Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/85F0A0D0258111ED9EC26986C4F9AE02.roa
File: 85F0A0D0258111ED9EC26986C4F9AE02.roa (raw, json)
Hash identifier: 10KTKcuqBBTwDkksM88GpVZtaJzq17RLtFlQ56wPdQE=
Subject key identifier: 51:E1:AA:D1:12:6C:E2:BB:BD:29:11:6A:3A:6C:25:89:86:07:3B:F3
Certificate issuer: /CN=A91E4CF1/serialNumber=08BD1CC5AEDE7492B2F2257AA194DB08555AF6F2
Certificate serial: 0A56
Authority key identifier: 08:BD:1C:C5:AE:DE:74:92:B2:F2:25:7A:A1:94:DB:08:55:5A:F6:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CL0cxa7edJKy8iV6oZTbCFVa9vI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/85F0A0D0258111ED9EC26986C4F9AE02.roa
Signing time: Fri 26 Aug 2022 20:56:15 +0000
ROA not before: Fri 26 Aug 2022 20:56:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58717
IP address blocks: 103.111.13.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2646 (0xa56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4CF1/serialNumber=08BD1CC5AEDE7492B2F2257AA194DB08555AF6F2
Validity
Not Before: Aug 26 20:56:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6309336f-e362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ed:6e:78:8f:e4:2b:be:70:a7:70:6c:13:09:
e2:57:af:80:c3:ce:24:e9:ba:4d:ef:ee:36:bf:91:
10:5b:b0:9a:b0:cd:ff:cd:30:73:e4:69:5e:6c:59:
6a:09:8e:3c:f5:7f:e2:f4:0d:21:18:f8:03:03:92:
7a:ed:82:99:16:a4:27:d7:bc:58:45:ac:2d:9b:a8:
ee:b0:99:ce:16:97:31:3a:2a:5f:34:5d:1e:2e:ab:
c6:fc:68:43:83:fb:b0:98:4f:d6:9b:92:fc:7d:d5:
fc:af:89:79:39:96:8e:f1:f4:71:e1:94:42:b8:14:
a7:25:7e:5f:1c:9c:ce:a5:53:fb:d6:f7:ee:5a:e9:
a1:73:4d:a3:52:22:73:f5:4d:09:14:ff:57:41:82:
76:e5:a1:d3:16:ad:d3:0f:1c:13:8f:60:a5:3a:d7:
da:01:17:e5:7c:31:7a:d9:f1:99:ef:e7:d5:a3:d2:
6a:c5:23:ef:39:64:68:a8:cc:47:a7:a8:bd:82:03:
b5:18:51:4d:f3:e7:92:a4:ae:20:15:66:74:bc:29:
d3:6d:0f:ac:71:f6:8f:32:5c:34:dc:64:c2:9e:f2:
a9:31:be:d1:2e:0a:17:7f:94:b5:11:0f:1c:9d:f5:
53:83:20:07:1f:f4:42:29:fe:8d:d4:5e:79:18:b5:
cc:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:E1:AA:D1:12:6C:E2:BB:BD:29:11:6A:3A:6C:25:89:86:07:3B:F3
X509v3 Authority Key Identifier:
keyid:08:BD:1C:C5:AE:DE:74:92:B2:F2:25:7A:A1:94:DB:08:55:5A:F6:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/CL0cxa7edJKy8iV6oZTbCFVa9vI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CL0cxa7edJKy8iV6oZTbCFVa9vI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/85F0A0D0258111ED9EC26986C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.111.13.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:db:86:aa:8e:ee:a3:d3:7d:a4:32:7f:2d:b0:75:3c:0c:6e:
