Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/A3CEFC6E4E9911ED8F22F253C4F9AE02.roa
File: A3CEFC6E4E9911ED8F22F253C4F9AE02.roa (raw, json)
Hash identifier: vWmmRITSB3uQp1Fi/qGi6xNwR4qSxdpqs7b66tgfx3M=
Subject key identifier: 79:6D:D8:FE:21:BA:81:32:0E:55:C8:BF:01:F9:D0:5C:6F:EA:FF:D4
Certificate issuer: /CN=A91CA496/serialNumber=A03969BAFFD67AAB75D493837FA1C7C69FFB2717
Certificate serial: 286F
Authority key identifier: A0:39:69:BA:FF:D6:7A:AB:75:D4:93:83:7F:A1:C7:C6:9F:FB:27:17
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oDlpuv_Weqt11JODf6HHxp_7Jxc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/A3CEFC6E4E9911ED8F22F253C4F9AE02.roa
Signing time: Tue 18 Oct 2022 04:02:11 +0000
ROA not before: Tue 18 Oct 2022 04:02:10 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 40065
IP address blocks: 43.243.177.0/24 maxlen: 24
43.243.178.0/24 maxlen: 24
43.243.179.0/24 maxlen: 24
183.90.184.0/24 maxlen: 24
183.90.185.0/24 maxlen: 24
183.90.186.0/24 maxlen: 24
183.90.188.0/24 maxlen: 24
183.90.190.0/24 maxlen: 24
183.90.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10351 (0x286f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CA496/serialNumber=A03969BAFFD67AAB75D493837FA1C7C69FFB2717
Validity
Not Before: Oct 18 04:02:10 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=634e2542-b7ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:fe:17:a8:01:15:7a:c8:cf:6c:b5:fa:91:e3:
a8:a3:b0:3a:6a:d9:80:39:98:a5:fa:e5:19:0a:3e:
85:5f:b7:8f:0c:e3:9d:04:5f:93:86:30:08:15:95:
33:43:e2:7b:2c:a6:1b:6d:71:5c:9f:bd:10:30:5b:
02:96:d0:3d:d7:e5:9d:00:38:37:52:2e:5e:15:be:
b4:4a:8d:a5:f0:42:52:3d:09:07:d0:ce:9e:9c:0d:
b5:e6:2b:39:c2:80:94:fe:ad:7b:26:d6:ab:81:a0:
05:4d:a6:5f:20:ee:ac:6e:cd:b0:b3:c2:75:23:66:
f5:73:24:85:65:25:fe:83:ed:cb:eb:a9:94:cc:78:
6d:92:5f:ce:9a:04:7c:81:99:10:62:ed:bc:19:a0:
64:79:e2:cb:c1:c9:e4:e3:9f:0b:e2:cf:1f:75:40:
84:e3:2d:02:1d:a4:d9:2b:6a:97:1a:02:9e:99:cc:
0d:a6:e1:75:23:90:fc:32:f6:fd:2e:a9:f0:72:51:
50:05:38:a3:c3:e6:dd:50:bf:66:8f:df:64:3d:5e:
99:56:0d:51:fa:ac:0e:5e:c8:14:37:f8:60:bb:75:
1a:23:64:a6:a7:29:0e:04:1d:5f:72:f9:95:de:55:
1e:26:87:1d:be:63:ec:15:ca:3a:06:4a:1c:cd:de:
03:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:6D:D8:FE:21:BA:81:32:0E:55:C8:BF:01:F9:D0:5C:6F:EA:FF:D4
X509v3 Authority Key Identifier:
keyid:A0:39:69:BA:FF:D6:7A:AB:75:D4:93:83:7F:A1:C7:C6:9F:FB:27:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/oDlpuv_Weqt11JODf6HHxp_7Jxc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oDlpuv_Weqt11JODf6HHxp_7Jxc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/A3CEFC6E4E9911ED8F22F253C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.177.0-43.243.179.255
