Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F98DF/C8BE1CACDA3811EBB8301750C4F9AE02/C0B24CFADA3C11EB80DFDB1FC4F9AE02.roa
File: C0B24CFADA3C11EB80DFDB1FC4F9AE02.roa (raw, json)
Hash identifier: UwotncO1ttCDrP4Td8GyZmXFhKRGFo4DaXDgZjkh/a4=
Subject key identifier: 30:94:5C:4B:81:B1:F8:50:D1:51:02:EB:E5:1F:6C:56:BE:D1:31:56
Certificate issuer: /CN=A91F98DF/serialNumber=8204B61D8457236088BA98605025274A2DB72403
Certificate serial: 01BB
Authority key identifier: 82:04:B6:1D:84:57:23:60:88:BA:98:60:50:25:27:4A:2D:B7:24:03
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ggS2HYRXI2CIuphgUCUnSi23JAM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F98DF/C8BE1CACDA3811EBB8301750C4F9AE02/C0B24CFADA3C11EB80DFDB1FC4F9AE02.roa
Signing time: Wed 09 Feb 2022 02:51:31 +0000
ROA not before: Wed 09 Feb 2022 02:51:31 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 131111
IP address blocks: 103.82.12.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 443 (0x1bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F98DF/serialNumber=8204B61D8457236088BA98605025274A2DB72403
Validity
Not Before: Feb 9 02:51:31 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=62032c33-3a8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:62:62:2e:8a:82:ec:95:de:03:bb:44:e5:31:
39:ff:23:22:c3:6a:95:45:b7:f1:74:47:4a:cc:b3:
a8:b9:72:6b:ac:bc:a5:24:e7:db:b0:e1:ac:c5:9e:
71:0c:04:43:bc:8d:59:bd:2b:81:15:05:06:e1:ea:
9b:75:83:b1:d9:80:60:2d:0d:0c:9b:ae:48:aa:60:
ed:a4:c2:55:95:b3:0b:6b:68:67:24:25:56:6b:d1:
1c:50:15:11:00:fc:50:02:7f:c2:b7:78:b7:c7:0a:
e7:1e:c1:f8:6f:c5:fe:e3:1c:35:af:15:27:a8:b9:
e9:b9:e6:d8:9b:f8:86:76:ca:63:b8:1a:63:05:77:
f8:cc:34:ca:0c:40:05:53:43:ce:77:55:87:42:dc:
56:7a:f5:bd:7d:0d:46:8d:6a:20:c1:b0:7f:5b:11:
04:b4:69:4f:bf:67:29:85:bc:44:9f:39:bf:f2:be:
9e:a4:0a:dc:7c:74:a8:b4:18:b7:f5:48:83:f2:44:
b7:d3:cf:2a:b5:a9:c0:1d:a6:48:54:23:9d:48:b6:
2c:5f:81:0f:40:ee:bb:23:44:11:21:ea:7c:63:6a:
1d:65:a8:ba:0b:05:aa:fe:fc:ad:8c:cd:c5:f8:f8:
00:a6:a8:90:c3:77:9e:a4:58:fd:48:72:69:1d:17:
2e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:94:5C:4B:81:B1:F8:50:D1:51:02:EB:E5:1F:6C:56:BE:D1:31:56
X509v3 Authority Key Identifier:
keyid:82:04:B6:1D:84:57:23:60:88:BA:98:60:50:25:27:4A:2D:B7:24:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F98DF/C8BE1CACDA3811EBB8301750C4F9AE02/ggS2HYRXI2CIuphgUCUnSi23JAM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ggS2HYRXI2CIuphgUCUnSi23JAM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F98DF/C8BE1CACDA3811EBB8301750C4F9AE02/C0B24CFADA3C11EB80DFDB1FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.82.12.0/22
