Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/805BD3AE9E0C11EBB172D741C4F9AE02.roa
File: 805BD3AE9E0C11EBB172D741C4F9AE02.roa (raw, json)
Hash identifier: egsMO7ZlklydyWj9tfR68PzT7KSRefOEjVgMYXpg090=
Subject key identifier: 4C:D6:A6:0C:0F:67:E4:DF:B6:7E:38:F1:4F:B6:29:1D:18:BB:9F:64
Certificate issuer: /CN=A91427AF/serialNumber=D80FA9FA841255D5BDA72E52EC04FDFED7FE2D5B
Certificate serial: 11F8
Authority key identifier: D8:0F:A9:FA:84:12:55:D5:BD:A7:2E:52:EC:04:FD:FE:D7:FE:2D:5B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2A-p-oQSVdW9py5S7AT9_tf-LVs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/805BD3AE9E0C11EBB172D741C4F9AE02.roa
Signing time: Fri 01 Jul 2022 18:04:15 +0000
ROA not before: Fri 01 Jul 2022 18:04:15 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 40065
IP address blocks: 182.255.34.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4600 (0x11f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91427AF/serialNumber=D80FA9FA841255D5BDA72E52EC04FDFED7FE2D5B
Validity
Not Before: Jul 1 18:04:15 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62bf371e-39f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f3:56:0f:8b:32:19:72:a4:7e:4a:57:fb:36:
1e:38:78:28:3c:38:aa:89:aa:be:4c:4e:61:95:ae:
e4:a7:cf:9e:af:9b:13:0e:92:16:bd:a8:4a:e6:0e:
4f:10:b1:18:09:f7:25:ec:05:72:30:83:85:fe:56:
89:31:15:61:d5:f9:35:df:e7:57:1c:22:3e:6c:cb:
a4:0b:dc:f1:c8:0b:da:4d:7e:eb:30:0a:61:64:26:
6b:78:05:58:46:43:98:27:bd:14:d6:a4:f3:30:b9:
88:c4:b8:a5:76:fe:9d:40:b8:b1:db:e1:2a:9e:07:
32:04:b5:42:d7:90:bf:e5:11:be:05:ba:80:88:10:
a8:2d:c7:72:ec:89:c7:29:7e:31:29:a1:04:af:5f:
55:9c:3b:ad:dc:09:f9:9b:4c:c6:14:45:c7:54:1a:
d4:34:32:cd:72:c0:62:73:19:4d:de:58:86:52:7a:
07:95:64:61:93:70:32:6b:cf:7b:89:5f:e0:6d:a8:
54:b7:c5:87:76:74:35:5d:1d:eb:88:9c:8c:12:72:
79:f2:d2:81:c7:7c:4e:74:25:fd:48:8e:f8:d7:3f:
a1:cd:ed:04:61:8c:7a:a7:64:1c:eb:d9:de:f5:f4:
04:d1:2d:73:44:15:06:53:0d:9d:6b:03:45:09:40:
db:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D6:A6:0C:0F:67:E4:DF:B6:7E:38:F1:4F:B6:29:1D:18:BB:9F:64
X509v3 Authority Key Identifier:
keyid:D8:0F:A9:FA:84:12:55:D5:BD:A7:2E:52:EC:04:FD:FE:D7:FE:2D:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/2A-p-oQSVdW9py5S7AT9_tf-LVs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2A-p-oQSVdW9py5S7AT9_tf-LVs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/805BD3AE9E0C11EBB172D741C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
182.255.34.0/24
Signature Algorithm: sha256WithRSAEncryption
