Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916B18B/628DE502DF2311E797225D2EC4F9AE02/4B8E0404E15D11EC832D745AC4F9AE02.roa
File: 4B8E0404E15D11EC832D745AC4F9AE02.roa (raw, json)
Hash identifier: kZMOUGgcqKvF+erAYhg5rZu+o0RSeYIL3Irjf2N4/f0=
Subject key identifier: C8:6F:7D:22:BD:EE:37:B7:39:B8:70:9C:70:6C:19:0B:A0:12:5E:D3
Certificate issuer: /CN=A916B18B/serialNumber=FDE36B6E949398E52D95E89D40BDF60B25DB69B9
Certificate serial: 147E
Authority key identifier: FD:E3:6B:6E:94:93:98:E5:2D:95:E8:9D:40:BD:F6:0B:25:DB:69:B9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_eNrbpSTmOUtleidQL32CyXbabk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916B18B/628DE502DF2311E797225D2EC4F9AE02/4B8E0404E15D11EC832D745AC4F9AE02.roa
Signing time: Thu 02 Jun 2022 04:15:41 +0000
ROA not before: Thu 02 Jun 2022 04:15:41 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 17639
IP address blocks: 27.49.0.0/16 maxlen: 16
27.49.0.0/22 maxlen: 22
103.240.120.0/22 maxlen: 22
113.19.0.0/16 maxlen: 22
136.158.128.0/17 maxlen: 17
136.158.128.0/22 maxlen: 22
136.158.132.0/22 maxlen: 22
136.158.136.0/22 maxlen: 22
136.158.140.0/22 maxlen: 22
136.158.144.0/22 maxlen: 22
136.158.148.0/22 maxlen: 22
136.158.152.0/22 maxlen: 22
136.158.156.0/22 maxlen: 22
136.158.160.0/22 maxlen: 22
136.158.164.0/22 maxlen: 22
136.158.168.0/22 maxlen: 22
136.158.172.0/22 maxlen: 22
136.158.176.0/22 maxlen: 22
136.158.180.0/22 maxlen: 22
136.158.184.0/22 maxlen: 22
136.158.188.0/22 maxlen: 22
136.158.192.0/22 maxlen: 22
136.158.196.0/22 maxlen: 22
136.158.200.0/22 maxlen: 22
136.158.204.0/22 maxlen: 22
136.158.208.0/22 maxlen: 22
136.158.212.0/22 maxlen: 22
136.158.216.0/22 maxlen: 22
136.158.220.0/22 maxlen: 22
136.158.224.0/22 maxlen: 22
136.158.228.0/22 maxlen: 22
136.158.232.0/22 maxlen: 22
136.158.236.0/22 maxlen: 22
136.158.240.0/22 maxlen: 22
136.158.244.0/22 maxlen: 22
136.158.248.0/22 maxlen: 22
136.158.252.0/22 maxlen: 22
223.130.16.0/22 maxlen: 22
2403:4c0::/32 maxlen: 32
2403:4c0:8000::/34 maxlen: 34
2403:4c0:c000::/34 maxlen: 34
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5246 (0x147e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916B18B/serialNumber=FDE36B6E949398E52D95E89D40BDF60B25DB69B9
Validity
Not Before: Jun 2 04:15:41 2022 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=6298396c-2f97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:31:6d:2f:20:6a:02:03:07:a5:43:69:43:aa:
3b:ad:54:f8:ea:7e:6f:c8:90:6d:9a:32:9a:52:95:
ef:58:8c:3d:12:ef:d2:88:7c:20:f7:ef:63:27:f0:
8c:96:7b:ca:b9:ee:84:e7:24:33:33:2f:b6:bb:d9:
26:36:24:81:8e:55:a7:58:b2:a9:71:98:51:f6:ff:
5b:e8:b5:00:d0:d7:3b:74:dc:b7:dc:8c:e0:6c:a8:
78:a8:61:c9:4c:cf:2e:7f:ef:99:54:67:47:dc:4b:
b2:02:91:b5:af:2c:50:52:9b:50:c5:47:b6:75:d8:
fd:d3:63:63:f6:e6:22:87:3a:90:c0:e8:20:38:c0:
e0:af:f1:50:78:8e:fd:79:27:8d:b5:6f:db:37:67:
cf:7a:40:dc:6f:78:74:c4:97:23:d4:02:58:4c:36:
d1:4d:cc:12:a8:5d:06:80:12:91:ff:77:37:83:0f:
02:bf:9b:4b:c7:8c:e3:4f:1d:8a:75:29:71:36:df:
25:00:fd:c9:98:48:a9:f7:a0:94:bc:82:7b:25:97:
c7:24:a0:ee:35:40:ce:f8:85:3d:fd:79:ff:86:46:
9a:58:38:05:98:17:5d:9c:fb:15:0c:5b:9b:51:d5:
50:c4:86:10:75:d1:fc:94:92:48:75:85:83:09:e3:
f9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:6F:7D:22:BD:EE:37:B7:39:B8:70:9C:70:6C:19:0B:A0:12:5E:D3
X509v3 Authority Key Identifier:
keyid:FD:E3:6B:6E:94:93:98:E5:2D:95:E8:9D:40:BD:F6:0B:25:DB:69:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916B18B/628DE502DF2311E797225D2EC4F9AE02/_eNrbpSTmOUtleidQL32CyXbabk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_eNrbpSTmOUtleidQL32CyXbabk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B18B/628DE502DF2311E797225D2EC4F9AE02/4B8E0404E15D11EC832D745AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.49.0.0/16
103.240.120.0/22
113.19.0.0/16
136.158.128.0/17
223.130.16.0/22
IPv6:
2403:4c0::/32
Signature Algorithm: sha256WithRSAEncryption
af:36:3f:75:8a:c8:e9:8c:b9:d2:37:48:6f:fb:f2:7b:ee:44:
da:5f:4e:74:c0:25:8c:10:e1:62:e0:20:76:52:70:c7:da:55:
9c:89:65:d3:af:a5:3b:31:8b:ed:be:e5:7c:15:62:ca:a0:be:
b2:d8:33:c2:1c:da:65:e3:07:97:2b:5d:60:4f:7c:16:86:63:
b6:80:b5:6e:18:43:f5:29:19:0c:f7:e6:10:c6:d2:68:cb:dd:
a1:ed:15:db:a7:08:1b:1f:04:8a:80:7a:a4:70:55:ab:2a:d7:
64:de:d8:e5:d0:65:05:65:78:69:ab:88:81:c9:cf:e5:ed:cc:
3f:53:92:50:4e:24:9e:d7:a3:c0:f2:a4:d1:53:02:8b:4e:05:
b3:aa:e7:6c:d0:93:d4:5f:5c:79:5d:11:16:d4:13:40:d7:0c:
6e:63:7f:f1:76:6a:ba:82:53:cb:b4:b1:69:1e:42:86:37:05:
57:b2:69:e9:86:cd:51:92:00:27:89:f5:fd:b6:fd:a6:41:4a:
95:50:f2:b1:cc:e0:b0:ed:49:8e:93:02:e1:19:7c:63:b6:07:
7e:e8:f0:d5:22:b0:ea:3d:4c:71:7d:cf:de:7c:fe:fe:5f:1c:
eb:8e:22:5d:46:25:60:af:59:fd:47:af:db:98:9d:c8:cd:bf:
4a:58:f2:b7
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgICFH4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkIxOEIxMTAvBgNVBAUTKEZERTM2QjZFOTQ5Mzk4RTUyRDk1RTg5RDQwQkRGNjBC
MjVEQjY5QjkwHhcNMjIwNjAyMDQxNTQxWhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk4Mzk2Yy0yZjk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArTFtLyBqAgMHpUNpQ6o7rVT46n5vyJBtmjKaUpXvWIw9Eu/SiHwg9+9jJ/CM
lnvKue6E5yQzMy+2u9kmNiSBjlWnWLKpcZhR9v9b6LUA0Nc7dNy33IzgbKh4qGHJ
TM8uf++ZVGdH3EuyApG1ryxQUptQxUe2ddj902Nj9uYihzqQwOggOMDgr/FQeI79
eSeNtW/bN2fPekDcb3h0xJcj1AJYTDbRTcwSqF0GgBKR/3c3gw8Cv5tLx4zjTx2K
dSlxNt8lAP3JmEip96CUvIJ7JZfHJKDuNUDO+IU9/Xn/hkaaWDgFmBddnPsVDFub
UdVQxIYQddH8lJJIdYWDCeP51QIDAQABo4ICujCCArYwHQYDVR0OBBYEFMhvfSK9
7je3ObhwnHBsGQugEl7TMB8GA1UdIwQYMBaAFP3ja26Uk5jlLZXonUC99gsl22m5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjE4Qi82MjhERTUwMkRG
MjMxMUU3OTcyMjVEMkVDNEY5QUUwMi9fZU5yYnBTVG1PVXRsZWlkUUwzMkN5WGJh
YmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19lTnJicFNUbU9VdGxlaWRRTDMyQ3lYYmFiay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkIxOEIvNjI4REU1MDJERjIzMTFFNzk3MjI1RDJFQzRGOUFFMDIvNEI4RTA0MDRF
MTVEMTFFQzgzMkQ3NDVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E
NTAzMCIEAgABMBwDAwAbMQMEAmfweAMDAHETAwQHiJ6AAwQC34IQMA0EAgACMAcD
BQAkAwTAMA0GCSqGSIb3DQEBCwUAA4IBAQCvNj91isjpjLnSN0hv+/J77kTaX050
wCWMEOFi4CB2UnDH2lWciWXTr6U7MYvtvuV8FWLKoL6y2DPCHNpl4weXK11gT3wW
hmO2gLVuGEP1KRkM9+YQxtJoy92h7RXbpwgbHwSKgHqkcFWrKtdk3tjl0GUFZXhp
q4iByc/l7cw/U5JQTiSe16PA8qTRUwKLTgWzquds0JPUX1x5XREW1BNA1wxuY3/x
dmq6glPLtLFpHkKGNwVXsmnphs1RkgAnifX9tv2mQUqVUPKxzOCw7UmOkwLhGXxj
tgd+6PDVIrDqPUxxfc/efP7+XxzrjiJdRiVgr1n9R6/bmJ3Izb9KWPK3
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:45 2023 by rpki-client on console-fra.rpki-client.org