Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/77A43610FDFF11EEA5B27330C4F9AE02.roa
File: 77A43610FDFF11EEA5B27330C4F9AE02.roa (raw, json)
Hash identifier: DlyEtjMhfnvpnJxRW+UaNuAjG8ohiZwi/2yPGZhSOtI=
Subject key identifier: E6:08:EA:2A:BD:B5:FC:51:C1:2A:9F:F5:C9:2D:FA:36:92:A5:5E:AD
Certificate issuer: /CN=A91262CA/serialNumber=77A201C58EB3B4208C91BA7ECED936E595E61A19
Certificate serial: 0437
Authority key identifier: 77:A2:01:C5:8E:B3:B4:20:8C:91:BA:7E:CE:D9:36:E5:95:E6:1A:19
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d6IBxY6ztCCMkbp-ztk25ZXmGhk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/77A43610FDFF11EEA5B27330C4F9AE02.roa
Signing time: Fri 19 Apr 2024 03:46:56 +0000
ROA not before: Fri 19 Apr 2024 03:46:56 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 45458
IP address blocks: 58.137.109.0/24 maxlen: 24
58.137.120.0/24 maxlen: 24
58.137.133.0/24 maxlen: 24
58.137.147.0/24 maxlen: 24
58.137.156.0/24 maxlen: 24
58.137.179.0/24 maxlen: 24
58.137.185.0/24 maxlen: 24
58.137.205.0/24 maxlen: 24
203.170.186.0/24 maxlen: 24
203.170.187.0/24 maxlen: 24
203.170.206.0/24 maxlen: 24
203.170.207.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1079 (0x437)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91262CA
Validity
Not Before: Apr 19 03:46:56 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=6621e930-8f16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2f:d5:4c:cc:f0:a7:fd:af:2f:d0:58:79:55:
ad:a8:9b:41:4a:01:92:ee:0c:88:1a:02:75:f7:b3:
72:ff:42:a6:e7:8a:ed:18:9d:f9:6f:21:50:00:c8:
99:91:6d:58:65:58:00:40:9b:8f:09:42:17:60:2c:
1d:89:6a:d2:03:6d:93:8b:13:97:1e:3c:63:0a:b7:
04:a9:0c:12:39:5d:52:2b:82:a0:6d:de:8d:9f:77:
6d:9e:c9:c0:f0:67:89:a0:21:52:e4:4e:74:f5:4e:
e0:2f:7c:12:ee:38:23:28:06:f7:dd:70:05:45:69:
f2:cd:bb:dd:3c:04:f7:53:2a:50:83:c9:9f:8d:47:
d7:a2:2f:7f:b1:7a:7c:9a:d8:49:ac:8e:8a:cd:50:
50:f9:c3:9b:92:fb:8f:33:06:12:25:12:04:0a:53:
cc:e1:a6:24:c8:10:09:d2:c5:40:02:0e:aa:40:6c:
80:26:dd:3d:ec:3a:09:ce:7d:4f:05:98:13:8e:5f:
20:d4:ac:4c:45:cf:ab:2a:11:88:66:69:6a:3d:6c:
36:b1:ca:8f:3a:4e:dc:f9:c8:dd:ef:8a:34:0c:bb:
45:5c:24:32:d9:23:e8:ac:99:97:9f:8e:62:99:a5:
51:59:76:ce:49:a5:c2:ae:6e:be:ee:b3:b2:91:1b:
b9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:08:EA:2A:BD:B5:FC:51:C1:2A:9F:F5:C9:2D:FA:36:92:A5:5E:AD
X509v3 Authority Key Identifier:
keyid:77:A2:01:C5:8E:B3:B4:20:8C:91:BA:7E:CE:D9:36:E5:95:E6:1A:19
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/d6IBxY6ztCCMkbp-ztk25ZXmGhk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d6IBxY6ztCCMkbp-ztk25ZXmGhk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/77A43610FDFF11EEA5B27330C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.137.109.0/24
