Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/E0C7DEE8D5A311EC98764D51C4F9AE02.roa
File: E0C7DEE8D5A311EC98764D51C4F9AE02.roa (raw, json)
Hash identifier: lck1MfTcgtYCnIif0/DIgRf9GZOMTMam4SvOIwqWjYE=
Subject key identifier: 6D:ED:DC:D2:AA:89:F4:8B:A4:AF:17:50:47:7B:25:6E:B0:A9:8E:67
Certificate issuer: /CN=A91536B7/serialNumber=981FA227A2A435C2B76E06C9C452D3EC751984D3
Certificate serial: 044E
Authority key identifier: 98:1F:A2:27:A2:A4:35:C2:B7:6E:06:C9:C4:52:D3:EC:75:19:84:D3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mB-iJ6KkNcK3bgbJxFLT7HUZhNM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/E0C7DEE8D5A311EC98764D51C4F9AE02.roa
Signing time: Wed 29 Jun 2022 05:35:09 +0000
ROA not before: Wed 29 Jun 2022 05:35:09 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 138510
IP address blocks: 2407:c280:da02::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1102 (0x44e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91536B7/serialNumber=981FA227A2A435C2B76E06C9C452D3EC751984D3
Validity
Not Before: Jun 29 05:35:09 2022 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=62bbe48d-3535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1d:b9:ac:26:1a:cc:f5:a0:d6:d5:9c:3c:1c:
bb:11:54:a7:ac:b3:4b:6f:0c:fe:22:b5:b7:b9:7d:
ec:37:f8:a8:b8:38:3d:00:78:3f:1f:8f:5c:99:c8:
54:c3:33:1f:be:66:5e:1a:f4:ec:2c:bd:cc:d8:4f:
61:db:a5:d8:39:5a:a6:ac:26:d5:05:65:13:97:07:
d9:d7:2c:d1:71:70:3d:84:09:cd:e1:51:74:9c:22:
2c:5c:51:52:c0:b4:11:f6:94:85:63:b3:35:44:f4:
2c:ea:29:4a:b7:d1:d9:b1:d8:60:99:7a:dc:c7:95:
2b:26:44:23:00:49:cf:ee:5a:06:97:ba:ed:7d:87:
37:06:37:40:e7:cd:46:bb:eb:9d:19:24:3c:b1:0a:
40:61:87:9e:a9:5c:ea:fd:98:a7:3f:c6:8f:bd:47:
37:56:d0:36:0f:3e:4f:a3:0e:d0:77:16:5f:33:70:
d2:11:3d:98:7e:85:36:7c:e5:20:b2:3a:dc:c0:49:
a5:fb:c1:61:dc:e9:55:b4:a8:e3:a1:8f:b6:86:ff:
fc:ae:22:7d:00:ca:80:e8:0c:77:94:4a:a3:6e:8a:
25:fe:c9:73:61:fb:46:ac:ac:c5:8a:1a:ed:53:4d:
f4:c1:f7:ca:05:34:0a:9f:ef:04:37:b6:e9:a4:92:
3a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:ED:DC:D2:AA:89:F4:8B:A4:AF:17:50:47:7B:25:6E:B0:A9:8E:67
X509v3 Authority Key Identifier:
keyid:98:1F:A2:27:A2:A4:35:C2:B7:6E:06:C9:C4:52:D3:EC:75:19:84:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/mB-iJ6KkNcK3bgbJxFLT7HUZhNM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mB-iJ6KkNcK3bgbJxFLT7HUZhNM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/E0C7DEE8D5A311EC98764D51C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:c280:da02::/48
