Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/7E0B5872508011EDBD626D51C4F9AE02.roa
File: 7E0B5872508011EDBD626D51C4F9AE02.roa (raw, json)
Hash identifier: gF+xEK2Ju8mdAESJ/yEPFBCreuDVb8eG2vtOtA2KQYE=
Subject key identifier: F3:D2:EC:F7:94:2A:86:B8:CA:96:C5:FE:E9:7B:FD:0A:F0:7F:07:99
Certificate issuer: /CN=A91E4CF1/serialNumber=08BD1CC5AEDE7492B2F2257AA194DB08555AF6F2
Certificate serial: 0AB1
Authority key identifier: 08:BD:1C:C5:AE:DE:74:92:B2:F2:25:7A:A1:94:DB:08:55:5A:F6:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CL0cxa7edJKy8iV6oZTbCFVa9vI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/7E0B5872508011EDBD626D51C4F9AE02.roa
Signing time: Thu 20 Oct 2022 17:26:29 +0000
ROA not before: Thu 20 Oct 2022 17:26:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58689
IP address blocks: 103.111.13.0/24 maxlen: 24
2402:91c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2737 (0xab1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4CF1/serialNumber=08BD1CC5AEDE7492B2F2257AA194DB08555AF6F2
Validity
Not Before: Oct 20 17:26:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=635184c4-1596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:75:05:cb:74:f8:e6:f5:75:fb:15:ce:99:b8:
c5:db:22:5e:3e:a9:90:87:b9:d1:9a:19:e2:dd:ef:
80:39:b8:5a:9f:c9:0a:95:2f:29:46:6f:d0:67:05:
c3:ef:da:79:cf:c6:37:6e:c7:8a:b9:f9:7c:3a:b4:
1f:7d:7f:e8:d5:a1:09:20:69:e5:1a:a6:43:5e:fa:
9f:ef:34:c9:11:66:fb:3f:af:5f:43:25:0b:a9:d7:
b0:20:d2:9d:07:7e:6d:9e:35:fe:db:ac:03:a3:1c:
6d:48:f0:1c:66:d8:f8:b4:7e:ac:99:0d:68:58:d7:
2b:49:a8:3e:61:8f:c1:e9:be:33:10:28:c2:6d:5a:
b8:1b:84:cb:d2:57:05:7c:e5:37:bd:46:40:c7:69:
9b:73:75:bb:79:30:86:34:56:ab:d1:e2:87:cc:60:
05:af:11:01:0b:f4:1e:10:5c:1d:de:fc:17:37:a7:
b9:c8:0e:1c:32:cf:6a:00:e2:01:39:30:06:65:2a:
ac:ba:f3:1d:89:6a:59:c1:07:38:8f:42:39:80:a9:
b0:50:26:b2:c0:6c:b0:8a:d4:f0:19:29:05:a0:86:
3e:e6:08:5e:2c:7a:76:34:b5:ed:33:ea:8f:63:53:
7d:f4:4d:d5:2b:dd:75:69:00:d1:72:bd:25:ea:f9:
0d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:D2:EC:F7:94:2A:86:B8:CA:96:C5:FE:E9:7B:FD:0A:F0:7F:07:99
X509v3 Authority Key Identifier:
keyid:08:BD:1C:C5:AE:DE:74:92:B2:F2:25:7A:A1:94:DB:08:55:5A:F6:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/CL0cxa7edJKy8iV6oZTbCFVa9vI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CL0cxa7edJKy8iV6oZTbCFVa9vI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/7E0B5872508011EDBD626D51C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.111.13.0/24
IPv6:
2402:91c0::/32
Signature Algorithm: sha256WithRSAEncryption
