Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9665/6D0D12B84BF511EBBD83B87BC4F9AE02/930E33324BF711EBA8352581C4F9AE02.roa
File: 930E33324BF711EBA8352581C4F9AE02.roa (raw, json)
Hash identifier: yC/t5bELa8DZ8GSkjfcPnc7Xwo+cGoJ/vxb4ZcKFsa4=
Subject key identifier: 4E:A1:8A:0D:BE:F3:18:84:A1:6A:D9:15:07:06:ED:A5:3E:83:B9:8F
Certificate issuer: /CN=A91F9665/serialNumber=3058A469B67D03072C2D8A385E9F2AABBA134E2B
Certificate serial: 0572
Authority key identifier: 30:58:A4:69:B6:7D:03:07:2C:2D:8A:38:5E:9F:2A:AB:BA:13:4E:2B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MFikabZ9AwcsLYo4Xp8qq7oTTis.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F9665/6D0D12B84BF511EBBD83B87BC4F9AE02/930E33324BF711EBA8352581C4F9AE02.roa
Signing time: Sun 09 Apr 2023 01:01:24 +0000
ROA not before: Sun 09 Apr 2023 01:01:24 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 134176
IP address blocks: 43.255.188.0/24 maxlen: 24
43.255.189.0/24 maxlen: 24
43.255.190.0/24 maxlen: 24
43.255.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1394 (0x572)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F9665
Validity
Not Before: Apr 9 01:01:24 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=64320e63-e288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:e7:39:1b:60:00:e6:d0:61:8d:3b:d0:ad:64:
31:bc:83:2a:e2:30:f9:62:bc:0a:51:f4:48:aa:6d:
e4:aa:c9:9e:5d:cc:f1:71:e7:57:ae:6d:3b:32:c8:
fa:26:2b:d4:d1:fc:ad:0a:3a:8b:2c:32:07:b2:23:
23:7c:c0:67:2a:71:07:19:eb:b2:9d:18:9e:30:f6:
10:d9:54:bd:f9:b2:e1:b3:69:9d:be:cb:b5:8a:c5:
73:b9:65:84:0c:08:55:c0:6f:51:0d:b2:08:a8:77:
f8:f1:06:5f:49:a2:4b:34:2a:99:26:bc:e5:ed:6f:
f1:88:3c:8e:cc:81:b1:04:07:33:62:27:60:bd:b4:
8f:4a:ee:0c:6e:02:7f:e0:4c:f3:44:3d:3c:66:81:
3b:d0:b5:0d:0e:79:06:33:1f:93:54:df:5b:38:62:
9d:74:2b:90:23:ef:7b:87:62:49:47:ed:44:82:2e:
a3:93:5c:d9:a9:88:03:f4:e1:83:21:7d:37:3a:ec:
94:62:0a:61:89:61:4d:7d:3a:77:b5:44:88:0d:e1:
6c:d5:3a:14:64:a1:1d:96:12:c5:cc:c6:a2:33:1f:
d5:d2:de:97:b6:49:a8:db:ed:3e:d9:a2:22:c8:41:
7c:25:a9:4d:bc:d9:ac:6a:9f:5d:ac:5d:33:4f:60:
fa:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:A1:8A:0D:BE:F3:18:84:A1:6A:D9:15:07:06:ED:A5:3E:83:B9:8F
X509v3 Authority Key Identifier:
keyid:30:58:A4:69:B6:7D:03:07:2C:2D:8A:38:5E:9F:2A:AB:BA:13:4E:2B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F9665/6D0D12B84BF511EBBD83B87BC4F9AE02/MFikabZ9AwcsLYo4Xp8qq7oTTis.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MFikabZ9AwcsLYo4Xp8qq7oTTis.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9665/6D0D12B84BF511EBBD83B87BC4F9AE02/930E33324BF711EBA8352581C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.188.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:83:f9:2b:25:63:aa:e1:ed:e1:71:9f:e8:4f:7a:78:69:7c:
