Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912383B/F4BD5008E02311EA9922DE42C4F9AE02/9DF63832E02511EA8A728C44C4F9AE02.roa
File: 9DF63832E02511EA8A728C44C4F9AE02.roa (raw, json)
Hash identifier: 7vet4SmnbaF4ItfFFjCuPBFneutPyoZ8/p1BgMhwOnA=
Subject key identifier: F6:C1:3B:76:7C:8A:E0:09:D8:35:52:1E:8B:6C:9B:32:9B:67:36:63
Certificate issuer: /CN=A912383B/serialNumber=0727AAC5B8CF7FE68CCD6DE77F6C8B46D574FAA7
Certificate serial: 04B5
Authority key identifier: 07:27:AA:C5:B8:CF:7F:E6:8C:CD:6D:E7:7F:6C:8B:46:D5:74:FA:A7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ByeqxbjPf-aMzW3nf2yLRtV0-qc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912383B/F4BD5008E02311EA9922DE42C4F9AE02/9DF63832E02511EA8A728C44C4F9AE02.roa
Signing time: Fri 25 Mar 2022 11:29:41 +0000
ROA not before: Fri 25 Mar 2022 11:29:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138162
IP address blocks: 149.234.186.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1205 (0x4b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912383B/serialNumber=0727AAC5B8CF7FE68CCD6DE77F6C8B46D574FAA7
Validity
Not Before: Mar 25 11:29:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=623da7a5-e39a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:eb:38:24:20:bc:ae:cd:ce:ae:5d:8e:9f:df:
e6:55:da:14:9d:79:c6:bd:66:9b:9a:80:d6:a1:f2:
10:33:45:0f:90:cd:33:66:d9:1f:87:fe:0a:a4:72:
2c:a1:71:2e:a9:b6:40:2a:c2:ee:c8:ec:76:86:aa:
3c:66:46:ab:fe:e5:ca:53:a8:06:4c:6f:d9:16:32:
ef:bf:39:1b:39:79:f2:37:ec:e9:ba:c7:3c:b2:21:
a7:58:0c:44:a0:7e:9e:84:89:cc:d5:81:ac:40:18:
b1:60:aa:6f:d7:5b:01:82:30:34:5e:55:2d:49:ef:
e7:cf:43:37:92:8b:bb:ef:21:b9:05:e8:f7:96:d6:
a0:7a:69:4f:81:28:49:c8:19:31:4a:b4:51:fd:43:
64:41:5a:12:29:d1:4e:09:91:5c:ed:a1:5b:d8:22:
06:09:f8:5a:1a:d0:c6:c9:69:b7:d7:21:6f:b2:f5:
54:51:f1:a3:d7:68:e2:79:b8:16:a9:94:ae:6b:44:
9c:23:99:cc:2a:2a:e0:b3:ed:54:86:df:24:56:4d:
b8:0b:ec:a0:7b:5e:3a:9b:66:56:7a:99:8c:0e:6e:
d8:61:53:55:57:bd:93:fb:ff:72:ea:7e:3d:6f:21:
d4:41:63:16:02:3a:89:74:eb:f4:93:cc:5d:c7:1e:
a3:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C1:3B:76:7C:8A:E0:09:D8:35:52:1E:8B:6C:9B:32:9B:67:36:63
X509v3 Authority Key Identifier:
keyid:07:27:AA:C5:B8:CF:7F:E6:8C:CD:6D:E7:7F:6C:8B:46:D5:74:FA:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912383B/F4BD5008E02311EA9922DE42C4F9AE02/ByeqxbjPf-aMzW3nf2yLRtV0-qc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ByeqxbjPf-aMzW3nf2yLRtV0-qc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912383B/F4BD5008E02311EA9922DE42C4F9AE02/9DF63832E02511EA8A728C44C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
