Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918A311/3E6F858C1D9911E28510DC8308B02CD2/A1214EC682E911EC83CFCB2BC4F9AE02.roa
File: A1214EC682E911EC83CFCB2BC4F9AE02.roa (raw, json)
Hash identifier: g6NEunjq7lS2hyP6HmcKRn42gHIP8IEplUHj87RptZs=
Subject key identifier: 0F:17:1E:C9:13:AF:C6:49:F9:56:54:E3:4E:38:DB:D5:1F:8C:5E:52
Certificate issuer: /CN=A918A311/serialNumber=5A1E2E398C306EF1DFF4C06EFCAAF6E34263B12A
Certificate serial: 3333
Authority key identifier: 5A:1E:2E:39:8C:30:6E:F1:DF:F4:C0:6E:FC:AA:F6:E3:42:63:B1:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wh4uOYwwbvHf9MBu_Kr240JjsSo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918A311/3E6F858C1D9911E28510DC8308B02CD2/A1214EC682E911EC83CFCB2BC4F9AE02.roa
Signing time: Thu 20 Jul 2023 15:10:45 +0000
ROA not before: Thu 20 Jul 2023 15:10:45 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 396982
IP address blocks: 27.121.104.0/24 maxlen: 24
202.90.34.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13107 (0x3333)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918A311/serialNumber=5A1E2E398C306EF1DFF4C06EFCAAF6E34263B12A
Validity
Not Before: Jul 20 15:10:45 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64b94e75-eea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:fb:d3:45:8b:ab:23:f8:3a:47:8f:86:45:d4:
79:83:56:6b:6c:8e:ce:db:d6:f8:ab:5e:ba:be:f2:
bf:3b:3c:ab:d2:ce:0a:ae:c8:24:dc:42:3f:98:89:
02:6f:a8:87:6c:4f:6e:b8:3a:ea:72:6f:b1:71:e6:
26:60:e9:85:b1:9c:6e:ab:bb:28:b5:6e:2f:25:f1:
ed:c4:7c:d3:7d:eb:38:3c:27:a9:3d:4d:e2:49:f9:
6a:bf:f0:7e:b3:99:9d:0e:c2:64:b7:55:4c:22:3e:
33:a1:52:61:c7:a6:5e:04:8f:15:71:98:8b:d9:28:
09:a1:61:dc:41:29:a1:e7:cb:84:04:8a:50:eb:51:
3b:bf:9e:8b:d8:56:dd:20:b8:df:d9:df:16:ad:ae:
eb:2d:de:78:16:9b:e0:f9:f3:4e:36:6b:f6:e2:ae:
2b:6f:1c:87:6d:23:6b:00:03:9e:33:b8:3c:46:9c:
8d:5b:62:56:40:47:57:d3:8b:1f:db:1f:f2:49:68:
e2:6a:ed:43:9f:c5:d8:19:ea:fe:13:4d:c0:63:38:
23:55:9e:da:08:77:c9:09:32:1d:55:8f:01:41:2d:
5e:f6:a8:9c:c8:bf:11:7a:12:ac:b7:74:ff:83:b0:
17:13:bb:ec:54:f8:0d:a4:4f:87:ef:58:79:27:5a:
b7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:17:1E:C9:13:AF:C6:49:F9:56:54:E3:4E:38:DB:D5:1F:8C:5E:52
X509v3 Authority Key Identifier:
keyid:5A:1E:2E:39:8C:30:6E:F1:DF:F4:C0:6E:FC:AA:F6:E3:42:63:B1:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918A311/3E6F858C1D9911E28510DC8308B02CD2/Wh4uOYwwbvHf9MBu_Kr240JjsSo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wh4uOYwwbvHf9MBu_Kr240JjsSo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A311/3E6F858C1D9911E28510DC8308B02CD2/A1214EC682E911EC83CFCB2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.121.104.0/24
