Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/4D9B71F4810E11EDA0D95E5AC4F9AE02.roa
File: 4D9B71F4810E11EDA0D95E5AC4F9AE02.roa (raw, json)
Hash identifier: nT2ez/UsE1yLILCx+C1apABJT2VmZa0EXP0+YTJo5iI=
Subject key identifier: 22:9B:28:6D:69:08:D6:81:DC:90:28:6E:43:4E:FE:53:23:AC:30:B8
Certificate issuer: /CN=A91262CA/serialNumber=D63DE82A759F9657F8F073B251251AAE67BA4BA6
Certificate serial: 0228
Authority key identifier: D6:3D:E8:2A:75:9F:96:57:F8:F0:73:B2:51:25:1A:AE:67:BA:4B:A6
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1j3oKnWfllf48HOyUSUarme6S6Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/4D9B71F4810E11EDA0D95E5AC4F9AE02.roa
Signing time: Wed 21 Dec 2022 09:03:15 +0000
ROA not before: Wed 21 Dec 2022 09:03:15 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 150686
IP address blocks: 147.50.196.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 552 (0x228)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91262CA/serialNumber=D63DE82A759F9657F8F073B251251AAE67BA4BA6
Validity
Not Before: Dec 21 09:03:15 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=63a2cbd3-401e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:80:3c:00:ab:61:a5:0c:b3:ee:01:5f:69:0a:
ae:1d:b2:01:8c:6f:71:57:b3:ec:98:43:66:86:12:
4f:5c:6e:7a:ac:83:f8:3f:ad:86:ee:68:b0:c4:60:
a3:1a:e6:a1:64:7d:0d:d5:17:96:5d:1e:e8:bc:91:
2a:cb:21:d4:3d:5a:1a:c6:7f:47:05:3c:a4:e7:f9:
7b:5c:47:98:60:5c:f9:89:80:b6:a4:9f:11:1a:91:
77:74:74:7b:07:a8:93:62:77:c1:eb:c0:aa:24:e8:
51:a8:8c:0e:d5:be:8d:7b:de:7f:6e:ad:e2:40:d3:
ce:be:0e:8c:03:53:25:26:f0:ce:c7:e2:d7:12:a3:
89:25:b9:07:ff:da:2f:fc:40:dc:e0:6c:71:02:39:
79:db:33:f3:f5:36:bb:7f:b8:70:87:f6:2e:f4:87:
71:d8:92:40:4d:c8:29:d3:5e:de:0f:f4:4a:2e:88:
c7:29:de:e2:8e:37:ca:25:90:c0:0c:47:cc:a7:f9:
a2:56:ae:10:c2:7c:50:24:d7:ff:0c:00:89:ad:12:
d4:05:7a:31:dd:2c:eb:94:ba:a1:2d:38:5e:ee:bb:
f2:56:7a:c6:8b:8c:c5:dc:d2:62:3c:dd:58:0b:8e:
84:5e:be:52:69:12:bc:2c:d9:c3:7b:b7:2a:e6:20:
36:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:9B:28:6D:69:08:D6:81:DC:90:28:6E:43:4E:FE:53:23:AC:30:B8
X509v3 Authority Key Identifier:
keyid:D6:3D:E8:2A:75:9F:96:57:F8:F0:73:B2:51:25:1A:AE:67:BA:4B:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/1j3oKnWfllf48HOyUSUarme6S6Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1j3oKnWfllf48HOyUSUarme6S6Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/4D9B71F4810E11EDA0D95E5AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
147.50.196.0/24
