Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/D90AD6C83AD611EC84FB1757C4F9AE02.roa
File: D90AD6C83AD611EC84FB1757C4F9AE02.roa (raw, json)
Hash identifier: lOW2QJt5DFzx0S7k/V41eLJoXuQzRMW7RHePPu/PnIg=
Subject key identifier: 6B:F8:21:7E:96:7F:17:9C:0E:F6:7E:F2:03:80:41:8E:58:93:85:DB
Certificate issuer: /CN=A91EEC3B/serialNumber=B7667505BB2042E72B62AE05BE2D1A3B41B4D235
Certificate serial: 0542
Authority key identifier: B7:66:75:05:BB:20:42:E7:2B:62:AE:05:BE:2D:1A:3B:41:B4:D2:35
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t2Z1BbsgQucrYq4Fvi0aO0G00jU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/D90AD6C83AD611EC84FB1757C4F9AE02.roa
Signing time: Thu 29 Sep 2022 05:34:13 +0000
ROA not before: Thu 29 Sep 2022 05:34:13 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 136917
IP address blocks: 103.99.11.0/24 maxlen: 24
103.110.124.0/24 maxlen: 24
103.110.125.0/24 maxlen: 24
103.110.126.0/24 maxlen: 24
2401:a840::/32 maxlen: 32
2401:a840::/36 maxlen: 36
2401:a840::/40 maxlen: 40
2401:a840:100::/40 maxlen: 40
2401:a840:200::/40 maxlen: 40
2401:a840:300::/40 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1346 (0x542)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EEC3B/serialNumber=B7667505BB2042E72B62AE05BE2D1A3B41B4D235
Validity
Not Before: Sep 29 05:34:13 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63352e54-521c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:49:11:01:07:be:d7:88:45:c6:68:b8:74:ba:
08:a3:9b:bc:a9:09:fd:b0:5a:d5:e4:a6:43:93:ba:
d6:c5:b6:c3:8e:ed:f0:df:d5:05:d4:31:9d:52:30:
1d:a7:17:5b:03:a5:7f:79:4d:ac:a1:6b:b5:37:95:
2d:1b:8b:c8:42:01:00:c0:18:25:38:6c:f8:86:83:
3b:6a:fc:98:7b:87:f1:d0:e3:b9:94:c2:4e:d0:bb:
71:27:66:b2:54:74:64:36:05:80:38:98:44:9c:3f:
0e:4d:d6:6c:1e:cd:fe:c2:39:8a:9b:0f:34:af:00:
5c:87:ee:3b:44:a8:c9:38:84:ba:94:19:7a:00:49:
34:2d:14:a2:b9:4d:61:4f:a9:52:65:f4:e0:3a:7e:
e7:c0:27:e8:38:5e:75:7a:5b:5b:71:7f:88:61:f9:
f9:fb:37:6d:08:21:c2:8a:ef:3c:b4:96:a5:26:b7:
70:cd:75:10:fd:a8:b1:57:bb:d9:38:8e:92:56:33:
e2:6a:e5:c9:8e:ae:56:a0:1b:27:e5:e3:1b:58:1b:
40:2f:45:39:09:ef:42:3b:29:58:ce:3e:99:c7:c0:
5c:27:50:fd:0b:03:0c:33:1d:24:15:a2:ef:81:dd:
95:6d:e9:40:75:a5:bc:cb:23:0f:b6:8a:d3:b2:e5:
c4:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F8:21:7E:96:7F:17:9C:0E:F6:7E:F2:03:80:41:8E:58:93:85:DB
X509v3 Authority Key Identifier:
keyid:B7:66:75:05:BB:20:42:E7:2B:62:AE:05:BE:2D:1A:3B:41:B4:D2:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/t2Z1BbsgQucrYq4Fvi0aO0G00jU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t2Z1BbsgQucrYq4Fvi0aO0G00jU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/D90AD6C83AD611EC84FB1757C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.11.0/24
