Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED836/321F8940693211ED887CD27AC4F9AE02/55B6B0AC693411EDBCD6FB7AC4F9AE02.roa
File: 55B6B0AC693411EDBCD6FB7AC4F9AE02.roa (raw, json)
Hash identifier: IcI1EtIN4yrn2njlNH4O4sWYWELVPuDOUIxta/5C6ws=
Subject key identifier: A3:90:38:62:B0:D1:76:DB:C9:CF:EC:ED:AE:13:E3:16:58:B4:DF:07
Certificate issuer: /CN=A91ED836/serialNumber=2555ED39B16F6C8B6815D541B9D8362B9D3FD82A
Certificate serial: 02
Authority key identifier: 25:55:ED:39:B1:6F:6C:8B:68:15:D5:41:B9:D8:36:2B:9D:3F:D8:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JVXtObFvbItoFdVBudg2K50_2Co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ED836/321F8940693211ED887CD27AC4F9AE02/55B6B0AC693411EDBCD6FB7AC4F9AE02.roa
Signing time: Mon 21 Nov 2022 00:35:02 +0000
ROA not before: Mon 21 Nov 2022 00:35:02 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 139707
IP address blocks: 103.95.102.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ED836/serialNumber=2555ED39B16F6C8B6815D541B9D8362B9D3FD82A
Validity
Not Before: Nov 21 00:35:02 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=637ac7b5-5e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:df:11:17:0d:5f:07:e1:06:8c:c8:01:00:d1:
ec:d6:72:72:ca:9c:5e:4a:44:37:91:db:41:08:05:
59:c3:33:5c:9a:42:a6:81:4d:d8:33:19:e2:7b:ce:
85:fa:00:85:b3:a5:8c:5e:78:22:c7:d1:40:dd:d0:
52:ea:ba:be:6e:b3:3b:99:c1:b7:4e:0e:34:2b:a2:
6f:a5:c2:70:72:4a:62:26:03:af:10:5f:4a:d5:f8:
61:1e:dc:5e:c7:ca:f8:03:2b:6d:9e:ac:0a:6b:21:
8f:5d:e7:80:a7:82:99:67:df:0d:39:58:24:8f:a7:
61:18:66:2c:4c:e5:70:48:6e:c3:3e:67:6b:3b:06:
7e:29:7d:9f:c5:61:27:37:20:31:9a:18:57:53:ec:
e9:a9:d6:ca:ae:03:12:81:d8:af:50:c7:d1:55:b6:
ee:4a:33:95:ae:24:62:81:f9:c4:4f:17:28:3a:7f:
83:2c:22:74:b0:a0:82:be:9e:2c:c6:30:a4:31:5a:
84:7e:02:7e:ea:32:55:dd:d9:da:63:be:a3:47:8b:
43:c3:1f:19:3d:ad:bb:8e:1c:ee:ab:1b:b5:71:cc:
4d:58:06:bd:cc:fe:06:7d:b3:6d:fe:44:8e:32:73:
d6:a3:85:7d:0a:97:2d:1e:55:e4:76:4f:00:34:58:
ff:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:90:38:62:B0:D1:76:DB:C9:CF:EC:ED:AE:13:E3:16:58:B4:DF:07
X509v3 Authority Key Identifier:
keyid:25:55:ED:39:B1:6F:6C:8B:68:15:D5:41:B9:D8:36:2B:9D:3F:D8:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ED836/321F8940693211ED887CD27AC4F9AE02/JVXtObFvbItoFdVBudg2K50_2Co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JVXtObFvbItoFdVBudg2K50_2Co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED836/321F8940693211ED887CD27AC4F9AE02/55B6B0AC693411EDBCD6FB7AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.95.102.0/24
