Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918919A/0490909A431B11EAB019772CC4F9AE02/0D80BB3243D211EAA37B2B6BC4F9AE02.roa
File: 0D80BB3243D211EAA37B2B6BC4F9AE02.roa (raw, json)
Hash identifier: rhmKdbF4bhd7p7e1olG2iHgmR2LnzyW3WB1fpBp9g1s=
Subject key identifier: 6D:F2:5F:20:C2:13:57:FE:44:7F:8B:17:C1:07:69:4C:76:F0:A5:D4
Certificate issuer: /CN=A918919A/serialNumber=2E5BCBC661AFF1FED58B0FF4B583DCF5EC1A374A
Certificate serial: 09B8
Authority key identifier: 2E:5B:CB:C6:61:AF:F1:FE:D5:8B:0F:F4:B5:83:DC:F5:EC:1A:37:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LlvLxmGv8f7Viw_0tYPc9ewaN0o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918919A/0490909A431B11EAB019772CC4F9AE02/0D80BB3243D211EAA37B2B6BC4F9AE02.roa
Signing time: Fri 12 May 2023 21:42:43 +0000
ROA not before: Fri 12 May 2023 21:42:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17918
IP address blocks: 14.192.160.0/19 maxlen: 24
117.53.160.0/20 maxlen: 24
119.77.0.0/18 maxlen: 24
202.44.98.0/23 maxlen: 24
202.93.248.0/22 maxlen: 24
202.129.128.0/19 maxlen: 24
203.22.104.0/23 maxlen: 24
2404:8600::/32 maxlen: 37
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2488 (0x9b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918919A/serialNumber=2E5BCBC661AFF1FED58B0FF4B583DCF5EC1A374A
Validity
Not Before: May 12 21:42:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645eb2d3-9f4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:00:59:86:42:c9:18:0e:54:ce:0a:06:b2:3b:
39:26:6e:c7:ae:bf:c9:b6:ac:17:50:f3:83:af:42:
6c:9f:ae:fc:03:c7:3b:f5:b5:f0:ec:ed:62:2b:ad:
43:4f:b8:74:8f:f6:dc:f8:7e:e7:65:a5:ae:56:21:
70:78:82:fc:5f:af:4d:64:f5:ac:d0:3f:36:da:98:
38:95:39:33:76:ae:44:b3:31:17:05:4d:2e:1c:45:
13:4d:da:9a:09:c6:8e:35:fc:9b:61:36:5f:1e:4f:
ac:b3:97:ec:31:3e:9a:3a:ea:ea:03:19:f0:df:cb:
5d:ff:80:92:28:3e:05:af:c9:99:03:b9:59:b2:5b:
b4:87:26:91:e6:92:27:61:8e:3c:c7:70:da:6e:f9:
b0:30:03:5d:43:f9:c4:6a:24:14:4e:87:17:86:1b:
0c:fe:b0:e8:d7:f7:2a:60:e2:eb:bd:c2:f7:9d:83:
74:31:b5:e6:e4:29:dd:31:25:c1:ee:69:79:8f:af:
80:b6:fb:8c:f5:5a:78:c5:b6:e8:d6:e2:b7:e6:86:
b4:1e:b2:ab:d2:58:25:90:fc:45:f6:c4:64:d1:dc:
d4:fe:4e:1d:a1:e6:ea:b4:ec:e1:4d:a4:db:e7:f1:
5f:a8:da:92:00:95:c0:9d:84:ed:0d:ef:50:18:89:
3e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F2:5F:20:C2:13:57:FE:44:7F:8B:17:C1:07:69:4C:76:F0:A5:D4
X509v3 Authority Key Identifier:
keyid:2E:5B:CB:C6:61:AF:F1:FE:D5:8B:0F:F4:B5:83:DC:F5:EC:1A:37:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918919A/0490909A431B11EAB019772CC4F9AE02/LlvLxmGv8f7Viw_0tYPc9ewaN0o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LlvLxmGv8f7Viw_0tYPc9ewaN0o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918919A/0490909A431B11EAB019772CC4F9AE02/0D80BB3243D211EAA37B2B6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.160.0/19
