Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/7E7D4CE428E311EDAA689768C4F9AE02.roa
File: 7E7D4CE428E311EDAA689768C4F9AE02.roa (raw, json)
Hash identifier: 0QCsWzixKMO8Sle76/3GbfsrFB4gc38HZ3Vn9TEzAlA=
Subject key identifier: B4:DE:3B:90:F0:1D:A7:26:2A:1B:C9:A6:58:00:F3:C9:D7:81:F3:24
Certificate issuer: /CN=A91F71E8/serialNumber=B3D793790E114AC8F8DC82BAE33C1D92BDBDB5EB
Certificate serial: 060C
Authority key identifier: B3:D7:93:79:0E:11:4A:C8:F8:DC:82:BA:E3:3C:1D:92:BD:BD:B5:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s9eTeQ4RSsj43IK64zwdkr29tes.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/7E7D4CE428E311EDAA689768C4F9AE02.roa
Signing time: Wed 31 Aug 2022 04:15:06 +0000
ROA not before: Wed 31 Aug 2022 04:15:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137498
IP address blocks: 103.56.4.0/22 maxlen: 22
103.56.4.0/24 maxlen: 24
103.56.5.0/24 maxlen: 24
103.56.6.0/24 maxlen: 24
103.56.7.0/24 maxlen: 24
103.110.216.0/22 maxlen: 22
103.110.216.0/24 maxlen: 24
103.110.217.0/24 maxlen: 24
103.110.218.0/24 maxlen: 24
103.110.219.0/24 maxlen: 24
2402:9040::/32 maxlen: 32
2402:9040::/36 maxlen: 36
2402:9040:1000::/36 maxlen: 36
2402:9040:2000::/36 maxlen: 36
2402:9040:3000::/36 maxlen: 36
2402:9040:4000::/36 maxlen: 36
2402:9040:5000::/36 maxlen: 36
2402:9040:6000::/36 maxlen: 36
2402:9040:7000::/36 maxlen: 36
2402:9040:7000::/48 maxlen: 48
2402:9040:8000::/36 maxlen: 36
2402:9040:8000::/48 maxlen: 48
2402:9040:9000::/36 maxlen: 36
2402:9040:a000::/36 maxlen: 36
2402:9040:b000::/36 maxlen: 36
2402:9040:c000::/36 maxlen: 36
2402:9040:d000::/36 maxlen: 36
2402:9040:e000::/36 maxlen: 36
2402:9040:f000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1548 (0x60c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F71E8/serialNumber=B3D793790E114AC8F8DC82BAE33C1D92BDBDB5EB
Validity
Not Before: Aug 31 04:15:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=630ee04a-699a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:82:9c:55:2b:5a:e8:d4:d8:4c:48:22:e5:35:
45:f4:c4:ec:5f:87:42:83:3e:84:5a:e7:ff:9d:52:
db:a1:81:76:71:8c:ec:e4:80:4e:1e:8f:60:6f:8e:
96:bc:4c:28:38:59:e0:46:89:7d:8e:a4:e7:5f:de:
50:fa:46:c1:cc:33:52:82:60:48:70:2c:67:33:55:
88:18:67:9e:0b:ee:94:03:f0:53:af:b1:03:be:c4:
bc:a8:7a:d0:9b:a6:1d:9b:b0:ca:63:55:29:02:a9:
f8:c1:71:5e:83:5e:42:ef:ae:ec:66:3b:f3:f5:5d:
c1:09:ec:d2:38:7c:8a:06:66:73:ed:65:88:60:b5:
5d:2c:61:c8:84:08:d0:0e:82:48:bd:d8:d5:bf:8c:
a0:87:5d:c8:f8:7d:b1:bc:db:02:3f:bd:33:db:b4:
cb:c4:ff:9f:8b:2d:7b:87:a5:90:39:0a:86:31:7f:
92:f2:5e:fe:55:5e:85:da:d6:58:5e:74:13:2a:71:
3e:32:56:ea:31:49:3e:64:38:cc:23:31:d3:2e:a7:
a3:9f:6b:11:9b:5a:58:78:54:92:86:d7:f2:7e:c8:
97:7e:0e:59:cc:97:7f:b0:3d:ee:e1:8d:73:4e:16:
f1:a1:fd:63:52:dc:94:27:20:52:9a:be:8f:dd:23:
4d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:DE:3B:90:F0:1D:A7:26:2A:1B:C9:A6:58:00:F3:C9:D7:81:F3:24
X509v3 Authority Key Identifier:
keyid:B3:D7:93:79:0E:11:4A:C8:F8:DC:82:BA:E3:3C:1D:92:BD:BD:B5:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/s9eTeQ4RSsj43IK64zwdkr29tes.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s9eTeQ4RSsj43IK64zwdkr29tes.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/7E7D4CE428E311EDAA689768C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.56.4.0/22
103.110.216.0/22
IPv6:
2402:9040::/32
Signature Algorithm: sha256WithRSAEncryption
44:29:15:02:ad:7d:f2:ed:a1:7c:da:39:91:05:d2:af:89:92:
fd:62:0a:eb:8e:95:bf:4a:fe:ec:62:0c:9a:89:0e:05:0c:30:
7a:c8:c8:82:e2:81:65:e7:4f:80:f1:51:ec:f5:2f:d7:70:73:
37:0a:2d:44:8d:77:f7:fc:1e:02:e0:bc:63:ff:ad:fa:ad:09:
3b:ac:91:e0:07:c6:f5:c6:89:22:b0:02:21:c5:92:ba:15:d3:
3b:76:e4:f5:98:e6:d8:db:42:b5:15:b6:4e:28:7e:02:81:98:
79:36:2a:cf:2a:2e:49:1b:3d:f2:71:3c:bd:fd:26:9f:82:3b:
65:d2:42:c1:89:11:6c:e8:73:d6:9a:34:bb:ee:b9:15:8a:02:
af:9d:dc:9f:ca:41:30:61:a3:28:4e:43:1d:29:ba:5b:3a:ad:
68:d8:41:d0:bb:87:00:ee:07:5e:ac:15:c6:c1:12:8c:85:51:
cb:fe:90:26:9f:80:26:bb:8e:46:31:7d:18:54:00:d9:5e:d5:
7b:20:a3:84:ff:36:f8:ee:73:9e:c0:27:9b:fc:9b:d0:4a:fb:
42:35:ad:46:c6:e8:50:28:35:f8:06:20:9d:6d:b9:bf:b0:61:
00:1e:6a:7e:11:99:42:d9:b1:ab:c1:0e:de:4b:89:56:6c:28:
f2:98:ed:3f
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBgwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjcxRTgxMTAvBgNVBAUTKEIzRDc5Mzc5MEUxMTRBQzhGOERDODJCQUUzM0MxRDky
QkRCREI1RUIwHhcNMjIwODMxMDQxNTA2WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzBlZTA0YS02OTlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvoKcVSta6NTYTEgi5TVF9MTsX4dCgz6EWuf/nVLboYF2cYzs5IBOHo9gb46W
vEwoOFngRol9jqTnX95Q+kbBzDNSgmBIcCxnM1WIGGeeC+6UA/BTr7EDvsS8qHrQ
m6Ydm7DKY1UpAqn4wXFeg15C767sZjvz9V3BCezSOHyKBmZz7WWIYLVdLGHIhAjQ
DoJIvdjVv4ygh13I+H2xvNsCP70z27TLxP+fiy17h6WQOQqGMX+S8l7+VV6F2tZY
XnQTKnE+MlbqMUk+ZDjMIzHTLqejn2sRm1pYeFSShtfyfsiXfg5ZzJd/sD3u4Y1z
Thbxof1jUtyUJyBSmr6P3SNNAQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFLTeO5Dw
HacmKhvJplgA88nXgfMkMB8GA1UdIwQYMBaAFLPXk3kOEUrI+NyCuuM8HZK9vbXr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzFFOC82MkI3ODdBMEVF
RTQxMUU4OUU2NjVENERDNEY5QUUwMi9zOWVUZVE0UlNzajQzSUs2NHp3ZGtyMjl0
ZXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3M5ZVRlUTRSU3NqNDNJSzY0endka3IyOXRlcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjcxRTgvNjJCNzg3QTBFRUU0MTFFODlFNjY1RDREQzRGOUFFMDIvN0U3RDRDRTQy
OEUzMTFFREFBNjg5NzY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnOAQDBAJnbtgwDQQCAAIwBwMFACQCkEAwDQYJKoZIhvcN
AQELBQADggEBAEQpFQKtffLtoXzaOZEF0q+Jkv1iCuuOlb9K/uxiDJqJDgUMMHrI
yILigWXnT4DxUez1L9dwczcKLUSNd/f8HgLgvGP/rfqtCTuskeAHxvXGiSKwAiHF
kroV0zt25PWY5tjbQrUVtk4ofgKBmHk2Ks8qLkkbPfJxPL39Jp+CO2XSQsGJEWzo
c9aaNLvuuRWKAq+d3J/KQTBhoyhOQx0puls6rWjYQdC7hwDuB16sFcbBEoyFUcv+
kCafgCa7jkYxfRhUANle1Xsgo4T/Nvjuc57AJ5v8m9BK+0I1rUbG6FAoNfgGIJ1t
ub+wYQAean4RmULZsavBDt5LiVZsKPKY7T8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-ams.rpki-client.org