Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/60E12BCC411711EEAF80C00AC4F9AE02.roa
File: 60E12BCC411711EEAF80C00AC4F9AE02.roa (raw, json)
Hash identifier: pGdv8KydgRP0efaPvAhrn4IKBzCXUk7uzAqPyGgs4V0=
Subject key identifier: 9D:1C:D8:2B:1D:EB:E7:12:2B:59:CE:88:5D:F3:BF:3D:FB:09:7C:5C
Certificate issuer: /CN=A91E4CF1/serialNumber=08BD1CC5AEDE7492B2F2257AA194DB08555AF6F2
Certificate serial: 0B73
Authority key identifier: 08:BD:1C:C5:AE:DE:74:92:B2:F2:25:7A:A1:94:DB:08:55:5A:F6:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CL0cxa7edJKy8iV6oZTbCFVa9vI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/60E12BCC411711EEAF80C00AC4F9AE02.roa
Signing time: Tue 22 Aug 2023 18:11:56 +0000
ROA not before: Tue 22 Aug 2023 18:11:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137961
IP address blocks: 103.111.13.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2931 (0xb73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4CF1/serialNumber=08BD1CC5AEDE7492B2F2257AA194DB08555AF6F2
Validity
Not Before: Aug 22 18:11:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64e4fa6c-ae6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:09:d4:30:6a:b9:2b:8f:0f:1b:69:6f:4b:84:
29:39:ff:87:60:1a:fb:65:b4:30:f0:4f:b9:1f:8b:
fd:dd:8b:d7:04:91:9f:c0:ad:53:9e:9c:ff:ab:b3:
3d:08:61:f8:b9:e3:47:2d:7c:cc:b2:30:6b:dc:49:
fc:f7:8b:53:d8:d8:f3:ec:1b:ae:a1:cc:4d:39:85:
87:dd:4c:f4:55:5d:4d:b4:9a:46:91:be:74:64:6e:
1b:73:08:8f:8b:cf:5b:d6:f8:3d:6b:d2:84:fa:ae:
de:91:5c:71:d8:1e:fc:b1:ae:64:76:4d:20:3d:df:
ba:89:ba:25:50:6d:f1:2a:20:4e:35:87:ab:5b:ae:
98:21:8f:a6:6c:49:13:59:29:62:cc:28:c6:93:e6:
5f:d3:64:0d:f2:34:0c:de:d3:82:d8:02:09:64:ec:
2f:0a:be:e5:45:18:d7:5e:8d:85:3b:4d:be:1e:8d:
73:0d:b4:1f:26:d9:9d:d1:51:fa:f4:13:25:35:17:
42:55:e6:83:74:3b:48:24:30:b4:e7:cd:4f:40:a2:
1c:5b:52:09:d6:52:a9:75:30:f3:61:d4:3c:d0:8a:
07:d3:b2:74:0d:f8:c4:c2:78:5b:e4:be:62:5c:fa:
31:91:8a:79:66:7c:2b:51:cc:c2:4a:be:5b:87:88:
c9:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:1C:D8:2B:1D:EB:E7:12:2B:59:CE:88:5D:F3:BF:3D:FB:09:7C:5C
X509v3 Authority Key Identifier:
keyid:08:BD:1C:C5:AE:DE:74:92:B2:F2:25:7A:A1:94:DB:08:55:5A:F6:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/CL0cxa7edJKy8iV6oZTbCFVa9vI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CL0cxa7edJKy8iV6oZTbCFVa9vI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/60E12BCC411711EEAF80C00AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.111.13.0/24
Signature Algorithm: sha256WithRSAEncryption
