Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/493FDE5EB17C11EC92E57138C4F9AE02.roa
File: 493FDE5EB17C11EC92E57138C4F9AE02.roa (raw, json)
Hash identifier: pRQzfGCdGErsg6h9WE68EMMd4wuwY84w+lRgDyHHABg=
Subject key identifier: C0:D7:76:8B:7D:3D:D5:75:72:A1:49:8B:C2:68:4B:C0:16:8F:B5:DD
Certificate issuer: /CN=A91536B7/serialNumber=981FA227A2A435C2B76E06C9C452D3EC751984D3
Certificate serial: 0381
Authority key identifier: 98:1F:A2:27:A2:A4:35:C2:B7:6E:06:C9:C4:52:D3:EC:75:19:84:D3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mB-iJ6KkNcK3bgbJxFLT7HUZhNM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/493FDE5EB17C11EC92E57138C4F9AE02.roa
Signing time: Fri 01 Apr 2022 17:23:43 +0000
ROA not before: Fri 01 Apr 2022 17:23:43 +0000
ROA not after: Mon 01 Aug 2022 00:00:00 +0000
asID: 138510
IP address blocks: 2407:c280:da02::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 897 (0x381)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91536B7/serialNumber=981FA227A2A435C2B76E06C9C452D3EC751984D3
Validity
Not Before: Apr 1 17:23:43 2022 GMT
Not After : Aug 1 00:00:00 2022 GMT
Subject: CN=6247351f-1f60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:54:a4:f4:ea:1d:3c:d4:e0:76:ff:e7:2b:ff:
c2:39:aa:66:7c:e6:15:6a:8b:0f:71:06:5e:91:64:
82:fc:03:25:a9:d6:93:c5:a1:03:97:1e:52:52:93:
bf:85:8e:17:20:68:79:8b:71:ad:8e:9c:0e:d7:a1:
98:47:c3:43:6d:7d:ac:96:d2:91:07:f1:3b:b4:e6:
83:eb:28:e0:b8:dc:96:9e:98:92:65:b8:ee:df:52:
ff:e7:00:3a:a5:d8:3b:77:2c:40:cf:85:50:ed:01:
c3:9b:d2:98:88:47:b8:5e:4c:fa:93:8b:55:1c:ef:
6a:f6:d8:9c:11:64:ae:23:b4:5e:96:45:13:7a:e3:
ec:7a:7e:6c:6e:79:bf:3e:35:a1:48:bb:83:fa:4b:
26:03:e4:1a:6c:cb:d7:2d:12:84:a8:50:51:59:65:
30:b2:99:2c:a0:1e:86:cb:f3:3c:d8:79:09:f5:f9:
31:4a:a4:01:7e:ef:97:0e:5a:7c:ee:43:3a:81:31:
01:5a:97:08:f7:0b:2a:0c:1d:9f:5e:fe:11:e3:cf:
22:f1:87:83:bb:d0:cc:c4:a2:03:f5:2b:77:00:17:
98:f0:d4:e7:97:c4:bc:79:81:b8:68:9f:66:6a:67:
49:a7:dd:7c:00:85:9b:d2:94:ff:10:c9:fb:40:06:
27:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:D7:76:8B:7D:3D:D5:75:72:A1:49:8B:C2:68:4B:C0:16:8F:B5:DD
X509v3 Authority Key Identifier:
keyid:98:1F:A2:27:A2:A4:35:C2:B7:6E:06:C9:C4:52:D3:EC:75:19:84:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/mB-iJ6KkNcK3bgbJxFLT7HUZhNM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mB-iJ6KkNcK3bgbJxFLT7HUZhNM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/493FDE5EB17C11EC92E57138C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:c280:da02::/48
