Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/8F416998E17611ECBD70B57DC4F9AE02.roa
File: 8F416998E17611ECBD70B57DC4F9AE02.roa (raw, json)
Hash identifier: 3otrAeRNYjWmBsPm7Wdn+89VtfuKgGkFYZkHtqBdpEQ=
Subject key identifier: CE:88:2D:56:15:B3:48:93:06:EA:42:AA:3B:11:51:93:74:E5:06:29
Certificate issuer: /CN=A91F71E8/serialNumber=B3D793790E114AC8F8DC82BAE33C1D92BDBDB5EB
Certificate serial: 05B5
Authority key identifier: B3:D7:93:79:0E:11:4A:C8:F8:DC:82:BA:E3:3C:1D:92:BD:BD:B5:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s9eTeQ4RSsj43IK64zwdkr29tes.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/8F416998E17611ECBD70B57DC4F9AE02.roa
Signing time: Wed 20 Jul 2022 07:44:35 +0000
ROA not before: Wed 20 Jul 2022 07:44:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137498
IP address blocks: 45.115.224.0/24 maxlen: 24
45.115.225.0/24 maxlen: 24
103.56.4.0/22 maxlen: 22
103.56.4.0/24 maxlen: 24
103.56.5.0/24 maxlen: 24
103.56.6.0/24 maxlen: 24
103.56.7.0/24 maxlen: 24
103.110.216.0/22 maxlen: 22
103.110.216.0/24 maxlen: 24
103.110.217.0/24 maxlen: 24
103.110.218.0/24 maxlen: 24
103.110.219.0/24 maxlen: 24
2402:9040::/32 maxlen: 32
2402:9040::/36 maxlen: 36
2402:9040:1000::/36 maxlen: 36
2402:9040:2000::/36 maxlen: 36
2402:9040:3000::/36 maxlen: 36
2402:9040:4000::/36 maxlen: 36
2402:9040:5000::/36 maxlen: 36
2402:9040:6000::/36 maxlen: 36
2402:9040:7000::/36 maxlen: 36
2402:9040:7000::/48 maxlen: 48
2402:9040:8000::/36 maxlen: 36
2402:9040:8000::/48 maxlen: 48
2402:9040:9000::/36 maxlen: 36
2402:9040:a000::/36 maxlen: 36
2402:9040:b000::/36 maxlen: 36
2402:9040:c000::/36 maxlen: 36
2402:9040:d000::/36 maxlen: 36
2402:9040:e000::/36 maxlen: 36
2402:9040:f000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1461 (0x5b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F71E8/serialNumber=B3D793790E114AC8F8DC82BAE33C1D92BDBDB5EB
Validity
Not Before: Jul 20 07:44:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62d7b262-1d90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0c:3f:db:bf:4c:de:12:dd:04:96:89:71:2a:
b8:ee:f4:15:c2:fa:a0:52:2e:b0:3e:e9:cd:50:f3:
ba:95:95:55:89:30:2c:b6:55:80:47:6f:1f:98:d8:
ce:74:e1:e1:30:34:ea:dd:4a:25:ad:80:f4:da:4d:
72:86:80:14:3d:bc:4d:97:f4:e6:57:92:be:0b:23:
57:41:12:f8:3b:87:ca:df:ca:ea:3c:53:53:5d:af:
4c:ba:fa:4d:bf:ff:43:db:09:2d:ca:dc:86:44:6d:
88:2b:3b:e1:18:54:32:27:42:71:a5:5f:84:e1:08:
67:f7:9b:6e:56:fb:fe:f1:a7:5a:cd:fc:c6:d3:0c:
c0:82:7a:db:c8:18:98:e7:12:5f:46:2c:cd:ab:f1:
e1:ce:05:ec:07:db:f8:45:d4:42:57:0b:a1:8b:2a:
ec:dd:54:0f:03:00:a3:49:bd:97:db:5c:16:25:0e:
80:6f:05:42:73:69:b2:1a:94:0f:19:3f:b7:48:c2:
fd:18:92:d3:e8:35:0b:8a:73:87:27:76:90:38:ab:
ef:07:a1:75:9c:55:b9:ca:68:e7:04:26:b9:c2:04:
41:5e:94:ea:80:87:f7:e1:66:ab:54:1f:6d:78:2d:
30:c6:40:a4:dd:d4:04:61:9e:1c:4c:4f:28:75:67:
fb:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:88:2D:56:15:B3:48:93:06:EA:42:AA:3B:11:51:93:74:E5:06:29
X509v3 Authority Key Identifier:
keyid:B3:D7:93:79:0E:11:4A:C8:F8:DC:82:BA:E3:3C:1D:92:BD:BD:B5:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/s9eTeQ4RSsj43IK64zwdkr29tes.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s9eTeQ4RSsj43IK64zwdkr29tes.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/8F416998E17611ECBD70B57DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.115.224.0/23
103.56.4.0/22
103.110.216.0/22
IPv6:
2402:9040::/32
Signature Algorithm: sha256WithRSAEncryption
82:f3:8d:61:61:d0:3f:93:77:8f:96:1a:27:0c:ad:1a:e4:6c:
8d:29:0f:44:e4:20:40:30:9a:36:08:b5:90:88:19:90:c3:c5:
34:88:2a:c1:c2:05:9d:37:46:f7:39:3e:18:59:db:75:4a:c6:
22:09:68:7b:0a:2e:73:20:38:1e:a9:b0:0a:f0:c8:12:60:e2:
02:ae:35:c0:5b:d5:cd:c7:b6:a5:c3:0d:3c:23:35:3a:25:f6:
4f:da:86:17:82:50:82:1e:b2:94:63:99:f3:3c:1b:ee:07:f6:
fc:1b:46:90:6d:d6:83:cd:2f:f6:b1:3f:12:26:33:91:1c:47:
1a:bb:28:4e:31:be:4c:3b:d1:0d:e7:93:03:27:de:7b:b0:64:
d0:4e:9d:2f:2c:b4:c3:f3:a8:dd:47:22:40:0f:91:94:78:a8:
86:0f:ad:de:d0:cc:08:44:e4:79:58:12:6b:d5:c6:c1:df:56:
3c:e9:e1:bd:1d:6f:df:d4:94:8c:3b:3e:04:ba:fc:ef:b0:7d:
4e:fd:5e:85:ca:f6:a5:f9:fb:a3:1f:09:4a:57:78:1f:9c:56:
39:55:f9:b5:17:b2:58:bf:8f:20:d1:45:c5:c5:40:5a:cc:c0:
5f:5e:76:1e:da:89:8c:bb:20:ec:88:45:4d:17:b1:e4:05:17:
c3:da:b5:ff
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICBbUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjcxRTgxMTAvBgNVBAUTKEIzRDc5Mzc5MEUxMTRBQzhGOERDODJCQUUzM0MxRDky
QkRCREI1RUIwHhcNMjIwNzIwMDc0NDM1WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmQ3YjI2Mi0xZDkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmgw/279M3hLdBJaJcSq47vQVwvqgUi6wPunNUPO6lZVViTAstlWAR28fmNjO
dOHhMDTq3UolrYD02k1yhoAUPbxNl/TmV5K+CyNXQRL4O4fK38rqPFNTXa9MuvpN
v/9D2wktytyGRG2IKzvhGFQyJ0JxpV+E4Qhn95tuVvv+8adazfzG0wzAgnrbyBiY
5xJfRizNq/HhzgXsB9v4RdRCVwuhiyrs3VQPAwCjSb2X21wWJQ6AbwVCc2myGpQP
GT+3SML9GJLT6DULinOHJ3aQOKvvB6F1nFW5ymjnBCa5wgRBXpTqgIf34WarVB9t
eC0wxkCk3dQEYZ4cTE8odWf77wIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFM6ILVYV
s0iTBupCqjsRUZN05QYpMB8GA1UdIwQYMBaAFLPXk3kOEUrI+NyCuuM8HZK9vbXr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzFFOC82MkI3ODdBMEVF
RTQxMUU4OUU2NjVENERDNEY5QUUwMi9zOWVUZVE0UlNzajQzSUs2NHp3ZGtyMjl0
ZXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3M5ZVRlUTRSU3NqNDNJSzY0endka3IyOXRlcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjcxRTgvNjJCNzg3QTBFRUU0MTFFODlFNjY1RDREQzRGOUFFMDIvOEY0MTY5OThF
MTc2MTFFQ0JENzBCNTdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAEtc+ADBAJnOAQDBAJnbtgwDQQCAAIwBwMFACQCkEAwDQYJ
KoZIhvcNAQELBQADggEBAILzjWFh0D+Td4+WGicMrRrkbI0pD0TkIEAwmjYItZCI
GZDDxTSIKsHCBZ03Rvc5PhhZ23VKxiIJaHsKLnMgOB6psArwyBJg4gKuNcBb1c3H
tqXDDTwjNTol9k/ahheCUIIespRjmfM8G+4H9vwbRpBt1oPNL/axPxImM5EcRxq7
KE4xvkw70Q3nkwMn3nuwZNBOnS8stMPzqN1HIkAPkZR4qIYPrd7QzAhE5HlYEmvV
xsHfVjzp4b0db9/UlIw7PgS6/O+wfU79XoXK9qX5+6MfCUpXeB+cVjlV+bUXsli/
jyDRRcXFQFrMwF9edh7aiYy7IOyIRU0XseQFF8Patf8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:51 2024 by rpki-client on console-fra.rpki-client.org