Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912A3E1/9FD58DA605B011EA92354B5AC4F9AE02/538757B205B111EA8E923A5BC4F9AE02.roa
File: 538757B205B111EA8E923A5BC4F9AE02.roa (raw, json)
Hash identifier: O+Jn6i8Dsi0Cxt/ojCe7a/h13JMSDpfsDuEy1usrn/c=
Subject key identifier: 1C:F0:CE:C7:42:9C:AA:E9:13:D2:52:8D:B6:B5:73:1B:DD:FA:90:E7
Certificate issuer: /CN=A912A3E1/serialNumber=F35268F976E8AE71FEFA66CA4516361C58AE1D91
Certificate serial: 0AB9
Authority key identifier: F3:52:68:F9:76:E8:AE:71:FE:FA:66:CA:45:16:36:1C:58:AE:1D:91
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/81Jo-XbornH--mbKRRY2HFiuHZE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912A3E1/9FD58DA605B011EA92354B5AC4F9AE02/538757B205B111EA8E923A5BC4F9AE02.roa
Signing time: Tue 04 Apr 2023 20:16:57 +0000
ROA not before: Tue 04 Apr 2023 20:16:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9745
IP address blocks: 202.6.124.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2745 (0xab9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912A3E1/serialNumber=F35268F976E8AE71FEFA66CA4516361C58AE1D91
Validity
Not Before: Apr 4 20:16:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=642c85b9-b54a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:28:b0:ce:c4:2f:6d:45:11:74:0e:f5:98:53:
4d:ba:9c:3f:fe:d4:7e:4d:5f:55:8f:3a:ea:62:b3:
2b:aa:ef:b1:29:ac:f4:ce:a5:df:96:07:01:07:c5:
5f:82:62:09:4a:47:14:3e:cf:de:a4:98:d5:60:b2:
0d:92:b8:c7:e7:08:38:96:58:d2:0e:c9:c8:18:28:
a8:60:b7:ab:26:a2:5a:96:27:cb:31:e4:bd:0c:35:
c4:cf:91:6e:63:5a:48:26:02:29:70:d8:a2:57:5e:
a7:ca:78:a8:d5:e2:8c:42:ad:05:ef:1b:7d:a3:2a:
f0:e7:74:05:69:2f:bd:4c:18:58:da:d7:8d:88:5c:
a9:08:d0:07:5d:30:4c:b2:09:b6:cc:a7:01:d6:89:
99:88:85:ec:32:3e:36:16:46:1d:81:ef:f8:45:79:
79:66:9b:56:9e:32:af:6f:80:ba:78:00:fd:73:b9:
25:0f:aa:1c:75:dd:42:94:f3:39:f5:4c:e6:a3:2e:
f0:76:b6:b8:1b:fc:0d:f2:0d:ce:a0:83:ba:cb:86:
78:58:a8:f3:31:e2:d5:90:83:dc:05:a1:99:b3:41:
05:e9:38:04:87:9d:ff:09:9a:c4:8f:e3:66:bd:f6:
1a:33:b7:79:90:5f:10:91:9d:e5:79:a5:43:90:0a:
1f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:F0:CE:C7:42:9C:AA:E9:13:D2:52:8D:B6:B5:73:1B:DD:FA:90:E7
X509v3 Authority Key Identifier:
keyid:F3:52:68:F9:76:E8:AE:71:FE:FA:66:CA:45:16:36:1C:58:AE:1D:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912A3E1/9FD58DA605B011EA92354B5AC4F9AE02/81Jo-XbornH--mbKRRY2HFiuHZE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/81Jo-XbornH--mbKRRY2HFiuHZE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912A3E1/9FD58DA605B011EA92354B5AC4F9AE02/538757B205B111EA8E923A5BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.6.124.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:85:f8:99:1d:c7:39:d8:5d:66:df:41:4f:50:22:1a:55:61:
72:45:4d:87:96:31:43:5f:20:d4:d3:8c:00:a7:c0:97:ee:0c:
91:33:23:b9:55:03:a2:bc:c5:ea:2f:c3:db:18:55:27:d7:57:
71:e2:9d:1e:08:8c:73:3b:f8:14:f0:ea:11:bc:68:e3:80:fa:
a9:cf:0a:fb:cc:52:1c:cd:4b:66:7e:fd:0c:d1:42:fc:82:28:
93:68:3b:9b:e1:62:e9:4d:0f:8c:64:00:10:ad:75:b3:2f:9d:
2c:ec:c6:0b:00:1c:be:61:63:51:f8:c9:ec:91:ff:dd:b6:14:
da:6b:16:e6:b1:a4:20:49:1e:8e:29:82:d1:d3:47:5e:41:e1:
e5:86:06:18:5e:da:a5:66:ea:09:c0:71:5e:fd:55:cf:22:a9:
ab:ff:6c:fb:fe:65:36:79:46:90:2b:9f:4e:4c:e0:c9:3a:42:
37:66:c9:a9:be:3a:8c:96:7b:75:ac:53:11:c7:b4:49:88:f7:
2e:b6:e2:c9:cf:c8:3b:46:78:18:95:f4:e1:88:80:b6:2f:78:
50:82:3c:88:ed:22:c0:2b:0e:08:b2:b2:48:e5:d1:4d:7f:74:
20:7b:e0:55:b8:0a:0f:29:41:b7:35:a0:c1:87:ba:93:e9:55:
1d:be:c9:30
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCrkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkEzRTExMTAvBgNVBAUTKEYzNTI2OEY5NzZFOEFFNzFGRUZBNjZDQTQ1MTYzNjFD
NThBRTFEOTEwHhcNMjMwNDA0MjAxNjU3WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDJjODViOS1iNTRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0CiwzsQvbUURdA71mFNNupw//tR+TV9VjzrqYrMrqu+xKaz0zqXflgcBB8Vf
gmIJSkcUPs/epJjVYLINkrjH5wg4lljSDsnIGCioYLerJqJalifLMeS9DDXEz5Fu
Y1pIJgIpcNiiV16nynio1eKMQq0F7xt9oyrw53QFaS+9TBhY2teNiFypCNAHXTBM
sgm2zKcB1omZiIXsMj42FkYdge/4RXl5ZptWnjKvb4C6eAD9c7klD6ocdd1ClPM5
9Uzmoy7wdra4G/wN8g3OoIO6y4Z4WKjzMeLVkIPcBaGZs0EF6TgEh53/CZrEj+Nm
vfYaM7d5kF8QkZ3leaVDkAoftwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBzwzsdC
nKrpE9JSjba1cxvd+pDnMB8GA1UdIwQYMBaAFPNSaPl26K5x/vpmykUWNhxYrh2R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQTNFMS85RkQ1OERBNjA1
QjAxMUVBOTIzNTRCNUFDNEY5QUUwMi84MUpvLVhib3JuSC0tbWJLUlJZMkhGaXVI
WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzgxSm8tWGJvcm5ILS1tYktSUlkySEZpdUhaRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkEzRTEvOUZENThEQTYwNUIwMTFFQTkyMzU0QjVBQzRGOUFFMDIvNTM4NzU3QjIw
NUIxMTFFQThFOTIzQTVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALKBnwwDQYJKoZIhvcNAQELBQADggEBADyF+JkdxznYXWbf
QU9QIhpVYXJFTYeWMUNfINTTjACnwJfuDJEzI7lVA6K8xeovw9sYVSfXV3HinR4I
jHM7+BTw6hG8aOOA+qnPCvvMUhzNS2Z+/QzRQvyCKJNoO5vhYulND4xkABCtdbMv
nSzsxgsAHL5hY1H4yeyR/922FNprFuaxpCBJHo4pgtHTR15B4eWGBhhe2qVm6gnA
cV79Vc8iqav/bPv+ZTZ5RpArn05M4Mk6Qjdmyam+OoyWe3WsUxHHtEmI9y624snP
yDtGeBiV9OGIgLYveFCCPIjtIsArDgiyskjl0U1/dCB74FW4Cg8pQbc1oMGHupPp
VR2+yTA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org