117.53.160.0/20
119.77.0.0/18
202.44.98.0/23
202.93.248.0/22
202.129.128.0/19
203.22.104.0/23
IPv6:
2404:8600::/32
Signature Algorithm: sha256WithRSAEncryption
28:f5:b2:e7:2b:98:9d:88:e7:0a:85:e9:b2:2a:1e:81:e6:d2:
e8:a2:07:4d:28:9e:4c:2b:3b:30:48:a6:d1:45:c8:12:7d:56:
8d:0d:17:e8:fb:17:98:aa:a8:a7:2a:05:94:ae:9f:15:73:bd:
b5:93:09:c0:49:4a:0d:59:f8:88:dd:87:a6:34:03:65:94:47:
ac:f8:29:94:a5:54:00:b3:93:b7:f0:29:f8:cb:b2:01:7e:c8:
10:f5:c8:d1:43:81:51:b6:b2:5c:b7:99:6e:ed:44:48:7f:24:
81:cf:2c:23:bf:95:27:4a:7f:fb:96:3b:20:c3:d4:2d:b3:4d:
4f:15:b7:27:95:2f:f0:5b:20:84:bf:e8:a5:a7:9e:05:34:17:
2c:19:83:32:df:47:ad:3a:70:b5:42:b2:0b:eb:0c:84:52:9e:
86:26:f2:48:f6:6a:a7:9d:79:08:68:af:d9:81:d8:a9:c7:4f:
8e:6c:62:bb:81:b2:e9:ef:41:47:b7:8e:5f:a9:bb:04:34:8b:
0a:d2:3b:48:b5:af:6b:de:a2:54:05:9b:93:07:7d:ea:d3:43:
e7:22:e4:5e:7b:0f:b7:09:01:9a:9c:f0:10:1c:44:a7:8e:73:
b7:b0:8f:7f:ea:7d:1a:f2:f4:0a:df:c0:ba:b3:4a:ee:94:81:
00:b6:9d:ec
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICCbgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODkxOUExMTAvBgNVBAUTKDJFNUJDQkM2NjFBRkYxRkVENThCMEZGNEI1ODNEQ0Y1
RUMxQTM3NEEwHhcNMjMwNTEyMjE0MjQzWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDVlYjJkMy05ZjRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxABZhkLJGA5UzgoGsjs5Jm7Hrr/JtqwXUPODr0Jsn678A8c79bXw7O1iK61D
T7h0j/bc+H7nZaWuViFweIL8X69NZPWs0D822pg4lTkzdq5EszEXBU0uHEUTTdqa
CcaONfybYTZfHk+ss5fsMT6aOurqAxnw38td/4CSKD4Fr8mZA7lZslu0hyaR5pIn
YY48x3DabvmwMANdQ/nEaiQUTocXhhsM/rDo1/cqYOLrvcL3nYN0MbXm5CndMSXB
7ml5j6+AtvuM9Vp4xbbo1uK35oa0HrKr0lglkPxF9sRk0dzU/k4doebqtOzhTaTb
5/FfqNqSAJXAnYTtDe9QGIk+3wIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFG3yXyDC
E1f+RH+LF8EHaUx28KXUMB8GA1UdIwQYMBaAFC5by8Zhr/H+1YsP9LWD3PXsGjdK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OTE5QS8wNDkwOTA5QTQz
MUIxMUVBQjAxOTc3MkNDNEY5QUUwMi9MbHZMeG1HdjhmN1Zpd18wdFlQYzlld2FO
MG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xsdkx4bUd2OGY3Vml3XzB0WVBjOWV3YU4wby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODkxOUEvMDQ5MDkwOUE0MzFCMTFFQUIwMTk3NzJDQzRGOUFFMDIvMEQ4MEJCMzI0
M0QyMTFFQUEzN0IyQjZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E
QzBBMDAEAgABMCoDBAUOwKADBAR1NaADBAZ3TQADBAHKLGIDBALKXfgDBAXKgYAD
BAHLFmgwDQQCAAIwBwMFACQEhgAwDQYJKoZIhvcNAQELBQADggEBACj1sucrmJ2I
5wqF6bIqHoHm0uiiB00onkwrOzBIptFFyBJ9Vo0NF+j7F5iqqKcqBZSunxVzvbWT
CcBJSg1Z+Ijdh6Y0A2WUR6z4KZSlVACzk7fwKfjLsgF+yBD1yNFDgVG2sly3mW7t
REh/JIHPLCO/lSdKf/uWOyDD1C2zTU8VtyeVL/BbIIS/6KWnngU0FywZgzLfR606
cLVCsgvrDIRSnoYm8kj2aqedeQhor9mB2KnHT45sYruBsunvQUe3jl+puwQ0iwrS
O0i1r2veolQFm5MHferTQ+ci5F57D7cJAZqc8BAcRKeOc7ewj3/qfRry9ArfwLqz
Su6UgQC2new=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org