Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E923A/C9B3CC54EC1111E98E0F8647C4F9AE02/BCFE8E1EA14611EAA0797F22C4F9AE02.roa
File: BCFE8E1EA14611EAA0797F22C4F9AE02.roa (raw, json)
Hash identifier: FasqfdXxSn2/WkXpOzEKe7UuD9z2A99EKKIifVZ4z5Q=
Subject key identifier: E0:00:93:DB:25:03:C8:64:A4:92:60:84:50:D8:0E:A8:5D:30:E9:C3
Certificate issuer: /CN=A91E923A/serialNumber=988BA503A7651E32687C4C96F6EDE187C73D0438
Certificate serial: 0B75
Authority key identifier: 98:8B:A5:03:A7:65:1E:32:68:7C:4C:96:F6:ED:E1:87:C7:3D:04:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mIulA6dlHjJofEyW9u3hh8c9BDg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E923A/C9B3CC54EC1111E98E0F8647C4F9AE02/BCFE8E1EA14611EAA0797F22C4F9AE02.roa
Signing time: Mon 31 Jul 2023 18:56:26 +0000
ROA not before: Mon 31 Jul 2023 18:56:26 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 137871
IP address blocks: 103.139.178.0/23 maxlen: 24
2406:1dc0::/32 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2933 (0xb75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E923A/serialNumber=988BA503A7651E32687C4C96F6EDE187C73D0438
Validity
Not Before: Jul 31 18:56:26 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64c803da-de29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a7:11:e6:53:2b:6f:2f:a5:6b:84:cd:e5:2f:
ac:13:18:9d:de:05:5a:bf:16:41:97:4d:ac:16:c7:
ff:e3:18:70:1e:56:15:33:fe:7d:63:fd:64:17:fe:
b5:9a:b0:ad:99:5d:48:2a:ab:1e:83:04:e6:c5:f8:
a6:1a:07:87:2e:31:b8:d0:9d:1e:54:2c:80:82:08:
63:a8:d1:04:4e:c4:6e:3f:2f:8b:a7:63:2b:82:b2:
62:b5:e8:94:fa:bd:c0:08:45:12:c1:36:a0:0c:6d:
0d:8a:08:35:4a:ee:fe:fc:52:7f:14:d8:c1:83:f9:
de:b4:64:19:38:64:a4:8d:ce:4e:db:1e:ac:83:b6:
89:d9:b3:e5:ba:56:0a:fa:39:84:02:34:14:ea:07:
a4:1c:7e:22:f9:b7:63:bc:37:15:ba:cd:82:c2:44:
c0:88:18:e6:48:e5:97:37:aa:49:e8:fb:88:59:dc:
6a:80:f7:d5:5a:fd:0e:00:f4:89:58:eb:3f:3d:c7:
59:78:2a:42:56:7a:bd:8d:27:28:2e:96:4b:97:a0:
73:76:69:8a:b4:fd:a8:8a:a1:bb:2c:55:2d:6c:cf:
fc:2e:00:79:3f:e8:25:da:7c:ce:26:9b:b5:ce:a5:
86:b6:bc:03:23:bd:54:6e:e1:50:49:3c:c3:f1:f8:
88:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:00:93:DB:25:03:C8:64:A4:92:60:84:50:D8:0E:A8:5D:30:E9:C3
X509v3 Authority Key Identifier:
keyid:98:8B:A5:03:A7:65:1E:32:68:7C:4C:96:F6:ED:E1:87:C7:3D:04:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E923A/C9B3CC54EC1111E98E0F8647C4F9AE02/mIulA6dlHjJofEyW9u3hh8c9BDg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mIulA6dlHjJofEyW9u3hh8c9BDg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E923A/C9B3CC54EC1111E98E0F8647C4F9AE02/BCFE8E1EA14611EAA0797F22C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.139.178.0/23