bf:fd:47:57:33:a4:ae:38:e1:58:44:f1:02:5e:c7:a2:7c:c2:
c2:a1:53:c2:71:da:1f:f6:e4:16:df:e5:00:8c:28:4c:c8:9a:
86:f7:54:99:6a:95:ca:8d:94:23:00:ef:34:f0:0e:7e:0f:70:
a5:8b:f0:e0:17:e1:20:a5:03:e0:f0:a6:1a:a9:6b:d9:2d:f8:
31:b9:16:0b:20:99:02:d2:3c:0b:ac:b4:2d:f1:90:18:41:6c:
39:e2:f8:db:a3:86:33:80:e9:5b:49:78:91:36:aa:d6:64:c7:
da:6e:b8:a3:0f:87:34:df:9f:db:7a:8a:73:b5:6a:11:0a:7e:
d4:62:60:4a:e6:b2:c0:ab:82:03:d4:2f:1f:08:15:0d:62:98:
fb:ca:73:c7:b3:37:3a:55:5e:10:5d:57:e5:b6:16:d6:71:67:
bb:e4:8c:aa:2a:50:ab:8d:e0:44:25:dd:85:a4:ab:86:f2:e3:
87:2b:8d:7e:ca:dd:bf:3b:76:82:46:fc:3d:c5:ea:fd:81:e1:
b9:12:08:d3:64:4d:a8:96:58:0f:0e:c3:8d:f5:6d:1a:2d:ad:
43:4e:d7:e4:07:cd:b5:83:c5:d5:02:e0:e9:0c:be:d5:86:f9:
d2:ba:f2:2d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBXIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjk2NjUxMTAvBgNVBAUTKDMwNThBNDY5QjY3RDAzMDcyQzJEOEEzODVFOUYyQUFC
QkExMzRFMkIwHhcNMjMwNDA5MDEwMTI0WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDMyMGU2My1lMjg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6ec5G2AA5tBhjTvQrWQxvIMq4jD5YrwKUfRIqm3kqsmeXczxcedXrm07Msj6
JivU0fytCjqLLDIHsiMjfMBnKnEHGeuynRieMPYQ2VS9+bLhs2mdvsu1isVzuWWE
DAhVwG9RDbIIqHf48QZfSaJLNCqZJrzl7W/xiDyOzIGxBAczYidgvbSPSu4MbgJ/
4EzzRD08ZoE70LUNDnkGMx+TVN9bOGKddCuQI+97h2JJR+1Egi6jk1zZqYgD9OGD
IX03OuyUYgphiWFNfTp3tUSIDeFs1ToUZKEdlhLFzMaiMx/V0t6Xtkmo2+0+2aIi
yEF8JalNvNmsap9drF0zT2D64wIDAQABo4IClTCCApEwHQYDVR0OBBYEFE6hig2+
8xiEoWrZFQcG7aU+g7mPMB8GA1UdIwQYMBaAFDBYpGm2fQMHLC2KOF6fKqu6E04r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTY2NS82RDBEMTJCODRC
RjUxMUVCQkQ4M0I4N0JDNEY5QUUwMi9NRmlrYWJaOUF3Y3NMWW80WHA4cXE3b1RU
aXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01GaWthYlo5QXdjc0xZbzRYcDhxcTdvVFRpcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Rjk2NjUvNkQwRDEyQjg0QkY1MTFFQkJEODNCODdCQzRGOUFFMDIvOTMwRTMzMzI0
QkY3MTFFQkE4MzUyNTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAIr/7wwDQYJKoZIhvcNAQELBQADggEBAL2D+SslY6rh7eFx
n+hPenhpfL/9R1czpK444VhE8QJex6J8wsKhU8Jx2h/25Bbf5QCMKEzImob3VJlq
lcqNlCMA7zTwDn4PcKWL8OAX4SClA+Dwphqpa9kt+DG5FgsgmQLSPAustC3xkBhB
bDni+NujhjOA6VtJeJE2qtZkx9puuKMPhzTfn9t6inO1ahEKftRiYErmssCrggPU
Lx8IFQ1imPvKc8ezNzpVXhBdV+W2FtZxZ7vkjKoqUKuN4EQl3YWkq4by44crjX7K
3b87doJG/D3F6v2B4bkSCNNkTaiWWA8Ow431bRotrUNO1+QHzbWDxdUC4OkMvtWG
+dK68i0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:10:29 2025 by rpki-client