Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/9488C26CC24D11EDBE412F0AC4F9AE02.roa
File: 9488C26CC24D11EDBE412F0AC4F9AE02.roa (raw, json)
Hash identifier: YWHWjBCNw+z0V/4P5JyK6BUf4Cacb/N7TvcGvUJuMgE=
Subject key identifier: 39:97:21:97:78:65:83:8C:92:79:CB:1B:79:E5:F4:2B:F2:3D:82:E5
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 09B4
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/9488C26CC24D11EDBE412F0AC4F9AE02.roa
Signing time: Tue 14 Mar 2023 09:49:58 +0000
ROA not before: Tue 14 Mar 2023 09:49:58 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 132165
IP address blocks: 113.203.226.0/24 maxlen: 24
113.203.227.0/24 maxlen: 24
113.203.228.0/24 maxlen: 24
113.203.229.0/24 maxlen: 24
113.203.230.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.252.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2484 (0x9b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7, serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Mar 14 09:49:58 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64104346-9637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2e:c9:cd:dd:3c:8e:ec:32:11:60:db:af:f6:
bc:ee:c2:e9:0f:5e:9e:41:7f:d5:78:94:e1:be:d2:
16:cf:88:5a:c5:8e:cc:96:d8:20:5d:38:4a:fd:b9:
eb:90:5e:cb:28:81:ea:ea:b0:76:76:df:22:59:7c:
7e:ee:87:53:4d:80:3e:00:8d:78:c3:2b:0e:f5:4e:
f4:fd:d3:25:93:16:f2:3e:6b:ca:67:ce:0e:ba:1f:
63:9a:4b:57:7a:0c:9e:96:87:2a:c5:14:1f:92:4c:
8e:b2:62:6a:b7:ee:3a:ec:9a:e2:8a:f2:c6:29:bc:
39:21:95:b3:c4:57:33:6a:28:d2:99:77:86:9e:3e:
81:c7:14:fe:f4:58:ff:51:87:e2:0c:5a:1f:f9:75:
d6:80:aa:43:c8:44:18:04:41:96:10:c6:d7:1d:30:
03:96:15:97:d4:f8:f7:b8:d2:30:a2:6a:cd:68:10:
4a:88:9f:3b:36:d8:e1:ba:03:cb:98:f4:d7:d3:91:
6c:8a:24:98:0a:e9:cf:9c:fd:7c:bb:e4:f8:7a:c1:
18:93:ff:16:e3:46:81:6f:27:65:ac:05:0f:c0:13:
65:9d:de:04:d6:64:94:c5:6a:d9:b1:db:91:16:a8:
31:e5:9f:40:9d:8f:93:19:48:32:53:60:90:a1:73:
37:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:97:21:97:78:65:83:8C:92:79:CB:1B:79:E5:F4:2B:F2:3D:82:E5
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/9488C26CC24D11EDBE412F0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.226.0-113.203.231.255
113.203.252.0/22
Signature Algorithm: sha256WithRSAEncryption
03:cb:ac:11:2d:d4:61:3f:69:d6:a6:93:50:7d:81:d9:59:32:
50:d6:9d:b7:48:58:c3:9b:dc:70:9f:75:21:7c:d4:aa:ee:6d:
66:d7:65:45:b1:32:95:52:f3:da:c8:75:61:d5:3e:80:2d:e6:
a2:be:99:19:91:50:f0:86:b1:4f:59:ff:ac:d7:45:27:3e:03:
54:00:3f:4a:2a:8c:75:48:c4:70:cb:9a:d3:7b:3b:0a:17:62:
03:1c:e4:30:16:8e:43:b1:d8:b2:f0:c0:ce:b7:37:05:34:14:
29:e9:a7:d6:5b:f5:ea:a3:03:10:d6:cb:82:d3:b9:5b:28:14:
c8:b4:99:5c:e1:a6:3a:82:15:21:79:6b:8a:1d:3f:ea:12:ac:
e6:45:b4:52:ac:c3:19:f2:12:76:0c:30:ff:db:49:d3:49:7e:
fe:d5:6e:3b:03:b9:25:7c:14:85:44:a5:b4:c1:5d:e7:3d:b6:
77:25:05:da:04:7f:b8:f7:7d:02:8e:92:5d:2e:fc:86:64:ee:
c1:84:f2:33:91:14:a9:4e:c5:f6:8a:4b:8e:4c:e0:a8:98:6b:
e3:2f:88:c0:df:43:69:47:75:f1:98:7a:b1:ae:51:01:2f:25:
af:ba:aa:81:d1:a2:67:f7:88:8b:99:94:09:db:83:72:85:07:
03:4b:05:2c
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICCbQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwMzE0MDk0OTU4WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDEwNDM0Ni05NjM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqy7Jzd08juwyEWDbr/a87sLpD16eQX/VeJThvtIWz4haxY7MltggXThK/bnr
kF7LKIHq6rB2dt8iWXx+7odTTYA+AI14wysO9U70/dMlkxbyPmvKZ84Ouh9jmktX
egyelocqxRQfkkyOsmJqt+467JriivLGKbw5IZWzxFczaijSmXeGnj6BxxT+9Fj/
UYfiDFof+XXWgKpDyEQYBEGWEMbXHTADlhWX1Pj3uNIwomrNaBBKiJ87NtjhugPL
mPTX05FsiiSYCunPnP18u+T4esEYk/8W40aBbydlrAUPwBNlnd4E1mSUxWrZsduR
Fqgx5Z9AnY+TGUgyU2CQoXM3jwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFDmXIZd4
ZYOMknnLG3nl9CvyPYLlMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvOTQ4OEMyNkND
MjREMTFFREJFNDEyRjBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEAXHL4gMEA3HL4AMEAnHL/DANBgkqhkiG9w0BAQsFAAOC
AQEAA8usES3UYT9p1qaTUH2B2VkyUNadt0hYw5vccJ91IXzUqu5tZtdlRbEylVLz
2sh1YdU+gC3mor6ZGZFQ8IaxT1n/rNdFJz4DVAA/SiqMdUjEcMua03s7ChdiAxzk
MBaOQ7HYsvDAzrc3BTQUKemn1lv16qMDENbLgtO5WygUyLSZXOGmOoIVIXlrih0/
6hKs5kW0UqzDGfISdgww/9tJ00l+/tVuOwO5JXwUhUSltMFd5z22dyUF2gR/uPd9
Ao6SXS78hmTuwYTyM5EUqU7F9opLjkzgqJhr4y+IwN9DaUd18Zh6sa5RAS8lr7qq
gdGiZ/eIi5mUCduDcoUHA0sFLA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:09:13 2025 by rpki-client