183.90.184.0-183.90.186.255
183.90.188.0/24
183.90.190.0/23
Signature Algorithm: sha256WithRSAEncryption
b9:c9:42:ac:ad:13:44:4c:d5:96:15:1b:aa:35:30:c3:3e:01:
29:39:4e:df:6a:05:66:c8:99:f7:7e:86:86:c6:05:c5:84:d6:
57:2c:9c:e7:c8:0f:82:9e:9b:e2:4d:20:6d:1a:78:7f:57:2a:
93:6b:c0:39:01:a8:c2:c8:3d:6e:16:c4:ca:9d:2c:8b:74:96:
52:9f:52:27:b6:7c:81:11:5f:ae:72:12:19:12:30:f3:dd:54:
79:79:19:ff:0f:9f:c9:17:22:6f:47:ad:4c:f1:90:20:09:01:
54:f2:51:e1:62:ea:63:24:41:97:e4:78:bf:1f:34:ea:cb:74:
6c:d0:e8:ac:9e:68:78:58:18:0c:4d:e5:78:e7:0e:5a:f5:aa:
8a:55:84:2d:25:8e:3a:21:73:a4:7a:17:2d:ed:6f:a6:4d:a7:
65:f4:8f:5e:63:9a:ad:05:11:91:2f:70:ec:82:04:ec:fb:f0:
36:59:9a:64:0e:5f:16:07:cf:1f:47:39:e5:f1:1e:f8:13:70:
c1:9a:df:e3:5d:1e:42:0c:00:0e:c3:51:f0:bf:05:1f:44:08:
e2:74:1f:7e:cc:fe:01:9e:61:0d:6c:8f:ab:ff:4f:ec:56:11:
ed:ec:2a:fd:07:04:d0:01:99:af:81:8e:4a:e6:5d:cc:a7:38:
4e:f6:a7:ef
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICKG8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0E0OTYxMTAvBgNVBAUTKEEwMzk2OUJBRkZENjdBQUI3NUQ0OTM4MzdGQTFDN0M2
OUZGQjI3MTcwHhcNMjIxMDE4MDQwMjEwWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzRlMjU0Mi1iN2JhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0v4XqAEVesjPbLX6keOoo7A6atmAOZil+uUZCj6FX7ePDOOdBF+ThjAIFZUz
Q+J7LKYbbXFcn70QMFsCltA91+WdADg3Ui5eFb60So2l8EJSPQkH0M6enA215is5
woCU/q17JtargaAFTaZfIO6sbs2ws8J1I2b1cySFZSX+g+3L66mUzHhtkl/OmgR8
gZkQYu28GaBkeeLLwcnk458L4s8fdUCE4y0CHaTZK2qXGgKemcwNpuF1I5D8Mvb9
LqnwclFQBTijw+bdUL9mj99kPV6ZVg1R+qwOXsgUN/hgu3UaI2SmpykOBB1fcvmV
3lUeJocdvmPsFco6Bkoczd4DVQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFHlt2P4h
uoEyDlXIvwH50Fxv6v/UMB8GA1UdIwQYMBaAFKA5abr/1nqrddSTg3+hx8af+ycX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQTQ5Ni9GQjEyQTI3ODND
MEYxMUU0Qjc4OEZGNEFDNEY5QUUwMi9vRGxwdXZfV2VxdDExSk9EZjZISHhwXzdK
eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29EbHB1dl9XZXF0MTFKT0RmNkhIeHBfN0p4Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0E0OTYvRkIxMkEyNzgzQzBGMTFFNEI3ODhGRjRBQzRGOUFFMDIvQTNDRUZDNkU0
RTk5MTFFRDhGMjJGMjUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMC4EAgABMCgwDAMEACvzsQMEAivzsDAMAwQDt1q4AwQAt1q6AwQAt1q8AwQB
t1q+MA0GCSqGSIb3DQEBCwUAA4IBAQC5yUKsrRNETNWWFRuqNTDDPgEpOU7fagVm
yJn3foaGxgXFhNZXLJznyA+CnpviTSBtGnh/VyqTa8A5AajCyD1uFsTKnSyLdJZS
n1IntnyBEV+uchIZEjDz3VR5eRn/D5/JFyJvR61M8ZAgCQFU8lHhYupjJEGX5Hi/
HzTqy3Rs0Oisnmh4WBgMTeV45w5a9aqKVYQtJY46IXOkehct7W+mTadl9I9eY5qt
BRGRL3DsggTs+/A2WZpkDl8WB88fRznl8R74E3DBmt/jXR5CDAAOw1HwvwUfRAji
dB9+zP4BnmENbI+r/0/sVhHt7Cr9BwTQAZmvgY5K5l3MpzhO9qfv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:08 2023 by rpki-client on console-fra.rpki-client.org