Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/D9801D340EB811EBB3722E5BC4F9AE02.roa
File: D9801D340EB811EBB3722E5BC4F9AE02.roa (raw, json)
Hash identifier: 6tXxDrUP+D+/JlL5gK2gHgJh1LqLh/bC9tX88gjENSE=
Subject key identifier: 9B:62:95:D0:86:66:8E:E2:D9:8F:5F:32:54:AE:C1:8F:DE:71:A6:5A
Certificate issuer: /CN=A9122219/serialNumber=D0D2F45A46D26766014B786019A09A8334873DAD
Certificate serial: 08A4
Authority key identifier: D0:D2:F4:5A:46:D2:67:66:01:4B:78:60:19:A0:9A:83:34:87:3D:AD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NL0WkbSZ2YBS3hgGaCagzSHPa0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/D9801D340EB811EBB3722E5BC4F9AE02.roa
Signing time: Tue 19 Jul 2022 09:07:20 +0000
ROA not before: Tue 19 Jul 2022 09:07:20 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 38744
IP address blocks: 49.0.32.0/19 maxlen: 24
117.58.240.0/21 maxlen: 24
2404:b580::/32 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2212 (0x8a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9122219/serialNumber=D0D2F45A46D26766014B786019A09A8334873DAD
Validity
Not Before: Jul 19 09:07:20 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=62d67448-9e08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d8:52:03:b0:5f:83:3d:18:cb:06:21:cf:97:
34:24:1d:33:aa:ed:b3:e2:ea:68:cf:63:26:c8:ac:
60:df:c5:fd:ad:99:92:bf:07:70:77:f8:78:05:7f:
67:47:09:fc:1c:11:b1:3f:26:f5:c4:fb:bc:ca:df:
db:0b:81:05:d3:28:09:ff:3b:1d:e1:84:fe:b5:45:
4a:2f:06:24:dc:7a:6c:07:a5:61:b3:0b:4f:fd:f7:
f6:87:9d:19:b3:8f:41:65:dd:80:e7:ae:b4:26:1c:
7d:c5:fe:b1:f0:a4:2c:bd:3f:ac:d7:2d:43:60:72:
4e:66:42:02:89:d4:f6:27:76:51:7c:9b:c7:06:66:
b3:42:ba:ba:02:3c:2e:d1:42:ce:08:f7:aa:b1:03:
5b:4a:dc:b3:b0:5a:8c:63:82:74:87:93:a6:cb:67:
c5:70:a2:d6:b5:77:20:61:23:31:72:7f:be:0e:96:
67:13:3e:71:cf:0a:b5:eb:53:05:d2:e6:6d:9f:fb:
88:f6:dc:df:64:5d:e4:d4:1f:c0:7c:96:fa:89:99:
35:48:3b:e7:b6:55:cd:83:e1:c0:af:83:3e:e1:e3:
3d:71:d5:ec:b7:96:51:60:7f:a7:29:8e:6a:4d:33:
a8:1b:40:a7:f1:10:72:d6:23:a9:b2:12:20:72:0a:
ab:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:62:95:D0:86:66:8E:E2:D9:8F:5F:32:54:AE:C1:8F:DE:71:A6:5A
X509v3 Authority Key Identifier:
keyid:D0:D2:F4:5A:46:D2:67:66:01:4B:78:60:19:A0:9A:83:34:87:3D:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/0NL0WkbSZ2YBS3hgGaCagzSHPa0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NL0WkbSZ2YBS3hgGaCagzSHPa0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/D9801D340EB811EBB3722E5BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.0.32.0/19
117.58.240.0/21
IPv6:
2404:b580::/32