Signature Algorithm: sha256WithRSAEncryption
16:a2:3e:b4:32:75:4b:8f:3e:11:ea:b1:01:c1:5e:2b:e6:32:
ff:1c:6e:b5:bc:e0:fc:b4:a3:2c:33:70:89:3a:1b:1b:99:63:
d6:3a:91:61:f1:57:0b:06:33:7f:fc:f0:9c:39:f1:9e:6d:25:
b6:85:50:9d:15:2b:b7:32:d5:3f:61:d7:b5:54:a8:d5:2a:ad:
4a:50:a2:a9:18:a9:b7:05:9d:26:1e:d3:92:24:b3:bf:db:90:
ff:d0:6a:81:dc:81:09:ca:27:de:36:37:7e:bc:01:bd:de:44:
13:9d:13:5c:15:35:77:ff:e8:2c:b7:c4:49:ba:7b:ba:ba:01:
09:56:b4:ea:51:b8:43:2f:42:e1:ff:ff:57:8e:91:dc:07:4a:
d4:3a:df:9c:05:ec:43:47:ea:ce:a6:26:08:81:69:47:0c:f2:
52:39:b2:72:44:43:a5:f2:39:f4:e5:d2:bb:a7:ba:23:6d:6f:
e0:8e:30:5d:99:62:d3:c5:02:cd:c5:3d:c2:09:f4:0d:15:cf:
6a:f6:a1:d7:f6:67:f0:e0:9f:e7:cb:d2:b2:76:10:1d:7c:6e:
86:4c:a8:84:39:63:c8:57:b2:37:80:05:0c:bd:a5:7a:62:dc:
83:43:bc:82:9e:cd:32:92:92:e7:32:a1:57:08:a7:e2:82:b0:
c0:3b:5e:10
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAbswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjk4REYxMTAvBgNVBAUTKDgyMDRCNjFEODQ1NzIzNjA4OEJBOTg2MDUwMjUyNzRB
MkRCNzI0MDMwHhcNMjIwMjA5MDI1MTMxWhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjAzMmMzMy0zYThlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4GJiLoqC7JXeA7tE5TE5/yMiw2qVRbfxdEdKzLOouXJrrLylJOfbsOGsxZ5x
DARDvI1ZvSuBFQUG4eqbdYOx2YBgLQ0Mm65IqmDtpMJVlbMLa2hnJCVWa9EcUBUR
APxQAn/Ct3i3xwrnHsH4b8X+4xw1rxUnqLnpuebYm/iGdspjuBpjBXf4zDTKDEAF
U0POd1WHQtxWevW9fQ1GjWogwbB/WxEEtGlPv2cphbxEnzm/8r6epArcfHSotBi3
9UiD8kS3088qtanAHaZIVCOdSLYsX4EPQO67I0QRIep8Y2odZai6CwWq/vytjM3F
+PgApqiQw3eepFj9SHJpHRcupwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDCUXEuB
sfhQ0VEC6+UfbFa+0TFWMB8GA1UdIwQYMBaAFIIEth2EVyNgiLqYYFAlJ0ottyQD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOThERi9DOEJFMUNBQ0RB
MzgxMUVCQjgzMDE3NTBDNEY5QUUwMi9nZ1MySFlSWEkyQ0l1cGhnVUNVblNpMjNK
QU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dnUzJIWVJYSTJDSXVwaGdVQ1VuU2kyM0pBTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Rjk4REYvQzhCRTFDQUNEQTM4MTFFQkI4MzAxNzUwQzRGOUFFMDIvQzBCMjRDRkFE
QTNDMTFFQjgwREZEQjFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnUgwwDQYJKoZIhvcNAQELBQADggEBABaiPrQydUuPPhHq
sQHBXivmMv8cbrW84Py0oywzcIk6GxuZY9Y6kWHxVwsGM3/88Jw58Z5tJbaFUJ0V
K7cy1T9h17VUqNUqrUpQoqkYqbcFnSYe05Iks7/bkP/QaoHcgQnKJ942N368Ab3e
RBOdE1wVNXf/6Cy3xEm6e7q6AQlWtOpRuEMvQuH//1eOkdwHStQ635wF7ENH6s6m
JgiBaUcM8lI5snJEQ6XyOfTl0runuiNtb+COMF2ZYtPFAs3FPcIJ9A0Vz2r2odf2
Z/Dgn+fL0rJ2EB18boZMqIQ5Y8hXsjeABQy9pXpi3INDvIKezTKSkucyoVcIp+KC
sMA7XhA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-ams.rpki-client.org