Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/E450E640A58D11ECB34E791BC4F9AE02.roa
File: E450E640A58D11ECB34E791BC4F9AE02.roa (raw, json)
Hash identifier: g5x650rI027hIFpAtRiP0k6dZsy9xFzqmqN7uGY/H4A=
Subject key identifier: 26:B9:39:98:1C:3D:B0:5F:22:6E:36:B3:C7:44:62:CF:94:49:A6:BD
Certificate issuer: /CN=A91CA496/serialNumber=A03969BAFFD67AAB75D493837FA1C7C69FFB2717
Certificate serial: 2730
Authority key identifier: A0:39:69:BA:FF:D6:7A:AB:75:D4:93:83:7F:A1:C7:C6:9F:FB:27:17
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oDlpuv_Weqt11JODf6HHxp_7Jxc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/E450E640A58D11ECB34E791BC4F9AE02.roa
Signing time: Fri 06 May 2022 08:02:11 +0000
ROA not before: Fri 06 May 2022 08:02:11 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 40065
IP address blocks: 43.243.120.0/24 maxlen: 24
43.243.121.0/24 maxlen: 24
43.243.122.0/24 maxlen: 24
43.243.177.0/24 maxlen: 24
43.243.178.0/24 maxlen: 24
43.243.179.0/24 maxlen: 24
103.245.208.0/24 maxlen: 24
103.245.209.0/24 maxlen: 24
103.245.210.0/24 maxlen: 24
103.245.211.0/24 maxlen: 24
183.90.184.0/24 maxlen: 24
183.90.185.0/24 maxlen: 24
183.90.186.0/24 maxlen: 24
183.90.188.0/24 maxlen: 24
183.90.190.0/24 maxlen: 24
183.90.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10032 (0x2730)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CA496/serialNumber=A03969BAFFD67AAB75D493837FA1C7C69FFB2717
Validity
Not Before: May 6 08:02:11 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=6274d603-95f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:74:f1:85:58:0c:04:4c:56:b9:7b:ed:75:4f:
ea:54:67:8f:1f:52:98:e0:80:7a:05:81:45:f2:59:
29:26:7b:da:4e:cd:d5:24:3d:bb:d6:48:19:f2:1b:
0b:49:68:f4:cb:9e:22:66:d1:d7:a4:0d:18:f6:8b:
ec:69:e8:e5:06:ea:ef:ea:ec:af:ce:a9:d9:d3:96:
9b:14:c8:18:4e:bc:46:a6:9b:4a:b8:8e:fa:48:0c:
ed:0d:86:05:fa:77:ab:fb:69:b9:20:bb:ca:aa:75:
67:6c:32:f4:46:3c:4a:47:e2:8a:e7:71:aa:6d:d8:
8c:8c:d3:9a:18:63:7f:96:7e:e1:84:d2:65:0c:66:
db:4e:f3:44:a9:fe:0f:95:ca:e1:34:b9:d0:91:30:
a1:5e:e3:3a:ed:d0:cd:c6:3e:86:61:2f:dc:c7:ea:
e5:50:cd:53:1d:df:f1:fb:1a:55:c1:12:aa:8d:11:
31:be:24:20:08:d2:61:1a:54:95:0b:80:d0:1b:0a:
ec:f6:92:6a:a1:22:b1:01:96:7f:6d:6d:1b:00:c9:
a3:1b:dc:27:d5:62:39:72:c4:56:f2:f1:44:f0:5e:
dd:44:bd:91:40:46:4f:59:4b:2e:36:e2:c0:5d:11:
8e:49:4b:84:0a:65:11:94:55:63:9e:8b:b5:63:16:
47:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:B9:39:98:1C:3D:B0:5F:22:6E:36:B3:C7:44:62:CF:94:49:A6:BD
X509v3 Authority Key Identifier:
keyid:A0:39:69:BA:FF:D6:7A:AB:75:D4:93:83:7F:A1:C7:C6:9F:FB:27:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/oDlpuv_Weqt11JODf6HHxp_7Jxc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oDlpuv_Weqt11JODf6HHxp_7Jxc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/E450E640A58D11ECB34E791BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.120.0-43.243.122.255
