Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/CC2CAB30E1D611E99DA0AC0FC4F9AE02.roa
File: CC2CAB30E1D611E99DA0AC0FC4F9AE02.roa (raw, json)
Hash identifier: 2GNMBfcEq0MSUKkmjcmj8D8LDVY+kr0SDGHXQ+AEA7I=
Subject key identifier: 73:54:A4:1D:AE:7B:00:B5:63:C3:BC:39:8E:A4:16:B6:62:08:BD:68
Certificate issuer: /CN=A9111318/serialNumber=806ABFF463594CAA30DE70A311AE2F849189BC64
Certificate serial: 324C
Authority key identifier: 80:6A:BF:F4:63:59:4C:AA:30:DE:70:A3:11:AE:2F:84:91:89:BC:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/CC2CAB30E1D611E99DA0AC0FC4F9AE02.roa
Signing time: Tue 21 Jun 2022 15:20:38 +0000
ROA not before: Tue 21 Jun 2022 15:20:38 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 38022
IP address blocks: 163.7.128.0/17 maxlen: 17
163.7.129.0/24 maxlen: 24
163.7.134.0/24 maxlen: 24
163.7.135.0/24 maxlen: 24
163.7.138.0/24 maxlen: 24
163.7.139.0/24 maxlen: 24
163.7.143.0/24 maxlen: 24
163.7.144.0/24 maxlen: 24
163.7.160.0/20 maxlen: 20
163.7.176.0/22 maxlen: 22
163.7.176.0/24 maxlen: 24
163.7.177.0/24 maxlen: 24
163.7.178.0/24 maxlen: 24
163.7.179.0/24 maxlen: 24
163.7.200.0/24 maxlen: 24
163.7.201.0/24 maxlen: 24
163.7.203.0/24 maxlen: 24
163.7.204.0/24 maxlen: 24
163.7.205.0/24 maxlen: 24
163.7.206.0/24 maxlen: 24
163.7.207.0/24 maxlen: 24
163.7.208.0/24 maxlen: 24
163.7.209.0/24 maxlen: 24
163.7.210.0/24 maxlen: 24
163.7.211.0/24 maxlen: 24
210.7.32.0/20 maxlen: 20
2404:138::/32 maxlen: 32
2404:138:204::/48 maxlen: 48
2404:138:205::/48 maxlen: 48
2404:138:206::/48 maxlen: 48
2404:138:207::/48 maxlen: 48
2404:138:1306::/48 maxlen: 48
2404:139::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12876 (0x324c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9111318/serialNumber=806ABFF463594CAA30DE70A311AE2F849189BC64
Validity
Not Before: Jun 21 15:20:38 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62b1e1c5-938b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4c:77:a4:0e:47:c7:49:41:aa:fc:68:cf:55:
bf:a6:25:d1:0c:06:ba:55:2f:2d:04:81:24:3c:1d:
3f:40:25:56:76:6e:f2:bf:16:5d:82:cb:77:35:ae:
25:95:f4:47:42:e5:31:bf:57:d8:fa:bb:b2:66:a9:
18:3a:67:91:e7:fa:23:f1:73:d7:78:35:7f:df:b4:
4e:c1:6a:98:89:1c:76:5d:c1:ea:3d:1c:2d:ee:e8:
95:52:fc:0f:26:9d:4e:3c:cd:94:d5:e6:be:31:28:
ec:99:79:d8:f2:36:08:b2:8d:43:08:6c:4b:94:2b:
2f:ea:e1:56:6e:1f:9a:b8:8a:5a:ab:32:d6:84:68:
b9:c9:3e:9d:47:1c:fb:07:e7:a9:df:16:66:3a:af:
1c:7b:ea:55:12:bf:81:d4:78:68:13:b1:f9:de:13:
5d:38:81:41:90:d8:18:db:50:e6:dd:94:3d:a8:82:
97:9e:57:48:1d:ec:7e:25:4e:bc:bc:7d:ef:13:a6:
ff:f0:be:07:03:f4:8c:c8:92:e7:92:98:5e:21:02:
ff:2c:5e:a4:c0:2a:94:ae:7b:39:05:c4:ed:16:64:
9b:e0:6e:89:ca:55:22:01:eb:58:13:d5:d5:9d:56:
33:32:df:cb:37:08:ed:a7:90:11:5a:a9:83:54:59:
23:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:54:A4:1D:AE:7B:00:B5:63:C3:BC:39:8E:A4:16:B6:62:08:BD:68
