Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918919A/0490909A431B11EAB019772CC4F9AE02/D8D8719C43D411EAA3944B75C4F9AE02.roa
File: D8D8719C43D411EAA3944B75C4F9AE02.roa (raw, json)
Hash identifier: TyVlHxPdnfuhRV8kvveYM2/kBRrHrkHSv64H4pmbqow=
Subject key identifier: A9:87:EE:EF:82:08:F5:95:06:E5:CC:65:63:DE:BA:E5:2F:85:B6:47
Certificate issuer: /CN=A918919A/serialNumber=2E5BCBC661AFF1FED58B0FF4B583DCF5EC1A374A
Certificate serial: 09B7
Authority key identifier: 2E:5B:CB:C6:61:AF:F1:FE:D5:8B:0F:F4:B5:83:DC:F5:EC:1A:37:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LlvLxmGv8f7Viw_0tYPc9ewaN0o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918919A/0490909A431B11EAB019772CC4F9AE02/D8D8719C43D411EAA3944B75C4F9AE02.roa
Signing time: Fri 12 May 2023 21:42:42 +0000
ROA not before: Fri 12 May 2023 21:42:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17732
IP address blocks: 14.192.160.0/19 maxlen: 19
14.192.160.0/20 maxlen: 20
103.227.20.0/22 maxlen: 24
117.53.160.0/20 maxlen: 24
119.77.0.0/18 maxlen: 24
139.5.172.0/22 maxlen: 24
202.44.98.0/23 maxlen: 24
202.93.248.0/22 maxlen: 24
202.129.128.0/19 maxlen: 24
203.22.104.0/23 maxlen: 24
2001:df1:3a00::/48 maxlen: 48
2404:8600::/32 maxlen: 32
2404:8600::/37 maxlen: 37
2404:8600:4000::/37 maxlen: 37
2404:8600:6000::/37 maxlen: 37
2404:8600:8000::/37 maxlen: 37
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2487 (0x9b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918919A/serialNumber=2E5BCBC661AFF1FED58B0FF4B583DCF5EC1A374A
Validity
Not Before: May 12 21:42:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645eb2d2-fdf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9a:a3:cb:49:2b:14:40:5b:f2:23:c7:e8:d8:
b2:02:37:9d:48:7f:7f:0f:80:8b:44:30:84:7b:30:
70:7c:50:1e:65:65:ae:56:11:6b:70:e5:29:a0:63:
ed:61:4b:2e:87:5c:f4:54:7a:28:7e:ef:fb:14:67:
12:c8:5c:27:62:12:36:55:90:ac:e4:4b:28:a6:97:
b4:01:3e:f2:f6:0b:62:26:00:5a:2f:2e:6e:e0:f4:
fa:85:07:97:b8:c8:03:ac:80:b4:94:fe:f1:f9:0a:
48:2f:62:da:12:1a:fa:8b:f4:d9:49:64:63:88:84:
a4:96:4f:85:5e:df:be:18:34:51:32:ed:f0:46:b2:
33:82:37:0e:6a:55:fe:64:59:ac:cb:2d:fa:d1:4b:
8b:ed:d6:7e:37:24:50:3d:15:35:70:7f:87:ce:16:
77:87:23:c1:a9:75:ba:17:8e:1a:a7:9b:9c:6b:47:
1a:4b:4b:ce:9f:de:ed:db:44:5e:60:43:3b:14:e5:
fe:f8:14:47:51:90:e4:a4:e0:fd:19:e9:51:1f:bf:
02:42:45:2e:61:a6:c9:65:44:35:99:b7:bd:98:ce:
2d:d5:b0:66:1f:04:6e:2d:fd:6f:03:1d:bf:f8:e7:
59:46:ce:5d:0a:58:71:31:f4:cc:c8:e4:d6:5e:d6:
f9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:87:EE:EF:82:08:F5:95:06:E5:CC:65:63:DE:BA:E5:2F:85:B6:47
X509v3 Authority Key Identifier:
keyid:2E:5B:CB:C6:61:AF:F1:FE:D5:8B:0F:F4:B5:83:DC:F5:EC:1A:37:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918919A/0490909A431B11EAB019772CC4F9AE02/LlvLxmGv8f7Viw_0tYPc9ewaN0o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LlvLxmGv8f7Viw_0tYPc9ewaN0o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918919A/0490909A431B11EAB019772CC4F9AE02/D8D8719C43D411EAA3944B75C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.160.0/19