61:eb:23:12:ed:8c:0a:b3:ea:9a:15:e5:b4:3d:ae:a0:bd:95:
8d:cc:61:b1:fd:4f:0c:86:0e:a9:06:92:ea:d2:a3:b3:2a:ca:
b3:ce:4d:c6:e2:b0:c5:2f:0d:f3:14:a5:c7:f9:c2:66:b9:a4:
c4:55:f2:1a:85:cf:aa:8a:91:33:1a:51:69:69:3c:f9:7e:e1:
7a:c4:c3:07:f8:64:62:d2:1f:cf:db:ed:70:1a:7c:0b:4d:29:
2a:de:04:fa:9f:d5:54:62:58:25:e6:82:f7:e4:2d:9c:a1:08:
88:ff:01:18:56:f8:d8:c8:cb:b9:e1:a5:84:ec:28:ce:f8:d9:
c4:43:8b:72:19:a7:63:15:7c:9c:73:52:26:b0:20:ba:60:74:
8f:77:86:fc:82:09:a9:be:d7:b9:26:46:fa:1c:90:86:c1:6a:
f7:f7:f2:b1:39:a3:3a:d1:fd:7b:0f:01:a0:25:34:c6:a4:23:
41:66:dd:dd:7f:4e:7c:26:b9:4a:60:ff:fb:49:59:57:b6:9d:
f3:ae:db:7a:37:89:d8:2a:13:10:58:e0:47:c6:f3:38:af:ad:
85:45:66:a5:ca:ff:08:e5:dc:df:24:11:9c:ce:a6:9b:57:8f:
33:ea:f2:cf:01:c1:c6:eb:b7:38:06:25:39:21:10:cf:51:48:
1a:ca:25:ce
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICEfgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDI3QUYxMTAvBgNVBAUTKEQ4MEZBOUZBODQxMjU1RDVCREE3MkU1MkVDMDRGREZF
RDdGRTJENUIwHhcNMjIwNzAxMTgwNDE1WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmJmMzcxZS0zOWYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz/NWD4syGXKkfkpX+zYeOHgoPDiqiaq+TE5hla7kp8+er5sTDpIWvahK5g5P
ELEYCfcl7AVyMIOF/laJMRVh1fk13+dXHCI+bMukC9zxyAvaTX7rMAphZCZreAVY
RkOYJ70U1qTzMLmIxLildv6dQLix2+EqngcyBLVC15C/5RG+BbqAiBCoLcdy7InH
KX4xKaEEr19VnDut3An5m0zGFEXHVBrUNDLNcsBicxlN3liGUnoHlWRhk3Aya897
iV/gbahUt8WHdnQ1XR3riJyMEnJ58tKBx3xOdCX9SI741z+hze0EYYx6p2Qc69ne
9fQE0S1zRBUGUw2dawNFCUDbMwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEzWpgwP
Z+Tftn448U+2KR0Yu59kMB8GA1UdIwQYMBaAFNgPqfqEElXVvacuUuwE/f7X/i1b
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjdBRi81NzlBOEJDMDY4
NjAxMUU4QUFCMTI1MUZDNEY5QUUwMi8yQS1wLW9RU1ZkVzlweTVTN0FUOV90Zi1M
VnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJBLXAtb1FTVmRXOXB5NVM3QVQ5X3RmLUxWcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDI3QUYvNTc5QThCQzA2ODYwMTFFOEFBQjEyNTFGQzRGOUFFMDIvODA1QkQzQUU5
RTBDMTFFQkIxNzJENzQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAC2/yIwDQYJKoZIhvcNAQELBQADggEBAGHrIxLtjAqz6poV
5bQ9rqC9lY3MYbH9TwyGDqkGkurSo7MqyrPOTcbisMUvDfMUpcf5wma5pMRV8hqF
z6qKkTMaUWlpPPl+4XrEwwf4ZGLSH8/b7XAafAtNKSreBPqf1VRiWCXmgvfkLZyh
CIj/ARhW+NjIy7nhpYTsKM742cRDi3IZp2MVfJxzUiawILpgdI93hvyCCam+17km
RvockIbBavf38rE5ozrR/XsPAaAlNMakI0Fm3d1/TnwmuUpg//tJWVe2nfOu23o3
idgqExBY4EfG8zivrYVFZqXK/wjl3N8kEZzOpptXjzPq8s8BwcbrtzgGJTkhEM9R
SBrKJc4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:40 2023 by rpki-client on console-fra.rpki-client.org