Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/789BE4BC5CDC11ECB486850FC4F9AE02.roa
File: 789BE4BC5CDC11ECB486850FC4F9AE02.roa (raw, json)
Hash identifier: u4VPQfj5KWgV1T9RztAd0G68XTUnFWD5W7YO5eIJHOU=
Subject key identifier: 2E:3E:B6:E6:8B:4C:18:CE:94:95:55:63:43:EE:83:2B:13:48:C2:1B
Certificate issuer: /CN=A914BC7A/serialNumber=5312F399A6F7EB0DDCD51C039F83F7B7A47A5F09
Certificate serial: 3285
Authority key identifier: 53:12:F3:99:A6:F7:EB:0D:DC:D5:1C:03:9F:83:F7:B7:A4:7A:5F:09
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/789BE4BC5CDC11ECB486850FC4F9AE02.roa
Signing time: Mon 31 Oct 2022 16:01:09 +0000
ROA not before: Mon 31 Oct 2022 16:01:09 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 142500
IP address blocks: 2001:fff::/32 maxlen: 40
2409::/40 maxlen: 40
2409::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12933 (0x3285)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914BC7A/serialNumber=5312F399A6F7EB0DDCD51C039F83F7B7A47A5F09
Validity
Not Before: Oct 31 16:01:09 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=635ff144-bbd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c9:16:13:c0:68:81:c2:ba:d0:08:c7:03:4c:
f2:22:71:90:f6:c2:2e:70:83:83:53:01:93:88:fa:
48:29:e0:95:cb:71:5d:a9:09:8d:35:b6:2d:53:4b:
18:b7:a2:d5:a5:e6:35:bd:63:c3:f1:b0:c1:da:fe:
f2:f9:f3:3b:6e:f8:91:f8:5b:3a:c9:35:b6:8e:00:
12:3d:d5:c3:83:49:1c:66:6e:10:72:eb:90:ef:70:
aa:ab:1d:a7:75:82:cb:c1:cc:9f:75:3e:c1:4e:ac:
15:61:c2:60:fb:1b:4d:72:c7:46:33:c4:b8:8d:87:
85:c5:80:a0:6c:d1:2e:7d:2b:1a:2f:a2:34:ae:06:
86:f8:cf:10:2f:bd:fa:24:13:4d:eb:e2:5b:2d:19:
68:d5:73:ab:7b:a3:09:e4:e2:5b:7b:79:fa:54:42:
23:fc:de:fe:1c:29:59:ae:4c:18:02:7e:59:fc:13:
f1:2e:61:e5:60:89:80:59:50:d4:c3:c8:f0:78:47:
7f:4e:e4:9d:3c:25:b7:13:ba:af:8c:c4:df:cc:c4:
52:52:43:94:fc:2f:8c:f7:cc:8d:fe:3e:f3:a2:52:
3a:9a:9a:c6:a4:a4:14:b3:dd:62:ce:6b:c2:2c:4d:
01:5e:64:a6:03:de:0a:6b:7c:7b:f9:a9:e9:26:68:
39:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:3E:B6:E6:8B:4C:18:CE:94:95:55:63:43:EE:83:2B:13:48:C2:1B
X509v3 Authority Key Identifier:
keyid:53:12:F3:99:A6:F7:EB:0D:DC:D5:1C:03:9F:83:F7:B7:A4:7A:5F:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/789BE4BC5CDC11ECB486850FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:fff::/32
2409::/40
Signature Algorithm: sha256WithRSAEncryption
4b:29:96:79:b8:c2:d4:8a:46:4c:25:a6:00:3e:3e:d3:a3:f4:
5c:1b:07:38:fc:9b:1d:5d:b4:90:20:2b:57:f1:3e:4c:6b:62:
00:a8:65:a5:b7:20:d5:5a:06:ac:4a:cb:a0:a7:17:9f:4d:a7:
7e:d9:3d:9f:6c:8d:e9:22:00:54:61:6e:1c:2a:0e:1d:af:e7:
58:be:df:52:05:57:c7:1b:64:0b:fa:44:b5:d7:12:df:3b:01:
32:4d:ff:b0:5d:10:ec:5f:59:f1:92:2c:af:48:32:8b:99:e3:
f2:3d:bf:30:7c:a5:2c:71:aa:ec:0e:7e:c3:e1:36:a7:10:03:
5a:ea:cd:01:9f:66:7e:32:25:21:3c:36:2b:c6:74:37:c7:78:
84:ce:23:96:41:91:04:9d:bf:3d:fa:76:1d:41:23:4d:95:5e:
14:26:4a:b1:e3:9c:10:17:ef:0c:b1:3f:0d:aa:eb:b8:9f:fc:
0f:c7:bb:43:d5:6d:98:af:92:07:a9:0f:ca:fa:31:2c:72:66:
12:d9:06:8e:c0:a1:2f:e5:83:0a:8e:d1:c1:69:49:0b:b7:60:
0c:c5:f0:88:2e:4b:a0:e0:3c:47:d0:b1:0f:a3:7b:f4:73:43:
09:89:fd:d8:06:85:ef:bd:fc:bf:48:b3:33:e8:3b:ab:75:0a:
72:da:60:da
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgICMoUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEJDN0ExMTAvBgNVBAUTKDUzMTJGMzk5QTZGN0VCMEREQ0Q1MUMwMzlGODNGN0I3
QTQ3QTVGMDkwHhcNMjIxMDMxMTYwMTA5WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzVmZjE0NC1iYmQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxMkWE8BogcK60AjHA0zyInGQ9sIucIODUwGTiPpIKeCVy3FdqQmNNbYtU0sY
t6LVpeY1vWPD8bDB2v7y+fM7bviR+Fs6yTW2jgASPdXDg0kcZm4QcuuQ73Cqqx2n
dYLLwcyfdT7BTqwVYcJg+xtNcsdGM8S4jYeFxYCgbNEufSsaL6I0rgaG+M8QL736
JBNN6+JbLRlo1XOre6MJ5OJbe3n6VEIj/N7+HClZrkwYAn5Z/BPxLmHlYImAWVDU
w8jweEd/TuSdPCW3E7qvjMTfzMRSUkOU/C+M98yN/j7zolI6mprGpKQUs91izmvC
LE0BXmSmA94Ka3x7+anpJmg5RwIDAQABo4ICnjCCApowHQYDVR0OBBYEFC4+tuaL
TBjOlJVVY0PugysTSMIbMB8GA1UdIwQYMBaAFFMS85mm9+sN3NUcA5+D97ekel8J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkM3QS80QzUyOEY3ODQ1
MDMxMUUyQkRDQTFGNzMyOTc5QkIyMC9VeEx6bWFiMzZ3M2MxUndEbjRQM3Q2UjZY
d2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1V4THptYWIzNnczYzFSd0RuNFAzdDZSNlh3ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEJDN0EvNEM1MjhGNzg0NTAzMTFFMkJEQ0ExRjczMjk3OUJCMjAvNzg5QkU0QkM1
Q0RDMTFFQ0I0ODY4NTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKAYIKwYBBQUHAQcBAf8E
GTAXMBUEAgACMA8DBQAgAQ//AwYAJAkAAAAwDQYJKoZIhvcNAQELBQADggEBAEsp
lnm4wtSKRkwlpgA+PtOj9FwbBzj8mx1dtJAgK1fxPkxrYgCoZaW3INVaBqxKy6Cn
F59Np37ZPZ9sjekiAFRhbhwqDh2v51i+31IFV8cbZAv6RLXXEt87ATJN/7BdEOxf
WfGSLK9IMouZ4/I9vzB8pSxxquwOfsPhNqcQA1rqzQGfZn4yJSE8NivGdDfHeITO
I5ZBkQSdvz36dh1BI02VXhQmSrHjnBAX7wyxPw2q67if/A/Hu0PVbZivkgepD8r6
MSxyZhLZBo7AoS/lgwqO0cFpSQu3YAzF8IguS6DgPEfQsQ+je/RzQwmJ/dgGhe+9
/L9IszPoO6t1CnLaYNo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:41 2023 by rpki-client on console-fra.rpki-client.org