Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/790F86AC546011ED912D371CC4F9AE02.roa
File: 790F86AC546011ED912D371CC4F9AE02.roa (raw, json)
Hash identifier: eQNMykwwPYAvfqZ1QRnQopIHRxwGA5FeE7s1T90Ta0Q=
Subject key identifier: E1:59:4D:1C:90:0B:0A:6D:98:59:DC:DA:B0:2A:35:29:F6:B3:FB:CF
Certificate issuer: /CN=A9146944/serialNumber=ED1F958CB604B576E82214B4CF3CC0FE620EF9F4
Certificate serial: 07C3
Authority key identifier: ED:1F:95:8C:B6:04:B5:76:E8:22:14:B4:CF:3C:C0:FE:62:0E:F9:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7R-VjLYEtXboIhS0zzzA_mIO-fQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/790F86AC546011ED912D371CC4F9AE02.roa
Signing time: Tue 25 Oct 2022 12:28:05 +0000
ROA not before: Tue 25 Oct 2022 12:28:05 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 134180
IP address blocks: 45.250.228.0/24 maxlen: 24
45.250.229.0/24 maxlen: 24
45.250.230.0/24 maxlen: 24
45.250.231.0/24 maxlen: 24
103.199.232.0/24 maxlen: 24
103.199.233.0/24 maxlen: 24
103.199.234.0/24 maxlen: 24
103.199.235.0/24 maxlen: 24
103.202.220.0/22 maxlen: 22
103.202.220.0/24 maxlen: 24
103.202.221.0/24 maxlen: 24
103.202.222.0/23 maxlen: 23
103.202.222.0/24 maxlen: 24
103.202.223.0/24 maxlen: 24
103.209.196.0/24 maxlen: 24
103.209.197.0/24 maxlen: 24
103.209.198.0/24 maxlen: 24
103.209.199.0/24 maxlen: 24
202.133.88.0/24 maxlen: 24
202.133.89.0/24 maxlen: 24
202.133.91.0/24 maxlen: 24
2403:6940::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1987 (0x7c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146944/serialNumber=ED1F958CB604B576E82214B4CF3CC0FE620EF9F4
Validity
Not Before: Oct 25 12:28:05 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=6357d654-d599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:95:26:84:da:51:55:05:fd:f5:61:ed:fc:b2:
73:7a:48:c4:a3:31:07:82:3c:89:4b:93:72:31:15:
c7:b7:55:95:77:fb:01:6b:24:70:d0:4a:0e:8f:6e:
22:db:2a:53:74:2c:38:8d:ea:f5:24:2e:67:47:12:
81:ed:4b:8f:29:e9:08:64:c5:b6:dc:04:68:7a:d4:
22:0a:c5:cc:e7:f0:44:95:94:b8:45:1a:f4:36:83:
7e:7c:a7:bc:f3:1d:d3:ca:bb:50:1c:94:55:39:9a:
66:0b:25:a2:f7:da:45:7a:78:f4:17:85:6b:1f:dd:
1a:a3:3a:e7:c6:ae:bd:b3:26:01:23:e0:8a:bc:2b:
a9:85:ad:03:c7:c1:85:6e:76:96:04:7b:50:ba:2d:
f6:23:1e:30:0f:e5:5a:7e:e1:e5:46:09:21:82:e0:
ef:c2:58:89:c8:2d:15:f9:dd:cf:be:aa:89:bd:ba:
fe:df:f4:3f:48:55:46:ab:82:82:f6:07:ef:ca:35:
5f:f1:5a:e3:ea:0b:d0:b7:4a:0f:fc:f9:0b:1f:1b:
6c:de:0e:04:bb:b6:c9:db:6c:13:d2:74:6c:b1:99:
1a:a1:42:20:3d:29:ec:69:92:af:d8:08:1f:83:67:
84:a3:be:5b:a3:1c:56:f1:bc:de:2f:e3:81:b0:92:
02:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:59:4D:1C:90:0B:0A:6D:98:59:DC:DA:B0:2A:35:29:F6:B3:FB:CF
X509v3 Authority Key Identifier:
keyid:ED:1F:95:8C:B6:04:B5:76:E8:22:14:B4:CF:3C:C0:FE:62:0E:F9:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/7R-VjLYEtXboIhS0zzzA_mIO-fQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7R-VjLYEtXboIhS0zzzA_mIO-fQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/790F86AC546011ED912D371CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.250.228.0/22
103.199.232.0/22
103.202.220.0/22
103.209.196.0/22
202.133.88.0/23
202.133.91.0/24
IPv6:
2403:6940::/32
Signature Algorithm: sha256WithRSAEncryption
a2:84:87:c0:88:a2:64:f0:43:6c:5f:20:3f:cc:33:4a:0a:f4:
71:57:f0:ac:ab:10:48:54:72:e3:01:6a:e8:89:07:a1:6f:5f:
d5:7d:9c:9d:1e:12:b3:26:ab:d1:86:5b:dd:26:17:bb:a7:70:
58:ed:74:b2:0d:eb:de:a8:5a:96:4d:b2:80:88:cc:c1:fa:58:
fb:f3:ab:3d:40:ab:c2:dc:68:30:d2:a0:51:3d:2b:95:9e:46:
d8:48:8b:28:b9:ce:5b:4e:c6:53:be:c0:4f:0b:fb:1b:13:21:
4c:1a:46:44:c9:5d:be:e9:85:fb:77:74:85:b9:19:d5:4f:14:
40:7c:76:e3:48:8f:5a:ba:21:83:d5:b3:f3:bf:69:9e:46:ba:
a8:ef:16:1e:93:21:d7:29:74:32:7f:ae:c9:ec:e0:ae:0d:86:
12:c6:35:b6:b4:f8:32:83:7a:53:80:ac:d4:64:df:a6:bc:fd:
ce:36:fd:0f:6c:7b:2e:7d:f5:58:7b:ad:28:ec:e7:1f:21:b1:
6f:d0:8b:88:db:4a:18:cb:a7:93:1b:e4:c5:ab:4f:2b:80:de:
1e:f9:e6:e0:8e:2f:02:19:09:a7:d7:d9:de:72:e0:b5:56:c9:
a9:53:e2:2f:41:55:63:de:89:d7:a6:91:aa:e8:78:7d:19:46:
6d:5d:f1:b3
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICB8MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDY5NDQxMTAvBgNVBAUTKEVEMUY5NThDQjYwNEI1NzZFODIyMTRCNENGM0NDMEZF
NjIwRUY5RjQwHhcNMjIxMDI1MTIyODA1WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzU3ZDY1NC1kNTk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvJUmhNpRVQX99WHt/LJzekjEozEHgjyJS5NyMRXHt1WVd/sBayRw0EoOj24i
2ypTdCw4jer1JC5nRxKB7UuPKekIZMW23ARoetQiCsXM5/BElZS4RRr0NoN+fKe8
8x3TyrtQHJRVOZpmCyWi99pFenj0F4VrH90aozrnxq69syYBI+CKvCupha0Dx8GF
bnaWBHtQui32Ix4wD+VafuHlRgkhguDvwliJyC0V+d3PvqqJvbr+3/Q/SFVGq4KC
9gfvyjVf8Vrj6gvQt0oP/PkLHxts3g4Eu7bJ22wT0nRssZkaoUIgPSnsaZKv2Agf
g2eEo75boxxW8bzeL+OBsJICfwIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFOFZTRyQ
CwptmFnc2rAqNSn2s/vPMB8GA1UdIwQYMBaAFO0flYy2BLV26CIUtM88wP5iDvn0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Njk0NC80M0JEMUM2RThF
OTUxMUVBQTlENzNBMkVDNEY5QUUwMi83Ui1WakxZRXRYYm9JaFMwenp6QV9tSU8t
ZlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdSLVZqTFlFdFhib0loUzB6enpBX21JTy1mUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDY5NDQvNDNCRDFDNkU4RTk1MTFFQUE5RDczQTJFQzRGOUFFMDIvNzkwRjg2QUM1
NDYwMTFFRDkxMkQzNzFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCoEAgABMCQDBAIt+uQDBAJnx+gDBAJnytwDBAJn0cQDBAHKhVgDBADKhVsw
DQQCAAIwBwMFACQDaUAwDQYJKoZIhvcNAQELBQADggEBAKKEh8CIomTwQ2xfID/M
M0oK9HFX8KyrEEhUcuMBauiJB6FvX9V9nJ0eErMmq9GGW90mF7uncFjtdLIN696o
WpZNsoCIzMH6WPvzqz1Aq8LcaDDSoFE9K5WeRthIiyi5zltOxlO+wE8L+xsTIUwa
RkTJXb7phft3dIW5GdVPFEB8duNIj1q6IYPVs/O/aZ5GuqjvFh6TIdcpdDJ/rsns
4K4NhhLGNba0+DKDelOArNRk36a8/c42/Q9sey599Vh7rSjs5x8hsW/Qi4jbShjL
p5Mb5MWrTyuA3h755uCOLwIZCafX2d5y4LVWyalT4i9BVWPeidemkaroeH0ZRm1d
8bM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org