Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9130626/310572EAAF0911E9AF7C4444C4F9AE02/5EF2D2DAF24811ECB16C3736C4F9AE02.roa
File: 5EF2D2DAF24811ECB16C3736C4F9AE02.roa (raw, json)
Hash identifier: HFmkhtjx1MqMmdX2lMjupfHbJyRsxzo/ALkrPkOGEAo=
Subject key identifier: 0E:05:D2:AC:8E:EB:10:CB:EE:38:89:CA:D8:1B:AD:39:46:A1:AE:C7
Certificate issuer: /CN=A9130626/serialNumber=54CD681089E7F49552BAEC56A076B1ECF25EFE06
Certificate serial: 06A1
Authority key identifier: 54:CD:68:10:89:E7:F4:95:52:BA:EC:56:A0:76:B1:EC:F2:5E:FE:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VM1oEInn9JVSuuxWoHax7PJe_gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9130626/310572EAAF0911E9AF7C4444C4F9AE02/5EF2D2DAF24811ECB16C3736C4F9AE02.roa
Signing time: Wed 22 Jun 2022 16:28:39 +0000
ROA not before: Wed 22 Jun 2022 16:28:39 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 141723
IP address blocks: 160.202.130.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1697 (0x6a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9130626/serialNumber=54CD681089E7F49552BAEC56A076B1ECF25EFE06
Validity
Not Before: Jun 22 16:28:39 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=62b34336-0e02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:65:fb:08:b6:39:d9:43:68:bd:e0:04:7c:51:
67:0c:52:f1:5f:86:88:9a:48:9b:07:eb:10:f0:53:
9f:2b:fd:f1:7d:3b:cd:2e:7d:bc:9b:83:6e:07:f4:
c9:31:45:2e:59:c6:ad:fe:aa:e4:2d:e7:87:39:d3:
a5:64:08:d0:92:94:00:8e:ee:c5:9f:a0:44:4c:a4:
b4:49:24:ab:42:39:85:0f:d1:2d:31:33:f8:5a:95:
be:d3:a3:63:2e:93:08:a3:cf:73:15:98:6c:82:1b:
f3:d9:b1:23:8d:19:06:30:12:9d:f2:1c:e4:95:f3:
29:17:b3:0d:84:e0:7f:8f:34:ac:8a:79:3c:bf:6b:
88:99:98:8d:3f:3b:ad:a7:bf:0b:b6:2e:1e:b5:be:
f6:34:bb:23:93:f6:15:49:02:1f:73:d2:13:72:3b:
84:6b:e6:a1:65:ef:87:6a:23:3b:64:7f:fd:28:2c:
67:92:b5:cb:f0:00:ab:fc:4a:48:ae:60:54:87:18:
64:40:36:99:0e:fb:59:12:84:e6:77:42:b6:34:1e:
1f:bb:b3:4b:c6:6e:a5:8e:95:87:79:94:19:42:30:
45:5c:17:c6:bb:7a:50:aa:89:b5:0e:16:e2:ca:1d:
14:3d:f3:00:b5:07:97:a5:ae:f9:26:13:51:98:22:
c6:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:05:D2:AC:8E:EB:10:CB:EE:38:89:CA:D8:1B:AD:39:46:A1:AE:C7
X509v3 Authority Key Identifier:
keyid:54:CD:68:10:89:E7:F4:95:52:BA:EC:56:A0:76:B1:EC:F2:5E:FE:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9130626/310572EAAF0911E9AF7C4444C4F9AE02/VM1oEInn9JVSuuxWoHax7PJe_gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VM1oEInn9JVSuuxWoHax7PJe_gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9130626/310572EAAF0911E9AF7C4444C4F9AE02/5EF2D2DAF24811ECB16C3736C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.202.130.0/24
