Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915059B/74FB42A8227311EA8A0F3822C4F9AE02/50ADADD27BD011ED808E8647C4F9AE02.roa
File: 50ADADD27BD011ED808E8647C4F9AE02.roa (raw, json)
Hash identifier: hjSGl0yXBVlv29l5OGHRTCR0TI8O3RxRB8WgT4w7WLo=
Subject key identifier: 1A:6D:78:17:90:61:3D:65:F2:8F:1E:B0:50:DD:BF:04:CA:2B:36:46
Certificate issuer: /CN=A915059B/serialNumber=CA877333B712345F05D2DC6706572E1CB6211778
Certificate serial: 065E
Authority key identifier: CA:87:73:33:B7:12:34:5F:05:D2:DC:67:06:57:2E:1C:B6:21:17:78
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yodzM7cSNF8F0txnBlcuHLYhF3g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915059B/74FB42A8227311EA8A0F3822C4F9AE02/50ADADD27BD011ED808E8647C4F9AE02.roa
Signing time: Wed 14 Dec 2022 16:56:56 +0000
ROA not before: Wed 14 Dec 2022 16:56:56 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 133034
IP address blocks: 121.46.70.0/24 maxlen: 24
121.46.71.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1630 (0x65e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915059B/serialNumber=CA877333B712345F05D2DC6706572E1CB6211778
Validity
Not Before: Dec 14 16:56:56 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=639a0057-af54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4e:e4:84:df:98:64:8a:56:a9:6d:19:d0:27:
23:f8:d8:e1:7d:aa:c0:79:4b:f1:1a:0f:64:08:db:
ef:0b:69:a4:38:70:00:6f:27:96:04:b9:dd:21:f5:
ce:41:1a:8b:e4:9b:0a:8a:0d:a2:e0:5f:69:52:17:
d7:a9:12:96:ee:65:79:14:99:92:74:aa:12:71:d4:
61:d6:7f:a8:43:bd:fb:13:b8:51:04:2c:22:bb:5e:
e5:a2:93:97:c6:b1:6e:b4:8c:99:39:c4:34:25:ad:
cd:7c:63:27:4e:fd:d5:36:c8:f8:8d:78:78:bc:8f:
c8:32:66:43:af:a1:d4:fc:2d:5c:0c:43:86:ca:d2:
6d:75:73:1e:1d:8d:e7:7e:b1:71:dc:79:49:36:0c:
12:90:cb:65:03:f4:7e:d1:b9:7f:5a:d3:83:13:b7:
5f:58:81:82:4c:99:91:60:49:46:62:d7:e9:24:7e:
e9:ae:1e:e6:3f:f3:2d:2d:11:63:8b:c0:78:1e:be:
fc:e4:8c:80:96:d7:e7:43:b9:c3:e0:4f:71:c8:64:
6c:a6:bd:9d:2e:06:57:9d:47:5d:c5:28:0a:b2:50:
eb:0e:76:72:fe:68:df:fb:64:9e:6d:9c:d7:9f:ea:
df:f3:d7:bf:fb:44:41:8b:80:55:29:9a:d1:ab:5d:
54:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:6D:78:17:90:61:3D:65:F2:8F:1E:B0:50:DD:BF:04:CA:2B:36:46
X509v3 Authority Key Identifier:
keyid:CA:87:73:33:B7:12:34:5F:05:D2:DC:67:06:57:2E:1C:B6:21:17:78
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915059B/74FB42A8227311EA8A0F3822C4F9AE02/yodzM7cSNF8F0txnBlcuHLYhF3g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yodzM7cSNF8F0txnBlcuHLYhF3g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915059B/74FB42A8227311EA8A0F3822C4F9AE02/50ADADD27BD011ED808E8647C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
