Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7D3C/A043F856092311EA8D8C2F6CC4F9AE02/DB0CFB3200BA11ECB60BA225C4F9AE02.roa
File: DB0CFB3200BA11ECB60BA225C4F9AE02.roa (raw, json)
Hash identifier: pXpxA3LiXWcfyz2bY2AXuDYdpJVt08ueoyNx7staPdQ=
Subject key identifier: 44:A0:03:B9:E7:D6:1D:89:95:20:76:C9:D5:D0:A8:ED:E5:22:41:5A
Certificate issuer: /CN=A91C7D3C/serialNumber=FFADB56806FB93B16C5EC32B81E56E99DCC3C9A3
Certificate serial: 0721
Authority key identifier: FF:AD:B5:68:06:FB:93:B1:6C:5E:C3:2B:81:E5:6E:99:DC:C3:C9:A3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_621aAb7k7FsXsMrgeVumdzDyaM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7D3C/A043F856092311EA8D8C2F6CC4F9AE02/DB0CFB3200BA11ECB60BA225C4F9AE02.roa
Signing time: Thu 19 Aug 2021 06:58:28 +0000
ROA not before: Thu 19 Aug 2021 06:58:28 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 134382
IP address blocks: 103.88.232.0/23 maxlen: 23
116.204.252.0/22 maxlen: 22
116.204.252.0/24 maxlen: 24
116.204.253.0/24 maxlen: 24
116.204.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1825 (0x721)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7D3C/serialNumber=FFADB56806FB93B16C5EC32B81E56E99DCC3C9A3
Validity
Not Before: Aug 19 06:58:28 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=611e0114-c565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4c:71:3a:a0:62:7a:17:3e:9f:ba:3d:e1:92:
8a:15:23:58:59:d2:a1:e5:82:a7:9b:80:c5:00:d3:
48:4e:44:62:fe:90:df:b1:12:39:d8:37:68:90:98:
dc:c6:ac:d0:94:fa:45:bd:84:05:79:f3:2a:24:25:
c9:4d:63:27:03:b4:8a:c4:88:52:f8:90:05:43:c4:
3e:f1:f9:c2:d0:74:59:89:ee:25:1f:6b:64:86:8a:
dd:fa:89:1b:97:a9:9e:fb:61:95:89:01:99:39:12:
c6:df:a8:24:47:9a:09:17:90:3c:8e:b0:86:d2:99:
28:d9:c6:65:9e:7c:dd:8f:a2:6b:96:67:2f:bb:0e:
7b:68:18:d3:57:d2:6d:5d:26:25:c2:7d:29:55:d1:
02:4b:06:f0:61:25:82:be:cd:67:ee:cd:97:4c:8c:
c8:54:3c:43:9d:a5:5e:2b:1c:6f:02:b5:9c:0f:9b:
9f:19:18:56:ba:e1:5c:a8:5a:b6:e3:3c:53:d6:4c:
fd:6d:9d:af:2e:b7:2d:11:02:17:34:41:5a:18:3b:
82:aa:21:6f:e5:44:3d:d4:54:fa:3e:9b:18:b7:4f:
77:49:1c:82:b6:9b:14:f8:9d:c1:0a:e2:fb:51:ba:
cd:fd:5a:df:7f:87:ff:d4:9e:8d:7e:7c:e5:6d:f9:
54:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:A0:03:B9:E7:D6:1D:89:95:20:76:C9:D5:D0:A8:ED:E5:22:41:5A
X509v3 Authority Key Identifier:
keyid:FF:AD:B5:68:06:FB:93:B1:6C:5E:C3:2B:81:E5:6E:99:DC:C3:C9:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7D3C/A043F856092311EA8D8C2F6CC4F9AE02/_621aAb7k7FsXsMrgeVumdzDyaM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_621aAb7k7FsXsMrgeVumdzDyaM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7D3C/A043F856092311EA8D8C2F6CC4F9AE02/DB0CFB3200BA11ECB60BA225C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.88.232.0/23
