Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B46B5/D186FE0A18D511EB81B6E441C4F9AE02/FD2ECEEA6D2B11EE822A2F10C4F9AE02.roa
File: FD2ECEEA6D2B11EE822A2F10C4F9AE02.roa (raw, json)
Hash identifier: LYpwc283d1s4SlaIEduXdMmKEUQU8iC1gel0A1Zdb6w=
Subject key identifier: 09:6C:A8:D9:18:B4:CC:63:36:1E:DC:5A:BA:58:0A:B4:A7:E5:8F:71
Certificate issuer: /CN=A91B46B5/serialNumber=FC6E3BCA3C7DBB28979BB7822A69A4801B99AAE8
Certificate serial: 065A
Authority key identifier: FC:6E:3B:CA:3C:7D:BB:28:97:9B:B7:82:2A:69:A4:80:1B:99:AA:E8
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/_G47yjx9uyiXm7eCKmmkgBuZqug.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B46B5/D186FE0A18D511EB81B6E441C4F9AE02/FD2ECEEA6D2B11EE822A2F10C4F9AE02.roa
Signing time: Tue 17 Oct 2023 20:30:19 +0000
ROA not before: Tue 17 Oct 2023 20:30:19 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 9310
IP address blocks: 136.143.240.0/24 maxlen: 24
136.143.241.0/24 maxlen: 24
136.143.242.0/24 maxlen: 24
136.143.243.0/24 maxlen: 24
136.143.244.0/24 maxlen: 24
136.143.245.0/24 maxlen: 24
136.143.246.0/24 maxlen: 24
136.143.247.0/24 maxlen: 24
136.143.248.0/24 maxlen: 24
136.143.249.0/24 maxlen: 24
136.143.250.0/24 maxlen: 24
136.143.251.0/24 maxlen: 24
136.143.252.0/24 maxlen: 24
136.143.253.0/24 maxlen: 24
136.143.254.0/24 maxlen: 24
158.140.192.0/19 maxlen: 19
158.140.192.0/22 maxlen: 22
158.140.192.0/24 maxlen: 24
158.140.193.0/24 maxlen: 24
158.140.194.0/24 maxlen: 24
158.140.195.0/24 maxlen: 24
158.140.196.0/24 maxlen: 24
158.140.197.0/24 maxlen: 24
158.140.198.0/24 maxlen: 24
158.140.199.0/24 maxlen: 24
158.140.200.0/24 maxlen: 24
158.140.201.0/24 maxlen: 24
158.140.202.0/24 maxlen: 24
158.140.203.0/24 maxlen: 24
158.140.204.0/24 maxlen: 24
158.140.205.0/24 maxlen: 24
158.140.206.0/24 maxlen: 24
158.140.207.0/24 maxlen: 24
158.140.208.0/24 maxlen: 24
158.140.209.0/24 maxlen: 24
158.140.210.0/24 maxlen: 24
158.140.211.0/24 maxlen: 24
158.140.212.0/24 maxlen: 24
158.140.213.0/24 maxlen: 24
158.140.214.0/24 maxlen: 24
158.140.215.0/24 maxlen: 24
158.140.216.0/24 maxlen: 24
158.140.217.0/24 maxlen: 24
158.140.218.0/24 maxlen: 24
158.140.219.0/24 maxlen: 24
158.140.220.0/24 maxlen: 24
158.140.221.0/24 maxlen: 24
158.140.222.0/24 maxlen: 24
158.140.223.0/24 maxlen: 24
158.140.252.0/22 maxlen: 23
158.140.252.0/24 maxlen: 24
158.140.253.0/24 maxlen: 24
158.140.254.0/24 maxlen: 24
158.140.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1626 (0x65a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B46B5/serialNumber=FC6E3BCA3C7DBB28979BB7822A69A4801B99AAE8
Validity
Not Before: Oct 17 20:30:19 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=652eeedb-b397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c0:ee:c3:f8:bd:45:24:64:ba:fb:31:ab:2a:
f2:69:6f:14:0a:9e:55:86:40:d7:da:d9:2c:e8:83:
11:13:4a:1b:c2:99:04:e7:eb:54:fc:53:42:70:4b:
df:10:2e:ba:de:ba:b9:b6:10:fa:54:34:76:52:25:
49:6a:ee:c1:c4:08:bb:b7:1b:e1:3b:24:93:1f:fc:
c9:31:7f:e5:e7:b9:c7:43:87:9d:50:c7:b9:3a:40:
99:ba:31:b9:16:47:6f:11:ba:80:6a:34:06:bb:51:
2c:fa:ea:59:7a:ec:55:bf:02:e4:a9:bb:75:d8:98:
c8:77:c2:83:0b:eb:ec:b4:c8:55:28:96:6a:11:e6:
43:dc:2d:bf:2f:af:15:7f:25:45:11:c7:18:8c:fe:
5a:6c:4d:bd:e1:1e:e9:54:82:1c:de:1d:c0:f7:44:
b2:ba:81:73:8d:09:72:10:b5:7c:6b:e0:9a:4b:58:
4c:d3:e6:cf:2e:d5:9c:fa:57:da:cc:ea:9e:9d:d0:
e1:df:c2:62:a7:5b:1d:98:f4:78:ee:7b:3d:ab:e3:
51:96:45:ea:c2:db:d7:d3:a9:36:8f:b3:04:b0:68:
e3:8e:97:12:63:c1:6e:b1:9b:bd:4c:5a:35:94:c6:
68:76:d6:59:f7:cb:2e:60:0c:08:8e:f5:23:8c:7d:
c6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:6C:A8:D9:18:B4:CC:63:36:1E:DC:5A:BA:58:0A:B4:A7:E5:8F:71
X509v3 Authority Key Identifier:
keyid:FC:6E:3B:CA:3C:7D:BB:28:97:9B:B7:82:2A:69:A4:80:1B:99:AA:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B46B5/D186FE0A18D511EB81B6E441C4F9AE02/_G47yjx9uyiXm7eCKmmkgBuZqug.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/_G47yjx9uyiXm7eCKmmkgBuZqug.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B46B5/D186FE0A18D511EB81B6E441C4F9AE02/FD2ECEEA6D2B11EE822A2F10C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
136.143.240.0-136.143.254.255
158.140.192.0/19
158.140.252.0/22
Signature Algorithm: sha256WithRSAEncryption
54:6c:93:a5:2e:f6:21:27:38:fe:46:7e:3a:ef:52:57:c1:dd:
f5:0b:1e:c0:dd:12:c0:0e:db:af:f8:3c:57:aa:c6:0c:e6:c9:
1f:57:6a:8d:f4:ca:4b:5b:42:0c:0d:60:9b:42:91:24:42:b7:
49:36:b3:83:86:c0:29:05:24:5b:5b:14:25:00:c5:95:23:2f:
eb:e2:7a:47:b3:66:5a:27:6e:6c:9b:36:d0:26:56:75:5f:81:
48:aa:c9:33:5b:d4:81:35:df:6e:77:65:62:96:c3:2b:da:31:
ff:a6:f4:4e:a8:ed:3c:37:fa:7b:83:71:4b:aa:36:94:01:82:
09:2b:61:87:cc:21:a3:ac:e7:61:08:91:4d:fc:80:9c:d4:b2:
05:70:a7:ce:06:0d:4d:8c:6d:77:e1:9a:52:29:b7:f6:78:7a:
99:5b:f6:11:7a:66:49:e3:17:fe:c6:72:bd:01:ec:88:ff:aa:
47:fb:ba:e0:54:58:23:d2:f6:71:18:ea:5a:a3:43:fe:6c:23:
4f:0b:d7:2c:55:88:e7:13:18:37:43:c9:d4:ea:dc:df:63:87:
b6:46:88:d1:57:8a:c5:9b:e5:ff:f5:ad:bc:db:f4:e8:73:2a:
f3:aa:35:64:20:85:4f:55:76:4c:60:f7:c7:9f:3b:21:5d:c9:
31:ef:4a:12
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICBlowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjQ2QjUxMTAvBgNVBAUTKEZDNkUzQkNBM0M3REJCMjg5NzlCQjc4MjJBNjlBNDgw
MUI5OUFBRTgwHhcNMjMxMDE3MjAzMDE5WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTJlZWVkYi1iMzk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArsDuw/i9RSRkuvsxqyryaW8UCp5VhkDX2tks6IMRE0obwpkE5+tU/FNCcEvf
EC663rq5thD6VDR2UiVJau7BxAi7txvhOySTH/zJMX/l57nHQ4edUMe5OkCZujG5
FkdvEbqAajQGu1Es+upZeuxVvwLkqbt12JjId8KDC+vstMhVKJZqEeZD3C2/L68V
fyVFEccYjP5abE294R7pVIIc3h3A90SyuoFzjQlyELV8a+CaS1hM0+bPLtWc+lfa
zOqendDh38Jip1sdmPR47ns9q+NRlkXqwtvX06k2j7MEsGjjjpcSY8FusZu9TFo1
lMZodtZZ98suYAwIjvUjjH3GcQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFAlsqNkY
tMxjNh7cWrpYCrSn5Y9xMB8GA1UdIwQYMBaAFPxuO8o8fbsol5u3gipppIAbmaro
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDZCNS9EMTg2RkUwQTE4
RDUxMUVCODFCNkU0NDFDNEY5QUUwMi9fRzQ3eWp4OXV5aVhtN2VDS21ta2dCdVpx
dWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL19HNDd5ang5dXlpWG03ZUNLbW1rZ0J1WnF1Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjQ2QjUvRDE4NkZFMEExOEQ1MTFFQjgxQjZFNDQxQzRGOUFFMDIvRkQyRUNFRUE2
RDJCMTFFRTgyMkEyRjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBowDAMEBIiP8AMEAIiP/gMEBZ6MwAMEAp6M/DANBgkqhkiG9w0B
AQsFAAOCAQEAVGyTpS72ISc4/kZ+Ou9SV8Hd9QsewN0SwA7br/g8V6rGDObJH1dq
jfTKS1tCDA1gm0KRJEK3STazg4bAKQUkW1sUJQDFlSMv6+J6R7NmWidubJs20CZW
dV+BSKrJM1vUgTXfbndlYpbDK9ox/6b0TqjtPDf6e4NxS6o2lAGCCSthh8who6zn
YQiRTfyAnNSyBXCnzgYNTYxtd+GaUim39nh6mVv2EXpmSeMX/sZyvQHsiP+qR/u6
4FRYI9L2cRjqWqND/mwjTwvXLFWI5xMYN0PJ1Orc32OHtkaI0VeKxZvl//WtvNv0
6HMq86o1ZCCFT1V2TGD3x587IV3JMe9KEg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org