Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/A75F1ECA256511EDAE59AC2CC4F9AE02.roa
File: A75F1ECA256511EDAE59AC2CC4F9AE02.roa (raw, json)
Hash identifier: N1SX2HNO4MViIrdrbZutBUhieAWSwqY2nuAc3MvUHmo=
Subject key identifier: 68:36:CF:3A:EF:7D:A4:E7:49:56:77:78:EC:D5:0A:0D:C7:F8:BF:75
Certificate issuer: /CN=A91E4CF1/serialNumber=08BD1CC5AEDE7492B2F2257AA194DB08555AF6F2
Certificate serial: 0A54
Authority key identifier: 08:BD:1C:C5:AE:DE:74:92:B2:F2:25:7A:A1:94:DB:08:55:5A:F6:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CL0cxa7edJKy8iV6oZTbCFVa9vI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/A75F1ECA256511EDAE59AC2CC4F9AE02.roa
Signing time: Fri 26 Aug 2022 19:56:14 +0000
ROA not before: Fri 26 Aug 2022 19:56:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 135438
IP address blocks: 103.111.12.0/24 maxlen: 24
103.111.13.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2644 (0xa54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4CF1/serialNumber=08BD1CC5AEDE7492B2F2257AA194DB08555AF6F2
Validity
Not Before: Aug 26 19:56:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6309255e-7a84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f4:f5:d0:80:04:ba:f4:3e:8c:7a:7b:75:5c:
7e:87:64:4d:69:91:97:42:84:52:ee:7d:2a:d6:94:
80:e9:cf:fb:09:e6:de:e3:3e:8a:3c:3d:94:a9:19:
f6:bd:60:29:b5:02:71:6a:a7:1a:c5:8c:4f:6b:17:
11:b6:b5:b9:78:a0:76:50:14:1d:7d:4d:e8:40:99:
3d:59:4e:c1:65:6f:0e:e6:12:50:07:b8:39:a4:05:
25:a1:f8:84:2b:7c:b3:0d:49:7a:26:43:db:ce:f3:
75:e2:90:80:8b:0d:08:fe:e7:53:4a:1d:67:ab:af:
8f:e1:b6:7b:9d:be:8d:02:f5:ba:09:61:f9:d3:92:
ff:b8:d3:b5:0a:5d:7f:b0:e4:4c:b0:0a:fe:0c:5f:
63:47:d7:fa:0e:2e:42:37:3d:1a:e3:e2:b2:75:09:
21:8d:7b:9e:48:7e:61:31:37:10:3a:6e:87:26:fa:
e5:40:be:5a:90:a9:a6:e2:a0:e6:60:7b:a4:0a:84:
f4:b1:51:cc:6b:42:31:c8:7d:70:b8:36:af:a2:94:
41:ad:bf:36:39:55:23:b4:79:41:14:42:f5:6b:b9:
62:44:c2:bd:66:10:9f:e2:8c:e6:d4:05:3c:b0:a0:
a3:6c:9c:67:7e:4b:a9:b2:d9:12:ce:bf:3f:8e:bc:
a7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:36:CF:3A:EF:7D:A4:E7:49:56:77:78:EC:D5:0A:0D:C7:F8:BF:75
X509v3 Authority Key Identifier:
keyid:08:BD:1C:C5:AE:DE:74:92:B2:F2:25:7A:A1:94:DB:08:55:5A:F6:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/CL0cxa7edJKy8iV6oZTbCFVa9vI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CL0cxa7edJKy8iV6oZTbCFVa9vI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4CF1/AD9046FE058611EA92E56552C4F9AE02/A75F1ECA256511EDAE59AC2CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.111.12.0/23
