Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9130626/310572EAAF0911E9AF7C4444C4F9AE02/601F2E4CF24811ECB16C3736C4F9AE02.roa
File: 601F2E4CF24811ECB16C3736C4F9AE02.roa (raw, json)
Hash identifier: syLl58vNfB04juMyaVNyBqmSTAony3ub9p/SrTIDl+o=
Subject key identifier: 53:5A:EA:99:78:15:B2:17:63:7D:4B:EA:49:52:EC:E3:FA:EC:72:DE
Certificate issuer: /CN=A9130626/serialNumber=54CD681089E7F49552BAEC56A076B1ECF25EFE06
Certificate serial: 06A2
Authority key identifier: 54:CD:68:10:89:E7:F4:95:52:BA:EC:56:A0:76:B1:EC:F2:5E:FE:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VM1oEInn9JVSuuxWoHax7PJe_gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9130626/310572EAAF0911E9AF7C4444C4F9AE02/601F2E4CF24811ECB16C3736C4F9AE02.roa
Signing time: Wed 22 Jun 2022 16:28:41 +0000
ROA not before: Wed 22 Jun 2022 16:28:41 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 18022
IP address blocks: 160.202.128.0/23 maxlen: 24
160.202.131.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1698 (0x6a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9130626/serialNumber=54CD681089E7F49552BAEC56A076B1ECF25EFE06
Validity
Not Before: Jun 22 16:28:41 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=62b34338-a715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fe:93:5b:7c:af:a5:24:33:ee:7d:44:e7:6f:
12:80:a5:56:3b:29:5f:a7:02:c5:70:8e:21:7f:2e:
3b:f5:90:ad:38:a0:4e:69:96:93:6a:95:f5:96:6c:
54:d4:06:a0:1c:2a:81:84:76:b8:7a:94:49:83:b2:
63:d3:1f:7d:aa:d8:c3:6f:d3:b9:51:7a:14:55:a9:
4d:dd:63:01:ad:40:b9:23:87:8c:3e:de:0d:76:36:
84:ad:86:68:dc:6c:31:df:b5:b4:81:1b:ee:8d:c3:
f1:1f:fc:64:0e:82:0b:c4:94:31:8d:58:62:8a:6d:
20:f3:33:56:be:34:4c:e4:3c:ef:36:72:71:ee:07:
69:52:23:8f:a6:c4:44:73:3a:f1:56:d6:ee:6d:74:
5f:7e:a6:be:49:6f:44:52:de:d1:89:2e:d9:d7:c6:
ea:ae:d6:86:f5:41:e2:1c:3d:6b:0e:cf:a1:fb:82:
df:51:1e:90:2c:38:1b:4e:ed:a8:8f:95:27:6e:bb:
6b:b4:22:56:aa:17:c1:8a:49:fd:c2:9d:1d:df:b9:
0e:65:ba:76:62:3a:00:a8:ec:da:16:1a:5a:c3:6a:
4b:94:3e:47:1d:70:ce:1c:a7:55:cd:bd:27:c2:b0:
e7:4d:15:41:c9:51:52:1b:59:ee:35:8b:8e:6e:c2:
72:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:5A:EA:99:78:15:B2:17:63:7D:4B:EA:49:52:EC:E3:FA:EC:72:DE
X509v3 Authority Key Identifier:
keyid:54:CD:68:10:89:E7:F4:95:52:BA:EC:56:A0:76:B1:EC:F2:5E:FE:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9130626/310572EAAF0911E9AF7C4444C4F9AE02/VM1oEInn9JVSuuxWoHax7PJe_gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VM1oEInn9JVSuuxWoHax7PJe_gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9130626/310572EAAF0911E9AF7C4444C4F9AE02/601F2E4CF24811ECB16C3736C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.202.128.0/23