13:4e:99:d7:65:53:8e:2f:9e:ab:79:17:6f:c9:af:64:4f:eb:
a9:e7:91:01:a5:71:67:1b:67:2a:12:91:87:75:6d:e5:c3:da:
ef:6f:15:fb:00:b4:b9:df:16:7a:48:41:64:04:fe:bf:68:db:
73:06:62:bb:fa:c9:6d:f0:ac:0d:60:04:38:0e:9c:c6:77:a8:
ec:82:4f:00:72:7d:07:fc:e3:45:80:4c:fe:2b:d0:db:79:40:
e0:fe:6f:2d:e3:38:86:a5:f5:76:9d:73:df:b3:88:5a:ce:a5:
8e:63:40:5b:2f:a7:d1:82:d3:80:6e:b0:bd:6b:6b:ec:9b:ae:
7a:6f:56:7b:19:45:58:0b:7c:a2:76:cb:4a:0a:be:f9:27:4c:
b3:d9:95:a8:64:54:7a:ae:0b:47:37:b1:d7:48:65:34:b8:dc:
2a:cc:b1:ae:5a:5c:68:71:7d:b1:04:e6:00:87:f3:ce:10:18:
6d:ab:27:f4:16:93:df:40:8a:61:de:e1:62:26:27:33:06:36:
2b:82:34:a2:e9:2a:34:5e:36:39:8c:ab:a6:0e:97:a0:dc:93:
8c:ae:1c:00:ce:40:d5:71:7e:20:22:84:53:53:93:6b:e0:1d:
b0:f1:40:5a:8c:63:f5:5f:33:39:29:4f:80:b7:18:4e:92:7d:
c6:6f:fb:85
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC3MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRDRjExMTAvBgNVBAUTKDA4QkQxQ0M1QUVERTc0OTJCMkYyMjU3QUExOTREQjA4
NTU1QUY2RjIwHhcNMjMwODIyMTgxMTU2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGU0ZmE2Yy1hZTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8AnUMGq5K48PG2lvS4QpOf+HYBr7ZbQw8E+5H4v93YvXBJGfwK1Tnpz/q7M9
CGH4ueNHLXzMsjBr3En894tT2Njz7BuuocxNOYWH3Uz0VV1NtJpGkb50ZG4bcwiP
i89b1vg9a9KE+q7ekVxx2B78sa5kdk0gPd+6ibolUG3xKiBONYerW66YIY+mbEkT
WSlizCjGk+Zf02QN8jQM3tOC2AIJZOwvCr7lRRjXXo2FO02+Ho1zDbQfJtmd0VH6
9BMlNRdCVeaDdDtIJDC0581PQKIcW1IJ1lKpdTDzYdQ80IoH07J0DfjEwnhb5L5i
XPoxkYp5ZnwrUczCSr5bh4jJOQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJ0c2Csd
6+cSK1nOiF3zvz37CXxcMB8GA1UdIwQYMBaAFAi9HMWu3nSSsvIleqGU2whVWvby
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNENGMS9BRDkwNDZGRTA1
ODYxMUVBOTJFNTY1NTJDNEY5QUUwMi9DTDBjeGE3ZWRKS3k4aVY2b1pUYkNGVmE5
dkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NMMGN4YTdlZEpLeThpVjZvWlRiQ0ZWYTl2SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRDRjEvQUQ5MDQ2RkUwNTg2MTFFQTkyRTU2NTUyQzRGOUFFMDIvNjBFMTJCQ0M0
MTE3MTFFRUFGODBDMDBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnbw0wDQYJKoZIhvcNAQELBQADggEBABNOmddlU44vnqt5
F2/Jr2RP66nnkQGlcWcbZyoSkYd1beXD2u9vFfsAtLnfFnpIQWQE/r9o23MGYrv6
yW3wrA1gBDgOnMZ3qOyCTwByfQf840WATP4r0Nt5QOD+by3jOIal9Xadc9+ziFrO
pY5jQFsvp9GC04BusL1ra+ybrnpvVnsZRVgLfKJ2y0oKvvknTLPZlahkVHquC0c3
sddIZTS43CrMsa5aXGhxfbEE5gCH884QGG2rJ/QWk99AimHe4WImJzMGNiuCNKLp
KjReNjmMq6YOl6Dck4yuHADOQNVxfiAihFNTk2vgHbDxQFqMY/VfMzkpT4C3GE6S
fcZv+4U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:32 2024 by rpki-client on console-ams.rpki-client.org