Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913CA4B/DC2F0432BF8011EA96FE4A68C4F9AE02/61DC867C08DA11EEA1B2EE78C4F9AE02.roa
File: 61DC867C08DA11EEA1B2EE78C4F9AE02.roa (raw, json)
Hash identifier: y5WraQsBkAI3a1wnQ2RdYE9bdFKidmHVggBT0spvIR8=
Subject key identifier: AB:F2:C6:95:00:C8:5A:E3:BD:A0:A4:F1:C5:44:05:CE:89:C7:74:B7
Certificate issuer: /CN=A913CA4B/serialNumber=709210CF761EC67FB394EA5896A5C647B305EEF1
Certificate serial: 0758
Authority key identifier: 70:92:10:CF:76:1E:C6:7F:B3:94:EA:58:96:A5:C6:47:B3:05:EE:F1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJIQz3Yexn-zlOpYlqXGR7MF7vE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913CA4B/DC2F0432BF8011EA96FE4A68C4F9AE02/61DC867C08DA11EEA1B2EE78C4F9AE02.roa
Signing time: Sun 16 Jul 2023 04:54:41 +0000
ROA not before: Sun 16 Jul 2023 04:54:41 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 55745
IP address blocks: 117.55.192.0/24 maxlen: 24
117.55.193.0/24 maxlen: 24
117.55.198.0/24 maxlen: 24
117.55.199.0/24 maxlen: 24
117.55.200.0/22 maxlen: 22
117.55.200.0/24 maxlen: 24
117.55.201.0/24 maxlen: 24
117.55.202.0/24 maxlen: 24
117.55.203.0/24 maxlen: 24
2400:5180::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1880 (0x758)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913CA4B/serialNumber=709210CF761EC67FB394EA5896A5C647B305EEF1
Validity
Not Before: Jul 16 04:54:41 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=64b37811-100a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f5:9a:5e:29:59:49:88:1e:9b:43:9a:32:f4:
db:60:02:65:48:f4:b2:71:d5:94:fc:35:1b:ff:20:
00:f7:e7:d2:ee:e4:49:72:d0:64:64:ac:39:7e:ad:
66:77:d5:86:5e:33:9b:11:5d:e3:76:31:ca:7b:12:
61:8f:da:83:c2:45:4e:a2:d6:7d:9a:c4:d4:04:d4:
32:8a:a3:77:de:8d:da:da:b9:56:16:7f:20:cc:24:
49:33:69:f6:31:1a:81:22:9b:e6:7c:f1:be:db:07:
99:a3:9d:00:24:90:5a:c2:46:37:95:69:77:39:25:
bf:b2:73:8f:3c:18:07:f5:af:63:9a:81:36:39:ec:
97:55:c6:29:0a:7d:2a:9e:63:5c:9e:4e:0e:c9:b3:
3a:dd:a4:77:cf:dd:04:f9:cd:28:3e:e9:ef:47:d0:
fd:d4:4d:0c:ce:4e:c0:70:30:f6:57:44:7f:21:d6:
09:c0:b2:a6:64:f8:91:a8:a5:8f:81:7b:9b:85:f7:
f1:51:1f:fc:a4:bf:f5:0b:0e:a3:5d:5c:93:9b:19:
9c:e2:b9:76:00:26:af:13:86:ef:57:76:00:38:c2:
11:20:42:9a:13:59:98:cc:88:e1:21:dc:f6:2b:74:
8a:79:05:1d:f3:ce:ef:5c:ac:49:46:0a:74:34:a3:
01:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:F2:C6:95:00:C8:5A:E3:BD:A0:A4:F1:C5:44:05:CE:89:C7:74:B7
X509v3 Authority Key Identifier:
keyid:70:92:10:CF:76:1E:C6:7F:B3:94:EA:58:96:A5:C6:47:B3:05:EE:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913CA4B/DC2F0432BF8011EA96FE4A68C4F9AE02/cJIQz3Yexn-zlOpYlqXGR7MF7vE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJIQz3Yexn-zlOpYlqXGR7MF7vE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913CA4B/DC2F0432BF8011EA96FE4A68C4F9AE02/61DC867C08DA11EEA1B2EE78C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