160.202.131.0/24
Signature Algorithm: sha256WithRSAEncryption
68:c7:c6:ec:04:49:8c:bc:ad:5b:11:7d:b4:76:c8:60:bd:4f:
26:55:4d:d1:61:70:62:4f:26:08:62:73:66:41:bd:b0:e5:92:
bd:6a:b0:4f:ec:30:d8:dd:98:03:59:96:81:0c:e3:c1:1c:da:
5b:27:9f:b4:70:93:e6:09:d8:61:fb:70:be:c8:1a:4c:7c:d8:
df:1e:2c:91:de:7d:b5:c7:ae:fd:b9:a9:f9:49:3f:b2:8b:28:
34:29:13:29:97:40:13:c0:ea:47:67:2d:a9:0f:88:9f:a9:36:
80:aa:0b:e3:d5:b4:df:b9:1e:7f:7b:80:47:20:3c:4f:79:f6:
ba:77:5c:a7:6b:a8:9c:9e:de:34:7f:70:a3:46:68:7e:58:df:
49:91:74:9f:75:bd:29:cf:03:fd:f4:be:bb:eb:89:17:1f:4a:
f5:a2:51:b0:98:80:bf:64:35:7c:c6:75:00:2c:50:99:93:8f:
62:5f:e8:b4:42:e3:78:3d:cc:f1:1f:52:da:82:21:54:1d:bc:
03:b1:38:09:ea:64:32:16:01:e2:4b:fd:57:12:e2:86:b2:01:
98:d6:54:22:fa:6e:9a:20:cf:e6:be:20:b4:fd:4d:98:12:85:
45:9f:30:dd:b3:f1:a8:8e:c8:68:f6:7e:f7:d5:0f:b2:16:84:
7c:c1:58:87
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBqIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzA2MjYxMTAvBgNVBAUTKDU0Q0Q2ODEwODlFN0Y0OTU1MkJBRUM1NkEwNzZCMUVD
RjI1RUZFMDYwHhcNMjIwNjIyMTYyODQxWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmIzNDMzOC1hNzE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv/6TW3yvpSQz7n1E528SgKVWOylfpwLFcI4hfy479ZCtOKBOaZaTapX1lmxU
1AagHCqBhHa4epRJg7Jj0x99qtjDb9O5UXoUValN3WMBrUC5I4eMPt4NdjaErYZo
3Gwx37W0gRvujcPxH/xkDoILxJQxjVhiim0g8zNWvjRM5DzvNnJx7gdpUiOPpsRE
czrxVtbubXRffqa+SW9EUt7RiS7Z18bqrtaG9UHiHD1rDs+h+4LfUR6QLDgbTu2o
j5UnbrtrtCJWqhfBikn9wp0d37kOZbp2YjoAqOzaFhpaw2pLlD5HHXDOHKdVzb0n
wrDnTRVByVFSG1nuNYuObsJysQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFFNa6pl4
FbIXY31L6klS7OP67HLeMB8GA1UdIwQYMBaAFFTNaBCJ5/SVUrrsVqB2sezyXv4G
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMDYyNi8zMTA1NzJFQUFG
MDkxMUU5QUY3QzQ0NDRDNEY5QUUwMi9WTTFvRUlubjlKVlN1dXhXb0hheDdQSmVf
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZNMW9FSW5uOUpWU3V1eFdvSGF4N1BKZV9nWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzA2MjYvMzEwNTcyRUFBRjA5MTFFOUFGN0M0NDQ0QzRGOUFFMDIvNjAxRjJFNENG
MjQ4MTFFQ0IxNkMzNzM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAGgyoADBACgyoMwDQYJKoZIhvcNAQELBQADggEBAGjHxuwE
SYy8rVsRfbR2yGC9TyZVTdFhcGJPJghic2ZBvbDlkr1qsE/sMNjdmANZloEM48Ec
2lsnn7Rwk+YJ2GH7cL7IGkx82N8eLJHefbXHrv25qflJP7KLKDQpEymXQBPA6kdn
LakPiJ+pNoCqC+PVtN+5Hn97gEcgPE959rp3XKdrqJye3jR/cKNGaH5Y30mRdJ91
vSnPA/30vrvriRcfSvWiUbCYgL9kNXzGdQAsUJmTj2Jf6LRC43g9zPEfUtqCIVQd
vAOxOAnqZDIWAeJL/VcS4oayAZjWVCL6bpogz+a+ILT9TZgShUWfMN2z8aiOyGj2
fvfVD7IWhHzBWIc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:53 2024 by rpki-client on console-ams.rpki-client.org