Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/ABF226CE1DF211EC9F51AF63C4F9AE02.roa
File: ABF226CE1DF211EC9F51AF63C4F9AE02.roa (raw, json)
Hash identifier: G+tzaSz+nP4fl0h5PcKYURu6Qt42G6oaQjFoU2SHCLs=
Subject key identifier: 9B:96:61:42:5F:F9:A1:EC:A0:9F:AC:05:BD:7D:A7:A5:B3:1D:A0:D7
Certificate issuer: /CN=A914BC7A/serialNumber=5312F399A6F7EB0DDCD51C039F83F7B7A47A5F09
Certificate serial: 2F98
Authority key identifier: 53:12:F3:99:A6:F7:EB:0D:DC:D5:1C:03:9F:83:F7:B7:A4:7A:5F:09
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/ABF226CE1DF211EC9F51AF63C4F9AE02.roa
Signing time: Tue 19 Oct 2021 13:41:00 +0000
ROA not before: Tue 19 Oct 2021 13:41:00 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 38620
IP address blocks: 2001:fff::/40 maxlen: 40
2409::/40 maxlen: 40
240a:e000::/20 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12184 (0x2f98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914BC7A/serialNumber=5312F399A6F7EB0DDCD51C039F83F7B7A47A5F09
Validity
Not Before: Oct 19 13:41:00 2021 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=616ecaec-dd66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:37:23:c9:44:0d:33:c0:49:1a:8f:a7:f8:73:
59:55:5c:81:c9:8c:32:ff:69:cf:ff:a0:f3:3c:60:
79:23:59:f3:f0:ef:72:3b:c5:ea:53:23:87:c7:61:
c1:af:85:65:29:61:a3:7c:75:a6:3d:05:30:3e:13:
8c:10:57:d8:bf:0e:70:6b:6e:9a:98:c9:b8:0d:29:
ac:fb:98:70:03:bc:f9:cb:0c:a7:97:27:c7:8e:45:
39:4b:b7:00:bb:ca:d5:a0:54:49:bc:36:67:5e:f4:
41:ff:77:fa:1d:15:f6:3d:52:eb:31:dc:cf:5b:92:
d6:c3:dc:ff:19:18:75:63:0f:78:66:f7:e2:09:7e:
7a:3f:6d:2e:af:31:14:73:16:65:4e:0f:f0:20:56:
98:b4:be:ec:5e:e2:41:63:ea:14:81:77:d1:49:57:
df:40:80:a0:2a:7b:51:9d:19:42:5b:78:06:94:48:
ee:1c:2a:a6:0e:ff:1c:74:c7:ec:6f:76:38:0b:80:
e1:7a:a8:9c:24:30:5e:98:a5:52:72:e3:86:90:d4:
8a:14:ec:12:ee:5a:af:66:6f:58:d7:48:f7:3c:12:
1f:ad:fb:73:bc:f4:b1:22:64:a8:44:0a:54:8b:b3:
44:f4:e8:cc:cc:2f:8f:b9:4f:c0:49:fd:58:dd:b6:
74:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:96:61:42:5F:F9:A1:EC:A0:9F:AC:05:BD:7D:A7:A5:B3:1D:A0:D7
X509v3 Authority Key Identifier:
keyid:53:12:F3:99:A6:F7:EB:0D:DC:D5:1C:03:9F:83:F7:B7:A4:7A:5F:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/ABF226CE1DF211EC9F51AF63C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:fff::/40
2409::/40
240a:e000::/20
Signature Algorithm: sha256WithRSAEncryption
58:98:8b:9c:86:95:83:b9:7c:e9:8f:08:af:e1:85:4c:24:1c:
b7:47:4a:fe:c9:4f:45:35:33:98:89:f1:47:67:ac:fb:51:6d:
69:f1:96:2b:a2:11:8d:8f:7a:f9:5c:f2:91:a7:82:b4:24:56:
05:c9:69:a3:23:ea:89:dd:a9:f1:df:51:d5:4b:2d:bd:9f:90:
ec:62:64:cc:2e:cd:f1:83:2b:23:31:69:c8:af:fa:fc:80:6b:
b1:60:4d:ce:36:d2:fc:b9:65:d4:58:f1:fd:fd:6a:fd:47:a2:
ab:cd:c4:c1:3a:ae:76:aa:c9:b9:e9:8a:bf:0a:11:eb:28:4d:
c4:ef:df:39:7e:e5:c2:89:09:f7:ff:43:68:32:9e:9d:78:bc:
28:56:39:a9:ef:95:14:60:a7:af:c1:d6:18:bc:a9:28:7d:75:
3d:da:8d:17:7c:57:3b:e2:e9:4b:ba:9c:3e:8c:b1:8d:15:1e:
3f:e9:ab:9b:6b:a1:a7:d7:5e:90:d8:2e:c5:4f:ff:28:c1:1b:
60:34:03:d4:af:76:db:fd:fb:92:9b:15:10:a9:40:99:53:c1:
15:02:20:0c:2e:7d:f4:07:14:70:c0:20:d1:00:1d:2a:92:56:
48:bb:30:c6:a5:71:46:b9:bc:ac:b8:9d:ea:69:ab:4d:19:00:
1b:eb:0e:6e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICL5gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEJDN0ExMTAvBgNVBAUTKDUzMTJGMzk5QTZGN0VCMEREQ0Q1MUMwMzlGODNGN0I3
QTQ3QTVGMDkwHhcNMjExMDE5MTM0MTAwWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTZlY2FlYy1kZDY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1TcjyUQNM8BJGo+n+HNZVVyByYwy/2nP/6DzPGB5I1nz8O9yO8XqUyOHx2HB
r4VlKWGjfHWmPQUwPhOMEFfYvw5wa26amMm4DSms+5hwA7z5ywynlyfHjkU5S7cA
u8rVoFRJvDZnXvRB/3f6HRX2PVLrMdzPW5LWw9z/GRh1Yw94ZvfiCX56P20urzEU
cxZlTg/wIFaYtL7sXuJBY+oUgXfRSVffQICgKntRnRlCW3gGlEjuHCqmDv8cdMfs
b3Y4C4DheqicJDBemKVScuOGkNSKFOwS7lqvZm9Y10j3PBIfrftzvPSxImSoRApU
i7NE9OjMzC+PuU/ASf1Y3bZ0qwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJuWYUJf
+aHsoJ+sBb19p6WzHaDXMB8GA1UdIwQYMBaAFFMS85mm9+sN3NUcA5+D97ekel8J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkM3QS80QzUyOEY3ODQ1
MDMxMUUyQkRDQTFGNzMyOTc5QkIyMC9VeEx6bWFiMzZ3M2MxUndEbjRQM3Q2UjZY
d2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1V4THptYWIzNnczYzFSd0RuNFAzdDZSNlh3ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEJDN0EvNEM1MjhGNzg0NTAzMTFFMkJEQ0ExRjczMjk3OUJCMjAvQUJGMjI2Q0Ux
REYyMTFFQzlGNTFBRjYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMBwEAgACMBYDBgAgAQ//AAMGACQJAAAAAwQEJArgMA0GCSqGSIb3DQEBCwUA
A4IBAQBYmIuchpWDuXzpjwiv4YVMJBy3R0r+yU9FNTOYifFHZ6z7UW1p8ZYrohGN
j3r5XPKRp4K0JFYFyWmjI+qJ3anx31HVSy29n5DsYmTMLs3xgysjMWnIr/r8gGux
YE3ONtL8uWXUWPH9/Wr9R6KrzcTBOq52qsm56Yq/ChHrKE3E7985fuXCiQn3/0No
Mp6deLwoVjmp75UUYKevwdYYvKkofXU92o0XfFc74ulLupw+jLGNFR4/6auba6Gn
116Q2C7FT/8owRtgNAPUr3bb/fuSmxUQqUCZU8EVAiAMLn30BxRwwCDRAB0qklZI
uzDGpXFGubysuJ3qaatNGQAb6w5u
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:41 2023 by rpki-client on console-fra.rpki-client.org