Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/BD5472BC33E111E98918DB77C4F9AE02.roa
File: BD5472BC33E111E98918DB77C4F9AE02.roa (raw, json)
Hash identifier: jAGuATF1MoL2cO0HzkzavRRKCNJ+dRVS/4NVT8J9r54=
Subject key identifier: 1A:84:AB:AB:20:EE:51:88:28:17:B8:D4:B3:FD:A5:A3:41:DA:E5:6F
Certificate issuer: /CN=A9111318/serialNumber=806ABFF463594CAA30DE70A311AE2F849189BC64
Certificate serial: 324E
Authority key identifier: 80:6A:BF:F4:63:59:4C:AA:30:DE:70:A3:11:AE:2F:84:91:89:BC:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/BD5472BC33E111E98918DB77C4F9AE02.roa
Signing time: Tue 21 Jun 2022 15:20:40 +0000
ROA not before: Tue 21 Jun 2022 15:20:40 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 38473
IP address blocks: 163.7.202.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12878 (0x324e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9111318/serialNumber=806ABFF463594CAA30DE70A311AE2F849189BC64
Validity
Not Before: Jun 21 15:20:40 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62b1e1c8-70fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1a:18:a2:1d:31:27:45:f3:6b:a6:c3:71:7b:
d2:2a:32:fe:38:a0:96:dc:92:93:e4:cc:8d:3b:89:
9e:3a:21:f7:58:0a:ba:e7:66:68:84:99:f4:a7:0c:
ac:f7:91:2b:9d:93:c0:7e:46:39:70:e8:a5:62:2d:
6e:b1:19:7d:23:eb:15:26:50:f9:6f:90:d1:5f:0c:
74:a3:23:c0:1a:cb:d6:cc:cc:48:c2:dd:3a:c5:92:
0e:1f:ab:97:d1:dd:17:a5:dd:b1:94:b5:31:89:7c:
7a:99:c7:2c:42:cb:21:14:3c:07:fd:28:68:60:79:
24:b3:e5:81:0d:ed:58:f7:33:61:f0:f9:00:50:79:
dd:9e:45:e1:8a:5a:c8:54:f7:f8:58:21:8a:32:da:
b8:df:df:60:7c:71:e4:96:c0:ff:14:3d:5d:77:8c:
48:91:ee:bf:8d:68:d7:f2:17:c9:8b:e2:30:1d:9c:
cd:e1:88:0c:cd:b1:f6:7e:75:96:5d:d5:18:56:2a:
d2:8d:9b:0a:eb:eb:e1:af:10:6b:fe:df:b7:ab:aa:
ad:be:61:59:ac:28:41:29:17:88:da:d7:34:39:d6:
ef:5c:81:56:d5:9c:a3:71:e7:bb:37:bc:62:2d:c2:
37:02:cb:59:f8:49:03:f0:f8:e4:b2:05:ec:d9:95:
80:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:84:AB:AB:20:EE:51:88:28:17:B8:D4:B3:FD:A5:A3:41:DA:E5:6F
X509v3 Authority Key Identifier:
keyid:80:6A:BF:F4:63:59:4C:AA:30:DE:70:A3:11:AE:2F:84:91:89:BC:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/BD5472BC33E111E98918DB77C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.7.202.0/24
Signature Algorithm: sha256WithRSAEncryption
89:74:4e:fd:c2:5c:a4:9c:05:da:e1:b1:f5:d0:ff:88:ca:d1:
d9:a5:dc:1f:5c:01:95:42:bc:78:7b:20:57:c7:a8:b4:30:ee:
20:19:73:af:85:2e:f4:70:08:c2:e5:1d:d7:e1:8a:f2:08:7a:
e0:23:37:78:d6:34:9f:84:84:5a:87:57:3f:10:17:fe:c3:3f:
34:27:38:49:c5:e5:28:c0:9b:28:ef:ed:0e:2b:55:af:62:1b:
b7:73:3b:06:5f:cc:a5:b6:46:dc:81:5f:88:96:af:f2:bc:16:
0a:e5:1b:d5:ba:d9:8a:7a:94:ab:c5:ab:7e:78:26:32:e3:62:
8c:d8:eb:1d:07:90:91:9b:c3:94:b0:93:bf:2e:f2:31:45:02:
8f:b2:53:28:3d:36:03:a0:65:3e:e3:0b:0b:4b:3c:02:7c:35:
7e:8f:e1:00:4c:15:e2:35:7c:0b:b1:58:28:09:0a:fc:54:a1:
e7:ff:ed:70:70:54:4c:31:10:2b:3f:3b:38:94:b2:36:5e:27:
b1:40:30:22:b4:07:64:6e:c2:25:9a:55:b7:47:46:87:ee:77:
38:24:d1:4a:0c:7e:c8:7d:dd:48:76:87:cc:b7:64:8c:77:a4:
e5:bd:52:27:60:42:10:c8:de:20:81:8d:56:3f:3a:0d:b1:07:
43:82:f5:f4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICMk4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTEzMTgxMTAvBgNVBAUTKDgwNkFCRkY0NjM1OTRDQUEzMERFNzBBMzExQUUyRjg0
OTE4OUJDNjQwHhcNMjIwNjIxMTUyMDQwWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmIxZTFjOC03MGZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxhoYoh0xJ0Xza6bDcXvSKjL+OKCW3JKT5MyNO4meOiH3WAq652ZohJn0pwys
95ErnZPAfkY5cOilYi1usRl9I+sVJlD5b5DRXwx0oyPAGsvWzMxIwt06xZIOH6uX
0d0Xpd2xlLUxiXx6mccsQsshFDwH/ShoYHkks+WBDe1Y9zNh8PkAUHndnkXhilrI
VPf4WCGKMtq4399gfHHklsD/FD1dd4xIke6/jWjX8hfJi+IwHZzN4YgMzbH2fnWW
XdUYVirSjZsK6+vhrxBr/t+3q6qtvmFZrChBKReI2tc0OdbvXIFW1Zyjcee7N7xi
LcI3AstZ+EkD8PjksgXs2ZWAuQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBqEq6sg
7lGIKBe41LP9paNB2uVvMB8GA1UdIwQYMBaAFIBqv/RjWUyqMN5woxGuL4SRibxk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMTMxOC9EQzc0NTFGMjFE
OTExMUUyOThFNzQ2RjQwOEIwMkNEMi9nR3FfOUdOWlRLb3czbkNqRWE0dmhKR0p2
R1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dHcV85R05aVEtvdzNuQ2pFYTR2aEpHSnZHUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTEzMTgvREM3NDUxRjIxRDkxMTFFMjk4RTc0NkY0MDhCMDJDRDIvQkQ1NDcyQkMz
M0UxMTFFOTg5MThEQjc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACjB8owDQYJKoZIhvcNAQELBQADggEBAIl0Tv3CXKScBdrh
sfXQ/4jK0dml3B9cAZVCvHh7IFfHqLQw7iAZc6+FLvRwCMLlHdfhivIIeuAjN3jW
NJ+EhFqHVz8QF/7DPzQnOEnF5SjAmyjv7Q4rVa9iG7dzOwZfzKW2RtyBX4iWr/K8
FgrlG9W62Yp6lKvFq354JjLjYozY6x0HkJGbw5Swk78u8jFFAo+yUyg9NgOgZT7j
CwtLPAJ8NX6P4QBMFeI1fAuxWCgJCvxUoef/7XBwVEwxECs/OziUsjZeJ7FAMCK0
B2RuwiWaVbdHRofudzgk0UoMfsh93Uh2h8y3ZIx3pOW9UidgQhDI3iCBjVY/Og2x
B0OC9fQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:33 2023 by rpki-client on console-ams.rpki-client.org