Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9D2A/5525F5E03DC111EAAF98CB35C4F9AE02/820C147E7E8B11ECB9A60D74C4F9AE02.roa
File: 820C147E7E8B11ECB9A60D74C4F9AE02.roa (raw, json)
Hash identifier: 8Yq3Q/U2U2Y2lLXGF1DvlL3GNqEpiD3vXvVYx9hxAHs=
Subject key identifier: EC:83:C4:F4:5F:5F:AA:7D:3D:45:67:CF:0F:7B:EC:61:31:14:79:91
Certificate issuer: /CN=A91C9D2A/serialNumber=C99EF20F9F0B0077C70D5D7300E0BBFD8721EFFF
Certificate serial: 09D2
Authority key identifier: C9:9E:F2:0F:9F:0B:00:77:C7:0D:5D:73:00:E0:BB:FD:87:21:EF:FF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZ7yD58LAHfHDV1zAOC7_Ych7_8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C9D2A/5525F5E03DC111EAAF98CB35C4F9AE02/820C147E7E8B11ECB9A60D74C4F9AE02.roa
Signing time: Thu 08 Jun 2023 21:31:59 +0000
ROA not before: Thu 08 Jun 2023 21:31:59 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 38047
IP address blocks: 103.231.86.0/24 maxlen: 24
103.231.87.0/24 maxlen: 24
150.242.36.0/24 maxlen: 24
150.242.38.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2514 (0x9d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C9D2A/serialNumber=C99EF20F9F0B0077C70D5D7300E0BBFD8721EFFF
Validity
Not Before: Jun 8 21:31:59 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=648248cf-ca80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d0:4f:1e:78:c7:36:10:6a:58:d9:6b:5e:51:
e4:e6:18:65:f0:67:ff:34:b4:c4:38:32:4f:eb:e8:
89:56:bd:8a:c3:a7:be:70:08:57:ba:bc:00:62:47:
f7:2b:b4:6c:d7:03:c2:4d:5f:1d:0b:b1:33:89:ae:
f5:a5:22:51:49:14:e9:4f:25:71:5b:d4:50:64:73:
22:2f:2c:e5:8d:e7:a1:18:a9:bd:e3:f6:bf:0c:b1:
15:77:25:7e:95:34:47:f2:a3:64:9d:e2:b8:47:7f:
c3:62:2a:12:02:8f:d2:da:0a:b1:c2:ed:e1:66:65:
de:be:02:f1:25:cf:ac:d6:3f:22:6d:9f:fc:b6:30:
49:28:d2:20:e3:45:9f:b6:96:04:c6:4d:d3:b4:d7:
e9:99:fe:b0:45:e5:16:f2:f5:29:3a:8b:ed:90:4c:
81:9b:65:2c:b9:84:87:dd:0f:84:aa:cb:d7:82:48:
1c:dd:dd:2a:8e:fb:b0:22:c7:be:1d:85:ab:8c:4f:
50:ad:77:2d:0e:4a:6f:7b:25:f7:04:02:2d:5d:b7:
ee:db:71:72:4d:26:dc:79:b7:81:48:b2:5e:a4:9e:
8a:6d:ea:d0:f8:5f:82:b9:4e:4e:29:e9:74:85:00:
c9:03:6a:8f:09:f4:7c:c8:40:74:e5:90:15:18:ab:
63:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:83:C4:F4:5F:5F:AA:7D:3D:45:67:CF:0F:7B:EC:61:31:14:79:91
X509v3 Authority Key Identifier:
keyid:C9:9E:F2:0F:9F:0B:00:77:C7:0D:5D:73:00:E0:BB:FD:87:21:EF:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C9D2A/5525F5E03DC111EAAF98CB35C4F9AE02/yZ7yD58LAHfHDV1zAOC7_Ych7_8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZ7yD58LAHfHDV1zAOC7_Ych7_8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9D2A/5525F5E03DC111EAAF98CB35C4F9AE02/820C147E7E8B11ECB9A60D74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.231.86.0/23
