Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/00EBDB2035E911ED97AD625AC4F9AE02.roa
File: 00EBDB2035E911ED97AD625AC4F9AE02.roa (raw, json)
Hash identifier: XUozcNtR28uRoVuImv3RO/262CJHc6hR6H/rc9Mzo4I=
Subject key identifier: E6:32:1B:CE:8C:1D:9D:40:F3:8B:D2:D9:07:92:F5:85:29:6C:DF:F6
Certificate issuer: /CN=A91E4CF1/serialNumber=08BD1CC5AEDE7492B2F2257AA194DB08555AF6F2
Certificate serial: 0A83
Authority key identifier: 08:BD:1C:C5:AE:DE:74:92:B2:F2:25:7A:A1:94:DB:08:55:5A:F6:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CL0cxa7edJKy8iV6oZTbCFVa9vI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/00EBDB2035E911ED97AD625AC4F9AE02.roa
Signing time: Fri 16 Sep 2022 17:57:18 +0000
ROA not before: Fri 16 Sep 2022 17:57:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 139735
IP address blocks: 103.111.14.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2691 (0xa83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4CF1/serialNumber=08BD1CC5AEDE7492B2F2257AA194DB08555AF6F2
Validity
Not Before: Sep 16 17:57:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6324b8fe-bbc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:33:b3:3c:8c:2f:77:63:b3:01:a0:ec:82:e5:
85:b4:17:c0:28:12:a8:bd:4e:5d:6d:ff:f0:2e:32:
45:c9:4a:2b:58:c6:62:7b:12:9d:e2:a5:a6:2d:49:
30:88:5c:c6:e2:ac:54:4d:e6:c6:ad:8a:a3:7c:28:
55:2a:b9:b2:36:2b:34:be:76:49:6c:32:1e:d8:da:
7c:7b:e4:83:ba:c3:91:6c:e5:b4:2f:06:5e:fc:d4:
ba:68:f7:85:19:37:4b:8d:2d:ad:c5:79:8c:78:53:
e4:1a:f2:71:fa:5d:96:b9:eb:83:99:eb:91:be:67:
44:01:c2:eb:4b:40:00:a8:c3:74:b2:fa:5d:3a:65:
d3:3e:bf:bd:6d:8e:8f:42:41:f1:43:15:35:b3:0a:
dd:54:93:08:ac:49:0b:3d:ea:f9:59:4e:1b:64:d1:
74:02:96:92:8e:a9:c8:95:9f:7d:ab:da:87:fe:92:
86:f3:65:d1:58:15:73:79:13:12:7a:2f:83:2d:f1:
f0:a4:5a:d1:f8:f5:75:90:05:eb:89:ff:38:f7:88:
52:d2:fb:71:f5:ec:7f:0a:0d:99:04:8e:02:a8:0d:
0b:6d:76:2a:7e:24:2e:d7:cf:fe:d4:36:e1:3a:84:
0c:95:b3:f3:ea:58:d4:65:3a:7d:12:7b:f4:6a:16:
43:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:32:1B:CE:8C:1D:9D:40:F3:8B:D2:D9:07:92:F5:85:29:6C:DF:F6
X509v3 Authority Key Identifier:
keyid:08:BD:1C:C5:AE:DE:74:92:B2:F2:25:7A:A1:94:DB:08:55:5A:F6:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/CL0cxa7edJKy8iV6oZTbCFVa9vI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CL0cxa7edJKy8iV6oZTbCFVa9vI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/00EBDB2035E911ED97AD625AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.111.14.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:1b:20:63:30:4d:6a:2d:7b:24:4a:f2:47:39:7e:f8:84:64:
68:e5:d9:d2:3c:55:ff:e2:3c:de:d6:06:66:41:44:b9:49:a5:
fa:43:57:38:d5:41:90:1c:bd:29:8d:ba:d2:d3:91:ac:ec:a7:
02:06:c2:22:e2:28:5a:73:9d:20:0f:da:68:6d:04:48:98:2d:
2d:f8:c5:9b:b4:f7:d2:c5:d3:7f:8a:db:a9:92:a7:c9:2c:92:
19:d0:01:ef:eb:c3:67:28:85:f8:45:f2:9b:46:1c:9f:88:86:
3a:00:8b:f5:a8:ba:de:b0:a3:6e:80:1f:00:f3:51:23:f4:9f:
5e:19:d7:f7:4e:12:64:ec:d8:24:4a:11:cb:39:79:d4:69:a5:
ed:7f:13:d7:79:da:d5:30:4e:37:32:38:04:39:8a:74:38:7d:
35:0a:31:ee:86:4a:22:e5:9f:3b:4c:5c:da:db:d7:3e:09:1c:
50:bc:bd:4c:ba:15:f4:39:2d:9c:80:e1:16:03:26:43:8f:dc:
1a:ad:84:14:53:05:34:9c:7f:45:9a:74:a8:a5:3d:c1:a6:e0:
b5:fb:cb:67:09:a8:ba:68:ca:80:57:e3:25:03:9f:1b:77:6c:
15:05:cf:c8:95:53:f4:21:02:f9:76:7d:cf:05:26:15:96:46:
55:1b:bf:e6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCoMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRDRjExMTAvBgNVBAUTKDA4QkQxQ0M1QUVERTc0OTJCMkYyMjU3QUExOTREQjA4
NTU1QUY2RjIwHhcNMjIwOTE2MTc1NzE4WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzI0YjhmZS1iYmM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuzOzPIwvd2OzAaDsguWFtBfAKBKovU5dbf/wLjJFyUorWMZiexKd4qWmLUkw
iFzG4qxUTebGrYqjfChVKrmyNis0vnZJbDIe2Np8e+SDusORbOW0LwZe/NS6aPeF
GTdLjS2txXmMeFPkGvJx+l2WueuDmeuRvmdEAcLrS0AAqMN0svpdOmXTPr+9bY6P
QkHxQxU1swrdVJMIrEkLPer5WU4bZNF0ApaSjqnIlZ99q9qH/pKG82XRWBVzeRMS
ei+DLfHwpFrR+PV1kAXrif8494hS0vtx9ex/Cg2ZBI4CqA0LbXYqfiQu18/+1Dbh
OoQMlbPz6ljUZTp9Env0ahZDfQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOYyG86M
HZ1A84vS2QeS9YUpbN/2MB8GA1UdIwQYMBaAFAi9HMWu3nSSsvIleqGU2whVWvby
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNENGMS9BRDkwNDZGRTA1
ODYxMUVBOTJFNTY1NTJDNEY5QUUwMi9DTDBjeGE3ZWRKS3k4aVY2b1pUYkNGVmE5
dkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NMMGN4YTdlZEpLeThpVjZvWlRiQ0ZWYTl2SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRDRjEvQUQ5MDQ2RkUwNTg2MTFFQTkyRTU2NTUyQzRGOUFFMDIvMDBFQkRCMjAz
NUU5MTFFRDk3QUQ2MjVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnbw4wDQYJKoZIhvcNAQELBQADggEBADobIGMwTWoteyRK
8kc5fviEZGjl2dI8Vf/iPN7WBmZBRLlJpfpDVzjVQZAcvSmNutLTkazspwIGwiLi
KFpznSAP2mhtBEiYLS34xZu099LF03+K26mSp8kskhnQAe/rw2cohfhF8ptGHJ+I
hjoAi/Wout6wo26AHwDzUSP0n14Z1/dOEmTs2CRKEcs5edRppe1/E9d52tUwTjcy
OAQ5inQ4fTUKMe6GSiLlnztMXNrb1z4JHFC8vUy6FfQ5LZyA4RYDJkOP3BqthBRT
BTScf0WadKilPcGm4LX7y2cJqLpoyoBX4yUDnxt3bBUFz8iVU/QhAvl2fc8FJhWW
RlUbv+Y=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:08 2023 by rpki-client on console-ams.rpki-client.org