Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916B18B/628DE502DF2311E797225D2EC4F9AE02/EAB33872BFAE11ECB6FA9509C4F9AE02.roa
File: EAB33872BFAE11ECB6FA9509C4F9AE02.roa (raw, json)
Hash identifier: cg1WutYSXkn4xenDgYvfGVjEep4/bHy2ISMnxFHZmWY=
Subject key identifier: 39:99:D4:68:A2:CD:78:BD:09:07:AB:70:89:52:CA:90:B3:67:BB:0F
Certificate issuer: /CN=A916B18B/serialNumber=FDE36B6E949398E52D95E89D40BDF60B25DB69B9
Certificate serial: 1414
Authority key identifier: FD:E3:6B:6E:94:93:98:E5:2D:95:E8:9D:40:BD:F6:0B:25:DB:69:B9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_eNrbpSTmOUtleidQL32CyXbabk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916B18B/628DE502DF2311E797225D2EC4F9AE02/EAB33872BFAE11ECB6FA9509C4F9AE02.roa
Signing time: Tue 19 Apr 2022 07:04:13 +0000
ROA not before: Tue 19 Apr 2022 07:04:13 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 23689
IP address blocks: 136.158.164.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5140 (0x1414)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916B18B/serialNumber=FDE36B6E949398E52D95E89D40BDF60B25DB69B9
Validity
Not Before: Apr 19 07:04:13 2022 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=625e5eec-c986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:59:05:43:ed:82:5c:35:0c:07:d6:32:9c:2f:
bd:10:59:eb:90:e2:2d:10:bd:c8:aa:19:85:43:6e:
82:4c:6a:a7:35:04:4e:97:61:2e:a1:d9:79:c9:36:
0f:2e:40:57:c2:04:ce:02:06:41:93:9c:83:8e:a1:
00:33:53:42:04:05:5b:2c:49:bf:7f:7e:05:bf:d4:
b5:f4:2b:17:6a:c9:b2:fd:00:7b:e4:99:0a:34:95:
61:4f:42:a2:81:72:30:30:90:57:e5:94:b0:f2:12:
9d:db:77:6d:83:48:a2:35:2e:48:d9:0e:e3:b0:68:
8b:99:7f:e8:65:df:35:84:b8:c6:61:ef:9f:cb:12:
cc:89:02:af:f6:ae:3f:76:4f:47:b4:94:26:ef:6d:
d3:b4:43:ec:8a:22:95:f9:e9:bb:c2:18:9c:01:a2:
82:ce:fb:a0:29:da:28:65:6f:68:8c:c2:6c:c3:c9:
d9:c8:d4:60:f2:11:06:97:58:50:03:ef:d9:d1:2e:
9c:0b:cc:93:87:80:9c:f3:d8:4a:f8:da:8f:9b:c4:
d1:ea:57:43:cd:66:e0:30:3a:3c:88:5b:2b:38:1c:
51:0b:1e:df:46:dd:e4:95:29:32:b0:f3:79:6b:76:
ba:66:35:6c:25:4d:2e:8e:a6:9a:29:e1:66:8a:a6:
df:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:99:D4:68:A2:CD:78:BD:09:07:AB:70:89:52:CA:90:B3:67:BB:0F
X509v3 Authority Key Identifier:
keyid:FD:E3:6B:6E:94:93:98:E5:2D:95:E8:9D:40:BD:F6:0B:25:DB:69:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916B18B/628DE502DF2311E797225D2EC4F9AE02/_eNrbpSTmOUtleidQL32CyXbabk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_eNrbpSTmOUtleidQL32CyXbabk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B18B/628DE502DF2311E797225D2EC4F9AE02/EAB33872BFAE11ECB6FA9509C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
