Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/890BB750709A11ED8DC13A6CC4F9AE02.roa
File: 890BB750709A11ED8DC13A6CC4F9AE02.roa (raw, json)
Hash identifier: fRbyXaM73TgwgXW+NFUlA1Q/ChIDHuy5zoLvixNyJLA=
Subject key identifier: E3:72:74:79:5C:07:98:EE:4A:1E:67:63:47:63:40:A6:F1:7A:47:28
Certificate issuer: /CN=A91262CA/serialNumber=D63DE82A759F9657F8F073B251251AAE67BA4BA6
Certificate serial: 0215
Authority key identifier: D6:3D:E8:2A:75:9F:96:57:F8:F0:73:B2:51:25:1A:AE:67:BA:4B:A6
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1j3oKnWfllf48HOyUSUarme6S6Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/890BB750709A11ED8DC13A6CC4F9AE02.roa
Signing time: Wed 30 Nov 2022 10:34:15 +0000
ROA not before: Wed 30 Nov 2022 10:34:15 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 132866
IP address blocks: 147.50.193.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 533 (0x215)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91262CA/serialNumber=D63DE82A759F9657F8F073B251251AAE67BA4BA6
Validity
Not Before: Nov 30 10:34:15 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=638731a6-2595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c7:ef:dc:66:4e:d7:24:e8:d7:d4:99:52:54:
7f:ae:73:aa:48:bf:71:29:ad:42:d8:cc:db:40:fb:
99:59:6b:44:08:11:59:03:c1:bc:1e:3a:37:52:90:
36:6b:3d:ca:5c:6a:69:17:05:09:7d:18:ce:b7:84:
3a:d4:d1:a3:26:f0:89:8a:10:db:2b:e1:24:e6:16:
7b:04:25:b0:48:fb:af:20:4f:81:e4:3b:f9:9d:9a:
87:33:9d:58:34:b4:8b:58:5f:ed:9a:26:58:fe:44:
8a:ec:05:f1:da:d8:cc:6b:0d:40:8c:51:b3:5e:52:
25:01:31:c4:ad:d2:8e:73:76:c8:0a:e1:cf:d8:c1:
6a:f2:a2:b2:c4:ab:30:c6:95:37:b0:8c:08:ff:6d:
d7:97:f2:a1:bc:45:cb:df:26:64:88:28:0a:92:97:
9b:3d:37:56:cc:8d:08:1f:0b:2a:f9:53:51:19:bf:
1c:7b:53:4f:91:d4:f7:ce:1f:d2:82:05:60:6c:52:
5c:51:e7:0d:fb:10:bc:6a:8d:cb:80:2c:b8:ff:23:
02:ca:1c:8e:88:46:7b:09:f5:b1:2e:c8:fc:87:54:
58:09:9a:f2:8b:10:7d:ce:94:d6:ce:96:b7:9a:43:
e6:46:d6:3b:57:57:a3:de:d0:2e:ec:c5:91:48:08:
b6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:72:74:79:5C:07:98:EE:4A:1E:67:63:47:63:40:A6:F1:7A:47:28
X509v3 Authority Key Identifier:
keyid:D6:3D:E8:2A:75:9F:96:57:F8:F0:73:B2:51:25:1A:AE:67:BA:4B:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/1j3oKnWfllf48HOyUSUarme6S6Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1j3oKnWfllf48HOyUSUarme6S6Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/890BB750709A11ED8DC13A6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