202.90.34.0/24
Signature Algorithm: sha256WithRSAEncryption
76:67:45:00:a5:b0:c2:6e:89:9f:eb:8b:97:31:eb:5a:13:4a:
be:73:23:59:f3:5f:32:9b:3c:38:c1:bf:8c:0b:8c:ef:6d:d9:
8a:d9:71:15:b6:24:1b:b8:04:91:f5:28:54:b2:56:10:2a:1c:
a5:7f:75:64:28:44:f1:8a:84:12:72:35:4a:33:1a:52:6f:a0:
70:5c:fe:3b:d1:16:5a:b0:c7:f5:ad:0d:7d:be:78:da:b1:3e:
3b:0c:9b:a4:fa:d4:b0:9b:8f:27:3d:cd:7a:14:9c:70:8c:b4:
aa:ad:70:b3:21:e6:36:64:cd:b0:9d:b3:e2:d5:7d:f4:ec:36:
b2:d3:9c:45:a0:29:5e:98:58:d6:68:a0:bc:6b:6c:14:13:77:
68:ab:02:08:be:db:65:7e:3d:f3:96:5a:e7:04:17:9c:88:a0:
2f:df:f3:7d:35:e8:f2:db:8e:3f:d1:7d:ef:68:db:53:e6:04:
9a:38:ab:58:04:23:1b:81:65:4a:2a:9d:10:b7:76:c7:cb:40:
b4:ba:74:b1:df:86:6c:e0:67:d8:7d:b9:37:70:2b:a5:c8:02:
f5:e4:40:1a:44:6b:cc:a8:d2:33:93:16:5b:3e:42:9a:d9:71:
54:23:4d:ef:63:12:46:2e:3e:fa:99:56:07:83:11:8c:ec:c2:
07:1c:7b:09
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICMzMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEEzMTExMTAvBgNVBAUTKDVBMUUyRTM5OEMzMDZFRjFERkY0QzA2RUZDQUFGNkUz
NDI2M0IxMkEwHhcNMjMwNzIwMTUxMDQ1WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGI5NGU3NS1lZWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6vvTRYurI/g6R4+GRdR5g1ZrbI7O29b4q166vvK/Ozyr0s4Krsgk3EI/mIkC
b6iHbE9uuDrqcm+xceYmYOmFsZxuq7sotW4vJfHtxHzTfes4PCepPU3iSflqv/B+
s5mdDsJkt1VMIj4zoVJhx6ZeBI8VcZiL2SgJoWHcQSmh58uEBIpQ61E7v56L2Fbd
ILjf2d8Wra7rLd54Fpvg+fNONmv24q4rbxyHbSNrAAOeM7g8RpyNW2JWQEdX04sf
2x/ySWjiau1Dn8XYGer+E03AYzgjVZ7aCHfJCTIdVY8BQS1e9qicyL8RehKst3T/
g7AXE7vsVPgNpE+H71h5J1q3KwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFA8XHskT
r8ZJ+VZU404429UfjF5SMB8GA1UdIwQYMBaAFFoeLjmMMG7x3/TAbvyq9uNCY7Eq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QTMxMS8zRTZGODU4QzFE
OTkxMUUyODUxMERDODMwOEIwMkNEMi9XaDR1T1l3d2J2SGY5TUJ1X0tyMjQwSmpz
U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1doNHVPWXd3YnZIZjlNQnVfS3IyNDBKanNTby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEEzMTEvM0U2Rjg1OEMxRDk5MTFFMjg1MTBEQzgzMDhCMDJDRDIvQTEyMTRFQzY4
MkU5MTFFQzgzQ0ZDQjJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAbeWgDBADKWiIwDQYJKoZIhvcNAQELBQADggEBAHZnRQCl
sMJuiZ/ri5cx61oTSr5zI1nzXzKbPDjBv4wLjO9t2YrZcRW2JBu4BJH1KFSyVhAq
HKV/dWQoRPGKhBJyNUozGlJvoHBc/jvRFlqwx/WtDX2+eNqxPjsMm6T61LCbjyc9
zXoUnHCMtKqtcLMh5jZkzbCds+LVffTsNrLTnEWgKV6YWNZooLxrbBQTd2irAgi+
22V+PfOWWucEF5yIoC/f83016PLbjj/Rfe9o21PmBJo4q1gEIxuBZUoqnRC3dsfL
QLS6dLHfhmzgZ9h9uTdwK6XIAvXkQBpEa8yo0jOTFls+QprZcVQjTe9jEkYuPvqZ
VgeDEYzswgccewk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:14 2024 by rpki-client on console-fra.rpki-client.org