Signature Algorithm: sha256WithRSAEncryption
49:4c:bf:6a:3f:86:b0:44:e9:d9:27:4b:ea:f4:5e:9e:15:d7:
3a:61:7c:42:8c:7f:bb:0f:62:23:92:8d:e6:fb:aa:13:b3:a5:
94:fd:a6:d0:5b:46:cc:5c:c6:50:fd:e0:43:bd:9a:2f:ca:68:
ce:0e:1f:7f:72:c1:18:6a:45:c7:34:f4:a1:e2:82:3f:1e:8c:
4c:66:13:35:64:f3:9e:e4:f4:a0:dc:41:c4:58:b7:60:14:f4:
16:93:0e:af:51:4a:e1:05:21:c1:e6:12:1c:46:d2:98:42:a7:
d4:23:e2:04:34:f0:6e:10:4d:6b:a9:3c:33:20:9b:fb:6a:cb:
86:ac:ee:38:02:f6:0c:60:39:9f:f0:06:de:01:7b:b3:e9:f6:
bd:94:9b:89:84:39:d6:f0:be:1c:03:11:7d:83:36:a6:42:8c:
43:a5:88:44:c2:21:58:2c:05:5b:db:49:56:01:56:0a:7b:2a:
9b:1a:fd:d8:c5:e4:10:6d:46:50:0a:e6:aa:f1:e3:34:28:77:
a8:77:4b:28:cd:49:91:8b:44:db:eb:2e:0e:8c:e9:9b:60:3a:
c9:68:b6:00:a6:e1:a6:c7:6a:95:df:af:ee:3c:70:9c:18:4d:
11:ec:41:c4:2f:73:a7:92:56:35:c7:b6:1a:90:34:1e:18:54:
bb:96:1d:c2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBqEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzA2MjYxMTAvBgNVBAUTKDU0Q0Q2ODEwODlFN0Y0OTU1MkJBRUM1NkEwNzZCMUVD
RjI1RUZFMDYwHhcNMjIwNjIyMTYyODM5WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmIzNDMzNi0wZTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxmX7CLY52UNoveAEfFFnDFLxX4aImkibB+sQ8FOfK/3xfTvNLn28m4NuB/TJ
MUUuWcat/qrkLeeHOdOlZAjQkpQAju7Fn6BETKS0SSSrQjmFD9EtMTP4WpW+06Nj
LpMIo89zFZhsghvz2bEjjRkGMBKd8hzklfMpF7MNhOB/jzSsink8v2uImZiNPzut
p78Lti4etb72NLsjk/YVSQIfc9ITcjuEa+ahZe+HaiM7ZH/9KCxnkrXL8ACr/EpI
rmBUhxhkQDaZDvtZEoTmd0K2NB4fu7NLxm6ljpWHeZQZQjBFXBfGu3pQqom1Dhbi
yh0UPfMAtQeXpa75JhNRmCLGtQIDAQABo4IClTCCApEwHQYDVR0OBBYEFA4F0qyO
6xDL7jiJytgbrTlGoa7HMB8GA1UdIwQYMBaAFFTNaBCJ5/SVUrrsVqB2sezyXv4G
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMDYyNi8zMTA1NzJFQUFG
MDkxMUU5QUY3QzQ0NDRDNEY5QUUwMi9WTTFvRUlubjlKVlN1dXhXb0hheDdQSmVf
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZNMW9FSW5uOUpWU3V1eFdvSGF4N1BKZV9nWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzA2MjYvMzEwNTcyRUFBRjA5MTFFOUFGN0M0NDQ0QzRGOUFFMDIvNUVGMkQyREFG
MjQ4MTFFQ0IxNkMzNzM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACgyoIwDQYJKoZIhvcNAQELBQADggEBAElMv2o/hrBE6dkn
S+r0Xp4V1zphfEKMf7sPYiOSjeb7qhOzpZT9ptBbRsxcxlD94EO9mi/KaM4OH39y
wRhqRcc09KHigj8ejExmEzVk857k9KDcQcRYt2AU9BaTDq9RSuEFIcHmEhxG0phC
p9Qj4gQ08G4QTWupPDMgm/tqy4as7jgC9gxgOZ/wBt4Be7Pp9r2Um4mEOdbwvhwD
EX2DNqZCjEOliETCIVgsBVvbSVYBVgp7Kpsa/djF5BBtRlAK5qrx4zQod6h3SyjN
SZGLRNvrLg6M6ZtgOslotgCm4abHapXfr+48cJwYTRHsQcQvc6eSVjXHthqQNB4Y
VLuWHcI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:36 2023 by rpki-client on console-ams.rpki-client.org