103.227.20.0/22
117.53.160.0/20
119.77.0.0/18
139.5.172.0/22
202.44.98.0/23
202.93.248.0/22
202.129.128.0/19
203.22.104.0/23
IPv6:
2001:df1:3a00::/48
2404:8600::/32
Signature Algorithm: sha256WithRSAEncryption
5d:bd:8d:7a:0d:12:61:b3:c3:eb:be:53:65:94:c1:05:af:09:
02:40:bd:24:95:2f:47:72:31:2c:67:b4:1e:3b:03:21:52:11:
26:aa:fd:bb:ab:74:b1:dc:e5:55:a5:74:96:6e:a7:ec:15:b8:
b3:7f:40:c0:b1:36:06:9d:d4:bf:22:42:fe:ec:be:6a:d7:9a:
41:54:11:fe:92:b0:09:f9:7c:b7:70:24:2c:04:43:3f:37:17:
76:18:5e:42:2d:6d:02:b5:b9:2e:7b:bd:d2:31:a1:61:b3:15:
1c:81:92:c0:ab:1a:dd:ef:fd:1a:d8:75:29:fd:94:8d:c5:f9:
e4:b4:bb:3f:a9:7b:ec:72:64:29:c1:fa:37:6e:56:4b:2e:98:
bc:40:1c:f1:a1:a8:a3:31:b1:be:f7:bd:29:91:4b:c2:39:b9:
b9:da:d4:65:a7:03:e7:31:7e:6d:77:8d:0f:cf:08:a6:c1:df:
a3:27:ce:50:70:f8:c1:05:8a:40:02:fe:f3:80:0c:51:74:d4:
f3:83:68:b2:7c:2a:a0:f4:01:42:2c:07:ec:fa:5c:8f:7d:69:
ed:95:59:1d:a4:1f:1c:8d:d0:86:f2:52:2a:f4:5f:8f:01:1d:
db:17:a0:42:7e:09:39:b2:8f:17:7c:27:75:36:bd:56:87:b5:
aa:11:f7:83
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgICCbcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODkxOUExMTAvBgNVBAUTKDJFNUJDQkM2NjFBRkYxRkVENThCMEZGNEI1ODNEQ0Y1
RUMxQTM3NEEwHhcNMjMwNTEyMjE0MjQyWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDVlYjJkMi1mZGY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw5qjy0krFEBb8iPH6NiyAjedSH9/D4CLRDCEezBwfFAeZWWuVhFrcOUpoGPt
YUsuh1z0VHoofu/7FGcSyFwnYhI2VZCs5Esoppe0AT7y9gtiJgBaLy5u4PT6hQeX
uMgDrIC0lP7x+QpIL2LaEhr6i/TZSWRjiISklk+FXt++GDRRMu3wRrIzgjcOalX+
ZFmsyy360UuL7dZ+NyRQPRU1cH+HzhZ3hyPBqXW6F44ap5uca0caS0vOn97t20Re
YEM7FOX++BRHUZDkpOD9GelRH78CQkUuYabJZUQ1mbe9mM4t1bBmHwRuLf1vAx2/
+OdZRs5dClhxMfTMyOTWXtb5MwIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFKmH7u+C
CPWVBuXMZWPeuuUvhbZHMB8GA1UdIwQYMBaAFC5by8Zhr/H+1YsP9LWD3PXsGjdK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OTE5QS8wNDkwOTA5QTQz
MUIxMUVBQjAxOTc3MkNDNEY5QUUwMi9MbHZMeG1HdjhmN1Zpd18wdFlQYzlld2FO
MG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xsdkx4bUd2OGY3Vml3XzB0WVBjOWV3YU4wby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODkxOUEvMDQ5MDkwOUE0MzFCMTFFQUIwMTk3NzJDQzRGOUFFMDIvRDhEODcxOUM0
M0Q0MTFFQUEzOTQ0Qjc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZwYIKwYBBQUHAQcBAf8E
WDBWMDwEAgABMDYDBAUOwKADBAJn4xQDBAR1NaADBAZ3TQADBAKLBawDBAHKLGID
BALKXfgDBAXKgYADBAHLFmgwFgQCAAIwEAMHACABDfE6AAMFACQEhgAwDQYJKoZI
hvcNAQELBQADggEBAF29jXoNEmGzw+u+U2WUwQWvCQJAvSSVL0dyMSxntB47AyFS
ESaq/burdLHc5VWldJZup+wVuLN/QMCxNgad1L8iQv7svmrXmkFUEf6SsAn5fLdw
JCwEQz83F3YYXkItbQK1uS57vdIxoWGzFRyBksCrGt3v/RrYdSn9lI3F+eS0uz+p
e+xyZCnB+jduVksumLxAHPGhqKMxsb73vSmRS8I5ubna1GWnA+cxfm13jQ/PCKbB
36MnzlBw+MEFikAC/vOADFF01PODaLJ8KqD0AUIsB+z6XI99ae2VWR2kHxyN0Iby
Uir0X48BHdsXoEJ+CTmyjxd8J3U2vVaHtaoR94M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:14 2024 by rpki-client on console-fra.rpki-client.org