116.204.252.0/22
Signature Algorithm: sha256WithRSAEncryption
79:e0:e6:f6:c8:72:01:fd:c4:44:70:3d:49:d9:25:99:c3:bb:
45:6d:18:a2:9c:f7:0f:17:7e:80:ea:ca:c5:d3:cc:4e:0a:0b:
7c:7a:8e:44:71:b2:f0:8b:5a:c1:75:8b:6d:fb:50:6d:c9:9a:
6b:5e:23:ab:a7:0c:f7:1e:c9:09:b4:59:a1:cd:e5:20:5e:e1:
aa:fe:f9:19:2a:8b:92:31:3b:40:6c:72:83:4d:14:fb:b3:83:
dd:c6:8e:b2:5c:4a:b8:ea:e9:d8:38:bc:ec:04:18:e7:14:27:
5d:55:b2:f8:b9:cb:c5:e3:a5:a7:7f:31:7f:14:fb:e8:dc:e8:
4f:50:10:f6:d9:e3:4e:0c:6c:0c:2c:d9:da:91:54:74:fd:4b:
b8:08:6e:c5:54:89:57:54:94:66:22:42:ec:3c:0e:a6:37:50:
50:db:81:61:97:c9:b4:41:8f:04:36:7d:4a:a8:bc:ca:36:28:
26:c0:5a:d9:23:93:3f:7f:51:c9:63:fe:2b:4d:c9:42:34:7e:
13:7d:ee:fe:5d:4d:24:4c:97:d5:28:ba:a8:a1:a1:89:95:7d:
7f:60:96:49:14:d6:74:e9:89:53:79:13:8f:61:23:53:77:62:
a6:23:ae:c8:70:43:51:af:c0:aa:ca:82:8d:f1:c6:f1:57:c8:
3c:7d:c1:17
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICByEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzdEM0MxMTAvBgNVBAUTKEZGQURCNTY4MDZGQjkzQjE2QzVFQzMyQjgxRTU2RTk5
RENDM0M5QTMwHhcNMjEwODE5MDY1ODI4WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTFlMDExNC1jNTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyUxxOqBiehc+n7o94ZKKFSNYWdKh5YKnm4DFANNITkRi/pDfsRI52DdokJjc
xqzQlPpFvYQFefMqJCXJTWMnA7SKxIhS+JAFQ8Q+8fnC0HRZie4lH2tkhord+okb
l6me+2GViQGZORLG36gkR5oJF5A8jrCG0pko2cZlnnzdj6Jrlmcvuw57aBjTV9Jt
XSYlwn0pVdECSwbwYSWCvs1n7s2XTIzIVDxDnaVeKxxvArWcD5ufGRhWuuFcqFq2
4zxT1kz9bZ2vLrctEQIXNEFaGDuCqiFv5UQ91FT6PpsYt093SRyCtpsU+J3BCuL7
UbrN/Vrff4f/1J6NfnzlbflUeQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFESgA7nn
1h2JlSB2ydXQqO3lIkFaMB8GA1UdIwQYMBaAFP+ttWgG+5OxbF7DK4Hlbpncw8mj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDN0QzQy9BMDQzRjg1NjA5
MjMxMUVBOEQ4QzJGNkNDNEY5QUUwMi9fNjIxYUFiN2s3RnNYc01yZ2VWdW1kekR5
YU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL182MjFhQWI3azdGc1hzTXJnZVZ1bWR6RHlhTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzdEM0MvQTA0M0Y4NTYwOTIzMTFFQThEOEMyRjZDQzRGOUFFMDIvREIwQ0ZCMzIw
MEJBMTFFQ0I2MEJBMjI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnWOgDBAJ0zPwwDQYJKoZIhvcNAQELBQADggEBAHng5vbI
cgH9xERwPUnZJZnDu0VtGKKc9w8XfoDqysXTzE4KC3x6jkRxsvCLWsF1i237UG3J
mmteI6unDPceyQm0WaHN5SBe4ar++Rkqi5IxO0BscoNNFPuzg93GjrJcSrjq6dg4
vOwEGOcUJ11Vsvi5y8Xjpad/MX8U++jc6E9QEPbZ404MbAws2dqRVHT9S7gIbsVU
iVdUlGYiQuw8DqY3UFDbgWGXybRBjwQ2fUqovMo2KCbAWtkjkz9/Uclj/itNyUI0
fhN97v5dTSRMl9UouqihoYmVfX9glkkU1nTpiVN5E49hI1N3YqYjrshwQ1GvwKrK
go3xxvFXyDx9wRc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:05 2023 by rpki-client on console-ams.rpki-client.org