Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E923A/C9B3CC54EC1111E98E0F8647C4F9AE02/426E8C627E9C11EE964A997FC4F9AE02.roa
File: 426E8C627E9C11EE964A997FC4F9AE02.roa (raw, json)
Hash identifier: CYuj57q/bSVpWBJFys8p5o6xQGuOiF5yyHqGitdFOXw=
Subject key identifier: D3:78:C9:A3:B5:8A:37:5B:E3:20:32:9C:59:40:B6:11:D9:5A:CB:7B
Certificate issuer: /CN=A91E923A/serialNumber=6638A604260FCCF2E9D8B20C1792ECA15DC76D5C
Certificate serial: 02
Authority key identifier: 66:38:A6:04:26:0F:CC:F2:E9:D8:B2:0C:17:92:EC:A1:5D:C7:6D:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZjimBCYPzPLp2LIMF5LsoV3HbVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E923A/C9B3CC54EC1111E98E0F8647C4F9AE02/426E8C627E9C11EE964A997FC4F9AE02.roa
Signing time: Thu 09 Nov 2023 01:06:49 +0000
ROA not before: Thu 09 Nov 2023 01:06:49 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 137871
IP address blocks: 103.139.178.0/23 maxlen: 24
2406:1dc0::/32 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E923A/serialNumber=6638A604260FCCF2E9D8B20C1792ECA15DC76D5C
Validity
Not Before: Nov 9 01:06:49 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=654c30a9-8fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0c:76:b6:c1:80:c5:1b:9f:5d:f9:4e:0c:56:
71:92:a5:12:d2:26:0b:6e:30:10:0e:b7:5b:c8:02:
88:59:e2:94:ec:e7:9d:f6:9b:1f:5b:aa:3e:56:ee:
65:b1:89:a4:f6:23:94:8e:9b:8e:0e:c7:50:fa:17:
5e:87:f9:ae:99:d2:c8:6f:0c:ff:03:d5:d4:e5:f3:
1e:ce:cf:3a:5f:d1:5d:be:b6:96:7f:35:d6:63:d9:
65:51:2b:9b:e5:40:1b:c2:75:c5:ea:f1:02:ac:0d:
a7:01:1f:5c:40:9e:cf:f7:d2:81:48:2d:65:91:07:
bb:81:b9:ec:9e:33:f9:89:e9:33:a8:b7:fa:b2:f2:
d6:ab:02:63:84:ca:c2:6e:56:e4:e9:9c:19:68:85:
3c:36:7b:1f:80:a7:61:97:0e:20:8e:c5:55:b5:bc:
4c:0c:89:e5:29:56:eb:49:ca:89:a9:f1:9f:d9:23:
c1:ea:02:23:f7:59:b0:92:c4:5d:af:18:d6:68:cd:
0c:7e:56:29:95:10:62:e9:2b:48:37:2e:49:a2:fd:
95:b5:8a:91:99:27:a5:5c:3a:09:c2:43:ee:2e:f4:
a0:7e:06:8d:a9:c9:dc:10:70:4a:08:1f:5a:40:b2:
3d:30:52:7c:dd:d3:cf:69:40:78:3a:9a:41:79:dc:
05:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:78:C9:A3:B5:8A:37:5B:E3:20:32:9C:59:40:B6:11:D9:5A:CB:7B
X509v3 Authority Key Identifier:
keyid:66:38:A6:04:26:0F:CC:F2:E9:D8:B2:0C:17:92:EC:A1:5D:C7:6D:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E923A/C9B3CC54EC1111E98E0F8647C4F9AE02/ZjimBCYPzPLp2LIMF5LsoV3HbVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZjimBCYPzPLp2LIMF5LsoV3HbVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E923A/C9B3CC54EC1111E98E0F8647C4F9AE02/426E8C627E9C11EE964A997FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.139.178.0/23
