Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913CA4B/DC2F0432BF8011EA96FE4A68C4F9AE02/ADB92172D2A211ED81E76210C4F9AE02.roa
File: ADB92172D2A211ED81E76210C4F9AE02.roa (raw, json)
Hash identifier: bNZYggSwG6X6zLf7CVQWDP5mOOpRkFGl9yo0OYEJexA=
Subject key identifier: 10:B2:2F:DB:DB:BA:A3:39:C6:85:31:43:F2:45:5F:49:48:B5:1F:56
Certificate issuer: /CN=A913CA4B/serialNumber=709210CF761EC67FB394EA5896A5C647B305EEF1
Certificate serial: 07DA
Authority key identifier: 70:92:10:CF:76:1E:C6:7F:B3:94:EA:58:96:A5:C6:47:B3:05:EE:F1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJIQz3Yexn-zlOpYlqXGR7MF7vE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913CA4B/DC2F0432BF8011EA96FE4A68C4F9AE02/ADB92172D2A211ED81E76210C4F9AE02.roa
Signing time: Tue 16 Jan 2024 07:08:18 +0000
ROA not before: Tue 16 Jan 2024 07:08:18 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 133174
IP address blocks: 117.55.194.0/24 maxlen: 24
117.55.198.0/23 maxlen: 23
117.55.198.0/24 maxlen: 24
117.55.199.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2010 (0x7da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913CA4B/serialNumber=709210CF761EC67FB394EA5896A5C647B305EEF1
Validity
Not Before: Jan 16 07:08:18 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65a62b62-8db2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:df:fc:d3:eb:e5:bb:dd:83:b2:74:01:44:72:
7b:a8:a4:ff:94:6f:d1:1f:d0:37:1f:6a:dc:ed:28:
5a:fe:27:cd:99:0c:f3:55:9b:87:3b:57:9b:a3:99:
09:e9:11:96:a9:ac:31:62:fe:40:59:37:47:bf:af:
c1:47:54:d0:af:79:0a:ee:63:da:45:4f:c2:fb:a2:
9b:c1:00:11:0e:b3:63:bc:50:79:92:e6:ce:3f:d7:
46:89:12:1b:ab:d9:90:92:fb:a6:31:ee:11:75:56:
35:69:1f:8e:f9:e9:cd:be:ee:e5:63:fe:1e:2a:e6:
88:55:76:91:ee:a3:47:27:3a:b4:ed:9e:6c:78:ed:
fb:c8:bc:58:fb:d2:38:af:d7:cf:4a:e3:52:1a:f7:
20:30:3b:3b:92:79:bf:9b:fb:15:84:d0:f8:05:f7:
e2:7e:23:4c:f1:80:97:c0:58:0b:eb:29:74:27:c8:
5c:f7:f4:a1:b8:9d:59:44:21:88:8f:6e:94:a2:1b:
ae:07:e6:c8:1a:05:b9:2d:fb:7f:9e:9d:0f:11:b9:
b2:b3:ff:2e:9c:f7:47:28:44:99:a0:f8:fd:39:3a:
14:bb:e0:10:6a:9a:2d:c1:99:3a:05:a4:98:98:77:
c3:67:d9:c5:c5:63:a7:fc:c0:27:3e:33:ca:96:f6:
35:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:B2:2F:DB:DB:BA:A3:39:C6:85:31:43:F2:45:5F:49:48:B5:1F:56
X509v3 Authority Key Identifier:
keyid:70:92:10:CF:76:1E:C6:7F:B3:94:EA:58:96:A5:C6:47:B3:05:EE:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913CA4B/DC2F0432BF8011EA96FE4A68C4F9AE02/cJIQz3Yexn-zlOpYlqXGR7MF7vE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJIQz3Yexn-zlOpYlqXGR7MF7vE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913CA4B/DC2F0432BF8011EA96FE4A68C4F9AE02/ADB92172D2A211ED81E76210C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
