Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9D2A/5525F5E03DC111EAAF98CB35C4F9AE02/01AA0C987B0B11EBB110A80DC4F9AE02.roa
File: 01AA0C987B0B11EBB110A80DC4F9AE02.roa (raw, json)
Hash identifier: N7PvG4PjMiyCMnJAlb1ijL0jsdioy9LQe9ZsbzZqY8s=
Subject key identifier: 65:1D:DE:A5:30:C6:76:07:40:54:44:DD:C1:18:11:C4:25:9B:E8:6B
Certificate issuer: /CN=A91C9D2A/serialNumber=C99EF20F9F0B0077C70D5D7300E0BBFD8721EFFF
Certificate serial: 09D0
Authority key identifier: C9:9E:F2:0F:9F:0B:00:77:C7:0D:5D:73:00:E0:BB:FD:87:21:EF:FF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZ7yD58LAHfHDV1zAOC7_Ych7_8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C9D2A/5525F5E03DC111EAAF98CB35C4F9AE02/01AA0C987B0B11EBB110A80DC4F9AE02.roa
Signing time: Thu 08 Jun 2023 21:31:57 +0000
ROA not before: Thu 08 Jun 2023 21:31:57 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 134176
IP address blocks: 103.231.84.0/24 maxlen: 24
103.231.85.0/24 maxlen: 24
103.231.86.0/24 maxlen: 24
103.231.87.0/24 maxlen: 24
150.242.36.0/22 maxlen: 22
150.242.36.0/24 maxlen: 24
150.242.37.0/24 maxlen: 24
150.242.38.0/24 maxlen: 24
2403:6dc0:1000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2512 (0x9d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C9D2A/serialNumber=C99EF20F9F0B0077C70D5D7300E0BBFD8721EFFF
Validity
Not Before: Jun 8 21:31:57 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=648248cc-2e8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ab:32:6a:20:43:68:fa:46:f8:78:41:d1:05:
df:ea:99:ad:ee:14:8b:df:bd:e6:ff:4d:88:fe:e3:
c4:cb:db:d5:f9:68:a8:90:7d:ee:ea:27:1f:f3:82:
17:3f:a2:53:34:df:70:10:dd:2e:8b:ec:8a:cb:b6:
03:38:c5:e5:fa:19:55:b0:06:55:10:0e:05:56:b4:
b1:c9:2c:d2:5b:31:3d:7c:61:c2:5f:8a:ec:15:f4:
12:74:88:6a:29:eb:9e:00:5e:33:a0:e0:3a:78:14:
7a:c7:67:07:3d:d2:ed:11:04:64:6a:f2:c9:1c:7a:
8e:12:e0:3b:0a:59:f7:51:a7:d9:1b:90:ba:b6:10:
05:3b:db:b8:b3:5e:e7:37:0e:74:5e:a0:3d:22:34:
ee:5f:5a:9d:82:1b:02:62:02:0e:5b:61:ef:bf:ac:
c8:30:57:c8:24:47:b7:42:b7:c8:6b:f7:19:b5:93:
fc:75:f3:e1:b5:c6:56:8e:0b:ec:ea:62:1b:b1:d6:
a7:be:c4:f7:e7:6d:b1:5a:05:60:5b:52:4c:95:84:
19:dd:16:09:20:a6:03:68:44:af:cd:d1:0f:98:71:
4d:da:5e:96:3d:81:fc:e9:e7:f1:a3:c9:18:08:31:
ef:f5:ed:7c:bf:0c:52:23:42:ec:80:06:be:5c:89:
f3:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:1D:DE:A5:30:C6:76:07:40:54:44:DD:C1:18:11:C4:25:9B:E8:6B
X509v3 Authority Key Identifier:
keyid:C9:9E:F2:0F:9F:0B:00:77:C7:0D:5D:73:00:E0:BB:FD:87:21:EF:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C9D2A/5525F5E03DC111EAAF98CB35C4F9AE02/yZ7yD58LAHfHDV1zAOC7_Ych7_8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZ7yD58LAHfHDV1zAOC7_Ych7_8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9D2A/5525F5E03DC111EAAF98CB35C4F9AE02/01AA0C987B0B11EBB110A80DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.231.84.0/22