Signature Algorithm: sha256WithRSAEncryption
7e:6f:2c:2d:a6:43:e1:bb:9d:c8:c2:a0:4e:b4:40:be:97:3e:
1f:33:61:b6:e9:44:d0:56:61:28:18:54:99:47:5d:d2:39:57:
54:af:e3:e6:8d:db:08:ca:d0:b7:5b:93:f4:5f:f5:38:07:33:
a3:01:43:5f:a9:fb:f9:d6:62:68:ed:c4:af:95:ed:cb:9f:1f:
4b:be:48:2c:bc:a7:32:c5:d2:b0:93:7e:09:d9:66:35:01:de:
fc:1a:ef:d8:e9:d3:1a:7b:3e:fe:f4:ca:49:e9:51:eb:08:d6:
c0:9a:db:b1:57:64:35:11:26:31:31:94:19:80:65:d3:00:56:
f8:fb:15:66:82:1f:73:7c:9b:1c:be:a8:60:dd:65:2a:0f:22:
b5:c1:72:46:ce:73:78:28:ce:08:a7:37:02:e8:e9:9c:17:5b:
76:3d:d2:11:7b:22:94:92:79:66:9c:70:84:61:cb:12:ab:d2:
d4:4a:7f:fd:a7:48:82:da:25:1b:ee:2c:e6:fb:09:fb:fc:fd:
4f:a1:e3:b8:35:eb:c9:13:8d:93:f3:f7:9e:db:1e:a1:f2:01:
93:5c:54:a4:78:f7:b3:31:18:20:8c:15:e0:2e:28:97:e3:9f:
01:d6:7c:81:7c:ab:3f:54:14:a1:e1:6e:37:cc:5e:e2:00:57:
f9:7c:1b:61
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICA4EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM2QjcxMTAvBgNVBAUTKDk4MUZBMjI3QTJBNDM1QzJCNzZFMDZDOUM0NTJEM0VD
NzUxOTg0RDMwHhcNMjIwNDAxMTcyMzQzWhcNMjIwODAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjQ3MzUxZi0xZjYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8FSk9OodPNTgdv/nK//COapmfOYVaosPcQZekWSC/AMlqdaTxaEDlx5SUpO/
hY4XIGh5i3GtjpwO16GYR8NDbX2sltKRB/E7tOaD6yjguNyWnpiSZbju31L/5wA6
pdg7dyxAz4VQ7QHDm9KYiEe4Xkz6k4tVHO9q9ticEWSuI7RelkUTeuPsen5sbnm/
PjWhSLuD+ksmA+QabMvXLRKEqFBRWWUwspksoB6Gy/M82HkJ9fkxSqQBfu+XDlp8
7kM6gTEBWpcI9wsqDB2fXv4R488i8YeDu9DMxKID9St3ABeY8NTnl8S8eYG4aJ9m
amdJp918AIWb0pT/EMn7QAYnLQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFMDXdot9
PdV1cqFJi8JoS8AWj7XdMB8GA1UdIwQYMBaAFJgfoieipDXCt24GycRS0+x1GYTT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzZCNy9GMUNEMjdCNDcz
QUQxMUU3QUNCRDAyNUVDNEY5QUUwMi9tQi1pSjZLa05jSzNiZ2JKeEZMVDdIVVpo
Tk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21CLWlKNktrTmNLM2JnYkp4RkxUN0hVWmhOTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM2QjcvRjFDRDI3QjQ3M0FEMTFFN0FDQkQwMjVFQzRGOUFFMDIvNDkzRkRFNUVC
MTdDMTFFQzkyRTU3MTM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkB8KA2gIwDQYJKoZIhvcNAQELBQADggEBAH5vLC2mQ+G7
ncjCoE60QL6XPh8zYbbpRNBWYSgYVJlHXdI5V1Sv4+aN2wjK0Ldbk/Rf9TgHM6MB
Q1+p+/nWYmjtxK+V7cufH0u+SCy8pzLF0rCTfgnZZjUB3vwa79jp0xp7Pv70yknp
UesI1sCa27FXZDURJjExlBmAZdMAVvj7FWaCH3N8mxy+qGDdZSoPIrXBckbOc3go
zginNwLo6ZwXW3Y90hF7IpSSeWaccIRhyxKr0tRKf/2nSILaJRvuLOb7Cfv8/U+h
47g168kTjZPz957bHqHyAZNcVKR497MxGCCMFeAuKJfjnwHWfIF8qz9UFKHhbjfM
XuIAV/l8G2E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org