Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF554/EB1CBBE29E5B11EAB248FC51C4F9AE02/AC062A989E8211EAAD86AC51C4F9AE02.roa
File: AC062A989E8211EAAD86AC51C4F9AE02.roa (raw, json)
Hash identifier: eyc2wfvQGikgZeqhu4eiBpZ2KKIl9n/1mmPEXT4Zz+g=
Subject key identifier: 43:C9:5E:E5:A8:2D:C2:C1:DB:CD:62:23:14:4E:4E:1D:8A:92:9D:B2
Certificate issuer: /CN=A91EF554/serialNumber=1B91D5160F7D56B705A8516C6A1CF42F4967EF56
Certificate serial: 0634
Authority key identifier: 1B:91:D5:16:0F:7D:56:B7:05:A8:51:6C:6A:1C:F4:2F:49:67:EF:56
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G5HVFg99VrcFqFFsahz0L0ln71Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EF554/EB1CBBE29E5B11EAB248FC51C4F9AE02/AC062A989E8211EAAD86AC51C4F9AE02.roa
Signing time: Sat 21 May 2022 19:13:25 +0000
ROA not before: Sat 21 May 2022 19:13:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61327
IP address blocks: 103.89.144.0/22 maxlen: 22
103.89.144.0/24 maxlen: 24
103.89.145.0/24 maxlen: 24
103.89.146.0/24 maxlen: 24
103.89.147.0/24 maxlen: 24
202.155.188.0/22 maxlen: 22
2001:df0:b500::/48 maxlen: 48
2001:df0:b501::/48 maxlen: 48
2400:7ca0::/36 maxlen: 36
2400:7ca0:1000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1588 (0x634)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EF554/serialNumber=1B91D5160F7D56B705A8516C6A1CF42F4967EF56
Validity
Not Before: May 21 19:13:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=628939d4-acc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2f:f4:4d:40:1b:50:58:52:a7:41:18:e8:99:
88:34:37:94:b3:f7:f5:ac:42:a6:ea:f2:39:01:ad:
26:55:07:5f:e2:6a:60:6e:2d:ba:68:fb:ee:94:16:
3f:77:1d:c6:d3:6b:50:73:c9:01:9b:b4:5c:3a:90:
f2:97:c2:84:66:0e:4c:0d:c3:3a:05:f0:c0:26:b3:
1e:05:fb:25:fa:c8:81:d2:ca:a4:43:00:bd:86:fd:
06:31:a1:cf:df:63:1b:a5:5c:8e:35:86:cf:5e:51:
a6:c5:4e:0a:f3:60:c7:0b:e7:e4:1e:5e:94:32:ae:
ea:27:66:a6:82:64:85:3d:91:1f:b8:80:1f:27:80:
b9:8a:b4:6e:5c:76:9a:55:ae:8c:ee:d0:6a:d6:69:
f0:a8:2f:e9:b7:da:90:b1:ae:52:34:b7:f3:cb:a5:
3e:aa:83:ad:a8:7f:bb:fa:73:08:24:d0:07:95:67:
02:d6:e7:ba:ea:fa:7f:fb:c9:2a:ed:85:b3:73:97:
f3:59:69:e1:ba:a0:bf:26:49:cd:0d:e4:d5:fb:36:
1a:37:ce:66:f5:67:7a:2e:fd:7c:22:00:a3:ff:58:
62:2c:b3:28:13:70:3b:f0:97:82:b3:ad:ca:9d:e8:
e6:73:ca:b8:f2:86:6b:2e:27:09:1d:58:ff:ec:aa:
66:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:C9:5E:E5:A8:2D:C2:C1:DB:CD:62:23:14:4E:4E:1D:8A:92:9D:B2
X509v3 Authority Key Identifier:
keyid:1B:91:D5:16:0F:7D:56:B7:05:A8:51:6C:6A:1C:F4:2F:49:67:EF:56
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EF554/EB1CBBE29E5B11EAB248FC51C4F9AE02/G5HVFg99VrcFqFFsahz0L0ln71Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G5HVFg99VrcFqFFsahz0L0ln71Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF554/EB1CBBE29E5B11EAB248FC51C4F9AE02/AC062A989E8211EAAD86AC51C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.89.144.0/22