150.242.36.0/22
IPv6:
2403:6dc0:1000::/36
Signature Algorithm: sha256WithRSAEncryption
4d:06:70:68:5d:b1:b5:8f:ef:27:e6:9a:ff:84:f1:83:35:14:
b4:c5:ac:4d:62:90:cb:94:79:9a:49:fe:cf:e5:b2:75:0f:af:
51:c9:35:00:f2:f2:21:ba:eb:0e:ed:38:48:a9:a0:e5:44:55:
5e:ac:d2:f0:90:57:a3:39:2c:f0:44:93:64:2b:42:b4:36:3b:
18:95:89:18:ac:95:46:7c:b9:fa:98:6c:23:8b:0a:51:4a:54:
79:44:58:95:63:d0:43:fc:3c:72:ac:94:98:d2:fa:75:35:7e:
bf:6d:7f:91:1e:ec:27:85:42:dc:04:13:4c:94:de:9b:55:c7:
fe:3f:73:1d:c6:9c:4f:5b:5d:d0:c7:22:6c:e9:cc:74:02:a6:
be:5b:b8:d1:93:84:0b:a5:29:57:c0:c4:68:b8:68:97:2a:c8:
15:de:07:d7:f8:c5:70:a4:a0:cb:1d:a3:6b:55:09:29:0e:3a:
d1:5c:27:0b:10:08:db:7a:f9:72:b0:bc:3f:1c:3a:5a:9e:33:
73:95:78:f4:76:54:0d:f8:0e:b2:75:86:8d:ec:09:3b:aa:f9:
2d:03:09:05:36:e3:0c:ca:84:3d:e8:7d:8c:b3:5a:1a:b4:61:
2e:d3:7c:32:52:30:fb:c7:47:d3:83:15:1a:71:e8:8c:9f:4f:
11:69:ef:1f
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICCdAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzlEMkExMTAvBgNVBAUTKEM5OUVGMjBGOUYwQjAwNzdDNzBENUQ3MzAwRTBCQkZE
ODcyMUVGRkYwHhcNMjMwNjA4MjEzMTU3WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgyNDhjYy0yZThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwqsyaiBDaPpG+HhB0QXf6pmt7hSL373m/02I/uPEy9vV+WiokH3u6icf84IX
P6JTNN9wEN0ui+yKy7YDOMXl+hlVsAZVEA4FVrSxySzSWzE9fGHCX4rsFfQSdIhq
KeueAF4zoOA6eBR6x2cHPdLtEQRkavLJHHqOEuA7Cln3UafZG5C6thAFO9u4s17n
Nw50XqA9IjTuX1qdghsCYgIOW2Hvv6zIMFfIJEe3QrfIa/cZtZP8dfPhtcZWjgvs
6mIbsdanvsT3522xWgVgW1JMlYQZ3RYJIKYDaESvzdEPmHFN2l6WPYH86efxo8kY
CDHv9e18vwxSI0LsgAa+XInzTwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFGUd3qUw
xnYHQFRE3cEYEcQlm+hrMB8GA1UdIwQYMBaAFMme8g+fCwB3xw1dcwDgu/2HIe//
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUQyQS81NTI1RjVFMDNE
QzExMUVBQUY5OENCMzVDNEY5QUUwMi95Wjd5RDU4TEFIZkhEVjF6QU9DN19ZY2g3
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3laN3lENThMQUhmSERWMXpBT0M3X1ljaDdfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzlEMkEvNTUyNUY1RTAzREMxMTFFQUFGOThDQjM1QzRGOUFFMDIvMDFBQTBDOTg3
QjBCMTFFQkIxMTBBODBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMBIEAgABMAwDBAJn51QDBAKW8iQwDgQCAAIwCAMGBCQDbcAQMA0GCSqGSIb3
DQEBCwUAA4IBAQBNBnBoXbG1j+8n5pr/hPGDNRS0xaxNYpDLlHmaSf7P5bJ1D69R
yTUA8vIhuusO7ThIqaDlRFVerNLwkFejOSzwRJNkK0K0NjsYlYkYrJVGfLn6mGwj
iwpRSlR5RFiVY9BD/DxyrJSY0vp1NX6/bX+RHuwnhULcBBNMlN6bVcf+P3MdxpxP
W13QxyJs6cx0Aqa+W7jRk4QLpSlXwMRouGiXKsgV3gfX+MVwpKDLHaNrVQkpDjrR
XCcLEAjbevlysLw/HDpanjNzlXj0dlQN+A6ydYaN7Ak7qvktAwkFNuMMyoQ96H2M
s1oatGEu03wyUjD7x0fTgxUaceiMn08Rae8f
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org