55:fd:f3:87:41:24:f0:84:36:6a:08:be:4e:6c:e2:d0:31:dc:
f5:8f:4a:a3:e1:d6:2a:97:35:4a:da:bf:4a:c9:0e:e3:96:e1:
c2:a3:5f:fa:33:b2:33:60:99:da:55:85:10:ac:8a:7e:77:38:
a1:ae:00:7b:69:14:1c:30:42:da:2e:79:91:de:a7:96:14:b9:
60:7a:b4:ff:90:d5:94:6c:09:51:d3:af:7f:fd:01:a3:a6:4f:
35:eb:ee:8c:93:2a:91:a7:85:97:05:aa:66:6e:57:13:ab:f2:
78:28:47:e0:55:8a:50:a1:f1:f0:29:43:79:9e:37:5d:80:6e:
23:1c:84:b0:8c:ad:ce:da:1e:db:30:78:d5:ed:24:b7:5e:91:
35:3d:16:74:09:f6:17:5d:53:42:53:3d:23:0d:eb:06:15:7b:
1d:53:e6:e3:b3:dd:fd:a1:ee:15:87:20:2a:07:47:9c:19:6c:
7b:13:d7:7b:2c:b3:69:4c:ea:ad:a7:2b:32:df:d1:5f:d9:8f:
10:54:51:5f:af:bf:2e:89:a0:97:31:4b:56:4f:2c:2b:c9:05:
23:98:79:9c:f8:05:8d:25:58:de:f2:86:5e:66:bb:40:0c:6f:
85:90:80:6c:bd:54:53:50:87:26:fa:46:1c:5d:62:30:91:ec:
da:8e:d3:b6
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCrEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRDRjExMTAvBgNVBAUTKDA4QkQxQ0M1QUVERTc0OTJCMkYyMjU3QUExOTREQjA4
NTU1QUY2RjIwHhcNMjIxMDIwMTcyNjI5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzUxODRjNC0xNTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxnUFy3T45vV1+xXOmbjF2yJePqmQh7nRmhni3e+AObhan8kKlS8pRm/QZwXD
79p5z8Y3bseKufl8OrQffX/o1aEJIGnlGqZDXvqf7zTJEWb7P69fQyULqdewINKd
B35tnjX+26wDoxxtSPAcZtj4tH6smQ1oWNcrSag+YY/B6b4zECjCbVq4G4TL0lcF
fOU3vUZAx2mbc3W7eTCGNFar0eKHzGAFrxEBC/QeEFwd3vwXN6e5yA4cMs9qAOIB
OTAGZSqsuvMdiWpZwQc4j0I5gKmwUCaywGywitTwGSkFoIY+5gheLHp2NLXtM+qP
Y1N99E3VK911aQDRcr0l6vkNFQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPPS7PeU
Koa4ypbF/ul7/QrwfweZMB8GA1UdIwQYMBaAFAi9HMWu3nSSsvIleqGU2whVWvby
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNENGMS9BRDkwNDZGRTA1
ODYxMUVBOTJFNTY1NTJDNEY5QUUwMi9DTDBjeGE3ZWRKS3k4aVY2b1pUYkNGVmE5
dkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NMMGN4YTdlZEpLeThpVjZvWlRiQ0ZWYTl2SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRDRjEvQUQ5MDQ2RkUwNTg2MTFFQTkyRTU2NTUyQzRGOUFFMDIvN0UwQjU4NzI1
MDgwMTFFREJENjI2RDUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABnbw0wDQQCAAIwBwMFACQCkcAwDQYJKoZIhvcNAQELBQAD
ggEBAFX984dBJPCENmoIvk5s4tAx3PWPSqPh1iqXNUrav0rJDuOW4cKjX/ozsjNg
mdpVhRCsin53OKGuAHtpFBwwQtoueZHep5YUuWB6tP+Q1ZRsCVHTr3/9AaOmTzXr
7oyTKpGnhZcFqmZuVxOr8ngoR+BVilCh8fApQ3meN12AbiMchLCMrc7aHtsweNXt
JLdekTU9FnQJ9hddU0JTPSMN6wYVex1T5uOz3f2h7hWHICoHR5wZbHsT13sss2lM
6q2nKzLf0V/ZjxBUUV+vvy6JoJcxS1ZPLCvJBSOYeZz4BY0lWN7yhl5mu0AMb4WQ
gGy9VFNQhyb6RhxdYjCR7NqO07Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:44 2024 by rpki-client on console-fra.rpki-client.org