Signature Algorithm: sha256WithRSAEncryption
82:83:8e:da:c7:44:af:ee:db:b7:c9:77:1e:bf:06:c3:ac:4c:
28:56:22:dc:c3:95:c8:0d:31:7c:59:9e:0f:8f:3d:a4:3f:d4:
31:4d:93:61:ea:7c:3b:9d:b6:58:7f:00:74:04:71:e7:ea:0a:
b2:d5:29:0d:44:46:7d:ec:aa:35:6f:c1:b5:4c:c2:6a:89:ba:
c6:60:4a:7c:be:08:68:8e:00:ca:e0:84:54:fd:26:13:95:58:
97:55:a2:66:8e:50:39:a8:72:1d:e3:8f:f8:33:44:7f:6d:7d:
e6:94:09:66:65:88:4b:f1:e7:7d:af:4a:3a:4b:5f:d0:1d:1f:
5e:8d:f9:31:3e:4d:69:ba:20:5b:aa:49:36:b9:bb:01:c0:19:
a0:64:0b:72:7b:79:a1:c9:47:b4:b4:4c:3a:60:d4:2e:ca:ef:
4d:42:97:fa:b8:b6:65:84:9d:57:1b:a3:3f:7a:25:fa:54:cd:
ad:1a:82:a6:8f:eb:1e:22:72:34:07:73:fe:01:2e:0b:54:7d:
69:c4:b4:07:a3:1c:06:a5:07:5e:6a:6c:93:3d:9b:f7:21:78:
b7:71:e4:9f:69:ae:e8:59:f7:40:f8:a1:63:10:69:3c:5f:bd:
ed:50:e5:97:84:ac:19:f4:cd:d3:3a:31:6f:49:9b:f2:d6:7f:
17:3d:31:02
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RDgzNjExMC8GA1UEBRMoMjU1NUVEMzlCMTZGNkM4QjY4MTVENTQxQjlEODM2MkI5
RDNGRDgyQTAeFw0yMjExMjEwMDM1MDJaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzN2FjN2I1LTVlNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDl3xEXDV8H4QaMyAEA0ezWcnLKnF5KRDeR20EIBVnDM1yaQqaBTdgzGeJ7zoX6
AIWzpYxeeCLH0UDd0FLqur5uszuZwbdODjQrom+lwnBySmImA68QX0rV+GEe3F7H
yvgDK22erAprIY9d54Cngpln3w05WCSPp2EYZixM5XBIbsM+Z2s7Bn4pfZ/FYSc3
IDGaGFdT7Omp1squAxKB2K9Qx9FVtu5KM5WuJGKB+cRPFyg6f4MsInSwoIK+nizG
MKQxWoR+An7qMlXd2dpjvqNHi0PDHxk9rbuOHO6rG7VxzE1YBr3M/gZ9s23+RI4y
c9ajhX0Kly0eVeR2TwA0WP9DAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUo5A4YrDR
dtvJz+ztrhPjFli03wcwHwYDVR0jBBgwFoAUJVXtObFvbItoFdVBudg2K50/2Cow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVEODM2LzMyMUY4OTQwNjkz
MjExRUQ4ODdDRDI3QUM0RjlBRTAyL0pWWHRPYkZ2Ykl0b0ZkVkJ1ZGcySzUwXzJD
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSlZYdE9iRnZiSXRvRmRWQnVkZzJLNTBfMkNvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RDgzNi8zMjFGODk0MDY5MzIxMUVEODg3Q0QyN0FDNEY5QUUwMi81NUI2QjBBQzY5
MzQxMUVEQkNENkZCN0FDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdfZjANBgkqhkiG9w0BAQsFAAOCAQEAgoOO2sdEr+7bt8l3
Hr8Gw6xMKFYi3MOVyA0xfFmeD489pD/UMU2TYep8O522WH8AdARx5+oKstUpDURG
feyqNW/BtUzCaom6xmBKfL4IaI4AyuCEVP0mE5VYl1WiZo5QOahyHeOP+DNEf219
5pQJZmWIS/Hnfa9KOktf0B0fXo35MT5NabogW6pJNrm7AcAZoGQLcnt5oclHtLRM
OmDULsrvTUKX+ri2ZYSdVxujP3ol+lTNrRqCpo/rHiJyNAdz/gEuC1R9acS0B6Mc
BqUHXmpskz2b9yF4t3Hkn2mu6Fn3QPihYxBpPF+97VDll4SsGfTN0zoxb0mb8tZ/
Fz0xAg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org