Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912BE25/D90526E4EE1111EC95299982C4F9AE02/75611624052D11ED8045DA84C4F9AE02.roa
File: 75611624052D11ED8045DA84C4F9AE02.roa (raw, json)
Hash identifier: k8ssvOvSkbATAbunNsCqz8OEihxTQpLdGWsRtap8QDg=
Subject key identifier: D4:1E:7B:ED:A1:58:16:E8:0B:DE:C7:43:7F:30:A2:4A:11:DB:B1:1F
Certificate issuer: /CN=A912BE25/serialNumber=A760ADE0C9D05EE679EC304122BC3350C8D2A439
Certificate serial: 51
Authority key identifier: A7:60:AD:E0:C9:D0:5E:E6:79:EC:30:41:22:BC:33:50:C8:D2:A4:39
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p2Ct4MnQXuZ57DBBIrwzUMjSpDk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912BE25/D90526E4EE1111EC95299982C4F9AE02/75611624052D11ED8045DA84C4F9AE02.roa
Signing time: Sun 17 Jul 2022 23:33:08 +0000
ROA not before: Sun 17 Jul 2022 23:33:08 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 23887
IP address blocks: 119.63.0.0/20 maxlen: 20
119.63.0.0/22 maxlen: 22
119.63.0.0/23 maxlen: 23
119.63.2.0/24 maxlen: 24
202.71.176.0/20 maxlen: 20
202.71.176.0/23 maxlen: 23
202.71.179.0/24 maxlen: 24
202.71.182.0/23 maxlen: 24
202.71.186.0/24 maxlen: 24
202.71.190.0/24 maxlen: 24
202.71.191.0/24 maxlen: 24
2406:2a00::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81 (0x51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912BE25/serialNumber=A760ADE0C9D05EE679EC304122BC3350C8D2A439
Validity
Not Before: Jul 17 23:33:08 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=62d49c33-3962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:39:9a:c7:07:c2:59:ee:f9:6d:c4:08:9c:37:
4d:d3:90:57:94:dc:87:34:67:49:7b:8e:3f:d2:11:
aa:08:e3:2a:a3:ad:13:06:e0:18:be:66:7a:46:4e:
e5:32:38:82:61:82:eb:29:6f:46:82:ce:20:45:dd:
32:fb:b6:91:1b:6a:a2:be:65:3a:5e:fb:ec:1c:be:
75:bc:58:c1:ff:0f:32:c9:17:6b:12:92:75:f1:ad:
50:77:f4:d5:ca:8f:b2:04:95:14:45:77:9a:0c:a3:
bb:3c:75:a1:11:ef:22:ed:00:d7:7a:98:ba:6b:b7:
b9:25:1a:bf:0e:e6:3f:0a:a1:d1:d4:8e:be:e5:f7:
ac:f8:04:45:4a:7a:0d:e9:ff:fe:d0:ed:37:51:5e:
57:ef:e0:8c:d0:e5:07:11:3d:7d:18:c9:0f:52:30:
fa:88:0b:e1:bf:0a:43:60:84:7e:ac:d3:25:f3:d2:
98:c7:2b:ab:80:21:69:e5:71:e4:55:2e:df:4a:61:
a9:ed:75:bf:4b:33:cf:af:41:b9:02:d2:3e:2c:5c:
eb:f4:7c:ea:10:ec:a6:4b:21:6e:ef:15:59:73:24:
bd:7e:c6:db:b1:6e:1e:85:cb:7b:75:fb:6d:a6:6a:
1e:45:bd:56:64:6e:de:18:09:a1:b9:a4:0f:6b:1f:
a2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:1E:7B:ED:A1:58:16:E8:0B:DE:C7:43:7F:30:A2:4A:11:DB:B1:1F
X509v3 Authority Key Identifier:
keyid:A7:60:AD:E0:C9:D0:5E:E6:79:EC:30:41:22:BC:33:50:C8:D2:A4:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912BE25/D90526E4EE1111EC95299982C4F9AE02/p2Ct4MnQXuZ57DBBIrwzUMjSpDk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p2Ct4MnQXuZ57DBBIrwzUMjSpDk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BE25/D90526E4EE1111EC95299982C4F9AE02/75611624052D11ED8045DA84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.63.0.0/20
