Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/4B207E7CB17C11EC92E57138C4F9AE02.roa
File: 4B207E7CB17C11EC92E57138C4F9AE02.roa (raw, json)
Hash identifier: yYrx1pMn30bJf+TPV68NbiDLx1tSFA1Jl0yowo5jmfM=
Subject key identifier: 58:56:44:1F:BD:34:D9:5F:18:AE:CC:90:46:99:30:B4:EA:2E:5B:E0
Certificate issuer: /CN=A91536B7/serialNumber=981FA227A2A435C2B76E06C9C452D3EC751984D3
Certificate serial: 0383
Authority key identifier: 98:1F:A2:27:A2:A4:35:C2:B7:6E:06:C9:C4:52:D3:EC:75:19:84:D3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mB-iJ6KkNcK3bgbJxFLT7HUZhNM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/4B207E7CB17C11EC92E57138C4F9AE02.roa
Signing time: Fri 01 Apr 2022 17:23:45 +0000
ROA not before: Fri 01 Apr 2022 17:23:45 +0000
ROA not after: Mon 01 Aug 2022 00:00:00 +0000
asID: 17830
IP address blocks: 2407:c280:b100::/40 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 899 (0x383)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91536B7/serialNumber=981FA227A2A435C2B76E06C9C452D3EC751984D3
Validity
Not Before: Apr 1 17:23:45 2022 GMT
Not After : Aug 1 00:00:00 2022 GMT
Subject: CN=62473521-ce78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:70:c4:85:5a:02:52:a9:b8:da:1c:c4:0f:55:
5c:91:37:4b:4d:86:c4:3d:c9:b4:f4:a7:14:da:64:
7a:04:a9:f6:91:d7:3d:08:25:e2:d8:4d:1a:2e:e1:
52:5b:37:4a:8a:dd:c4:c4:f8:3c:47:4c:37:c4:2c:
97:33:8a:e0:d3:db:95:a0:e2:be:8e:57:29:fe:f2:
40:a5:0a:3e:b1:94:3c:87:bf:af:18:67:61:e6:ec:
61:80:9b:7c:f9:cb:ed:83:2a:b2:53:25:e2:39:b3:
af:0d:4c:27:84:34:c7:ce:c3:bf:02:2d:57:03:23:
e3:0b:63:ca:fc:9c:27:f6:3b:a9:bd:a8:d3:c5:5e:
2e:76:b0:82:3d:66:a7:86:63:59:80:05:4d:7c:57:
ac:71:c7:9e:61:33:35:b2:c2:60:87:23:61:0d:03:
29:f2:49:b4:86:bb:78:a4:2a:51:41:5e:5c:27:e9:
20:56:6b:f5:43:ac:9b:a7:3d:cf:bd:8e:b8:2b:9b:
16:1d:6f:05:44:0e:45:b1:25:b7:f0:b3:69:fa:c0:
68:fa:91:fd:93:d2:02:8e:39:8b:8d:e7:83:21:35:
b2:5b:aa:58:a2:32:74:ca:dc:d0:25:c5:71:40:b5:
8c:20:86:fe:de:b1:ca:e0:38:08:ca:a3:f4:83:ae:
15:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:56:44:1F:BD:34:D9:5F:18:AE:CC:90:46:99:30:B4:EA:2E:5B:E0
X509v3 Authority Key Identifier:
keyid:98:1F:A2:27:A2:A4:35:C2:B7:6E:06:C9:C4:52:D3:EC:75:19:84:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/mB-iJ6KkNcK3bgbJxFLT7HUZhNM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mB-iJ6KkNcK3bgbJxFLT7HUZhNM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/4B207E7CB17C11EC92E57138C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:c280:b100::/40