IPv6:
2406:1dc0::/32
Signature Algorithm: sha256WithRSAEncryption
20:81:1a:f8:de:1f:60:6a:d6:5b:62:11:42:50:7d:14:c4:7e:
d6:95:ce:c2:28:94:c9:b8:33:7f:e9:89:be:d8:49:7f:95:b7:
d6:5e:05:04:bd:91:7d:68:ba:46:55:16:c4:7c:7c:d1:9b:3c:
c8:9a:27:06:4c:b1:8d:2d:9c:a7:dd:a2:50:58:1f:a7:5b:f5:
b0:c8:aa:a9:a1:27:6e:7d:1e:05:b3:80:33:37:0d:94:7e:39:
a6:c6:d0:88:55:2e:d6:db:63:f9:09:b9:b2:f1:4d:a1:8a:d1:
c0:74:03:d0:d0:b0:47:d1:de:1d:19:3a:37:da:f4:f3:c2:18:
62:b3:de:ea:ef:02:86:9c:91:b1:2b:cd:53:d5:03:f2:12:c3:
5b:f2:b4:ee:a2:1b:a4:47:87:fb:5b:b1:21:ab:40:b4:58:81:
4d:f9:98:04:da:d6:dc:8f:a5:76:80:88:f3:ff:6f:43:82:1e:
72:21:8b:0d:52:8c:10:3e:b9:9e:db:0c:c0:50:46:87:c8:d3:
80:e5:1b:70:51:4c:9a:9e:84:05:3f:b4:3b:74:49:b5:be:62:
41:cd:63:aa:6d:26:07:10:ee:4b:32:b0:1d:64:64:f4:45:db:
43:c2:bd:f3:eb:b8:fc:be:de:36:4c:81:1b:3c:36:eb:2a:42:
79:79:1e:5a
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
OTIzQTExMC8GA1UEBRMoNjYzOEE2MDQyNjBGQ0NGMkU5RDhCMjBDMTc5MkVDQTE1
REM3NkQ1QzAeFw0yMzExMDkwMTA2NDlaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NGMzMGE5LThmYmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFDHa2wYDFG59d+U4MVnGSpRLSJgtuMBAOt1vIAohZ4pTs5532mx9bqj5W7mWx
iaT2I5SOm44Ox1D6F16H+a6Z0shvDP8D1dTl8x7Ozzpf0V2+tpZ/NdZj2WVRK5vl
QBvCdcXq8QKsDacBH1xAns/30oFILWWRB7uBueyeM/mJ6TOot/qy8tarAmOEysJu
VuTpnBlohTw2ex+Ap2GXDiCOxVW1vEwMieUpVutJyomp8Z/ZI8HqAiP3WbCSxF2v
GNZozQx+VimVEGLpK0g3Lkmi/ZW1ipGZJ6VcOgnCQ+4u9KB+Bo2pydwQcEoIH1pA
sj0wUnzd089pQHg6mkF53AWrAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQU03jJo7WK
N1vjIDKcWUC2Edlay3swHwYDVR0jBBgwFoAUZjimBCYPzPLp2LIMF5LsoV3HbVww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU5MjNBL0M5QjNDQzU0RUMx
MTExRTk4RTBGODY0N0M0RjlBRTAyL1pqaW1CQ1lQelBMcDJMSU1GNUxzb1YzSGJW
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWmppbUJDWVB6UExwMkxJTUY1THNvVjNIYlZ3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
OTIzQS9DOUIzQ0M1NEVDMTExMUU5OEUwRjg2NDdDNEY5QUUwMi80MjZFOEM2MjdF
OUMxMUVFOTY0QTk5N0ZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAWeLsjANBAIAAjAHAwUAJAYdwDANBgkqhkiG9w0BAQsFAAOC
AQEAIIEa+N4fYGrWW2IRQlB9FMR+1pXOwiiUybgzf+mJvthJf5W31l4FBL2RfWi6
RlUWxHx80Zs8yJonBkyxjS2cp92iUFgfp1v1sMiqqaEnbn0eBbOAMzcNlH45psbQ
iFUu1ttj+Qm5svFNoYrRwHQD0NCwR9HeHRk6N9r088IYYrPe6u8ChpyRsSvNU9UD
8hLDW/K07qIbpEeH+1uxIatAtFiBTfmYBNrW3I+ldoCI8/9vQ4IeciGLDVKMED65
ntsMwFBGh8jTgOUbcFFMmp6EBT+0O3RJtb5iQc1jqm0mBxDuSzKwHWRk9EXbQ8K9
8+u4/L7eNkyBGzw26ypCeXkeWg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org