147.50.193.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:86:19:72:94:80:66:3f:1c:1e:08:de:e1:c9:01:c9:92:37:
36:af:7b:73:7e:49:76:7a:63:8a:a4:1b:44:21:8e:c9:8a:bd:
28:8d:00:61:fa:57:df:8e:0e:e6:9a:1e:2e:4d:78:e7:4e:dc:
bf:a0:95:15:8d:cb:83:21:54:79:7e:35:23:9d:36:05:21:c0:
3f:ba:56:bd:b1:bc:8c:65:e1:4f:01:ae:cb:e7:c6:48:de:2f:
d4:f6:04:5b:52:36:91:32:ce:de:09:d9:7d:d1:6a:a5:15:03:
d1:59:7d:71:4b:c6:58:b9:d3:03:e6:93:c9:b3:72:ed:ca:0e:
f0:8d:4a:77:2e:f9:b5:6d:e2:6c:e4:9d:5d:46:aa:4d:88:fe:
1c:f8:e2:bf:53:35:fc:b3:bc:e5:ff:a1:87:3b:ac:bd:aa:a3:
cd:ae:33:54:c8:42:7a:4c:15:21:af:7c:d1:1c:03:31:60:31:
e9:02:6b:20:84:c3:a9:bc:78:14:63:67:dc:6f:08:76:f1:64:
89:eb:41:e0:aa:1a:ee:d1:1b:31:36:08:e1:39:86:c6:e5:73:
f3:87:12:63:44:54:5a:38:40:14:e9:e5:08:eb:68:cc:66:56:
21:6d:26:7a:4c:3d:b8:ea:95:83:15:f8:82:ca:ad:e5:d3:1b:
b3:89:d2:f6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAhUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjYyQ0ExMTAvBgNVBAUTKEQ2M0RFODJBNzU5Rjk2NTdGOEYwNzNCMjUxMjUxQUFF
NjdCQTRCQTYwHhcNMjIxMTMwMTAzNDE1WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzg3MzFhNi0yNTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuMfv3GZO1yTo19SZUlR/rnOqSL9xKa1C2MzbQPuZWWtECBFZA8G8Hjo3UpA2
az3KXGppFwUJfRjOt4Q61NGjJvCJihDbK+Ek5hZ7BCWwSPuvIE+B5Dv5nZqHM51Y
NLSLWF/tmiZY/kSK7AXx2tjMaw1AjFGzXlIlATHErdKOc3bICuHP2MFq8qKyxKsw
xpU3sIwI/23Xl/KhvEXL3yZkiCgKkpebPTdWzI0IHwsq+VNRGb8ce1NPkdT3zh/S
ggVgbFJcUecN+xC8ao3LgCy4/yMCyhyOiEZ7CfWxLsj8h1RYCZryixB9zpTWzpa3
mkPmRtY7V1ej3tAu7MWRSAi2lQIDAQABo4IClTCCApEwHQYDVR0OBBYEFONydHlc
B5juSh5nY0djQKbxekcoMB8GA1UdIwQYMBaAFNY96Cp1n5ZX+PBzslElGq5nukum
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNjJDQS9FQzFFRTY1MjhB
NTcxMUVDOTZFQkMwMTRDNEY5QUUwMi8xajNvS25XZmxsZjQ4SE95VVNVYXJtZTZT
NlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzFqM29LbldmbGxmNDhIT3lVU1Vhcm1lNlM2WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjYyQ0EvRUMxRUU2NTI4QTU3MTFFQzk2RUJDMDE0QzRGOUFFMDIvODkwQkI3NTA3
MDlBMTFFRDhEQzEzQTZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACTMsEwDQYJKoZIhvcNAQELBQADggEBAKSGGXKUgGY/HB4I
3uHJAcmSNzave3N+SXZ6Y4qkG0QhjsmKvSiNAGH6V9+ODuaaHi5NeOdO3L+glRWN
y4MhVHl+NSOdNgUhwD+6Vr2xvIxl4U8BrsvnxkjeL9T2BFtSNpEyzt4J2X3RaqUV
A9FZfXFLxli50wPmk8mzcu3KDvCNSncu+bVt4mzknV1Gqk2I/hz44r9TNfyzvOX/
oYc7rL2qo82uM1TIQnpMFSGvfNEcAzFgMekCayCEw6m8eBRjZ9xvCHbxZInrQeCq
Gu7RGzE2COE5hsblc/OHEmNEVFo4QBTp5QjraMxmViFtJnpMPbjqlYMV+ILKreXT
G7OJ0vY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org