Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150B1D/935BD104572D11ECB2C4CB77C4F9AE02/2C84529A3EDA11ED9539B971C4F9AE02.roa
File: 2C84529A3EDA11ED9539B971C4F9AE02.roa (raw, json)
Hash identifier: UwBpEHBlNVbVqQQ30UQJr3rVn+X+KZul9p4lSsBZzPw=
Subject key identifier: DB:54:01:06:C6:37:DB:08:85:8E:59:E3:96:52:F1:75:9C:F9:D1:1B
Certificate issuer: /CN=A9150B1D/serialNumber=2C0FCA09B848030EF948A52CEBD0132DB76E6256
Certificate serial: 02F8
Authority key identifier: 2C:0F:CA:09:B8:48:03:0E:F9:48:A5:2C:EB:D0:13:2D:B7:6E:62:56
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LA_KCbhIAw75SKUs69ATLbduYlY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150B1D/935BD104572D11ECB2C4CB77C4F9AE02/2C84529A3EDA11ED9539B971C4F9AE02.roa
Signing time: Mon 17 Apr 2023 08:23:39 +0000
ROA not before: Mon 17 Apr 2023 08:23:39 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 139057
IP address blocks: 2407:2440:1::/48 maxlen: 48
2407:2440:2::/48 maxlen: 48
2407:2440:3::/48 maxlen: 48
2407:2440:4::/48 maxlen: 48
2407:2440:5::/48 maxlen: 48
2407:2440:6::/48 maxlen: 48
2407:2440:7::/48 maxlen: 48
2407:2440:8::/48 maxlen: 48
2407:2440:9::/48 maxlen: 48
2407:2440:a::/48 maxlen: 48
2407:2440:b::/48 maxlen: 48
2407:2440:c::/48 maxlen: 48
2407:2440:d::/48 maxlen: 48
2407:2440:e::/48 maxlen: 48
2407:2440:f::/48 maxlen: 48
2407:2440:10::/48 maxlen: 48
2407:2440:11::/48 maxlen: 48
2407:2440:12::/48 maxlen: 48
2407:2440:13::/48 maxlen: 48
2407:2440:14::/48 maxlen: 48
2407:2440:15::/48 maxlen: 48
2407:2440:16::/48 maxlen: 48
2407:2440:17::/48 maxlen: 48
2407:2440:18::/48 maxlen: 48
2407:2440:1e::/48 maxlen: 48
2407:2440:20::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 760 (0x2f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150B1D/serialNumber=2C0FCA09B848030EF948A52CEBD0132DB76E6256
Validity
Not Before: Apr 17 08:23:39 2023 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=643d020b-b48d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fe:67:9c:0e:d3:7d:77:71:4a:d5:c7:1c:24:
3f:ae:f7:ca:c0:64:2e:45:fd:a1:d0:54:87:ea:1e:
b4:4d:60:14:6c:9f:52:7a:c4:c4:ab:9b:13:60:0f:
14:52:01:2b:8b:6b:eb:99:62:86:26:ff:d4:d9:bd:
a3:52:e6:fe:95:71:6b:47:0f:e7:35:03:a2:2a:af:
ac:54:27:12:9c:a4:54:28:50:7b:2d:25:af:e8:6c:
10:ed:dc:93:85:e3:08:00:ee:0d:5c:bc:24:2c:2f:
b0:e3:57:1a:a8:09:40:f4:f5:f6:b1:4f:7d:d8:5c:
97:d0:80:c5:c9:c7:fb:f2:2e:57:a7:be:b2:e1:d6:
46:97:f2:9f:e1:67:d3:e2:88:63:cd:34:d4:b7:ef:
2b:54:d6:71:91:53:d9:d8:b4:56:65:57:06:88:4a:
35:56:3d:53:ca:dd:ff:3d:cd:60:9d:d0:c6:db:24:
a4:02:2a:28:76:4e:c1:91:64:3c:bc:53:46:41:43:
db:c6:7b:51:f3:bb:00:a8:2e:0d:9a:fb:0d:e0:1b:
ee:e9:97:35:db:ce:5e:03:b3:77:fc:c8:d4:2c:59:
21:7f:ca:d6:6d:04:51:87:f5:74:98:63:be:b0:b8:
36:6a:b0:9d:59:8a:83:7e:2c:1b:ed:63:de:26:ba:
38:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:54:01:06:C6:37:DB:08:85:8E:59:E3:96:52:F1:75:9C:F9:D1:1B
X509v3 Authority Key Identifier:
keyid:2C:0F:CA:09:B8:48:03:0E:F9:48:A5:2C:EB:D0:13:2D:B7:6E:62:56