136.158.164.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:5b:f9:0b:3c:0a:1a:0b:ee:6f:fc:d1:28:73:97:f4:b4:d4:
29:cd:5c:c0:d0:4f:39:ab:41:68:62:9a:58:0d:99:1f:e3:14:
17:d4:35:e1:6e:4d:10:05:a1:37:b6:72:45:f1:d2:e1:2c:33:
47:a4:b6:84:53:51:01:b3:83:3b:dd:d3:29:67:13:e2:53:25:
e8:ec:e8:cd:81:da:96:fb:4c:87:8e:6f:13:5f:67:1c:77:c3:
53:c2:f3:22:55:2a:89:c3:bf:63:b3:fd:0b:8e:88:8e:b5:69:
38:5c:b4:2f:16:d9:ab:49:07:10:37:ea:75:1f:9d:93:eb:d9:
69:9c:f4:21:37:76:60:f3:92:c5:86:e2:4b:da:be:08:93:05:
fd:cd:33:46:fc:65:04:42:42:52:05:21:19:1c:87:aa:76:8a:
b3:ef:e2:79:8f:98:b7:76:18:72:a6:d3:71:30:56:da:a3:8b:
87:c7:4b:d0:53:1b:63:73:2b:4f:0e:f7:b2:88:a6:bb:b7:19:
87:54:84:7c:ba:4f:91:cc:12:cf:13:72:a3:e5:53:f0:63:92:
5f:6a:bb:71:ea:2f:26:b3:77:e0:7b:e6:d1:69:d6:c4:ef:7c:
f3:20:67:a1:4e:45:e1:17:aa:5d:bf:86:67:a4:a6:90:6c:f4:
96:a6:33:c7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICFBQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkIxOEIxMTAvBgNVBAUTKEZERTM2QjZFOTQ5Mzk4RTUyRDk1RTg5RDQwQkRGNjBC
MjVEQjY5QjkwHhcNMjIwNDE5MDcwNDEzWhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjVlNWVlYy1jOTg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv1kFQ+2CXDUMB9YynC+9EFnrkOItEL3IqhmFQ26CTGqnNQROl2Euodl5yTYP
LkBXwgTOAgZBk5yDjqEAM1NCBAVbLEm/f34Fv9S19CsXasmy/QB75JkKNJVhT0Ki
gXIwMJBX5ZSw8hKd23dtg0iiNS5I2Q7jsGiLmX/oZd81hLjGYe+fyxLMiQKv9q4/
dk9HtJQm723TtEPsiiKV+em7whicAaKCzvugKdooZW9ojMJsw8nZyNRg8hEGl1hQ
A+/Z0S6cC8yTh4Cc89hK+NqPm8TR6ldDzWbgMDo8iFsrOBxRCx7fRt3klSkysPN5
a3a6ZjVsJU0ujqaaKeFmiqbfXQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDmZ1Gii
zXi9CQercIlSypCzZ7sPMB8GA1UdIwQYMBaAFP3ja26Uk5jlLZXonUC99gsl22m5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjE4Qi82MjhERTUwMkRG
MjMxMUU3OTcyMjVEMkVDNEY5QUUwMi9fZU5yYnBTVG1PVXRsZWlkUUwzMkN5WGJh
YmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19lTnJicFNUbU9VdGxlaWRRTDMyQ3lYYmFiay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkIxOEIvNjI4REU1MDJERjIzMTFFNzk3MjI1RDJFQzRGOUFFMDIvRUFCMzM4NzJC
RkFFMTFFQ0I2RkE5NTA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACInqQwDQYJKoZIhvcNAQELBQADggEBAE1b+Qs8ChoL7m/8
0Shzl/S01CnNXMDQTzmrQWhimlgNmR/jFBfUNeFuTRAFoTe2ckXx0uEsM0ektoRT
UQGzgzvd0ylnE+JTJejs6M2B2pb7TIeObxNfZxx3w1PC8yJVKonDv2Oz/QuOiI61
aThctC8W2atJBxA36nUfnZPr2Wmc9CE3dmDzksWG4kvavgiTBf3NM0b8ZQRCQlIF
IRkch6p2irPv4nmPmLd2GHKm03EwVtqji4fHS9BTG2NzK08O97KIpru3GYdUhHy6
T5HMEs8TcqPlU/Bjkl9qu3HqLyazd+B75tFp1sTvfPMgZ6FOReEXql2/hmekppBs
9JamM8c=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:45 2023 by rpki-client on console-fra.rpki-client.org