Signature Algorithm: sha256WithRSAEncryption
a0:64:9d:61:a6:84:9a:e2:9f:46:43:4e:6c:16:fc:cc:34:4f:
97:74:06:c2:f4:95:75:64:27:32:ee:08:fe:10:d1:47:38:77:
c8:f4:c3:3e:a3:fa:3d:20:3e:18:4e:e7:34:d7:0c:29:24:48:
4f:f6:59:65:c5:90:c5:62:45:c6:f3:87:aa:54:d6:c6:9a:fc:
e0:ad:dd:bd:34:c8:d7:0a:c3:ed:da:33:db:75:02:c9:83:3d:
bd:99:d2:30:cb:50:d7:9b:18:00:a2:47:01:3e:d4:1d:35:0d:
b7:d7:f8:bd:94:ef:37:7c:c4:67:22:f9:ed:5a:0a:b5:fc:86:
22:6d:43:aa:a9:1b:54:0d:e6:d4:78:43:bb:65:ea:28:81:ec:
46:e6:40:dd:0b:be:1b:ef:1b:12:14:b3:87:71:81:22:d2:9a:
00:42:f9:52:ab:83:d0:62:09:9a:1d:2b:94:55:98:eb:1f:3f:
ea:34:6d:77:f7:59:3f:ab:56:79:ec:58:80:e3:e0:f0:29:64:
5a:15:14:e9:b5:b4:a2:73:61:87:77:37:ac:02:4a:da:0b:ec:
22:98:21:02:17:b9:c4:4a:d0:ed:a1:40:28:da:b2:d5:fa:ac:
57:b8:6c:7e:21:ec:1b:50:dc:00:7a:75:f7:48:8a:e6:b7:f3:
29:fc:e6:aa
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICBE4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM2QjcxMTAvBgNVBAUTKDk4MUZBMjI3QTJBNDM1QzJCNzZFMDZDOUM0NTJEM0VD
NzUxOTg0RDMwHhcNMjIwNjI5MDUzNTA5WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmJiZTQ4ZC0zNTM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtR25rCYazPWg1tWcPBy7EVSnrLNLbwz+IrW3uX3sN/iouDg9AHg/H49cmchU
wzMfvmZeGvTsLL3M2E9h26XYOVqmrCbVBWUTlwfZ1yzRcXA9hAnN4VF0nCIsXFFS
wLQR9pSFY7M1RPQs6ilKt9HZsdhgmXrcx5UrJkQjAEnP7loGl7rtfYc3BjdA581G
u+udGSQ8sQpAYYeeqVzq/ZinP8aPvUc3VtA2Dz5Pow7QdxZfM3DSET2YfoU2fOUg
sjrcwEml+8Fh3OlVtKjjoY+2hv/8riJ9AMqA6Ax3lEqjbool/slzYftGrKzFihrt
U030wffKBTQKn+8EN7bppJI64wIDAQABo4ICmDCCApQwHQYDVR0OBBYEFG3t3NKq
ifSLpK8XUEd7JW6wqY5nMB8GA1UdIwQYMBaAFJgfoieipDXCt24GycRS0+x1GYTT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzZCNy9GMUNEMjdCNDcz
QUQxMUU3QUNCRDAyNUVDNEY5QUUwMi9tQi1pSjZLa05jSzNiZ2JKeEZMVDdIVVpo
Tk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21CLWlKNktrTmNLM2JnYkp4RkxUN0hVWmhOTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM2QjcvRjFDRDI3QjQ3M0FEMTFFN0FDQkQwMjVFQzRGOUFFMDIvRTBDN0RFRThE
NUEzMTFFQzk4NzY0RDUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkB8KA2gIwDQYJKoZIhvcNAQELBQADggEBAKBknWGmhJri
n0ZDTmwW/Mw0T5d0BsL0lXVkJzLuCP4Q0Uc4d8j0wz6j+j0gPhhO5zTXDCkkSE/2
WWXFkMViRcbzh6pU1saa/OCt3b00yNcKw+3aM9t1AsmDPb2Z0jDLUNebGACiRwE+
1B01DbfX+L2U7zd8xGci+e1aCrX8hiJtQ6qpG1QN5tR4Q7tl6iiB7EbmQN0Lvhvv
GxIUs4dxgSLSmgBC+VKrg9BiCZodK5RVmOsfP+o0bXf3WT+rVnnsWIDj4PApZFoV
FOm1tKJzYYd3N6wCStoL7CKYIQIXucRK0O2hQCjastX6rFe4bH4h7BtQ3AB6dfdI
iua38yn85qo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org