Signature Algorithm: sha256WithRSAEncryption
65:65:d3:b9:87:76:22:b0:ff:f9:61:d6:df:fc:dc:fe:3f:04:
04:c5:10:15:fb:aa:62:72:43:c1:bd:d4:cf:32:3b:a7:6b:2d:
af:d7:92:2f:7f:a9:f9:8f:ae:5a:27:ef:fe:d1:a5:67:a2:42:
e6:74:50:9d:d1:85:a8:38:72:f0:74:70:d2:3c:8e:67:38:79:
3f:d0:24:a5:ec:9b:ca:ab:d1:27:6f:31:b4:f6:cf:76:3a:93:
d0:88:e2:aa:39:57:80:a4:f7:3b:91:30:2d:bb:bf:64:ae:f4:
95:ac:43:b8:fc:d1:88:ee:4e:71:39:ff:21:ca:62:c6:e4:4c:
31:1d:0d:f3:5f:57:2f:2a:14:da:82:45:54:65:49:3a:98:7d:
f7:5d:b4:11:2d:4d:41:fe:85:14:37:5e:dd:1e:10:c5:28:d1:
55:7d:61:4b:76:d4:f2:b7:fa:c5:6e:0e:32:ae:c6:8e:00:ed:
9d:84:48:02:d6:da:7a:c8:33:c9:fa:5a:18:80:5d:2b:2e:c3:
5c:3d:1d:33:35:32:7a:93:72:eb:ff:7e:75:ae:7b:de:6c:5d:
6c:a3:29:b4:fa:11:9b:c7:14:e2:a9:5d:fd:fe:bc:c6:b2:94:
89:55:6a:c5:76:43:d5:63:5e:41:04:5b:e1:fb:35:f1:36:41:
d2:9a:11:e9
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCKQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjIyMTkxMTAvBgNVBAUTKEQwRDJGNDVBNDZEMjY3NjYwMTRCNzg2MDE5QTA5QTgz
MzQ4NzNEQUQwHhcNMjIwNzE5MDkwNzIwWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmQ2NzQ0OC05ZTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArdhSA7Bfgz0YywYhz5c0JB0zqu2z4upoz2MmyKxg38X9rZmSvwdwd/h4BX9n
Rwn8HBGxPyb1xPu8yt/bC4EF0ygJ/zsd4YT+tUVKLwYk3HpsB6VhswtP/ff2h50Z
s49BZd2A5660Jhx9xf6x8KQsvT+s1y1DYHJOZkICidT2J3ZRfJvHBmazQrq6Ajwu
0ULOCPeqsQNbStyzsFqMY4J0h5Omy2fFcKLWtXcgYSMxcn++DpZnEz5xzwq161MF
0uZtn/uI9tzfZF3k1B/AfJb6iZk1SDvntlXNg+HAr4M+4eM9cdXst5ZRYH+nKY5q
TTOoG0Cn8RBy1iOpshIgcgqrCQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJtildCG
Zo7i2Y9fMlSuwY/ecaZaMB8GA1UdIwQYMBaAFNDS9FpG0mdmAUt4YBmgmoM0hz2t
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMjIxOS84MkZFODlDQzND
MzcxMUVBODczRTE0NjBDNEY5QUUwMi8wTkwwV2tiU1oyWUJTM2hnR2FDYWd6U0hQ
YTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBOTDBXa2JTWjJZQlMzaGdHYUNhZ3pTSFBhMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjIyMTkvODJGRTg5Q0MzQzM3MTFFQTg3M0UxNDYwQzRGOUFFMDIvRDk4MDFEMzQw
RUI4MTFFQkIzNzIyRTVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAUxACADBAN1OvAwDQQCAAIwBwMFACQEtYAwDQYJKoZIhvcN
AQELBQADggEBAGVl07mHdiKw//lh1t/83P4/BATFEBX7qmJyQ8G91M8yO6drLa/X
ki9/qfmPrlon7/7RpWeiQuZ0UJ3Rhag4cvB0cNI8jmc4eT/QJKXsm8qr0SdvMbT2
z3Y6k9CI4qo5V4Ck9zuRMC27v2Su9JWsQ7j80YjuTnE5/yHKYsbkTDEdDfNfVy8q
FNqCRVRlSTqYffddtBEtTUH+hRQ3Xt0eEMUo0VV9YUt21PK3+sVuDjKuxo4A7Z2E
SALW2nrIM8n6WhiAXSsuw1w9HTM1MnqTcuv/fnWue95sXWyjKbT6EZvHFOKpXf3+
vMaylIlVasV2Q9VjXkEEW+H7NfE2QdKaEek=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:36 2023 by rpki-client on console-fra.rpki-client.org