Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/E1E4735ED5A311EC98764D51C4F9AE02.roa
File: E1E4735ED5A311EC98764D51C4F9AE02.roa (raw, json)
Hash identifier: ZtyEcSmap8kGKNiDjue5u+KCeSn/ZrHPQ4j3C1u1uks=
Subject key identifier: 1D:00:9E:76:6F:6F:AF:50:D2:EE:64:70:CF:31:3E:06:7E:D4:A8:A1
Certificate issuer: /CN=A91536B7/serialNumber=981FA227A2A435C2B76E06C9C452D3EC751984D3
Certificate serial: 051C
Authority key identifier: 98:1F:A2:27:A2:A4:35:C2:B7:6E:06:C9:C4:52:D3:EC:75:19:84:D3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mB-iJ6KkNcK3bgbJxFLT7HUZhNM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/E1E4735ED5A311EC98764D51C4F9AE02.roa
Signing time: Sat 01 Oct 2022 17:14:05 +0000
ROA not before: Sat 01 Oct 2022 17:14:05 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 139317
IP address blocks: 2407:c280:b100::/40 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1308 (0x51c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91536B7/serialNumber=981FA227A2A435C2B76E06C9C452D3EC751984D3
Validity
Not Before: Oct 1 17:14:05 2022 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=6338755d-7f04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:61:78:b8:89:c9:0f:ba:47:b5:a0:d5:bf:b9:
62:4d:99:9d:52:20:c4:02:2e:4b:4f:0f:4d:28:82:
37:94:7b:1e:fa:64:9d:d7:4f:01:f1:89:c9:f8:d5:
31:f0:28:a5:e6:80:62:2c:bf:48:93:39:cb:af:c9:
c4:b6:d6:2c:f5:42:5f:0a:68:a1:cc:1d:23:4a:9a:
26:0f:1f:00:68:f7:07:83:47:79:bc:77:b4:92:8f:
25:d4:f2:14:49:fa:bd:f1:ff:71:e2:77:b8:4b:f0:
dc:1b:b3:62:99:08:90:04:39:76:2c:b5:09:52:1e:
94:96:9e:0b:42:b4:a3:57:1a:ba:be:e3:a3:70:91:
48:48:c2:45:b1:62:a1:3e:42:6d:69:90:6f:be:6b:
19:53:a7:0e:90:70:aa:72:7b:45:ed:cd:1f:78:27:
7a:37:fa:fa:97:05:3d:e8:e7:13:7a:fe:35:41:ad:
07:3c:3c:bf:c1:a4:b6:5a:fa:f3:c1:e9:17:77:7b:
0f:aa:43:98:e8:f6:d1:8f:fb:e6:95:65:a3:25:2b:
26:65:12:72:1e:65:ae:1a:18:0d:4c:99:73:2a:25:
d8:56:6c:d8:93:2e:82:de:b4:39:cf:4b:94:9c:6b:
2c:ff:fd:ed:92:c1:9c:83:6b:80:4f:5b:be:b1:eb:
d9:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:00:9E:76:6F:6F:AF:50:D2:EE:64:70:CF:31:3E:06:7E:D4:A8:A1
X509v3 Authority Key Identifier:
keyid:98:1F:A2:27:A2:A4:35:C2:B7:6E:06:C9:C4:52:D3:EC:75:19:84:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/mB-iJ6KkNcK3bgbJxFLT7HUZhNM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mB-iJ6KkNcK3bgbJxFLT7HUZhNM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/E1E4735ED5A311EC98764D51C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:c280:b100::/40
