Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/1F59B948DAB611EDAC857C7EC4F9AE02.roa
File: 1F59B948DAB611EDAC857C7EC4F9AE02.roa (raw, json)
Hash identifier: 5EOorjvjx/sh50e+sg9F2GYJhji9yJKNxkK0Q+nKFh8=
Subject key identifier: 64:27:8D:3A:9D:61:96:01:68:04:C8:F7:7D:E0:C0:CA:AD:95:37:14
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0A0B
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/1F59B948DAB611EDAC857C7EC4F9AE02.roa
Signing time: Fri 14 Apr 2023 11:18:47 +0000
ROA not before: Fri 14 Apr 2023 11:18:47 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 9387
IP address blocks: 103.11.60.0/22 maxlen: 22
103.11.60.0/24 maxlen: 24
113.203.209.0/24 maxlen: 24
113.203.211.0/24 maxlen: 24
113.203.212.0/24 maxlen: 24
113.203.213.0/24 maxlen: 24
113.203.214.0/23 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.219.0/24 maxlen: 24
113.203.226.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
180.178.128.0/21 maxlen: 21
180.178.128.0/22 maxlen: 22
180.178.128.0/24 maxlen: 24
180.178.129.0/24 maxlen: 24
180.178.132.0/24 maxlen: 24
180.178.133.0/24 maxlen: 24
180.178.134.0/24 maxlen: 24
180.178.135.0/24 maxlen: 24
180.178.136.0/21 maxlen: 21
180.178.137.0/24 maxlen: 24
180.178.138.0/24 maxlen: 24
180.178.139.0/24 maxlen: 24
180.178.144.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.160.0/20 maxlen: 20
180.178.160.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.164.0/22 maxlen: 24
180.178.168.0/24 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
180.178.178.0/24 maxlen: 24
180.178.180.0/22 maxlen: 24
223.29.224.0/20 maxlen: 20
223.29.227.0/24 maxlen: 24
2401:4100::/32 maxlen: 32
2401:4100::/33 maxlen: 33
2401:4100:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2571 (0xa0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Apr 14 11:18:47 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64393696-dad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:64:49:3e:4d:9c:42:d5:77:82:4b:30:35:a0:
0a:99:dc:2f:b1:69:6b:00:77:5b:ea:ad:0d:c2:64:
c1:2a:cc:98:c1:36:93:5a:2d:92:95:21:3b:c4:ed:
ad:e3:23:ab:97:ab:62:4b:90:51:2c:b4:a1:90:bd:
d9:71:ea:54:f4:27:df:36:5d:69:07:48:97:40:ad:
1d:ab:e4:9c:d5:cc:60:20:8a:49:fb:15:c9:4b:26:
ad:be:a3:53:a4:26:aa:4e:62:46:29:65:22:c1:1b:
b4:54:f6:92:56:8c:58:30:78:17:ce:7f:66:28:08:
31:24:a3:e9:27:83:06:38:b9:47:cb:a1:d9:26:1b:
09:0e:a6:f5:65:fe:75:28:aa:2f:30:e9:93:8f:ce:
0a:e5:a8:f0:4e:77:bb:ae:cf:be:c7:d5:67:3d:32:
7d:e4:40:f8:4b:ff:ab:46:be:61:41:48:6d:88:d4:
c8:69:47:50:0c:9c:f4:bb:61:86:2e:60:86:9b:6a:
4a:29:03:5f:30:1c:e6:94:d7:b7:c3:70:e6:00:b8:
fc:09:d0:0c:03:9d:53:65:3a:29:30:93:2d:4c:ea:
af:4e:17:3e:07:d8:2a:a7:45:1e:97:db:5f:d9:27:
f3:0e:ac:cd:ab:0a:e6:6b:da:3b:a1:fe:d7:76:47:
7a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:27:8D:3A:9D:61:96:01:68:04:C8:F7:7D:E0:C0:CA:AD:95:37:14
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/1F59B948DAB611EDAC857C7EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.60.0/22
113.203.209.0/24
113.203.211.0-113.203.216.255
113.203.219.0/24
113.203.226.0/24
113.203.234.0-113.203.240.255
113.203.244.0/24
180.178.128.0-180.178.144.255
180.178.149.0/24
180.178.160.0/20
180.178.178.0/24
180.178.180.0/22
223.29.224.0/20
IPv6:
2401:4100::/32
Signature Algorithm: sha256WithRSAEncryption
5a:ee:e0:33:38:e2:d1:86:70:e3:da:2a:68:56:10:3b:ce:b6:
0f:39:9d:bf:70:04:b5:f8:9f:ca:7e:38:17:26:f7:18:c9:23:
f9:ba:41:67:78:1a:73:71:eb:22:2e:f7:30:93:2c:89:b5:21:
81:9c:2d:4e:84:bf:1c:69:cf:17:fe:ab:1f:42:6f:9f:9d:4b:
9e:b1:b9:16:da:64:f5:71:d7:72:d9:ce:ad:76:c2:01:b1:51:
c7:cc:56:06:08:00:09:4e:dd:fc:4e:f6:15:ba:43:4a:9c:37:
e6:49:31:da:b8:c7:55:35:eb:75:ef:15:85:2e:f7:49:33:48:
8c:5f:42:cd:66:c2:8a:b4:d5:03:f9:90:e2:cf:b7:8f:65:73:
b7:e4:d5:48:21:9f:b8:70:ca:cc:01:52:39:6c:c8:21:7f:b7:
ab:7c:60:eb:91:a7:60:4b:c6:99:05:b0:55:5e:e7:d8:08:77:
e2:64:ba:24:34:d7:1f:30:f1:65:50:8f:1c:cd:76:c3:32:7b:
4d:55:4e:04:1d:e2:42:7f:6c:69:9c:0a:ed:bd:2f:6e:cb:d5:
35:94:83:8d:d2:70:6c:b4:3c:44:8c:49:61:ee:09:d1:ff:ff:
33:eb:9b:16:59:cc:2b:3a:65:23:14:1e:54:10:96:d4:3d:0b:
64:23:68:4f
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgICCgswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwNDE0MTExODQ3WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM5MzY5Ni1kYWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA32RJPk2cQtV3gkswNaAKmdwvsWlrAHdb6q0NwmTBKsyYwTaTWi2SlSE7xO2t
4yOrl6tiS5BRLLShkL3ZcepU9CffNl1pB0iXQK0dq+Sc1cxgIIpJ+xXJSyatvqNT
pCaqTmJGKWUiwRu0VPaSVoxYMHgXzn9mKAgxJKPpJ4MGOLlHy6HZJhsJDqb1Zf51
KKovMOmTj84K5ajwTne7rs++x9VnPTJ95ED4S/+rRr5hQUhtiNTIaUdQDJz0u2GG
LmCGm2pKKQNfMBzmlNe3w3DmALj8CdAMA51TZTopMJMtTOqvThc+B9gqp0Uel9tf
2SfzDqzNqwrma9o7of7Xdkd6twIDAQABo4IDBTCCAwEwHQYDVR0OBBYEFGQnjTqd
YZYBaATI933gwMqtlTcUMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvMUY1OUI5NDhE
QUI2MTFFREFDODU3QzdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgY4GCCsGAQUFBwEHAQH/
BH8wfTBsBAIAATBmAwQCZws8AwQAccvRMAwDBABxy9MDBABxy9gDBABxy9sDBABx
y+IwDAMEAXHL6gMEAHHL8AMEAHHL9DAMAwQHtLKAAwQAtLKQAwQAtLKVAwQEtLKg
AwQAtLKyAwQCtLK0AwQE3x3gMA0EAgACMAcDBQAkAUEAMA0GCSqGSIb3DQEBCwUA
A4IBAQBa7uAzOOLRhnDj2ipoVhA7zrYPOZ2/cAS1+J/KfjgXJvcYySP5ukFneBpz
cesiLvcwkyyJtSGBnC1OhL8cac8X/qsfQm+fnUuesbkW2mT1cddy2c6tdsIBsVHH
zFYGCAAJTt38TvYVukNKnDfmSTHauMdVNet17xWFLvdJM0iMX0LNZsKKtNUD+ZDi
z7ePZXO35NVIIZ+4cMrMAVI5bMghf7erfGDrkadgS8aZBbBVXufYCHfiZLokNNcf
MPFlUI8czXbDMntNVU4EHeJCf2xpnArtvS9uy9U1lION0nBstDxEjElh7gnR//8z
65sWWcwrOmUjFB5UEJbUPQtkI2hP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:12 2023 by rpki-client on console-ams.rpki-client.org