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150B1D/935BD104572D11ECB2C4CB77C4F9AE02/LA_KCbhIAw75SKUs69ATLbduYlY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LA_KCbhIAw75SKUs69ATLbduYlY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150B1D/935BD104572D11ECB2C4CB77C4F9AE02/2C84529A3EDA11ED9539B971C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:2440:1::-2407:2440:18:ffff:ffff:ffff:ffff:ffff
2407:2440:1e::/48
2407:2440:20::/48
Signature Algorithm: sha256WithRSAEncryption
80:1e:3c:c2:76:27:0d:e1:b0:8a:c5:1f:f0:8b:a9:c2:c1:e2:
4a:2b:49:fc:4a:a0:7e:34:57:57:b2:f2:9a:77:66:fe:cb:98:
71:42:87:db:76:23:c5:bf:71:db:c3:9b:9f:cf:17:15:72:77:
a5:89:d7:08:1e:63:67:1e:7f:34:48:eb:88:3c:97:b6:93:21:
cc:24:39:d4:17:0f:ab:d3:a4:1e:81:62:18:3a:f5:9e:86:a7:
ac:aa:d9:7e:40:dc:19:76:9a:35:a2:2f:fb:03:86:df:ce:8f:
0f:b5:5c:41:93:71:9f:d6:69:b7:1e:87:56:92:83:ab:a2:cf:
04:1c:34:f8:f5:b1:a2:22:94:08:48:c2:21:1c:7b:9a:10:98:
65:4c:06:3c:25:d1:96:9c:75:63:10:e2:23:d9:48:3a:46:10:
1d:10:76:f3:a0:2d:7b:eb:a0:f1:db:b5:61:c5:80:7b:bb:d6:
32:47:f2:65:cd:7c:7e:1b:60:ee:f9:0b:44:40:92:09:58:e7:
5e:f0:23:df:e3:e0:a6:b7:14:9a:07:4f:12:75:26:36:82:e4:
56:6f:f5:ce:d8:7c:fb:45:c5:19:27:56:ac:d7:b7:54:dc:52:
b1:40:dd:29:fd:14:4b:80:04:df:43:f0:dd:a7:83:71:52:38:
39:6f:b1:3e
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICAvgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTBCMUQxMTAvBgNVBAUTKDJDMEZDQTA5Qjg0ODAzMEVGOTQ4QTUyQ0VCRDAxMzJE
Qjc2RTYyNTYwHhcNMjMwNDE3MDgyMzM5WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDNkMDIwYi1iNDhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq/5nnA7TfXdxStXHHCQ/rvfKwGQuRf2h0FSH6h60TWAUbJ9SesTEq5sTYA8U
UgEri2vrmWKGJv/U2b2jUub+lXFrRw/nNQOiKq+sVCcSnKRUKFB7LSWv6GwQ7dyT
heMIAO4NXLwkLC+w41caqAlA9PX2sU992FyX0IDFycf78i5Xp76y4dZGl/Kf4WfT
4ohjzTTUt+8rVNZxkVPZ2LRWZVcGiEo1Vj1Tyt3/Pc1gndDG2ySkAioodk7BkWQ8
vFNGQUPbxntR87sAqC4NmvsN4Bvu6Zc1285eA7N3/MjULFkhf8rWbQRRh/V0mGO+
sLg2arCdWYqDfiwb7WPeJro4XwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFNtUAQbG
N9sIhY5Z45ZS8XWc+dEbMB8GA1UdIwQYMBaAFCwPygm4SAMO+UilLOvQEy23bmJW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MEIxRC85MzVCRDEwNDU3
MkQxMUVDQjJDNENCNzdDNEY5QUUwMi9MQV9LQ2JoSUF3NzVTS1VzNjlBVExiZHVZ
bFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xBX0tDYmhJQXc3NVNLVXM2OUFUTGJkdVlsWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTBCMUQvOTM1QkQxMDQ1NzJEMTFFQ0IyQzRDQjc3QzRGOUFFMDIvMkM4NDUyOUEz
RURBMTFFRDk1MzlCOTcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgACMCYwEgMHACQHJEAAAQMHACQHJEAAGAMHACQHJEAAHgMHACQHJEAA
IDANBgkqhkiG9w0BAQsFAAOCAQEAgB48wnYnDeGwisUf8IupwsHiSitJ/EqgfjRX
V7Lymndm/suYcUKH23Yjxb9x28Obn88XFXJ3pYnXCB5jZx5/NEjriDyXtpMhzCQ5
1BcPq9OkHoFiGDr1noanrKrZfkDcGXaaNaIv+wOG386PD7VcQZNxn9Zptx6HVpKD
q6LPBBw0+PWxoiKUCEjCIRx7mhCYZUwGPCXRlpx1YxDiI9lIOkYQHRB286Ate+ug
8du1YcWAe7vWMkfyZc18fhtg7vkLRECSCVjnXvAj3+PgprcUmgdPEnUmNoLkVm/1
zth8+0XFGSdWrNe3VNxSsUDdKf0US4AE30Pw3aeDcVI4OW+xPg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org