103.110.124.0-103.110.126.255
IPv6:
2401:a840::/32
Signature Algorithm: sha256WithRSAEncryption
99:b8:15:f6:5e:d5:15:89:72:3e:21:bb:b6:17:88:91:ff:47:
0e:bc:00:07:a6:e0:3e:9b:63:31:bc:ae:54:7a:36:c7:09:f4:
73:7f:5e:23:45:da:d5:90:96:d2:62:a9:fd:fc:28:3f:fc:04:
4e:b0:b8:22:62:44:ca:03:33:c5:16:c9:35:7d:b7:1c:37:ac:
1a:2b:a1:58:99:dd:ee:5f:da:a4:18:08:c7:fa:26:2d:61:0a:
e4:06:6b:0f:56:e6:5f:4a:92:07:a7:86:75:b9:72:39:86:9a:
6f:7a:0e:84:23:44:34:d1:01:70:b2:05:47:69:87:12:2e:94:
a9:f0:cc:55:b2:2a:07:2b:6c:57:5b:91:dd:6a:e9:6a:0f:a9:
91:bf:63:14:f1:1d:41:c3:d0:58:78:19:01:55:ef:17:c3:92:
d1:ad:c6:11:cd:82:39:79:85:66:11:c5:d9:fe:b9:5e:ca:1d:
9b:10:f0:f3:61:73:8c:7c:36:0c:51:0f:72:7d:d1:02:62:da:
40:6b:f9:94:18:f4:4f:72:9c:5d:c4:ee:c5:4b:8f:a2:d3:55:
f8:10:52:b5:cc:69:3f:d8:07:12:79:0e:64:81:7f:d9:49:cd:
36:95:4e:f2:79:2a:79:ff:8f:6e:16:24:5e:2a:0f:d0:f0:80:
f4:7c:2b:60
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgICBUIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUVDM0IxMTAvBgNVBAUTKEI3NjY3NTA1QkIyMDQyRTcyQjYyQUUwNUJFMkQxQTNC
NDFCNEQyMzUwHhcNMjIwOTI5MDUzNDEzWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzM1MmU1NC01MjFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAukkRAQe+14hFxmi4dLoIo5u8qQn9sFrV5KZDk7rWxbbDju3w39UF1DGdUjAd
pxdbA6V/eU2soWu1N5UtG4vIQgEAwBglOGz4hoM7avyYe4fx0OO5lMJO0LtxJ2ay
VHRkNgWAOJhEnD8OTdZsHs3+wjmKmw80rwBch+47RKjJOIS6lBl6AEk0LRSiuU1h
T6lSZfTgOn7nwCfoOF51eltbcX+IYfn5+zdtCCHCiu88tJalJrdwzXUQ/aixV7vZ
OI6SVjPiauXJjq5WoBsn5eMbWBtAL0U5Ce9COylYzj6Zx8BcJ1D9CwMMMx0kFaLv
gd2VbelAdaW8yyMPtorTsuXEzQIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFGv4IX6W
fxecDvZ+8gOAQY5Yk4XbMB8GA1UdIwQYMBaAFLdmdQW7IELnK2KuBb4tGjtBtNI1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUMzQi82QjM3RTE5Qzg0
MTcxMUU3ODVGMTcwODBDNEY5QUUwMi90MloxQmJzZ1F1Y3JZcTRGdmkwYU8wRzAw
alUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3QyWjFCYnNnUXVjcllxNEZ2aTBhTzBHMDBqVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUVDM0IvNkIzN0UxOUM4NDE3MTFFNzg1RjE3MDgwQzRGOUFFMDIvRDkwQUQ2Qzgz
QUQ2MTFFQzg0RkIxNzU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E
LTArMBoEAgABMBQDBABnYwswDAMEAmdufAMEAGdufjANBAIAAjAHAwUAJAGoQDAN
BgkqhkiG9w0BAQsFAAOCAQEAmbgV9l7VFYlyPiG7theIkf9HDrwAB6bgPptjMbyu
VHo2xwn0c39eI0Xa1ZCW0mKp/fwoP/wETrC4ImJEygMzxRbJNX23HDesGiuhWJnd
7l/apBgIx/omLWEK5AZrD1bmX0qSB6eGdblyOYaab3oOhCNENNEBcLIFR2mHEi6U
qfDMVbIqBytsV1uR3Wrpag+pkb9jFPEdQcPQWHgZAVXvF8OS0a3GEc2COXmFZhHF
2f65XsodmxDw82FzjHw2DFEPcn3RAmLaQGv5lBj0T3KcXcTuxUuPotNV+BBStcxp
P9gHEnkOZIF/2UnNNpVO8nkqef+PbhYkXioP0PCA9HwrYA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-fra.rpki-client.org