Signature Algorithm: sha256WithRSAEncryption
d6:0b:35:be:a5:e5:0a:d6:87:a2:cd:63:f2:fe:fd:f5:60:2a:
43:41:65:a4:8f:0e:73:d2:a4:db:2f:a2:ae:2b:32:77:2b:44:
aa:09:e9:06:49:2e:b5:40:22:37:da:79:41:cc:a9:03:1a:65:
16:09:d4:6b:64:2a:74:18:19:9d:fb:f9:58:de:47:5f:64:53:
0d:30:ce:a8:26:c4:15:60:a9:89:fc:a3:47:9e:d1:9e:21:dd:
0b:4b:33:b7:6b:50:a9:f8:7a:ad:85:42:0d:3e:f6:c0:44:a6:
c4:c1:6a:5e:46:43:fc:95:b3:f7:af:1a:da:fa:33:a2:f4:0d:
d0:28:01:86:d2:d0:50:86:33:53:43:49:69:90:09:21:78:41:
88:83:8f:65:23:15:0c:b5:e1:73:69:77:77:f5:cc:9d:ff:db:
89:2e:7c:8a:05:5c:91:f0:8a:38:ca:6f:86:61:56:3d:4b:78:
35:d0:b2:49:28:27:3a:4c:8e:e5:22:90:34:9e:7c:76:6f:dc:
94:24:b6:4e:27:cb:18:81:06:6d:d2:55:55:5b:94:aa:3c:ee:
65:87:cc:1a:08:4c:1d:ac:1a:a2:b9:a5:87:e8:a8:65:a5:14:
4c:a6:8e:a7:73:61:51:51:8f:44:ae:e8:9d:d3:61:2b:36:a0:
bd:55:92:13
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICClQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRDRjExMTAvBgNVBAUTKDA4QkQxQ0M1QUVERTc0OTJCMkYyMjU3QUExOTREQjA4
NTU1QUY2RjIwHhcNMjIwODI2MTk1NjE0WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA5MjU1ZS03YTg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1vT10IAEuvQ+jHp7dVx+h2RNaZGXQoRS7n0q1pSA6c/7Cebe4z6KPD2UqRn2
vWAptQJxaqcaxYxPaxcRtrW5eKB2UBQdfU3oQJk9WU7BZW8O5hJQB7g5pAUlofiE
K3yzDUl6JkPbzvN14pCAiw0I/udTSh1nq6+P4bZ7nb6NAvW6CWH505L/uNO1Cl1/
sORMsAr+DF9jR9f6Di5CNz0a4+KydQkhjXueSH5hMTcQOm6HJvrlQL5akKmm4qDm
YHukCoT0sVHMa0IxyH1wuDavopRBrb82OVUjtHlBFEL1a7liRMK9ZhCf4ozm1AU8
sKCjbJxnfkupstkSzr8/jryn3wIDAQABo4IClTCCApEwHQYDVR0OBBYEFGg2zzrv
faTnSVZ3eOzVCg3H+L91MB8GA1UdIwQYMBaAFAi9HMWu3nSSsvIleqGU2whVWvby
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNENGMS9BRDkwNDZGRTA1
ODYxMUVBOTJFNTY1NTJDNEY5QUUwMi9DTDBjeGE3ZWRKS3k4aVY2b1pUYkNGVmE5
dkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NMMGN4YTdlZEpLeThpVjZvWlRiQ0ZWYTl2SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRDRjEvQUQ5MDQ2RkUwNTg2MTFFQTkyRTU2NTUyQzRGOUFFMDIvQTc1RjFFQ0Ey
NTY1MTFFREFFNTlBQzJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnbwwwDQYJKoZIhvcNAQELBQADggEBANYLNb6l5QrWh6LN
Y/L+/fVgKkNBZaSPDnPSpNsvoq4rMncrRKoJ6QZJLrVAIjfaeUHMqQMaZRYJ1Gtk
KnQYGZ37+VjeR19kUw0wzqgmxBVgqYn8o0ee0Z4h3QtLM7drUKn4eq2FQg0+9sBE
psTBal5GQ/yVs/evGtr6M6L0DdAoAYbS0FCGM1NDSWmQCSF4QYiDj2UjFQy14XNp
d3f1zJ3/24kufIoFXJHwijjKb4ZhVj1LeDXQskkoJzpMjuUikDSefHZv3JQktk4n
yxiBBm3SVVVblKo87mWHzBoITB2sGqK5pYfoqGWlFEymjqdzYVFRj0Su6J3TYSs2
oL1VkhM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:44 2024 by rpki-client on console-fra.rpki-client.org