117.55.194.0/24
117.55.198.0/23
Signature Algorithm: sha256WithRSAEncryption
95:94:ed:d4:cd:40:e9:43:2f:2f:51:0b:9f:af:2f:d4:c6:cd:
02:1f:1d:47:a0:c7:54:88:6e:9d:49:7d:cf:37:30:31:79:61:
50:ea:bf:d8:c5:f5:eb:01:a2:cb:e5:0f:d4:28:b6:0d:05:75:
e6:50:d1:3c:a7:1d:ec:74:e5:80:6c:88:fe:13:32:89:2c:e2:
b8:8e:2d:92:3d:97:32:d1:2c:f1:68:cd:2a:f2:38:6d:59:28:
c7:18:96:b7:a7:86:29:02:6e:db:45:88:16:47:71:af:d3:88:
23:c8:b8:0b:33:4a:95:0f:ba:ee:2f:73:fa:e9:7c:9e:df:20:
71:4d:03:b9:8d:89:44:d3:2e:69:0f:ef:34:ce:d7:83:42:92:
97:53:3d:93:c4:35:e3:7c:e3:7b:cb:1e:73:24:29:e9:b2:59:
54:8e:de:f1:32:f5:df:2c:06:63:03:db:17:68:0a:af:8e:c8:
7f:ad:d4:44:6d:19:b1:7f:2e:bd:43:f4:62:76:2b:30:26:59:
7e:72:1d:6c:7d:a2:b2:53:db:8f:7f:51:f9:5b:aa:dd:ed:b1:
16:a5:42:3f:c9:0e:05:41:a3:d3:8e:bf:bd:83:58:dd:47:b9:
83:03:af:2c:af:05:d9:43:c9:be:4e:20:33:8b:75:08:d0:4e:
14:8a:ca:30
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICB9owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0NBNEIxMTAvBgNVBAUTKDcwOTIxMENGNzYxRUM2N0ZCMzk0RUE1ODk2QTVDNjQ3
QjMwNUVFRjEwHhcNMjQwMTE2MDcwODE4WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWE2MmI2Mi04ZGIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0t/80+vlu92DsnQBRHJ7qKT/lG/RH9A3H2rc7Sha/ifNmQzzVZuHO1ebo5kJ
6RGWqawxYv5AWTdHv6/BR1TQr3kK7mPaRU/C+6KbwQARDrNjvFB5kubOP9dGiRIb
q9mQkvumMe4RdVY1aR+O+enNvu7lY/4eKuaIVXaR7qNHJzq07Z5seO37yLxY+9I4
r9fPSuNSGvcgMDs7knm/m/sVhND4BffifiNM8YCXwFgL6yl0J8hc9/ShuJ1ZRCGI
j26UohuuB+bIGgW5Lft/np0PEbmys/8unPdHKESZoPj9OToUu+AQapotwZk6BaSY
mHfDZ9nFxWOn/MAnPjPKlvY15wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBCyL9vb
uqM5xoUxQ/JFX0lItR9WMB8GA1UdIwQYMBaAFHCSEM92HsZ/s5TqWJalxkezBe7x
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQ0E0Qi9EQzJGMDQzMkJG
ODAxMUVBOTZGRTRBNjhDNEY5QUUwMi9jSklRejNZZXhuLXpsT3BZbHFYR1I3TUY3
dkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NKSVF6M1lleG4temxPcFlscVhHUjdNRjd2RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0NBNEIvREMyRjA0MzJCRjgwMTFFQTk2RkU0QTY4QzRGOUFFMDIvQURCOTIxNzJE
MkEyMTFFRDgxRTc2MjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAB1N8IDBAF1N8YwDQYJKoZIhvcNAQELBQADggEBAJWU7dTN
QOlDLy9RC5+vL9TGzQIfHUegx1SIbp1Jfc83MDF5YVDqv9jF9esBosvlD9Qotg0F
deZQ0TynHex05YBsiP4TMoks4riOLZI9lzLRLPFozSryOG1ZKMcYlrenhikCbttF
iBZHca/TiCPIuAszSpUPuu4vc/rpfJ7fIHFNA7mNiUTTLmkP7zTO14NCkpdTPZPE
NeN843vLHnMkKemyWVSO3vEy9d8sBmMD2xdoCq+OyH+t1ERtGbF/Lr1D9GJ2KzAm
WX5yHWx9orJT249/Uflbqt3tsRalQj/JDgVBo9OOv72DWN1HuYMDryyvBdlDyb5O
IDOLdQjQThSKyjA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org