202.71.176.0/20
IPv6:
2406:2a00::/32
Signature Algorithm: sha256WithRSAEncryption
08:21:d9:68:9a:e6:02:ad:6b:d6:dc:cd:44:0d:cd:61:29:bd:
be:ee:9b:08:18:44:c3:6e:91:7e:bd:e6:c8:ea:7f:9f:f3:e8:
aa:65:e1:aa:62:de:95:28:0b:eb:21:a3:00:06:58:d6:23:90:
64:1e:b6:01:c8:bb:f9:d2:01:d6:50:df:db:65:c4:f6:9a:a9:
d7:d1:ee:8e:43:89:c8:1f:5c:fe:0d:96:33:b6:d9:6c:f7:ca:
ab:67:f7:34:88:e5:73:f6:41:1a:a5:bc:d2:fc:fc:68:b0:2e:
fc:90:e5:87:ba:97:4f:ac:50:8f:da:3d:1d:fd:8a:a7:4e:25:
1a:71:0d:ee:20:b1:32:de:78:d1:09:5a:9e:27:0d:0e:78:4b:
b6:e7:1d:5a:b2:51:1e:47:ab:1f:79:38:52:50:a9:48:c7:d7:
d4:f5:e2:c1:11:b4:0c:5d:29:26:7b:7b:0a:ee:c1:a5:e2:e4:
2a:cc:8c:fe:14:bb:62:db:aa:98:2c:4d:ad:e3:15:40:80:d9:
5d:7e:c6:68:1a:40:88:94:f0:e8:7b:1f:2f:a7:ee:24:41:e6:
87:d6:b6:bc:2a:6b:15:7d:2b:66:17:36:a0:14:ce:86:bd:92:
08:13:da:c2:f7:f3:94:11:26:db:03:48:39:29:bb:9a:0d:ed:
b3:70:c1:8d
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIBUTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
QkUyNTExMC8GA1UEBRMoQTc2MEFERTBDOUQwNUVFNjc5RUMzMDQxMjJCQzMzNTBD
OEQyQTQzOTAeFw0yMjA3MTcyMzMzMDhaFw0yMjEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyZDQ5YzMzLTM5NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDXOZrHB8JZ7vltxAicN03TkFeU3Ic0Z0l7jj/SEaoI4yqjrRMG4Bi+ZnpGTuUy
OIJhguspb0aCziBF3TL7tpEbaqK+ZTpe++wcvnW8WMH/DzLJF2sSknXxrVB39NXK
j7IElRRFd5oMo7s8daER7yLtANd6mLprt7klGr8O5j8KodHUjr7l96z4BEVKeg3p
//7Q7TdRXlfv4IzQ5QcRPX0YyQ9SMPqIC+G/CkNghH6s0yXz0pjHK6uAIWnlceRV
Lt9KYantdb9LM8+vQbkC0j4sXOv0fOoQ7KZLIW7vFVlzJL1+xtuxbh6Fy3t1+22m
ah5FvVZkbt4YCaG5pA9rH6JLAgMBAAGjggKqMIICpjAdBgNVHQ4EFgQU1B577aFY
FugL3sdDfzCiShHbsR8wHwYDVR0jBBgwFoAUp2Ct4MnQXuZ57DBBIrwzUMjSpDkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJCRTI1L0Q5MDUyNkU0RUUx
MTExRUM5NTI5OTk4MkM0RjlBRTAyL3AyQ3Q0TW5RWHVaNTdEQkJJcnd6VU1qU3BE
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcDJDdDRNblFYdVo1N0RCQklyd3pVTWpTcERrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
QkUyNS9EOTA1MjZFNEVFMTExMUVDOTUyOTk5ODJDNEY5QUUwMi83NTYxMTYyNDA1
MkQxMUVEODA0NURBODRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEBHc/AAMEBMpHsDANBAIAAjAHAwUAJAYqADANBgkqhkiG9w0B
AQsFAAOCAQEACCHZaJrmAq1r1tzNRA3NYSm9vu6bCBhEw26Rfr3myOp/n/PoqmXh
qmLelSgL6yGjAAZY1iOQZB62Aci7+dIB1lDf22XE9pqp19HujkOJyB9c/g2WM7bZ
bPfKq2f3NIjlc/ZBGqW80vz8aLAu/JDlh7qXT6xQj9o9Hf2Kp04lGnEN7iCxMt54
0QlanicNDnhLtucdWrJRHkerH3k4UlCpSMfX1PXiwRG0DF0pJnt7Cu7BpeLkKsyM
/hS7YtuqmCxNreMVQIDZXX7GaBpAiJTw6HsfL6fuJEHmh9a2vCprFX0rZhc2oBTO
hr2SCBPawvfzlBEm2wNIOSm7mg3ts3DBjQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-ams.rpki-client.org