150.242.36.0/24
150.242.38.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:6b:ea:ac:f5:a5:6f:11:32:99:e1:4e:95:66:37:2d:46:94:
e1:47:5e:2a:a1:8c:4b:e9:bc:be:89:db:da:cd:a1:7e:2c:96:
33:16:e3:2f:12:dd:c1:d3:97:0b:67:2c:1a:87:3b:7a:dc:11:
16:c8:0e:5c:59:f0:82:2a:96:99:b4:ea:78:61:fe:40:fa:c5:
d5:23:da:55:bb:cc:2c:59:13:34:c4:48:bf:e2:b4:eb:f2:d8:
02:78:e1:8b:0e:9d:ea:31:db:07:e6:bc:c4:61:d7:54:5b:85:
df:6d:94:7d:35:27:d3:09:30:b6:ec:ea:13:30:fe:14:cf:a3:
af:a2:98:36:9e:a1:b5:12:48:f7:15:d6:77:3d:7b:10:49:c4:
91:9e:da:39:58:06:ec:f5:fe:5b:ff:22:07:d8:b4:f9:16:1e:
2d:16:35:3d:1e:90:e8:68:46:f0:62:da:b2:f6:e2:87:d4:7c:
56:a9:fd:69:c3:15:97:96:fc:5d:d8:82:90:70:92:ae:c4:48:
a2:b3:6f:fe:36:72:55:6e:70:eb:80:77:b9:b5:47:60:c6:c4:
2c:21:dc:2e:1c:03:23:93:fa:aa:48:97:b0:92:40:fa:3d:3d:
0b:e1:82:56:9f:d2:0c:6e:69:64:17:58:52:d0:d6:31:91:93:
3e:04:1b:5a
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCdIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzlEMkExMTAvBgNVBAUTKEM5OUVGMjBGOUYwQjAwNzdDNzBENUQ3MzAwRTBCQkZE
ODcyMUVGRkYwHhcNMjMwNjA4MjEzMTU5WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgyNDhjZi1jYTgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApdBPHnjHNhBqWNlrXlHk5hhl8Gf/NLTEODJP6+iJVr2Kw6e+cAhXurwAYkf3
K7Rs1wPCTV8dC7Ezia71pSJRSRTpTyVxW9RQZHMiLyzljeehGKm94/a/DLEVdyV+
lTRH8qNkneK4R3/DYioSAo/S2gqxwu3hZmXevgLxJc+s1j8ibZ/8tjBJKNIg40Wf
tpYExk3TtNfpmf6wReUW8vUpOovtkEyBm2UsuYSH3Q+EqsvXgkgc3d0qjvuwIse+
HYWrjE9QrXctDkpveyX3BAItXbfu23FyTSbcebeBSLJepJ6KberQ+F+CuU5OKel0
hQDJA2qPCfR8yEB05ZAVGKtjQQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFOyDxPRf
X6p9PUVnzw977GExFHmRMB8GA1UdIwQYMBaAFMme8g+fCwB3xw1dcwDgu/2HIe//
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUQyQS81NTI1RjVFMDNE
QzExMUVBQUY5OENCMzVDNEY5QUUwMi95Wjd5RDU4TEFIZkhEVjF6QU9DN19ZY2g3
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3laN3lENThMQUhmSERWMXpBT0M3X1ljaDdfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzlEMkEvNTUyNUY1RTAzREMxMTFFQUFGOThDQjM1QzRGOUFFMDIvODIwQzE0N0U3
RThCMTFFQ0I5QTYwRDc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAFn51YDBACW8iQDBACW8iYwDQYJKoZIhvcNAQELBQADggEB
AI9r6qz1pW8RMpnhTpVmNy1GlOFHXiqhjEvpvL6J29rNoX4sljMW4y8S3cHTlwtn
LBqHO3rcERbIDlxZ8IIqlpm06nhh/kD6xdUj2lW7zCxZEzTESL/itOvy2AJ44YsO
neox2wfmvMRh11Rbhd9tlH01J9MJMLbs6hMw/hTPo6+imDaeobUSSPcV1nc9exBJ
xJGe2jlYBuz1/lv/IgfYtPkWHi0WNT0ekOhoRvBi2rL24ofUfFap/WnDFZeW/F3Y
gpBwkq7ESKKzb/42clVucOuAd7m1R2DGxCwh3C4cAyOT+qpIl7CSQPo9PQvhglaf
0gxuaWQXWFLQ1jGRkz4EG1o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org