Signature Algorithm: sha256WithRSAEncryption
8b:da:85:5a:ae:c8:3c:6b:a4:6b:07:c6:1e:fc:95:6d:27:0f:
e6:7c:1f:9a:50:19:28:41:95:4f:32:7d:09:03:36:b8:fa:c8:
7f:04:36:b1:63:ad:55:dc:21:49:d9:a7:25:18:45:53:df:29:
d3:2d:5d:5c:74:99:a0:7b:0f:39:5f:d8:c2:18:73:9d:55:8a:
0f:56:5b:d6:cd:97:99:85:88:81:da:eb:ac:0e:7b:dd:02:8e:
16:a3:e1:34:cd:82:ea:1f:09:f4:e7:8d:bc:19:63:56:3a:93:
d1:10:41:be:73:2b:c8:09:4e:7a:44:17:e7:af:b0:3c:c5:70:
5c:19:18:26:85:56:ae:fb:95:52:c4:cc:b6:84:f0:5d:bd:ba:
0a:1b:eb:86:b1:10:f7:36:dc:8f:d2:04:f4:bf:80:0e:82:cf:
21:f4:8d:8e:f5:01:1e:78:a1:0c:5c:0b:dc:20:a9:33:d0:bf:
96:19:7d:03:e0:ad:51:00:00:c3:e2:38:e0:a7:26:2f:30:42:
06:5f:c8:41:06:aa:7a:47:4f:9e:ae:51:03:b4:ca:cf:93:1b:
fd:6c:ab:83:1b:a1:2c:72:42:3a:14:86:f1:3f:5c:46:38:98:
f2:ca:e4:89:34:11:9d:de:9c:02:df:48:dc:a5:ec:d5:78:2d:
a5:cb:05:1b
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgICBRwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM2QjcxMTAvBgNVBAUTKDk4MUZBMjI3QTJBNDM1QzJCNzZFMDZDOUM0NTJEM0VD
NzUxOTg0RDMwHhcNMjIxMDAxMTcxNDA1WhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzM4NzU1ZC03ZjA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAymF4uInJD7pHtaDVv7liTZmdUiDEAi5LTw9NKII3lHse+mSd108B8YnJ+NUx
8Cil5oBiLL9IkznLr8nEttYs9UJfCmihzB0jSpomDx8AaPcHg0d5vHe0ko8l1PIU
Sfq98f9x4ne4S/DcG7NimQiQBDl2LLUJUh6Ulp4LQrSjVxq6vuOjcJFISMJFsWKh
PkJtaZBvvmsZU6cOkHCqcntF7c0feCd6N/r6lwU96OcTev41Qa0HPDy/waS2Wvrz
wekXd3sPqkOY6PbRj/vmlWWjJSsmZRJyHmWuGhgNTJlzKiXYVmzYky6C3rQ5z0uU
nGss//3tksGcg2uAT1u+sevZ7QIDAQABo4IClzCCApMwHQYDVR0OBBYEFB0AnnZv
b69Q0u5kcM8xPgZ+1KihMB8GA1UdIwQYMBaAFJgfoieipDXCt24GycRS0+x1GYTT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzZCNy9GMUNEMjdCNDcz
QUQxMUU3QUNCRDAyNUVDNEY5QUUwMi9tQi1pSjZLa05jSzNiZ2JKeEZMVDdIVVpo
Tk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21CLWlKNktrTmNLM2JnYkp4RkxUN0hVWmhOTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM2QjcvRjFDRDI3QjQ3M0FEMTFFN0FDQkQwMjVFQzRGOUFFMDIvRTFFNDczNUVE
NUEzMTFFQzk4NzY0RDUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgAkB8KAsTANBgkqhkiG9w0BAQsFAAOCAQEAi9qFWq7IPGuk
awfGHvyVbScP5nwfmlAZKEGVTzJ9CQM2uPrIfwQ2sWOtVdwhSdmnJRhFU98p0y1d
XHSZoHsPOV/YwhhznVWKD1Zb1s2XmYWIgdrrrA573QKOFqPhNM2C6h8J9OeNvBlj
VjqT0RBBvnMryAlOekQX56+wPMVwXBkYJoVWrvuVUsTMtoTwXb26ChvrhrEQ9zbc
j9IE9L+ADoLPIfSNjvUBHnihDFwL3CCpM9C/lhl9A+CtUQAAw+I44KcmLzBCBl/I
QQaqekdPnq5RA7TKz5Mb/WyrgxuhLHJCOhSG8T9cRjiY8srkiTQRnd6cAt9I3KXs
1XgtpcsFGw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:42 2023 by rpki-client on console-fra.rpki-client.org