Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/52C8BF98C88E11EDBDAF752CC4F9AE02.roa
File: 52C8BF98C88E11EDBDAF752CC4F9AE02.roa (raw, json)
Hash identifier: oUZmO7mhhG4QMV3n2/4WJHfnXK7YC5ziAqXaejS8ozI=
Subject key identifier: 65:56:FF:94:A9:D4:35:E1:94:3C:A1:4F:66:54:70:9B:D5:D9:62:8C
Certificate issuer: /CN=A91E4CF1/serialNumber=08BD1CC5AEDE7492B2F2257AA194DB08555AF6F2
Certificate serial: 0B3B
Authority key identifier: 08:BD:1C:C5:AE:DE:74:92:B2:F2:25:7A:A1:94:DB:08:55:5A:F6:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CL0cxa7edJKy8iV6oZTbCFVa9vI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/52C8BF98C88E11EDBDAF752CC4F9AE02.roa
Signing time: Thu 08 Jun 2023 20:30:25 +0000
ROA not before: Thu 08 Jun 2023 20:30:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58689
IP address blocks: 103.111.13.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2875 (0xb3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4CF1/serialNumber=08BD1CC5AEDE7492B2F2257AA194DB08555AF6F2
Validity
Not Before: Jun 8 20:30:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64823a61-4e85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:91:fb:8c:8e:b7:1c:75:4e:b3:e6:e9:58:ed:
b9:c0:36:48:52:d7:22:41:2b:f5:73:c5:e5:63:cf:
68:65:81:55:c1:44:3b:8f:cc:04:de:3a:da:2f:fd:
0d:9f:7b:5c:3a:9b:6c:28:f9:ab:c7:9b:6d:f3:51:
da:96:21:3a:1d:b5:91:cf:72:c8:3c:a0:c3:61:46:
79:f8:00:f5:f9:50:18:35:cc:9d:f0:a9:18:cb:e0:
1c:50:7e:47:b4:27:0e:b0:ac:e3:99:3f:41:4a:6a:
86:9c:be:b6:07:cc:f5:3e:cf:90:0a:56:02:fb:9b:
5d:3e:6e:01:76:86:9e:f9:be:0c:cd:71:92:f5:a0:
f3:2a:f0:ba:ce:f4:94:08:b3:e0:58:c1:4b:f3:8a:
e2:3e:a0:11:de:8c:ff:19:84:54:8b:37:05:39:0d:
88:a9:21:00:71:c4:3a:5d:3f:cc:11:3d:22:e6:6c:
00:43:38:a6:9d:b5:33:b6:19:ff:74:a1:e6:76:8d:
af:61:e1:b2:90:f7:56:18:3f:6f:49:9d:50:a0:99:
b0:a5:1a:b4:14:3f:65:31:a3:89:18:b8:2e:3e:5b:
60:42:42:0d:7a:95:d1:ff:cb:6b:c8:6d:7d:51:e0:
40:eb:ef:fc:16:5f:33:40:15:c0:44:d3:65:b3:29:
4e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:56:FF:94:A9:D4:35:E1:94:3C:A1:4F:66:54:70:9B:D5:D9:62:8C
X509v3 Authority Key Identifier:
keyid:08:BD:1C:C5:AE:DE:74:92:B2:F2:25:7A:A1:94:DB:08:55:5A:F6:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/CL0cxa7edJKy8iV6oZTbCFVa9vI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CL0cxa7edJKy8iV6oZTbCFVa9vI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/52C8BF98C88E11EDBDAF752CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.111.13.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:2d:b5:c3:0d:0c:c9:70:90:3d:c6:69:eb:d3:dc:37:91:21:
