Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/9E47CEE2A05111ED8B25FE52C4F9AE02.roa
File: 9E47CEE2A05111ED8B25FE52C4F9AE02.roa (raw, json)
Hash identifier: Ci7k8jnlUIenhdrlwV/H6jg/3CvLtCgQJQQ8Aq+XQHw=
Subject key identifier: 53:E9:D9:65:E7:AA:BF:B6:20:13:A9:67:E7:4D:C2:62:71:37:8E:06
Certificate issuer: /CN=A91262CA/serialNumber=D63DE82A759F9657F8F073B251251AAE67BA4BA6
Certificate serial: 025E
Authority key identifier: D6:3D:E8:2A:75:9F:96:57:F8:F0:73:B2:51:25:1A:AE:67:BA:4B:A6
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1j3oKnWfllf48HOyUSUarme6S6Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/9E47CEE2A05111ED8B25FE52C4F9AE02.roa
Signing time: Mon 30 Jan 2023 03:53:13 +0000
ROA not before: Mon 30 Jan 2023 03:53:13 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 45458
IP address blocks: 147.50.192.0/19 maxlen: 19
147.50.192.0/24 maxlen: 24
147.50.195.0/24 maxlen: 24
147.50.201.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 606 (0x25e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91262CA/serialNumber=D63DE82A759F9657F8F073B251251AAE67BA4BA6
Validity
Not Before: Jan 30 03:53:13 2023 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=63d73f28-d0bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:09:99:c5:25:52:0a:d0:99:3b:3b:de:bd:fc:
ca:6f:74:1c:d7:43:8f:93:5a:18:a4:db:38:57:b2:
c3:b2:83:81:fc:8c:c9:f0:bf:a2:ef:3c:6a:fb:c9:
41:89:bc:12:75:8c:34:4e:42:33:a0:8d:c5:f4:61:
47:ca:2b:31:d1:26:36:7a:6e:df:76:67:82:d4:b7:
05:b7:50:de:ff:3f:f3:8a:e7:dc:b6:c7:9b:fb:59:
e8:1d:dc:ae:24:9e:e3:f6:b3:f0:66:44:47:a1:de:
95:e7:0b:9d:6c:28:ad:64:32:74:d7:44:b7:c8:15:
63:14:53:d2:4b:68:28:3c:67:c8:45:4b:ba:0a:01:
9a:ca:cd:6f:c8:97:53:2f:3d:9f:4b:67:7a:08:d9:
19:cd:90:96:a2:ea:73:0b:fe:c1:02:2f:28:a3:8d:
fb:1a:19:be:51:5d:c3:f5:23:19:ab:24:fe:e9:b0:
2b:dd:cf:13:d5:75:22:ea:52:ac:9f:f6:fc:6c:1c:
dd:67:9f:5c:ef:3b:b6:cd:b1:99:b6:70:48:fb:98:
46:21:6f:1b:51:32:a9:90:aa:88:1a:e9:6e:c4:29:
e5:70:01:e1:71:c8:15:3e:80:f7:4a:b5:2c:cd:3d:
ba:72:76:f8:07:cc:45:d2:33:11:a6:fe:27:41:40:
90:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:E9:D9:65:E7:AA:BF:B6:20:13:A9:67:E7:4D:C2:62:71:37:8E:06
X509v3 Authority Key Identifier:
keyid:D6:3D:E8:2A:75:9F:96:57:F8:F0:73:B2:51:25:1A:AE:67:BA:4B:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/1j3oKnWfllf48HOyUSUarme6S6Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1j3oKnWfllf48HOyUSUarme6S6Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/9E47CEE2A05111ED8B25FE52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
