Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912383B/F4BD5008E02311EA9922DE42C4F9AE02/E2C49B862A6011EB8DEF2641C4F9AE02.roa
File: E2C49B862A6011EB8DEF2641C4F9AE02.roa (raw, json)
Hash identifier: jMsRGZX6MwXzgOOe/bryzoKRasj8boydZxBDIdbUcmA=
Subject key identifier: 6B:F7:EE:47:8A:2C:86:02:45:A0:4B:B3:05:14:B3:39:4B:6A:5A:29
Certificate issuer: /CN=A912383B/serialNumber=0727AAC5B8CF7FE68CCD6DE77F6C8B46D574FAA7
Certificate serial: 04BC
Authority key identifier: 07:27:AA:C5:B8:CF:7F:E6:8C:CD:6D:E7:7F:6C:8B:46:D5:74:FA:A7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ByeqxbjPf-aMzW3nf2yLRtV0-qc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912383B/F4BD5008E02311EA9922DE42C4F9AE02/E2C49B862A6011EB8DEF2641C4F9AE02.roa
Signing time: Fri 25 Mar 2022 11:29:48 +0000
ROA not before: Fri 25 Mar 2022 11:29:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198949
IP address blocks: 149.234.185.0/24 maxlen: 24
149.234.186.0/24 maxlen: 24
149.234.187.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1212 (0x4bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912383B/serialNumber=0727AAC5B8CF7FE68CCD6DE77F6C8B46D574FAA7
Validity
Not Before: Mar 25 11:29:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=623da7ac-4549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ad:ce:23:0d:84:77:af:97:27:ff:c8:9c:ff:
ac:6b:4c:4b:85:5c:e6:e2:c7:12:06:77:90:79:10:
f5:e5:d2:50:73:43:d4:78:4a:d3:79:09:35:44:04:
2d:82:1d:b1:9a:50:d3:b0:37:2e:11:65:2e:ab:fe:
87:6d:52:72:d3:af:85:ff:55:35:c1:98:9b:4e:75:
fd:0c:f8:6a:be:cb:29:a4:d4:1a:a6:a4:77:ba:5c:
4c:98:30:3c:da:09:00:54:cb:4b:e0:ab:ba:91:45:
f6:e8:8c:96:cd:78:2c:d5:3f:9b:4e:39:44:86:2d:
a4:18:1e:75:3f:b7:76:a8:b7:ca:ae:6a:f9:68:13:
98:b5:c8:87:44:eb:b4:38:86:04:1d:f9:1a:39:17:
4a:7d:e8:74:50:05:d1:1f:97:19:11:1c:77:44:54:
0a:61:53:6c:89:88:37:71:16:c0:05:fa:79:09:2e:
06:ff:1f:0b:da:71:5b:b0:0a:3f:15:34:9d:0f:2b:
fb:54:0e:42:8d:dd:b0:33:37:b1:33:ac:fe:2d:34:
ff:eb:d2:4c:c7:28:3c:06:4e:98:16:b4:25:67:1b:
20:2e:8b:8b:ef:2d:fb:ed:da:de:f7:3b:9b:12:6d:
1e:eb:44:94:8d:e1:40:ac:85:22:be:ae:c1:16:d2:
ff:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F7:EE:47:8A:2C:86:02:45:A0:4B:B3:05:14:B3:39:4B:6A:5A:29
X509v3 Authority Key Identifier:
keyid:07:27:AA:C5:B8:CF:7F:E6:8C:CD:6D:E7:7F:6C:8B:46:D5:74:FA:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912383B/F4BD5008E02311EA9922DE42C4F9AE02/ByeqxbjPf-aMzW3nf2yLRtV0-qc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ByeqxbjPf-aMzW3nf2yLRtV0-qc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912383B/F4BD5008E02311EA9922DE42C4F9AE02/E2C49B862A6011EB8DEF2641C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
