Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/89F647A4A6DA11EDAC813B4AC4F9AE02.roa
File: 89F647A4A6DA11EDAC813B4AC4F9AE02.roa (raw, json)
Hash identifier: TsptBtqWyvBOQNVL77V7Nhl76zadDsIPmR2XpEkrdIQ=
Subject key identifier: 05:A5:BD:FF:CC:32:D6:2B:90:9D:0D:3D:A1:38:F1:BF:C9:E7:58:DD
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 09DD
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/89F647A4A6DA11EDAC813B4AC4F9AE02.roa
Signing time: Tue 28 Mar 2023 08:08:34 +0000
ROA not before: Tue 28 Mar 2023 08:08:34 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 7018
IP address blocks: 103.11.61.0/24 maxlen: 24
113.203.208.0/24 maxlen: 24
113.203.210.0/24 maxlen: 24
113.203.218.0/24 maxlen: 24
113.203.220.0/24 maxlen: 24
113.203.222.0/24 maxlen: 24
113.203.223.0/24 maxlen: 24
113.203.224.0/24 maxlen: 24
113.203.225.0/24 maxlen: 24
113.203.227.0/24 maxlen: 24
113.203.233.0/24 maxlen: 24
113.203.245.0/24 maxlen: 24
113.203.252.0/22 maxlen: 24
180.178.148.0/24 maxlen: 24
180.178.151.0/24 maxlen: 24
180.178.152.0/21 maxlen: 24
180.178.162.0/24 maxlen: 24
180.178.164.0/22 maxlen: 24
180.178.173.0/24 maxlen: 24
180.178.179.0/24 maxlen: 24
223.29.226.0/24 maxlen: 24
223.29.235.0/24 maxlen: 24
223.29.236.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2525 (0x9dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Mar 28 08:08:34 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6422a082-50c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7b:eb:ba:61:ab:18:1f:c2:00:af:f2:92:a3:
e6:b2:7d:5f:fa:ab:23:d9:ad:fb:01:13:6e:3f:2c:
4c:37:6a:51:c0:64:b2:da:d8:87:97:61:2e:c5:7f:
58:29:9e:f1:31:97:b9:9a:18:02:66:b0:23:19:03:
fc:6e:9c:5a:2e:c7:5d:2f:80:77:e9:b3:de:95:f9:
74:2c:dd:b9:79:e8:75:87:64:78:b3:fc:72:be:00:
9f:27:fa:43:f9:31:80:79:03:4d:ae:64:56:34:7d:
2a:32:33:b4:2a:68:88:93:d2:8a:fe:54:97:78:ac:
99:f6:9a:ef:72:93:ee:14:6d:7b:b3:cb:8a:00:04:
c0:b5:13:45:fd:ad:9a:af:b0:9b:a6:b4:79:ff:24:
fe:4a:18:2b:25:a1:9f:a1:28:9f:9c:ff:db:15:32:
c9:04:ca:f7:31:e8:83:4b:77:33:48:7e:57:23:b8:
58:20:88:d4:83:dd:24:06:bc:90:79:99:f5:c9:90:
06:c2:c3:85:75:78:78:e3:a4:74:2a:78:8b:d7:4b:
92:1c:fa:4a:9d:df:05:c4:e1:73:83:14:76:33:ef:
41:0d:d4:48:7f:69:9a:88:43:f2:f4:15:b0:ac:4c:
fd:18:3a:29:c6:c4:74:15:41:f1:0b:0a:3f:87:14:
48:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A5:BD:FF:CC:32:D6:2B:90:9D:0D:3D:A1:38:F1:BF:C9:E7:58:DD
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/89F647A4A6DA11EDAC813B4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.61.0/24
113.203.208.0/24
113.203.210.0/24
113.203.218.0/24