202.155.188.0/22
IPv6:
2001:df0:b500::/47
2400:7ca0::/35
Signature Algorithm: sha256WithRSAEncryption
b7:eb:62:2d:e6:d9:0f:04:21:4d:79:14:8a:f9:1e:f8:da:6f:
5f:97:04:1f:2f:c3:76:e0:91:a4:d9:9d:e9:4c:00:38:80:69:
de:9e:5b:f0:c3:66:f0:4e:5c:48:47:48:bc:98:08:44:6c:7c:
77:44:c0:c1:e3:72:02:f9:41:7f:31:01:93:56:4d:49:f3:e1:
9b:2d:50:b4:6d:87:76:d1:5d:25:82:eb:8a:7a:bf:7b:f2:a3:
61:ae:b2:b9:fe:0f:1c:0c:e7:8d:2f:da:6d:73:1b:e4:58:6b:
72:73:b2:e0:39:53:e9:17:69:8d:97:0c:48:ed:75:95:0a:75:
fc:06:ac:c8:ae:9a:c0:fd:8c:e8:20:3c:0f:aa:be:f5:d1:6b:
5d:3a:73:3a:fd:a7:ed:09:ba:5f:5e:da:03:20:62:a2:3e:b9:
b0:70:aa:f8:51:5d:50:31:7a:0f:39:cf:e1:71:0b:83:6b:eb:
26:99:2f:e5:53:2a:e6:b7:2b:ac:0a:f5:a5:de:cc:8b:3c:d8:
a6:60:04:48:79:78:1f:06:6f:08:bc:3d:f6:51:55:d0:23:8b:
bd:93:69:8f:ef:71:9c:fe:c7:16:28:94:50:33:0c:8d:6b:2c:
cc:6c:36:ea:a3:b6:2b:86:ab:1e:31:c3:4d:93:02:69:c5:1b:
1f:42:9b:6a
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgICBjQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUY1NTQxMTAvBgNVBAUTKDFCOTFENTE2MEY3RDU2QjcwNUE4NTE2QzZBMUNGNDJG
NDk2N0VGNTYwHhcNMjIwNTIxMTkxMzI1WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjg5MzlkNC1hY2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqS/0TUAbUFhSp0EY6JmINDeUs/f1rEKm6vI5Aa0mVQdf4mpgbi26aPvulBY/
dx3G02tQc8kBm7RcOpDyl8KEZg5MDcM6BfDAJrMeBfsl+siB0sqkQwC9hv0GMaHP
32MbpVyONYbPXlGmxU4K82DHC+fkHl6UMq7qJ2amgmSFPZEfuIAfJ4C5irRuXHaa
Va6M7tBq1mnwqC/pt9qQsa5SNLfzy6U+qoOtqH+7+nMIJNAHlWcC1ue66vp/+8kq
7YWzc5fzWWnhuqC/JknNDeTV+zYaN85m9Wd6Lv18IgCj/1hiLLMoE3A78JeCs63K
nejmc8q48oZrLicJHVj/7KpmKwIDAQABo4ICtDCCArAwHQYDVR0OBBYEFEPJXuWo
LcLB281iIxROTh2Kkp2yMB8GA1UdIwQYMBaAFBuR1RYPfVa3BahRbGoc9C9JZ+9W
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjU1NC9FQjFDQkJFMjlF
NUIxMUVBQjI0OEZDNTFDNEY5QUUwMi9HNUhWRmc5OVZyY0ZxRkZzYWh6MEwwbG43
MVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0c1SFZGZzk5VnJjRnFGRnNhaHowTDBsbjcxWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUY1NTQvRUIxQ0JCRTI5RTVCMTFFQUIyNDhGQzUxQzRGOUFFMDIvQUMwNjJBOTg5
RTgyMTFFQUFEODZBQzUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPgYIKwYBBQUHAQcBAf8E
LzAtMBIEAgABMAwDBAJnWZADBALKm7wwFwQCAAIwEQMHASABDfC1AAMGBSQAfKAA
MA0GCSqGSIb3DQEBCwUAA4IBAQC362It5tkPBCFNeRSK+R742m9flwQfL8N24JGk
2Z3pTAA4gGnenlvww2bwTlxIR0i8mAhEbHx3RMDB43IC+UF/MQGTVk1J8+GbLVC0
bYd20V0lguuKer978qNhrrK5/g8cDOeNL9ptcxvkWGtyc7LgOVPpF2mNlwxI7XWV
CnX8BqzIrprA/YzoIDwPqr710WtdOnM6/aftCbpfXtoDIGKiPrmwcKr4UV1QMXoP
Oc/hcQuDa+smmS/lUyrmtyusCvWl3syLPNimYARIeXgfBm8IvD32UVXQI4u9k2mP
73Gc/scWKJRQMwyNayzMbDbqo7YrhqseMcNNkwJpxRsfQptq
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org