Signature Algorithm: sha256WithRSAEncryption
15:58:69:54:aa:96:ae:d6:23:d4:00:89:b8:94:8b:28:de:70:
d0:70:34:f1:fb:ac:54:85:ce:bc:47:ea:de:d5:78:0f:07:a5:
4b:31:39:f7:b7:5b:65:57:bf:a2:5e:f4:ed:b6:18:d5:23:e8:
bb:33:de:36:ab:86:a1:cf:27:b6:4a:6a:e2:7b:f7:b1:1b:6f:
05:d2:6f:b3:25:c5:a7:1f:3e:6a:a0:8e:7f:9c:e7:ba:1c:18:
dc:3f:1a:ab:67:4a:ef:78:64:da:cc:dd:18:48:97:56:2e:01:
6b:06:9b:37:0c:b9:de:36:e7:8b:23:3c:ec:f7:0d:39:97:e2:
0e:79:d7:60:cc:b8:c5:03:4b:02:c0:d0:df:73:68:ec:82:17:
0c:dc:e4:fc:1c:7b:f6:d0:ee:73:d9:0a:e2:0c:53:db:b6:59:
6a:17:01:de:96:f7:27:2c:67:98:c0:e1:ee:bf:05:a9:99:cc:
eb:7e:7b:ec:92:47:cf:91:9c:fe:8f:c1:7e:56:39:17:8d:81:
4e:db:3d:df:55:09:98:af:3b:99:dc:3b:d7:d7:4e:99:e0:0b:
6f:58:9c:3d:2b:16:a8:50:9f:c4:ad:f9:6b:79:b5:e5:15:3d:
33:45:8d:80:6b:1f:96:12:b5:d3:c8:4f:5b:1d:f1:5d:2e:a5:
01:f0:b9:28
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgICA4MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM2QjcxMTAvBgNVBAUTKDk4MUZBMjI3QTJBNDM1QzJCNzZFMDZDOUM0NTJEM0VD
NzUxOTg0RDMwHhcNMjIwNDAxMTcyMzQ1WhcNMjIwODAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjQ3MzUyMS1jZTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvXDEhVoCUqm42hzED1VckTdLTYbEPcm09KcU2mR6BKn2kdc9CCXi2E0aLuFS
WzdKit3ExPg8R0w3xCyXM4rg09uVoOK+jlcp/vJApQo+sZQ8h7+vGGdh5uxhgJt8
+cvtgyqyUyXiObOvDUwnhDTHzsO/Ai1XAyPjC2PK/Jwn9jupvajTxV4udrCCPWan
hmNZgAVNfFescceeYTM1ssJghyNhDQMp8km0hrt4pCpRQV5cJ+kgVmv1Q6ybpz3P
vY64K5sWHW8FRA5FsSW38LNp+sBo+pH9k9ICjjmLjeeDITWyW6pYojJ0ytzQJcVx
QLWMIIb+3rHK4DgIyqP0g64VuQIDAQABo4IClzCCApMwHQYDVR0OBBYEFFhWRB+9
NNlfGK7MkEaZMLTqLlvgMB8GA1UdIwQYMBaAFJgfoieipDXCt24GycRS0+x1GYTT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzZCNy9GMUNEMjdCNDcz
QUQxMUU3QUNCRDAyNUVDNEY5QUUwMi9tQi1pSjZLa05jSzNiZ2JKeEZMVDdIVVpo
Tk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21CLWlKNktrTmNLM2JnYkp4RkxUN0hVWmhOTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM2QjcvRjFDRDI3QjQ3M0FEMTFFN0FDQkQwMjVFQzRGOUFFMDIvNEIyMDdFN0NC
MTdDMTFFQzkyRTU3MTM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgAkB8KAsTANBgkqhkiG9w0BAQsFAAOCAQEAFVhpVKqWrtYj
1ACJuJSLKN5w0HA08fusVIXOvEfq3tV4DwelSzE597dbZVe/ol707bYY1SPouzPe
NquGoc8ntkpq4nv3sRtvBdJvsyXFpx8+aqCOf5znuhwY3D8aq2dK73hk2szdGEiX
Vi4BawabNwy53jbniyM87PcNOZfiDnnXYMy4xQNLAsDQ33No7IIXDNzk/Bx79tDu
c9kK4gxT27ZZahcB3pb3JyxnmMDh7r8FqZnM63577JJHz5Gc/o/BflY5F42BTts9
31UJmK87mdw719dOmeALb1icPSsWqFCfxK35a3m15RU9M0WNgGsflhK108hPWx3x
XS6lAfC5KA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org