117.55.192.0/23
117.55.198.0-117.55.203.255
IPv6:
2400:5180::/32
Signature Algorithm: sha256WithRSAEncryption
9b:68:00:56:e4:71:f4:a8:93:49:02:dd:7a:50:11:d2:22:3e:
f9:0f:58:ee:45:4e:52:d2:b8:73:87:a4:92:8a:16:3f:b8:69:
d4:fb:a2:7a:06:f6:7d:1a:2f:34:01:ec:e8:73:46:4a:07:28:
b5:97:08:a7:94:f6:f1:ae:03:a3:88:22:f0:6b:fc:2b:dc:19:
fd:df:cd:05:a2:7e:f4:b7:c7:d1:80:d8:4a:42:d4:6a:14:13:
7e:d6:bb:c7:24:64:43:96:80:10:b3:f7:6c:b8:31:93:c2:50:
f3:c0:45:78:bf:f1:15:58:67:f3:90:49:0c:a9:88:71:88:22:
e3:4b:af:f9:a0:f6:6d:4e:7b:af:b0:c3:8a:7c:44:80:ba:4b:
f9:1a:0f:fa:39:3d:2b:5d:13:83:78:6f:6e:25:6a:7b:5c:71:
d8:cd:27:8c:84:3d:b3:98:b6:2c:b9:88:95:fe:b7:2c:37:03:
2f:e6:48:fc:42:ce:70:e8:f1:d2:31:52:7c:c1:f1:9b:85:f0:
70:4b:31:dd:e0:94:15:76:1f:a8:df:35:1a:38:53:54:58:df:
93:0d:4e:e8:fa:08:15:ce:29:bb:41:7e:90:c9:08:bb:12:e5:
f8:40:76:55:6f:01:8c:17:73:d4:1a:f2:38:39:bd:df:d0:59:
f4:f7:3d:ef
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgICB1gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0NBNEIxMTAvBgNVBAUTKDcwOTIxMENGNzYxRUM2N0ZCMzk0RUE1ODk2QTVDNjQ3
QjMwNUVFRjEwHhcNMjMwNzE2MDQ1NDQxWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGIzNzgxMS0xMDBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0vWaXilZSYgem0OaMvTbYAJlSPSycdWU/DUb/yAA9+fS7uRJctBkZKw5fq1m
d9WGXjObEV3jdjHKexJhj9qDwkVOotZ9msTUBNQyiqN33o3a2rlWFn8gzCRJM2n2
MRqBIpvmfPG+2weZo50AJJBawkY3lWl3OSW/snOPPBgH9a9jmoE2OeyXVcYpCn0q
nmNcnk4OybM63aR3z90E+c0oPunvR9D91E0Mzk7AcDD2V0R/IdYJwLKmZPiRqKWP
gXubhffxUR/8pL/1Cw6jXVyTmxmc4rl2ACavE4bvV3YAOMIRIEKaE1mYzIjhIdz2
K3SKeQUd887vXKxJRgp0NKMBGQIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFKvyxpUA
yFrjvaCk8cVEBc6Jx3S3MB8GA1UdIwQYMBaAFHCSEM92HsZ/s5TqWJalxkezBe7x
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQ0E0Qi9EQzJGMDQzMkJG
ODAxMUVBOTZGRTRBNjhDNEY5QUUwMi9jSklRejNZZXhuLXpsT3BZbHFYR1I3TUY3
dkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NKSVF6M1lleG4temxPcFlscVhHUjdNRjd2RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0NBNEIvREMyRjA0MzJCRjgwMTFFQTk2RkU0QTY4QzRGOUFFMDIvNjFEQzg2N0Mw
OERBMTFFRUExQjJFRTc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E
LTArMBoEAgABMBQDBAF1N8AwDAMEAXU3xgMEAnU3yDANBAIAAjAHAwUAJABRgDAN
BgkqhkiG9w0BAQsFAAOCAQEAm2gAVuRx9KiTSQLdelAR0iI++Q9Y7kVOUtK4c4ek
kooWP7hp1Puiegb2fRovNAHs6HNGSgcotZcIp5T28a4Do4gi8Gv8K9wZ/d/NBaJ+
9LfH0YDYSkLUahQTfta7xyRkQ5aAELP3bLgxk8JQ88BFeL/xFVhn85BJDKmIcYgi
40uv+aD2bU57r7DDinxEgLpL+RoP+jk9K10Tg3hvbiVqe1xx2M0njIQ9s5i2LLmI
lf63LDcDL+ZI/ELOcOjx0jFSfMHxm4XwcEsx3eCUFXYfqN81GjhTVFjfkw1O6PoI
Fc4pu0F+kMkIuxLl+EB2VW8BjBdz1BryODm939BZ9Pc97w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org