121.46.70.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:e4:66:d4:d8:69:dd:fa:93:c2:88:8c:1b:5e:d1:c9:3d:53:
95:10:f4:3d:cf:ca:45:b3:c8:a2:79:b0:77:6c:aa:87:48:65:
65:c1:29:fd:3f:9c:de:2e:90:77:62:00:e2:16:b0:af:43:0f:
02:9e:12:44:92:8a:e5:0c:56:71:26:21:50:5f:96:c2:7d:35:
f0:fb:23:c7:48:43:f2:e1:7a:2e:ea:40:da:33:bd:c6:e0:c0:
27:c2:35:ed:bb:36:db:40:20:14:94:39:c3:62:83:c9:3c:c8:
2d:ac:aa:88:e4:2d:b3:ff:4c:45:d8:ba:90:61:48:67:d5:38:
1c:36:f0:d5:5e:0b:7f:7f:c6:db:ba:36:7c:a3:10:9d:36:db:
39:b9:45:d3:81:fb:49:d0:c6:8b:c5:aa:54:74:10:ec:5b:fb:
3a:d4:c6:18:d7:b0:85:b2:0a:52:10:17:f3:78:f8:06:84:1b:
20:c9:25:4f:65:50:f6:1e:df:12:da:09:4f:af:51:8f:f2:c2:
61:c2:43:db:ee:ae:15:ff:5e:27:d1:38:bb:a5:ef:18:37:13:
c0:a9:a2:0e:a4:29:16:67:12:ea:ba:f1:d8:01:e4:e6:e9:46:
79:41:ce:62:e8:fc:d4:4b:05:4e:66:92:a9:ac:84:dd:e9:06:
3d:3b:56:c3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBl4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTA1OUIxMTAvBgNVBAUTKENBODc3MzMzQjcxMjM0NUYwNUQyREM2NzA2NTcyRTFD
QjYyMTE3NzgwHhcNMjIxMjE0MTY1NjU2WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MzlhMDA1Ny1hZjU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuk7khN+YZIpWqW0Z0Ccj+NjhfarAeUvxGg9kCNvvC2mkOHAAbyeWBLndIfXO
QRqL5JsKig2i4F9pUhfXqRKW7mV5FJmSdKoScdRh1n+oQ737E7hRBCwiu17lopOX
xrFutIyZOcQ0Ja3NfGMnTv3VNsj4jXh4vI/IMmZDr6HU/C1cDEOGytJtdXMeHY3n
frFx3HlJNgwSkMtlA/R+0bl/WtODE7dfWIGCTJmRYElGYtfpJH7prh7mP/MtLRFj
i8B4Hr785IyAltfnQ7nD4E9xyGRspr2dLgZXnUddxSgKslDrDnZy/mjf+2SebZzX
n+rf89e/+0RBi4BVKZrRq11U7wIDAQABo4IClTCCApEwHQYDVR0OBBYEFBpteBeQ
YT1l8o8esFDdvwTKKzZGMB8GA1UdIwQYMBaAFMqHczO3EjRfBdLcZwZXLhy2IRd4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDU5Qi83NEZCNDJBODIy
NzMxMUVBOEEwRjM4MjJDNEY5QUUwMi95b2R6TTdjU05GOEYwdHhuQmxjdUhMWWhG
M2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lvZHpNN2NTTkY4RjB0eG5CbGN1SExZaEYzZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTA1OUIvNzRGQjQyQTgyMjczMTFFQThBMEYzODIyQzRGOUFFMDIvNTBBREFERDI3
QkQwMTFFRDgwOEU4NjQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAF5LkYwDQYJKoZIhvcNAQELBQADggEBAJrkZtTYad36k8KI
jBte0ck9U5UQ9D3PykWzyKJ5sHdsqodIZWXBKf0/nN4ukHdiAOIWsK9DDwKeEkSS
iuUMVnEmIVBflsJ9NfD7I8dIQ/Lhei7qQNozvcbgwCfCNe27NttAIBSUOcNig8k8
yC2sqojkLbP/TEXYupBhSGfVOBw28NVeC39/xtu6NnyjEJ022zm5RdOB+0nQxovF
qlR0EOxb+zrUxhjXsIWyClIQF/N4+AaEGyDJJU9lUPYe3xLaCU+vUY/ywmHCQ9vu
rhX/XifROLul7xg3E8Cpog6kKRZnEuq68dgB5ObpRnlBzmLo/NRLBU5mkqmshN3p
Bj07VsM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:39 2023 by rpki-client on console-ams.rpki-client.org