58.137.120.0/24
58.137.133.0/24
58.137.147.0/24
58.137.156.0/24
58.137.179.0/24
58.137.185.0/24
58.137.205.0/24
203.170.186.0/23
203.170.206.0/23
Signature Algorithm: sha256WithRSAEncryption
43:4e:68:e8:28:ce:37:e5:55:e5:c2:f2:ff:f7:e8:59:93:e1:
58:0b:e0:02:e4:07:bc:4f:e8:3b:f3:a4:f8:85:90:09:5d:f5:
32:a3:88:10:10:6a:56:5a:92:4e:4e:13:3f:98:c3:f3:e4:e5:
e1:c1:4a:41:e9:05:da:3f:d9:49:e2:fe:fa:c9:22:d9:35:04:
00:5d:c9:b6:37:7c:bc:67:b7:90:a8:bf:53:2d:5f:99:b7:74:
44:3c:e4:c0:88:5e:23:d6:14:ff:e0:a5:67:ed:92:db:00:5d:
10:3c:aa:aa:d0:27:c3:dc:94:df:d5:5a:f9:66:ee:33:b8:d6:
f6:30:77:1e:5b:ff:7b:99:a9:1e:3b:1b:53:4d:b9:48:f6:93:
66:35:56:8a:11:bf:a6:4a:8f:fb:0c:e1:07:e0:ba:d5:4b:ca:
9c:60:91:06:d4:24:9f:b8:0c:66:74:e4:32:1b:18:a6:ea:39:
28:f5:72:c2:b2:d3:b2:2f:68:06:88:d5:0e:86:ac:d2:0c:9f:
98:1b:ba:3a:11:2e:c3:1c:bf:ea:e1:13:2a:ca:85:ec:4b:d4:
16:5b:68:ae:f3:47:5f:91:18:49:fa:0f:82:a0:ae:24:17:70:
25:66:73:25:03:1a:62:aa:87:79:38:5a:6c:78:d6:a3:4b:3d:
ea:48:aa:69
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgICBDcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjYyQ0ExMTAvBgNVBAUTKDc3QTIwMUM1OEVCM0I0MjA4QzkxQkE3RUNFRDkzNkU1
OTVFNjFBMTkwHhcNMjQwNDE5MDM0NjU2WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjIxZTkzMC04ZjE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0S/VTMzwp/2vL9BYeVWtqJtBSgGS7gyIGgJ197Ny/0Km54rtGJ35byFQAMiZ
kW1YZVgAQJuPCUIXYCwdiWrSA22TixOXHjxjCrcEqQwSOV1SK4Kgbd6Nn3dtnsnA
8GeJoCFS5E509U7gL3wS7jgjKAb33XAFRWnyzbvdPAT3UypQg8mfjUfXoi9/sXp8
mthJrI6KzVBQ+cObkvuPMwYSJRIEClPM4aYkyBAJ0sVAAg6qQGyAJt097DoJzn1P
BZgTjl8g1KxMRc+rKhGIZmlqPWw2scqPOk7c+cjd74o0DLtFXCQy2SPorJmXn45i
maVRWXbOSaXCrm6+7rOykRu5mwIDAQABo4ICyzCCAscwHQYDVR0OBBYEFOYI6iq9
tfxRwSqf9ckt+jaSpV6tMB8GA1UdIwQYMBaAFHeiAcWOs7QgjJG6fs7ZNuWV5hoZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNjJDQS9GNUVEQzdGQzhB
NTcxMUVDOTZFQkMwMTRDNEY5QUUwMi9kNklCeFk2enRDQ01rYnAtenRrMjVaWG1H
aGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Q2SUJ4WTZ6dENDTWticC16dGsyNVpYbUdoay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjYyQ0EvRjVFREM3RkM4QTU3MTFFQzk2RUJDMDE0QzRGOUFFMDIvNzdBNDM2MTBG
REZGMTFFRUE1QjI3MzMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E
RjBEMEIEAgABMDwDBAA6iW0DBAA6iXgDBAA6iYUDBAA6iZMDBAA6iZwDBAA6ibMD
BAA6ibkDBAA6ic0DBAHLqroDBAHLqs4wDQYJKoZIhvcNAQELBQADggEBAENOaOgo
zjflVeXC8v/36FmT4VgL4ALkB7xP6DvzpPiFkAld9TKjiBAQalZakk5OEz+Yw/Pk
5eHBSkHpBdo/2Uni/vrJItk1BABdybY3fLxnt5Cov1MtX5m3dEQ85MCIXiPWFP/g
pWftktsAXRA8qqrQJ8PclN/VWvlm7jO41vYwdx5b/3uZqR47G1NNuUj2k2Y1VooR
v6ZKj/sM4QfgutVLypxgkQbUJJ+4DGZ05DIbGKbqOSj1csKy07IvaAaI1Q6GrNIM
n5gbujoRLsMcv+rhEyrKhexL1BZbaK7zR1+RGEn6D4KgriQXcCVmcyUDGmKqh3k4
Wmx41qNLPepIqmk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:39 2025 by rpki-client