IPv6:
2406:1dc0::/32
Signature Algorithm: sha256WithRSAEncryption
6b:cc:29:b0:73:35:33:ca:bf:44:56:6e:6a:1a:eb:26:d4:d7:
a5:f5:7d:0d:96:aa:f8:b3:51:c6:1c:48:84:90:2e:c9:ff:47:
d8:c5:7b:9e:26:b1:28:0f:32:c6:e8:0b:e0:11:f0:b6:5a:f3:
b5:48:a7:82:71:30:67:f4:52:41:1e:70:d2:5c:72:68:18:4d:
64:1b:c4:a2:7e:23:2e:47:87:06:fc:f3:ec:84:a9:ce:18:7a:
0e:c5:74:0e:57:7c:99:14:7f:6f:9b:35:c7:98:3a:42:3f:9b:
2a:49:c4:b5:1a:7b:f7:ae:88:39:00:3b:ae:17:1e:8d:c1:53:
bb:e0:e1:93:2d:3f:9f:d2:d0:fb:3e:4d:94:4d:db:b7:50:8e:
82:19:e8:09:e0:b1:92:d4:50:16:c4:56:d0:f4:25:39:bf:26:
36:8e:35:ed:e7:e8:89:19:cb:49:92:df:80:08:a3:91:38:9f:
5e:c3:18:df:81:5e:7f:b9:d1:33:05:81:c2:2a:1c:e5:72:b7:
da:43:2e:f9:8e:8b:b9:1d:7a:a0:14:59:09:50:03:af:38:a6:
61:c8:32:cf:79:58:d2:d8:13:09:9d:75:26:16:ef:47:d2:8a:
19:8c:23:3f:60:30:e9:37:f5:ec:02:06:b1:c8:66:a8:7f:35:
c4:b3:b0:77
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICC3UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTkyM0ExMTAvBgNVBAUTKDk4OEJBNTAzQTc2NTFFMzI2ODdDNEM5NkY2RURFMTg3
QzczRDA0MzgwHhcNMjMwNzMxMTg1NjI2WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM4MDNkYS1kZTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArKcR5lMrby+la4TN5S+sExid3gVavxZBl02sFsf/4xhwHlYVM/59Y/1kF/61
mrCtmV1IKqsegwTmxfimGgeHLjG40J0eVCyAgghjqNEETsRuPy+Lp2MrgrJiteiU
+r3ACEUSwTagDG0Nigg1Su7+/FJ/FNjBg/netGQZOGSkjc5O2x6sg7aJ2bPlulYK
+jmEAjQU6gekHH4i+bdjvDcVus2CwkTAiBjmSOWXN6pJ6PuIWdxqgPfVWv0OAPSJ
WOs/PcdZeCpCVnq9jScoLpZLl6BzdmmKtP2oiqG7LFUtbM/8LgB5P+gl2nzOJpu1
zqWGtrwDI71UbuFQSTzD8fiIjQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFOAAk9sl
A8hkpJJghFDYDqhdMOnDMB8GA1UdIwQYMBaAFJiLpQOnZR4yaHxMlvbt4YfHPQQ4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTIzQS9DOUIzQ0M1NEVD
MTExMUU5OEUwRjg2NDdDNEY5QUUwMi9tSXVsQTZkbEhqSm9mRXlXOXUzaGg4YzlC
RGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21JdWxBNmRsSGpKb2ZFeVc5dTNoaDhjOUJEZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTkyM0EvQzlCM0NDNTRFQzExMTFFOThFMEY4NjQ3QzRGOUFFMDIvQkNGRThFMUVB
MTQ2MTFFQUEwNzk3RjIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFni7IwDQQCAAIwBwMFACQGHcAwDQYJKoZIhvcNAQELBQAD
ggEBAGvMKbBzNTPKv0RWbmoa6ybU16X1fQ2WqvizUcYcSISQLsn/R9jFe54msSgP
MsboC+AR8LZa87VIp4JxMGf0UkEecNJccmgYTWQbxKJ+Iy5Hhwb88+yEqc4Yeg7F
dA5XfJkUf2+bNceYOkI/mypJxLUae/euiDkAO64XHo3BU7vg4ZMtP5/S0Ps+TZRN
27dQjoIZ6AngsZLUUBbEVtD0JTm/JjaONe3n6IkZy0mS34AIo5E4n17DGN+BXn+5
0TMFgcIqHOVyt9pDLvmOi7kdeqAUWQlQA684pmHIMs95WNLYEwmddSYW70fSihmM
Iz9gMOk39ewCBrHIZqh/NcSzsHc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org