149.234.185.0-149.234.187.255
Signature Algorithm: sha256WithRSAEncryption
7e:98:09:3c:fd:67:0a:f9:cd:89:ce:a3:43:66:b0:84:b2:61:
aa:6b:be:9e:7a:94:99:31:54:32:7f:e4:83:fb:cf:b1:d0:ac:
68:1a:12:7f:af:1a:e5:69:da:5f:48:5d:2f:ee:d7:5f:c5:49:
51:d3:5b:57:9a:c0:73:f5:30:75:b9:d3:13:af:5b:44:a9:f0:
82:5f:82:45:c9:09:d0:e3:6a:6d:2e:25:d9:7e:18:e7:f9:9c:
18:52:eb:db:29:47:f1:8d:82:2c:8b:0b:d6:4c:84:25:57:36:
74:6a:bf:32:13:a8:c7:08:97:7e:78:cd:c6:bb:60:af:75:d6:
f1:da:92:55:45:fc:20:e1:11:f9:53:9a:b9:1d:81:cb:eb:c4:
dc:46:2b:10:57:52:a1:87:54:b2:87:aa:cd:df:f5:60:c5:06:
dc:de:e5:60:c6:f0:db:c0:04:18:e7:6d:b7:0e:04:f7:46:43:
97:76:f9:7c:fc:0a:66:8a:4d:fc:2f:5a:bb:b3:0d:e6:26:01:
66:3b:6e:3f:da:df:2e:b2:1a:ef:ad:a3:57:9b:c1:2e:10:ed:
08:92:4f:1e:b5:a6:c5:fc:b7:e7:da:e4:a8:fa:07:65:ba:3a:
b9:83:87:99:f6:bb:bf:08:a6:51:94:7d:bc:93:d8:bd:ab:eb:
f4:6a:7c:1d
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICBLwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjM4M0IxMTAvBgNVBAUTKDA3MjdBQUM1QjhDRjdGRTY4Q0NENkRFNzdGNkM4QjQ2
RDU3NEZBQTcwHhcNMjIwMzI1MTEyOTQ4WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjNkYTdhYy00NTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2K3OIw2Ed6+XJ//InP+sa0xLhVzm4scSBneQeRD15dJQc0PUeErTeQk1RAQt
gh2xmlDTsDcuEWUuq/6HbVJy06+F/1U1wZibTnX9DPhqvssppNQapqR3ulxMmDA8
2gkAVMtL4Ku6kUX26IyWzXgs1T+bTjlEhi2kGB51P7d2qLfKrmr5aBOYtciHROu0
OIYEHfkaORdKfeh0UAXRH5cZERx3RFQKYVNsiYg3cRbABfp5CS4G/x8L2nFbsAo/
FTSdDyv7VA5Cjd2wMzexM6z+LTT/69JMxyg8Bk6YFrQlZxsgLouL7y377dre9zub
Em0e60SUjeFArIUivq7BFtL/oQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFGv37keK
LIYCRaBLswUUszlLalopMB8GA1UdIwQYMBaAFAcnqsW4z3/mjM1t539si0bVdPqn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzgzQi9GNEJENTAwOEUw
MjMxMUVBOTkyMkRFNDJDNEY5QUUwMi9CeWVxeGJqUGYtYU16VzNuZjJ5TFJ0VjAt
cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0J5ZXF4YmpQZi1hTXpXM25mMnlMUnRWMC1xYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjM4M0IvRjRCRDUwMDhFMDIzMTFFQTk5MjJERTQyQzRGOUFFMDIvRTJDNDlCODYy
QTYwMTFFQjhERUYyNjQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAJXquQMEApXquDANBgkqhkiG9w0BAQsFAAOCAQEAfpgJ
PP1nCvnNic6jQ2awhLJhqmu+nnqUmTFUMn/kg/vPsdCsaBoSf68a5WnaX0hdL+7X
X8VJUdNbV5rAc/UwdbnTE69bRKnwgl+CRckJ0ONqbS4l2X4Y5/mcGFLr2ylH8Y2C
LIsL1kyEJVc2dGq/MhOoxwiXfnjNxrtgr3XW8dqSVUX8IOER+VOauR2By+vE3EYr
EFdSoYdUsoeqzd/1YMUG3N7lYMbw28AEGOdttw4E90ZDl3b5fPwKZopN/C9au7MN
5iYBZjtuP9rfLrIa762jV5vBLhDtCJJPHrWmxfy359rkqPoHZbo6uYOHmfa7vwim
UZR9vJPYvavr9Gp8HQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org