cf:87:da:16:74:53:68:3c:88:65:8d:ce:21:d0:c9:ec:12:11:
98:b2:90:d6:48:f3:53:7c:7e:c7:48:45:65:0e:f8:6f:81:90:
43:4d:85:f3:dc:b1:ea:b0:78:71:84:b3:48:d8:77:b8:aa:9e:
96:17:52:86:54:9f:f1:54:d8:a8:31:e5:1b:a9:67:2d:69:5a:
9a:6f:0a:fe:14:3b:3f:f0:dc:4a:7a:55:6a:25:e0:97:85:50:
6d:57:e5:c4:bd:df:5c:35:31:0d:b1:34:d4:a2:2d:07:f4:dd:
e4:6d:2e:5e:30:0a:26:91:b4:85:b3:cc:bd:0f:2d:e6:95:25:
3d:85:18:d6:a4:21:03:84:ad:9a:5c:42:6d:0b:a9:29:8f:f6:
a4:0e:36:4c:a3:97:e2:37:50:b1:1c:73:48:30:28:6e:85:45:
9c:16:23:5a:63:21:b3:64:c2:f0:8d:f2:9e:76:08:16:fc:6c:
b2:03:c3:2f:54:86:68:15:1e:c0:e9:47:7b:5b:3f:a1:e2:35:
77:96:8f:a3:24:e4:34:9c:45:54:8b:88:00:d0:0b:c3:e5:fe:
4b:a4:49:a8:1e:56:9f:ee:3b:18:21:16:14:b9:12:89:8e:9b:
41:24:7d:63
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCzswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRDRjExMTAvBgNVBAUTKDA4QkQxQ0M1QUVERTc0OTJCMkYyMjU3QUExOTREQjA4
NTU1QUY2RjIwHhcNMjMwNjA4MjAzMDI1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgyM2E2MS00ZTg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtpH7jI63HHVOs+bpWO25wDZIUtciQSv1c8XlY89oZYFVwUQ7j8wE3jraL/0N
n3tcOptsKPmrx5tt81HaliE6HbWRz3LIPKDDYUZ5+AD1+VAYNcyd8KkYy+AcUH5H
tCcOsKzjmT9BSmqGnL62B8z1Ps+QClYC+5tdPm4Bdoae+b4MzXGS9aDzKvC6zvSU
CLPgWMFL84riPqAR3oz/GYRUizcFOQ2IqSEAccQ6XT/MET0i5mwAQzimnbUzthn/
dKHmdo2vYeGykPdWGD9vSZ1QoJmwpRq0FD9lMaOJGLguPltgQkINepXR/8tryG19
UeBA6+/8Fl8zQBXARNNlsylOxQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGVW/5Sp
1DXhlDyhT2ZUcJvV2WKMMB8GA1UdIwQYMBaAFAi9HMWu3nSSsvIleqGU2whVWvby
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNENGMS9BRDkwNDZGRTA1
ODYxMUVBOTJFNTY1NTJDNEY5QUUwMi9DTDBjeGE3ZWRKS3k4aVY2b1pUYkNGVmE5
dkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NMMGN4YTdlZEpLeThpVjZvWlRiQ0ZWYTl2SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRDRjEvQUQ5MDQ2RkUwNTg2MTFFQTkyRTU2NTUyQzRGOUFFMDIvNTJDOEJGOThD
ODhFMTFFREJEQUY3NTJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnbw0wDQYJKoZIhvcNAQELBQADggEBAMMttcMNDMlwkD3G
aevT3DeRIc+H2hZ0U2g8iGWNziHQyewSEZiykNZI81N8fsdIRWUO+G+BkENNhfPc
seqweHGEs0jYd7iqnpYXUoZUn/FU2Kgx5RupZy1pWppvCv4UOz/w3Ep6VWol4JeF
UG1X5cS931w1MQ2xNNSiLQf03eRtLl4wCiaRtIWzzL0PLeaVJT2FGNakIQOErZpc
Qm0LqSmP9qQONkyjl+I3ULEcc0gwKG6FRZwWI1pjIbNkwvCN8p52CBb8bLIDwy9U
hmgVHsDpR3tbP6HiNXeWj6Mk5DScRVSLiADQC8Pl/kukSageVp/uOxghFhS5EomO
m0EkfWM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:32 2024 by rpki-client on console-ams.rpki-client.org