147.50.192.0/19
Signature Algorithm: sha256WithRSAEncryption
5b:6e:d9:00:ab:d2:ce:c7:83:0d:16:fb:29:6b:14:2f:28:c3:
69:d5:77:70:25:ea:e7:cd:da:06:9d:8b:ff:61:db:3a:33:d4:
6b:fe:8b:6c:f6:06:e5:19:09:b3:c2:f2:aa:a8:fb:c2:f3:71:
38:ac:06:c5:6c:6b:36:85:d4:ac:54:00:0d:ba:04:8c:3a:4d:
68:21:be:25:0e:03:a9:1f:08:e8:44:03:72:b1:0d:4c:4a:c3:
56:c2:21:74:92:33:95:dc:10:b0:ce:ba:5e:54:24:d6:c2:dc:
4b:f6:ff:f2:a8:9d:af:3e:74:5b:06:54:f0:ae:20:9b:72:e3:
6d:48:88:a1:11:81:bc:21:f6:ca:d3:5b:32:23:8e:7e:f5:2b:
6b:31:24:bb:15:65:05:58:59:fe:e3:bf:07:f4:10:83:8e:77:
9e:ef:d0:49:a8:ee:8b:61:a5:11:99:2a:b0:3e:dd:f0:18:eb:
e2:02:27:2f:16:02:97:b1:48:05:f6:75:80:d4:78:4b:64:ca:
5d:90:a4:ba:1e:37:33:9e:59:c9:83:2e:37:85:05:04:b2:7c:
32:72:57:f7:98:e0:ed:40:1c:45:f4:e0:83:61:2b:7f:62:19:
f7:2b:cb:02:78:72:2b:4d:a7:fa:e6:65:0b:b7:8c:20:59:fa:
3a:e6:dc:6c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAl4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjYyQ0ExMTAvBgNVBAUTKEQ2M0RFODJBNzU5Rjk2NTdGOEYwNzNCMjUxMjUxQUFF
NjdCQTRCQTYwHhcNMjMwMTMwMDM1MzEzWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Q3M2YyOC1kMGJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuAmZxSVSCtCZOzvevfzKb3Qc10OPk1oYpNs4V7LDsoOB/IzJ8L+i7zxq+8lB
ibwSdYw0TkIzoI3F9GFHyisx0SY2em7fdmeC1LcFt1De/z/ziufctseb+1noHdyu
JJ7j9rPwZkRHod6V5wudbCitZDJ010S3yBVjFFPSS2goPGfIRUu6CgGays1vyJdT
Lz2fS2d6CNkZzZCWoupzC/7BAi8oo437Ghm+UV3D9SMZqyT+6bAr3c8T1XUi6lKs
n/b8bBzdZ59c7zu2zbGZtnBI+5hGIW8bUTKpkKqIGuluxCnlcAHhccgVPoD3SrUs
zT26cnb4B8xF0jMRpv4nQUCQ+QIDAQABo4IClTCCApEwHQYDVR0OBBYEFFPp2WXn
qr+2IBOpZ+dNwmJxN44GMB8GA1UdIwQYMBaAFNY96Cp1n5ZX+PBzslElGq5nukum
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNjJDQS9FQzFFRTY1MjhB
NTcxMUVDOTZFQkMwMTRDNEY5QUUwMi8xajNvS25XZmxsZjQ4SE95VVNVYXJtZTZT
NlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzFqM29LbldmbGxmNDhIT3lVU1Vhcm1lNlM2WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjYyQ0EvRUMxRUU2NTI4QTU3MTFFQzk2RUJDMDE0QzRGOUFFMDIvOUU0N0NFRTJB
MDUxMTFFRDhCMjVGRTUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAWTMsAwDQYJKoZIhvcNAQELBQADggEBAFtu2QCr0s7Hgw0W
+ylrFC8ow2nVd3Al6ufN2gadi/9h2zoz1Gv+i2z2BuUZCbPC8qqo+8LzcTisBsVs
azaF1KxUAA26BIw6TWghviUOA6kfCOhEA3KxDUxKw1bCIXSSM5XcELDOul5UJNbC
3Ev2//Kona8+dFsGVPCuIJty421IiKERgbwh9srTWzIjjn71K2sxJLsVZQVYWf7j
vwf0EIOOd57v0Emo7othpRGZKrA+3fAY6+ICJy8WApexSAX2dYDUeEtkyl2QpLoe
NzOeWcmDLjeFBQSyfDJyV/eY4O1AHEX04INhK39iGfcrywJ4citNp/rmZQu3jCBZ
+jrm3Gw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org