Signature Algorithm: sha256WithRSAEncryption
61:5b:84:1f:8c:60:54:d0:99:12:52:85:97:d9:6f:24:de:a8:
b3:a9:ba:1d:cd:8d:8b:81:0a:d3:cb:0c:65:50:df:26:2f:6f:
bf:26:e7:bf:a0:3a:57:49:31:26:19:c0:4e:d5:9d:12:d2:3f:
17:7c:b5:e1:5d:d1:29:e9:2a:84:6b:3e:b1:35:e5:50:49:75:
e3:ee:e6:76:36:19:b0:76:02:17:07:dd:a0:34:33:1e:fb:4d:
92:03:07:b4:2a:52:1f:44:69:ce:e4:1b:0e:bc:0e:0c:b7:7a:
b9:f3:e6:43:08:0f:bd:dd:e0:78:7c:81:37:08:01:22:77:44:
55:5e:cf:93:4f:b6:35:24:b6:0b:67:b8:96:a4:08:55:28:95:
f9:fb:5f:ff:32:c8:be:da:74:50:11:eb:a8:0a:53:b5:7e:39:
c1:99:99:e0:97:65:5d:c4:50:e5:f8:4f:30:cf:7a:ba:47:97:
64:f0:a1:25:ce:10:12:f0:75:a1:ef:55:03:7d:55:ae:36:55:
cc:b9:e7:a2:11:d7:7a:34:f9:99:e6:5b:56:4c:21:fe:c2:a3:
bc:18:9c:88:37:e8:7e:03:a4:b5:2c:4f:92:39:f5:5b:59:9d:
8c:f9:4b:5f:65:00:0c:f9:10:f0:1c:1b:30:07:b0:88:f4:78:
1a:a5:ad:5c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAigwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjYyQ0ExMTAvBgNVBAUTKEQ2M0RFODJBNzU5Rjk2NTdGOEYwNzNCMjUxMjUxQUFF
NjdCQTRCQTYwHhcNMjIxMjIxMDkwMzE1WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2EyY2JkMy00MDFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0oA8AKthpQyz7gFfaQquHbIBjG9xV7PsmENmhhJPXG56rIP4P62G7miwxGCj
GuahZH0N1ReWXR7ovJEqyyHUPVoaxn9HBTyk5/l7XEeYYFz5iYC2pJ8RGpF3dHR7
B6iTYnfB68CqJOhRqIwO1b6Ne95/bq3iQNPOvg6MA1MlJvDOx+LXEqOJJbkH/9ov
/EDc4GxxAjl52zPz9Ta7f7hwh/Yu9Idx2JJATcgp017eD/RKLojHKd7ijjfKJZDA
DEfMp/miVq4QwnxQJNf/DACJrRLUBXox3SzrlLqhLThe7rvyVnrGi4zF3NJiPN1Y
C46EXr5SaRK8LNnDe7cq5iA2jwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCKbKG1p
CNaB3JAobkNO/lMjrDC4MB8GA1UdIwQYMBaAFNY96Cp1n5ZX+PBzslElGq5nukum
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNjJDQS9FQzFFRTY1MjhB
NTcxMUVDOTZFQkMwMTRDNEY5QUUwMi8xajNvS25XZmxsZjQ4SE95VVNVYXJtZTZT
NlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzFqM29LbldmbGxmNDhIT3lVU1Vhcm1lNlM2WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjYyQ0EvRUMxRUU2NTI4QTU3MTFFQzk2RUJDMDE0QzRGOUFFMDIvNEQ5QjcxRjQ4
MTBFMTFFREEwRDk1RTVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACTMsQwDQYJKoZIhvcNAQELBQADggEBAGFbhB+MYFTQmRJS
hZfZbyTeqLOpuh3NjYuBCtPLDGVQ3yYvb78m57+gOldJMSYZwE7VnRLSPxd8teFd
0SnpKoRrPrE15VBJdePu5nY2GbB2AhcH3aA0Mx77TZIDB7QqUh9Eac7kGw68Dgy3
ernz5kMID73d4Hh8gTcIASJ3RFVez5NPtjUktgtnuJakCFUolfn7X/8yyL7adFAR
66gKU7V+OcGZmeCXZV3EUOX4TzDPerpHl2TwoSXOEBLwdaHvVQN9Va42Vcy556IR
13o0+ZnmW1ZMIf7Co7wYnIg36H4DpLUsT5I59VtZnYz5S19lAAz5EPAcGzAHsIj0
eBqlrVw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org