62:f7:99:65:64:29:9e:1a:e2:7b:4f:b5:52:1b:25:3d:df:9e:
73:7c:66:f7:f0:ff:35:17:d2:03:1a:c8:d3:40:ac:4f:76:02:
31:05:25:3d:49:81:0d:f9:c3:ab:1c:c3:62:a1:40:8e:b0:06:
c4:d0:64:50:6c:b3:6d:9e:fe:a7:2d:ce:99:b2:06:6b:a3:4f:
60:a9:07:f2:3d:f1:96:2b:29:c5:b4:ce:a5:88:81:76:03:48:
b5:a1:e6:b3:52:f4:bb:e1:2e:e2:b4:71:d0:8e:73:90:62:84:
a3:3d:d6:40:8b:03:ce:96:f6:51:a1:2a:b4:2b:2d:23:5e:44:
c3:27:50:0e:19:d5:e1:59:08:eb:82:3c:a3:67:78:d4:6f:f6:
36:2e:d1:12:e7:dc:6d:47:f3:c0:36:f0:f7:98:17:cd:96:3e:
b9:ee:3a:5c:54:6e:b3:27:df:62:13:aa:fa:6b:d0:4e:8d:15:
2e:32:85:d3:18:a0:44:dc:f9:ac:f3:b3:68:bb:f9:2e:84:c4:
bc:60:78:73:91:e6:3f:4e:eb:f5:30:da:b1:ae:00:97:4f:e9:
72:9e:3c:7c:16:18:c5:ed:99:f4:1a:0a:0e:86:a1:a3:dd:de:
d3:fe:55:69
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICClYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRDRjExMTAvBgNVBAUTKDA4QkQxQ0M1QUVERTc0OTJCMkYyMjU3QUExOTREQjA4
NTU1QUY2RjIwHhcNMjIwODI2MjA1NjE1WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA5MzM2Zi1lMzYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAye1ueI/kK75wp3BsEwniV6+Aw84k6bpN7+42v5EQW7CasM3/zTBz5GlebFlq
CY489X/i9A0hGPgDA5J67YKZFqQn17xYRawtm6jusJnOFpcxOipfNF0eLqvG/GhD
g/uwmE/Wm5L8fdX8r4l5OZaO8fRx4ZRCuBSnJX5fHJzOpVP71vfuWumhc02jUiJz
9U0JFP9XQYJ25aHTFq3TDxwTj2ClOtfaARflfDF62fGZ7+fVo9JqxSPvOWRoqMxH
p6i9ggO1GFFN8+eSpK4gFWZ0vCnTbQ+scfaPMlw03GTCnvKpMb7RLgoXf5S1EQ8c
nfVTgyAHH/RCKf6N1F55GLXMIwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFHhqtES
bOK7vSkRajpsJYmGBzvzMB8GA1UdIwQYMBaAFAi9HMWu3nSSsvIleqGU2whVWvby
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNENGMS9BRDkwNDZGRTA1
ODYxMUVBOTJFNTY1NTJDNEY5QUUwMi9DTDBjeGE3ZWRKS3k4aVY2b1pUYkNGVmE5
dkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NMMGN4YTdlZEpLeThpVjZvWlRiQ0ZWYTl2SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRDRjEvQUQ5MDQ2RkUwNTg2MTFFQTkyRTU2NTUyQzRGOUFFMDIvODVGMEEwRDAy
NTgxMTFFRDlFQzI2OTg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnbw0wDQYJKoZIhvcNAQELBQADggEBANPbhqqO7qPTfaQy
fy2wdTwMbmL3mWVkKZ4a4ntPtVIbJT3fnnN8Zvfw/zUX0gMayNNArE92AjEFJT1J
gQ35w6scw2KhQI6wBsTQZFBss22e/qctzpmyBmujT2CpB/I98ZYrKcW0zqWIgXYD
SLWh5rNS9LvhLuK0cdCOc5BihKM91kCLA86W9lGhKrQrLSNeRMMnUA4Z1eFZCOuC
PKNneNRv9jYu0RLn3G1H88A28PeYF82WPrnuOlxUbrMn32ITqvpr0E6NFS4yhdMY
oETc+azzs2i7+S6ExLxgeHOR5j9O6/Uw2rGuAJdP6XKePHwWGMXtmfQaCg6GoaPd
3tP+VWk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:44 2024 by rpki-client on console-fra.rpki-client.org