113.203.220.0/24
113.203.222.0-113.203.225.255
113.203.227.0/24
113.203.233.0/24
113.203.245.0/24
113.203.252.0/22
180.178.148.0/24
180.178.151.0-180.178.159.255
180.178.162.0/24
180.178.164.0/22
180.178.173.0/24
180.178.179.0/24
223.29.226.0/24
223.29.235.0-223.29.238.255
Signature Algorithm: sha256WithRSAEncryption
6c:a1:a5:e5:36:65:b7:ee:76:8b:5a:eb:1b:d2:bd:d0:85:e5:
73:ac:12:86:0e:d8:39:a5:8f:bb:ee:dc:e8:63:b8:0d:27:87:
9b:22:30:40:79:7f:d6:19:a5:4b:28:19:bc:4d:63:0a:e8:1c:
f3:77:be:16:52:4f:2e:99:4b:cc:c5:b8:45:ae:d4:85:5a:07:
25:c9:9d:c6:0b:8d:46:f3:cd:5f:79:53:2d:1d:2b:b0:f0:c6:
90:e3:26:68:96:b8:2d:d6:0b:b3:6a:2d:0c:17:fb:15:f4:a4:
ff:19:63:43:3f:71:54:26:03:b5:09:cb:ad:0a:a2:b8:f2:02:
f0:ea:ea:32:36:52:19:b1:d0:d7:e4:33:fc:64:f3:d1:d3:f1:
b8:7e:b0:6f:ac:5a:72:76:f3:bf:97:22:fe:26:3b:37:bb:ef:
cf:cf:74:44:09:d6:ed:57:0b:56:dd:24:4a:d7:20:fd:45:ec:
2f:d6:39:ad:34:2a:a0:95:bf:8f:3d:a3:9b:28:a7:46:7b:e3:
d8:40:6e:41:0b:22:de:dd:3b:8f:51:05:84:4e:c5:83:6d:c5:
5e:a8:fc:dd:0f:52:17:ec:2b:eb:e2:48:0d:b0:9a:91:0e:bf:
ff:4e:2d:99:fb:88:7e:1f:7f:d5:11:2b:59:db:19:89:d9:22:
4c:26:0f:5f
-----BEGIN CERTIFICATE-----
MIIF9DCCBNygAwIBAgICCd0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwMzI4MDgwODM0WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDIyYTA4Mi01MGM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq3vrumGrGB/CAK/ykqPmsn1f+qsj2a37ARNuPyxMN2pRwGSy2tiHl2EuxX9Y
KZ7xMZe5mhgCZrAjGQP8bpxaLsddL4B36bPelfl0LN25eeh1h2R4s/xyvgCfJ/pD
+TGAeQNNrmRWNH0qMjO0KmiIk9KK/lSXeKyZ9prvcpPuFG17s8uKAATAtRNF/a2a
r7CbprR5/yT+ShgrJaGfoSifnP/bFTLJBMr3MeiDS3czSH5XI7hYIIjUg90kBryQ
eZn1yZAGwsOFdXh446R0KniL10uSHPpKnd8FxOFzgxR2M+9BDdRIf2maiEPy9BWw
rEz9GDopxsR0FUHxCwo/hxRIAQIDAQABo4IDGDCCAxQwHQYDVR0OBBYEFAWlvf/M
MtYrkJ0NPaE48b/J51jdMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvODlGNjQ3QTRB
NkRBMTFFREFDODEzQjRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaEGCCsGAQUFBwEHAQH/
BIGRMIGOMIGLBAIAATCBhAMEAGcLPQMEAHHL0AMEAHHL0gMEAHHL2gMEAHHL3DAM
AwQBccveAwQBccvgAwQAccvjAwQAccvpAwQAccv1AwQCccv8AwQAtLKUMAwDBAC0
spcDBAW0soADBAC0sqIDBAK0sqQDBAC0sq0DBAC0srMDBADfHeIwDAMEAN8d6wME
AN8d7jANBgkqhkiG9w0BAQsFAAOCAQEAbKGl5TZlt+52i1rrG9K90IXlc6wShg7Y
OaWPu+7c6GO4DSeHmyIwQHl/1hmlSygZvE1jCugc83e+FlJPLplLzMW4Ra7UhVoH
JcmdxguNRvPNX3lTLR0rsPDGkOMmaJa4LdYLs2otDBf7FfSk/xljQz9xVCYDtQnL
rQqiuPIC8OrqMjZSGbHQ1+Qz/GTz0dPxuH6wb6xacnbzv5ci/iY7N7vvz890RAnW
7VcLVt0kStcg/UXsL9Y5rTQqoJW/jz2jmyinRnvj2EBuQQsi3t07j1EFhE7Fg23F
Xqj83Q9SF+wr6+JIDbCakQ6//04tmfuIfh9/1RErWdsZidkiTCYPXw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-ams.rpki-client.org