Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/FC1760527FA711ED9085E41EC4F9AE02.roa
File: FC1760527FA711ED9085E41EC4F9AE02.roa (raw, json)
Hash identifier: 8YRWnnbT3fzLdyt8txOBv3OPagkBL2k5WL/t/1flCVw=
Subject key identifier: 12:0C:06:08:61:2A:55:AF:F1:C4:3F:27:60:3C:FF:88:27:5F:CA:76
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 092E
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/FC1760527FA711ED9085E41EC4F9AE02.roa
Signing time: Mon 19 Dec 2022 14:18:19 +0000
ROA not before: Mon 19 Dec 2022 14:18:19 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 136923
IP address blocks: 223.29.226.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2350 (0x92e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7
Validity
Not Before: Dec 19 14:18:19 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63a072aa-30c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d3:2d:12:7b:ba:0d:1c:57:46:e1:7f:f4:65:
0a:8e:09:8f:a2:ae:ca:ce:41:f5:e7:c9:91:3a:9f:
f7:2b:d8:42:86:6d:66:39:30:a9:c2:0c:31:10:a5:
2b:08:e9:1c:5a:69:ba:d8:e0:5b:77:34:3d:f5:05:
26:11:e2:57:6c:29:a1:3b:c2:e4:98:ef:a0:7e:6f:
95:d5:fc:fe:cd:95:3a:3c:ff:ff:a1:0e:ea:4d:33:
af:c3:83:d0:c4:41:c5:d6:cd:5e:c2:f5:fb:fd:f0:
a7:d8:6c:7d:62:71:bd:bb:89:05:a0:f1:45:19:00:
f4:6e:44:9f:bd:bf:e2:d3:f9:6f:d4:c2:58:13:c3:
81:c7:df:f8:d3:a2:4f:47:56:e7:89:55:34:97:b8:
42:ac:0b:d1:a9:6b:d0:f6:cc:56:6c:b8:84:33:3b:
4a:90:d4:03:a9:7b:4c:a7:03:2f:ba:70:0d:3f:c5:
a7:d4:2a:43:de:fa:e5:c6:bd:35:4c:03:c6:46:43:
5c:c7:a8:ad:56:7d:be:6b:0b:f1:30:4d:9d:95:fa:
b3:67:37:56:2c:15:0b:ad:55:00:7f:00:9d:59:a4:
98:0e:10:f2:4b:f8:7f:9c:85:fc:0a:4e:90:13:8a:
7f:c5:2e:f9:90:51:17:88:3c:1d:a4:5b:13:4a:ad:
fb:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:0C:06:08:61:2A:55:AF:F1:C4:3F:27:60:3C:FF:88:27:5F:CA:76
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/FC1760527FA711ED9085E41EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
223.29.226.0/24
Signature Algorithm: sha256WithRSAEncryption
54:76:27:25:87:9d:6a:79:fa:50:ca:d2:77:df:10:d3:35:78:
8b:1f:58:19:1b:18:9a:ff:56:f5:f6:9c:8c:1d:bf:b1:ec:f6:
7a:51:dd:c4:c3:51:d5:7c:3a:41:79:45:34:22:fb:2d:36:04:
50:0b:c8:dd:2c:12:8c:bd:17:55:9c:36:53:8c:a9:90:ff:49:
33:77:72:83:d7:68:15:d4:12:e3:15:b4:8e:64:fb:ae:77:73:
b8:da:21:44:ad:89:8d:6f:56:6e:20:98:e5:78:6f:e1:03:b8:
66:b2:39:6d:81:15:90:69:f0:53:4e:e0:07:17:9a:76:83:35:
26:18:dd:ff:3a:25:c3:1d:a1:65:63:0c:b8:1f:61:53:de:53:
d9:36:20:f3:47:5a:fa:e6:7a:99:68:2c:b8:5c:98:3f:ec:3c:
cf:87:a3:67:33:66:b5:69:39:85:88:f0:7c:cf:0f:9e:ba:95:
4e:b9:0c:1e:47:21:00:33:36:47:ba:2f:4a:47:3c:24:09:cb:
6f:73:03:54:bf:fd:10:f4:02:f8:7b:c9:05:18:c0:e7:04:a4:
8f:73:d7:37:4e:fd:32:2e:bb:bb:0e:b7:c9:5a:fb:94:1e:ba:
9b:40:fe:99:e9:ea:35:c6:a3:5c:a2:f1:ba:5f:b0:c2:d0:56:
2b:90:68:10
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCS4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjIxMjE5MTQxODE5WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2EwNzJhYS0zMGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtNMtEnu6DRxXRuF/9GUKjgmPoq7KzkH158mROp/3K9hChm1mOTCpwgwxEKUr
COkcWmm62OBbdzQ99QUmEeJXbCmhO8LkmO+gfm+V1fz+zZU6PP//oQ7qTTOvw4PQ
xEHF1s1ewvX7/fCn2Gx9YnG9u4kFoPFFGQD0bkSfvb/i0/lv1MJYE8OBx9/406JP
R1bniVU0l7hCrAvRqWvQ9sxWbLiEMztKkNQDqXtMpwMvunANP8Wn1CpD3vrlxr01
TAPGRkNcx6itVn2+awvxME2dlfqzZzdWLBULrVUAfwCdWaSYDhDyS/h/nIX8Ck6Q
E4p/xS75kFEXiDwdpFsTSq378QIDAQABo4IClTCCApEwHQYDVR0OBBYEFBIMBghh
KlWv8cQ/J2A8/4gnX8p2MB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvRkMxNzYwNTI3
RkE3MTFFRDkwODVFNDFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADfHeIwDQYJKoZIhvcNAQELBQADggEBAFR2JyWHnWp5+lDK
0nffENM1eIsfWBkbGJr/VvX2nIwdv7Hs9npR3cTDUdV8OkF5RTQi+y02BFALyN0s
Eoy9F1WcNlOMqZD/STN3coPXaBXUEuMVtI5k+653c7jaIUStiY1vVm4gmOV4b+ED
uGayOW2BFZBp8FNO4AcXmnaDNSYY3f86JcMdoWVjDLgfYVPeU9k2IPNHWvrmeplo
LLhcmD/sPM+Ho2czZrVpOYWI8HzPD566lU65DB5HIQAzNke6L0pHPCQJy29zA1S/
/RD0Avh7yQUYwOcEpI9z1zdO/TIuu7sOt8la+5QeuptA/pnp6jXGo1yi8bpfsMLQ
ViuQaBA=
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:02:48 2025 by rpki-client