43.243.177.0-43.243.179.255
103.245.208.0/22
183.90.184.0-183.90.186.255
183.90.188.0/24
183.90.190.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:cd:12:6a:0a:47:2d:26:e2:dc:97:b7:1e:da:03:11:c7:8d:
19:cc:88:f6:61:60:b2:db:dc:98:e3:2b:8f:16:cc:f7:60:a8:
ba:0a:13:0f:0b:32:40:77:8e:65:bc:fe:c5:b6:05:6c:69:79:
c9:71:df:37:19:de:46:c1:00:ea:71:db:26:6d:64:03:3d:8a:
74:e4:16:86:41:6f:a0:9c:45:c1:3c:20:bc:8d:24:a4:fd:5d:
fb:de:82:18:e8:00:b1:22:3f:fa:1a:11:54:e6:81:ac:b4:4b:
57:6b:84:da:9e:b8:4c:be:1c:f5:0e:ae:8c:be:1b:c3:8c:81:
1f:2d:6f:9d:e4:b1:31:c6:0a:10:c0:de:27:2d:0b:fc:8b:29:
b5:e0:99:61:2f:48:d4:1b:ba:55:aa:b6:a1:35:2e:80:e5:cc:
a5:aa:15:43:fd:12:8b:5c:cf:ab:7c:9f:80:b8:0a:b3:00:8e:
35:76:34:f3:1b:91:16:34:19:98:f8:e1:a0:35:b0:d2:6c:04:
5c:f4:0d:30:ef:c5:ef:9f:d6:fb:16:aa:fa:46:8a:e7:8f:dd:
34:30:d3:43:52:d4:17:5b:85:0e:00:32:f9:0a:07:c6:63:09:
c9:2d:54:6b:29:7e:54:79:9e:c3:24:f4:36:43:a8:41:9e:6f:
b3:e3:c5:d3
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgICJzAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0E0OTYxMTAvBgNVBAUTKEEwMzk2OUJBRkZENjdBQUI3NUQ0OTM4MzdGQTFDN0M2
OUZGQjI3MTcwHhcNMjIwNTA2MDgwMjExWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjc0ZDYwMy05NWY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA43TxhVgMBExWuXvtdU/qVGePH1KY4IB6BYFF8lkpJnvaTs3VJD271kgZ8hsL
SWj0y54iZtHXpA0Y9ovsaejlBurv6uyvzqnZ05abFMgYTrxGpptKuI76SAztDYYF
+ner+2m5ILvKqnVnbDL0RjxKR+KK53GqbdiMjNOaGGN/ln7hhNJlDGbbTvNEqf4P
lcrhNLnQkTChXuM67dDNxj6GYS/cx+rlUM1THd/x+xpVwRKqjRExviQgCNJhGlSV
C4DQGwrs9pJqoSKxAZZ/bW0bAMmjG9wn1WI5csRW8vFE8F7dRL2RQEZPWUsuNuLA
XRGOSUuECmURlFVjnou1YxZH7wIDAQABo4ICyzCCAscwHQYDVR0OBBYEFCa5OZgc
PbBfIm42s8dEYs+USaa9MB8GA1UdIwQYMBaAFKA5abr/1nqrddSTg3+hx8af+ycX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQTQ5Ni9GQjEyQTI3ODND
MEYxMUU0Qjc4OEZGNEFDNEY5QUUwMi9vRGxwdXZfV2VxdDExSk9EZjZISHhwXzdK
eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29EbHB1dl9XZXF0MTFKT0RmNkhIeHBfN0p4Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0E0OTYvRkIxMkEyNzgzQzBGMTFFNEI3ODhGRjRBQzRGOUFFMDIvRTQ1MEU2NDBB
NThEMTFFQ0IzNEU3OTFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E
RjBEMEIEAgABMDwwDAMEAyvzeAMEACvzejAMAwQAK/OxAwQCK/OwAwQCZ/XQMAwD
BAO3WrgDBAC3WroDBAC3WrwDBAG3Wr4wDQYJKoZIhvcNAQELBQADggEBABvNEmoK
Ry0m4tyXtx7aAxHHjRnMiPZhYLLb3JjjK48WzPdgqLoKEw8LMkB3jmW8/sW2BWxp
eclx3zcZ3kbBAOpx2yZtZAM9inTkFoZBb6CcRcE8ILyNJKT9XfveghjoALEiP/oa
EVTmgay0S1drhNqeuEy+HPUOroy+G8OMgR8tb53ksTHGChDA3ictC/yLKbXgmWEv
SNQbulWqtqE1LoDlzKWqFUP9Eotcz6t8n4C4CrMAjjV2NPMbkRY0GZj44aA1sNJs
BFz0DTDvxe+f1vsWqvpGiueP3TQw00NS1BdbhQ4AMvkKB8ZjCcktVGspflR5nsMk
9DZDqEGeb7PjxdM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:26 2024 by rpki-client on console-ams.rpki-client.org