X509v3 Authority Key Identifier:
keyid:80:6A:BF:F4:63:59:4C:AA:30:DE:70:A3:11:AE:2F:84:91:89:BC:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/CC2CAB30E1D611E99DA0AC0FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.7.128.0/17
210.7.32.0/20
IPv6:
2404:138::/31
Signature Algorithm: sha256WithRSAEncryption
77:94:d1:37:a5:46:1f:c9:67:57:7f:e6:cf:60:ba:91:a0:08:
2c:0c:78:3b:40:00:ea:62:64:3e:9b:3e:31:f4:30:f4:b4:e3:
df:37:55:cb:e2:d1:cc:aa:b2:d4:06:cf:07:bb:d9:f1:26:ed:
b0:65:87:f3:42:99:ed:07:bc:32:e7:c5:52:fc:9a:36:b3:69:
c3:b9:29:33:d0:59:a0:4f:46:4f:0c:b3:f9:a7:49:86:17:20:
21:f1:e9:9b:92:05:76:72:c5:c5:77:ea:a8:f9:8e:9c:7b:ef:
dd:b3:c3:85:15:3c:e4:30:03:cc:e0:f6:60:1b:4d:8f:27:53:
14:82:cb:88:43:84:b9:6d:07:f4:0d:49:14:a7:93:75:fc:57:
78:c1:c4:dc:2e:69:d5:4c:42:17:11:4c:2d:77:56:db:ec:e5:
1f:39:7f:f9:cb:9a:01:36:43:d9:eb:c3:57:0c:6c:b8:16:5d:
d8:49:b7:b9:35:83:56:1a:4e:1f:58:8e:f9:72:b0:37:ac:df:
67:d5:73:30:c6:a2:d7:07:46:42:65:e0:01:25:04:b8:28:77:
dd:b4:0b:7f:f6:c9:90:c8:e9:0b:cc:e8:12:52:2e:60:9e:1f:
51:77:c2:70:6a:4d:a0:6e:ab:8c:92:aa:c5:3d:d4:86:2d:d3:
67:db:bc:cc
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICMkwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTEzMTgxMTAvBgNVBAUTKDgwNkFCRkY0NjM1OTRDQUEzMERFNzBBMzExQUUyRjg0
OTE4OUJDNjQwHhcNMjIwNjIxMTUyMDM4WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmIxZTFjNS05MzhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnkx3pA5Hx0lBqvxoz1W/piXRDAa6VS8tBIEkPB0/QCVWdm7yvxZdgst3Na4l
lfRHQuUxv1fY+ruyZqkYOmeR5/oj8XPXeDV/37ROwWqYiRx2XcHqPRwt7uiVUvwP
Jp1OPM2U1ea+MSjsmXnY8jYIso1DCGxLlCsv6uFWbh+auIpaqzLWhGi5yT6dRxz7
B+ep3xZmOq8ce+pVEr+B1HhoE7H53hNdOIFBkNgY21Dm3ZQ9qIKXnldIHex+JU68
vH3vE6b/8L4HA/SMyJLnkpheIQL/LF6kwCqUrns5BcTtFmSb4G6JylUiAetYE9XV
nVYzMt/LNwjtp5ARWqmDVFkj5wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFHNUpB2u
ewC1Y8O8OY6kFrZiCL1oMB8GA1UdIwQYMBaAFIBqv/RjWUyqMN5woxGuL4SRibxk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMTMxOC9EQzc0NTFGMjFE
OTExMUUyOThFNzQ2RjQwOEIwMkNEMi9nR3FfOUdOWlRLb3czbkNqRWE0dmhKR0p2
R1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dHcV85R05aVEtvdzNuQ2pFYTR2aEpHSnZHUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTEzMTgvREM3NDUxRjIxRDkxMTFFMjk4RTc0NkY0MDhCMDJDRDIvQ0MyQ0FCMzBF
MUQ2MTFFOTlEQTBBQzBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAejB4ADBATSByAwDQQCAAIwBwMFASQEATgwDQYJKoZIhvcN
AQELBQADggEBAHeU0TelRh/JZ1d/5s9gupGgCCwMeDtAAOpiZD6bPjH0MPS04983
Vcvi0cyqstQGzwe72fEm7bBlh/NCme0HvDLnxVL8mjazacO5KTPQWaBPRk8Ms/mn
SYYXICHx6ZuSBXZyxcV36qj5jpx7792zw4UVPOQwA8zg9mAbTY8nUxSCy4hDhLlt
B/QNSRSnk3X8V3jBxNwuadVMQhcRTC13Vtvs5R85f/nLmgE2Q9nrw1cMbLgWXdhJ
t7k1g1YaTh9YjvlysDes32fVczDGotcHRkJl4AElBLgod920C3/2yZDI6QvM6BJS
LmCeH1F3wnBqTaBuq4ySqsU91IYt02fbvMw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:35 2023 by rpki-client on console-fra.rpki-client.org