149.234.186.0/24
Signature Algorithm: sha256WithRSAEncryption
19:d3:f1:b8:6c:2b:20:40:b5:fe:bb:da:10:aa:79:ff:00:57:
37:32:5b:32:13:32:d6:db:df:c1:8b:89:fd:bf:3d:d1:06:ff:
d1:50:8f:97:a3:b0:11:b5:b8:42:56:ac:43:50:3e:4b:3f:f9:
b3:2e:40:2a:a8:e3:7d:80:2d:28:71:19:8c:ec:c6:1e:db:a9:
10:7e:8d:e7:da:bd:b4:11:3d:f4:5e:1b:08:a4:d1:4b:1a:1d:
84:49:a3:eb:0e:45:8a:c4:9c:ee:b5:56:ed:4d:76:46:a5:ec:
9a:e6:93:4b:6c:6a:25:57:1d:04:ed:37:8b:07:05:4c:ea:b8:
d6:9a:8e:62:44:9c:c9:72:b9:a6:9f:12:42:f5:00:d5:fb:70:
9c:c6:92:e9:d8:61:d6:ef:9b:0b:d4:51:08:f3:33:48:43:b3:
a8:f8:30:49:f7:1d:1e:f8:23:97:63:2f:f3:b0:3c:0e:78:63:
b1:07:74:81:a8:e7:7a:bf:c9:96:42:da:ad:94:28:51:81:56:
13:8e:d4:92:81:d8:e9:d0:24:a6:a1:fa:8c:5b:f5:ff:5c:9c:
06:91:bd:24:a0:16:e8:7e:bb:48:b2:31:46:22:8b:f5:87:d6:
0d:1b:ec:f3:8f:2b:95:93:48:b6:4a:a4:bf:69:34:d2:d1:b3:
b2:ca:0b:16
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBLUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjM4M0IxMTAvBgNVBAUTKDA3MjdBQUM1QjhDRjdGRTY4Q0NENkRFNzdGNkM4QjQ2
RDU3NEZBQTcwHhcNMjIwMzI1MTEyOTQxWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjNkYTdhNS1lMzlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6es4JCC8rs3Orl2On9/mVdoUnXnGvWabmoDWofIQM0UPkM0zZtkfh/4KpHIs
oXEuqbZAKsLuyOx2hqo8Zkar/uXKU6gGTG/ZFjLvvzkbOXnyN+zpusc8siGnWAxE
oH6ehInM1YGsQBixYKpv11sBgjA0XlUtSe/nz0M3kou77yG5Bej3ltagemlPgShJ
yBkxSrRR/UNkQVoSKdFOCZFc7aFb2CIGCfhaGtDGyWm31yFvsvVUUfGj12jiebgW
qZSua0ScI5nMKirgs+1Uht8kVk24C+yge146m2ZWepmMDm7YYVNVV72T+/9y6n49
byHUQWMWAjqJdOv0k8xdxx6j1QIDAQABo4IClTCCApEwHQYDVR0OBBYEFPbBO3Z8
iuAJ2DVSHotsmzKbZzZjMB8GA1UdIwQYMBaAFAcnqsW4z3/mjM1t539si0bVdPqn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzgzQi9GNEJENTAwOEUw
MjMxMUVBOTkyMkRFNDJDNEY5QUUwMi9CeWVxeGJqUGYtYU16VzNuZjJ5TFJ0VjAt
cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0J5ZXF4YmpQZi1hTXpXM25mMnlMUnRWMC1xYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjM4M0IvRjRCRDUwMDhFMDIzMTFFQTk5MjJERTQyQzRGOUFFMDIvOURGNjM4MzJF
MDI1MTFFQThBNzI4QzQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACV6rowDQYJKoZIhvcNAQELBQADggEBABnT8bhsKyBAtf67
2hCqef8AVzcyWzITMtbb38GLif2/PdEG/9FQj5ejsBG1uEJWrENQPks/+bMuQCqo
432ALShxGYzsxh7bqRB+jefavbQRPfReGwik0UsaHYRJo+sORYrEnO61Vu1Ndkal
7Jrmk0tsaiVXHQTtN4sHBUzquNaajmJEnMlyuaafEkL1ANX7cJzGkunYYdbvmwvU
UQjzM0hDs6j4MEn3HR74I5djL/OwPA54Y7EHdIGo53q/yZZC2q2UKFGBVhOO1JKB
2OnQJKah+oxb9f9cnAaRvSSgFuh+u0iyMUYii/WH1g0b7POPK5WTSLZKpL9pNNLR
s7LKCxY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:34 2023 by rpki-client on console-ams.rpki-client.org