:25:f8:e4:87:34:ff:b8:10:48:84:94:28:55:
9d:a1:a8:2d:ba:cc:c3:79:c9:3e:97:3b:39:75:84:ef:c3:8d:
05:f6:dd:58:00:f9:9a:9b:53:81:69:e0:3e:39:37:f8:e3:a5:
5c:c4:54:32:c5:6d:70:ab:3f:24:89:bf:0f:26:00:7b:bb:45:
f5:42:c8:ba:95:73:5a:a2:6f:52:dd:04:b3:4f:a2:2e:87:d0:
92:ef:0a:07:83:e6:0b:2e:22:48:e2:dc:28:99:ac:50:b6:c2:
ef:44:58:06:ba:ed:fb:8c:50:05:b5:00:72:3e:f2:70:b7:d7:
46:e7:ac:ee:7e:ef:3a:27:a6:e9:90:53:92:bc:e0:6b:eb:80:
aa:0d:f0:5e:24:15:e3:cc:38:d7:f1:51:b8:ac:03:a3:31:84:
3c:4b:c1:83:2b:a7:00:65:9a:06:e4:74:20:fe:40:8c:c5:b6:
3b:ca:6a:d1:8e:5c:ea:3d:6c:25:09:dc:e9:42:9b:0b:e6:2a:
e9:8f:28:26:79:10:5d:da:94:05:78:14:e7:08:ef:44:18:e5:
b5:0c:6c:0d
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICBTswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qzc2MzMxMTAvBgNVBAUTKEYxMjkzOTQwODU2QkZEMDNBQUExMkMyREM5NTJBRUVC
NTQ4NkIxRDgwHhcNMjIwOTA1MTIxOTU1WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzE1ZTk2YS1mZDk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwDd0MPdeVRSSbq1JFJYq7b5jwiJGqnCQrOO+/X2FVlt/khwRLsWCgozM1Cuv
z7bpT1zjA0cI9Zxh7JyqExVHM/nUNETfc/ZDAPbGLl2OlWrUBu1g24GEYp6Vdg6r
/p15YM1LsC2rEvpFUk6WNYFgTK1JTi3ZmOvC/+kC7Uhccebv/M7KVFShuZNALORO
eBCdW1pnbLg/D5eRviGVp8M62I3sFI9Dnvunht+Az2/uTyO58nYinfoA9fPY9Krf
dHSRpZt2AGCBHyLh9xTQNGuwDz41t4Qw/SNO58D+lVxfJe/7Z1/VOV3nDOY9f2iN
rgDhZtWde6b5lx9afoILiyAdVQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFBjeHjod
hOipFOx5EHba8igHn4CvMB8GA1UdIwQYMBaAFPEpOUCFa/0DqqEsLclSrutUhrHY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzYzMy84MURCNUY4MjFE
N0YxMUVCOEFFQ0Q1MjlDNEY5QUUwMi84U2s1UUlWcl9RT3FvU3d0eVZLdTYxU0dz
ZGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhTazVRSVZyX1FPcW9Td3R5Vkt1NjFTR3NkZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qzc2MzMvODFEQjVGODIxRDdGMTFFQjhBRUNENTI5QzRGOUFFMDIvN0JGOEVGRTAx
RTIzMTFFQjk0RUJGMjc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBowDAMEB2VkgAMEAGVknAMEAWVkngMEAmftKDANBgkqhkiG9w0B
AQsFAAOCAQEAbbp3lEv+xoE6gfJxgKWrheHeUzZgNtR639qpaCzI5DNf+dSimhIb
2N0l+OSHNP+4EEiElChVnaGoLbrMw3nJPpc7OXWE78ONBfbdWAD5mptTgWngPjk3
+OOlXMRUMsVtcKs/JIm/DyYAe7tF9ULIupVzWqJvUt0Es0+iLofQku8KB4PmCy4i
SOLcKJmsULbC70RYBrrt+4xQBbUAcj7ycLfXRues7n7vOiem6ZBTkrzga+uAqg3w
XiQV48w41/FRuKwDozGEPEvBgyunAGWaBuR0IP5AjMW2O8pq0Y5c6j1sJQnc6UKb
C+Yq6Y8oJnkQXdqUBXgU5wjvRBjltQxsDQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org