Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91754CB/53BE4DBEFDD111ED98733067C4F9AE02/6F57C730582B11EEB09B4F6AC4F9AE02.roa
File: 6F57C730582B11EEB09B4F6AC4F9AE02.roa (raw, json)
Hash identifier: vxDdTUNU0ZgdQL6isra5Bqjou5EYSqTIo+PAtKb8aes=
Subject key identifier: FC:E4:EA:0C:3A:C5:03:7A:14:FA:26:91:36:C8:A4:7E:7F:1B:B4:7C
Certificate issuer: /CN=A91754CB/serialNumber=DD02A7E8D7C9757C657BDA6AD9D57F05881FFA57
Certificate serial: 3C
Authority key identifier: DD:02:A7:E8:D7:C9:75:7C:65:7B:DA:6A:D9:D5:7F:05:88:1F:FA:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3QKn6NfJdXxle9pq2dV_BYgf-lc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91754CB/53BE4DBEFDD111ED98733067C4F9AE02/6F57C730582B11EEB09B4F6AC4F9AE02.roa
Signing time: Thu 21 Sep 2023 03:03:27 +0000
ROA not before: Thu 21 Sep 2023 03:03:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212517
IP address blocks: 160.238.64.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60 (0x3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91754CB/serialNumber=DD02A7E8D7C9757C657BDA6AD9D57F05881FFA57
Validity
Not Before: Sep 21 03:03:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=650bb27f-5def
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:74:67:fa:e8:a7:d2:5c:b3:78:53:bc:e0:7e:
1e:14:ed:c2:99:15:44:36:71:17:2b:2a:a2:ab:95:
46:2e:64:46:6c:6b:e8:9c:26:f7:f4:77:64:17:7f:
fd:a6:cb:1c:b1:42:50:6d:fd:71:d6:3f:8e:24:c6:
76:e0:6f:fa:32:63:c6:54:b4:21:69:34:eb:ad:02:
5d:b1:5e:1d:62:70:d9:a0:a7:2e:44:17:d2:d5:eb:
54:95:d1:6a:be:ea:de:17:c5:59:27:08:34:a1:e8:
b8:1a:1b:b0:48:93:61:7a:1e:4f:74:73:da:9f:10:
55:ba:09:b5:73:80:f9:c1:02:93:36:0f:3f:09:ff:
1b:98:ad:06:27:68:17:84:13:fe:e3:25:b8:e1:9a:
45:64:5d:bf:b3:95:0b:4b:77:7b:8c:5b:25:39:dd:
15:ef:a8:14:d4:2a:6a:0b:a3:e8:14:b1:11:d1:29:
69:c2:c4:e4:b1:79:27:6f:35:9e:a9:69:0c:cf:5c:
06:ed:9d:cb:ff:5e:74:96:c1:23:2b:f6:c6:d8:3e:
c9:3f:ab:6a:7c:5c:26:a1:87:44:32:ac:a8:45:38:
bb:19:05:92:a2:6b:c5:ea:71:52:2f:ce:23:a2:87:
a1:42:00:7b:98:e3:27:38:30:d8:ea:23:63:b3:17:
68:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:E4:EA:0C:3A:C5:03:7A:14:FA:26:91:36:C8:A4:7E:7F:1B:B4:7C
X509v3 Authority Key Identifier:
keyid:DD:02:A7:E8:D7:C9:75:7C:65:7B:DA:6A:D9:D5:7F:05:88:1F:FA:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91754CB/53BE4DBEFDD111ED98733067C4F9AE02/3QKn6NfJdXxle9pq2dV_BYgf-lc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3QKn6NfJdXxle9pq2dV_BYgf-lc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91754CB/53BE4DBEFDD111ED98733067C4F9AE02/6F57C730582B11EEB09B4F6AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.238.64.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:df:d0:35:09:f0:a6:83:2d:22:e4:04:3e:08:db:be:95:cb:
ba:d3:83:b4:69:a5:24:95:34:78:55:a2:ac:51:db:ef:4e:89:
ce:59:3a:07:70:22:80:a8:0c:7c:5c:ff:a1:4e:68:b3:58:a0:
db:7f:2d:09:f9:7f:01:3b:1c:83:64:a6:54:65:43:07:77:c6:
fb:1f:03:79:72:9f:7b:90:0b:e6:65:b4:5e:8e:47:2f:32:84:
78:9b:81:24:a2:29:ca:27:15:30:5f:2b:45:cb:fb:32:0c:b7:
05:97:e8:ae:53:a0:1d:ff:5c:e3:50:67:58:33:4b:b3:a8:11:
9d:4a:39:9a:08:20:ec:0e:51:ae:69:2b:e2:7f:6f:67:e0:a1:
b1:f5:e1:8a:f8:de:6d:c0:af:86:3b:4a:9d:99:eb:f8:fe:0d:
0f:18:fb:fa:e9:b0:82:3d:1f:70:32:76:ed:b7:11:5d:d5:93:
f0:3b:b4:f6:b8:a7:fb:0b:ff:b3:e6:34:df:b4:0a:c9:c3:92:
c3:25:fd:c8:df:2f:bb:ed:02:95:87:33:9d:41:a3:64:69:d8:
3c:73:58:7e:44:c8:3b:50:d1:53:19:26:37:d7:b3:99:0e:24:
48:70:57:d4:69:92:22:b6:2c:ef:45:4d:82:57:6a:9e:6e:7e:
eb:2d:a9:0f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBPDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
NTRDQjExMC8GA1UEBRMoREQwMkE3RThEN0M5NzU3QzY1N0JEQTZBRDlENTdGMDU4
ODFGRkE1NzAeFw0yMzA5MjEwMzAzMjdaFw0yNDA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MGJiMjdmLTVkZWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCvdGf66KfSXLN4U7zgfh4U7cKZFUQ2cRcrKqKrlUYuZEZsa+icJvf0d2QXf/2m
yxyxQlBt/XHWP44kxnbgb/oyY8ZUtCFpNOutAl2xXh1icNmgpy5EF9LV61SV0Wq+
6t4XxVknCDSh6LgaG7BIk2F6Hk90c9qfEFW6CbVzgPnBApM2Dz8J/xuYrQYnaBeE
E/7jJbjhmkVkXb+zlQtLd3uMWyU53RXvqBTUKmoLo+gUsRHRKWnCxOSxeSdvNZ6p
aQzPXAbtncv/XnSWwSMr9sbYPsk/q2p8XCahh0QyrKhFOLsZBZKia8XqcVIvziOi
h6FCAHuY4yc4MNjqI2OzF2jBAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU/OTqDDrF
A3oU+iaRNsikfn8btHwwHwYDVR0jBBgwFoAU3QKn6NfJdXxle9pq2dV/BYgf+lcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1NENCLzUzQkU0REJFRkRE
MTExRUQ5ODczMzA2N0M0RjlBRTAyLzNRS242TmZKZFh4bGU5cHEyZFZfQllnZi1s
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvM1FLbjZOZkpkWHhsZTlwcTJkVl9CWWdmLWxjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NTRDQi81M0JFNERCRUZERDExMUVEOTg3MzMwNjdDNEY5QUUwMi82RjU3QzczMDU4
MkIxMUVFQjA5QjRGNkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKDuQDANBgkqhkiG9w0BAQsFAAOCAQEAsd/QNQnwpoMtIuQE
PgjbvpXLutODtGmlJJU0eFWirFHb706Jzlk6B3AigKgMfFz/oU5os1ig238tCfl/
ATscg2SmVGVDB3fG+x8DeXKfe5AL5mW0Xo5HLzKEeJuBJKIpyicVMF8rRcv7Mgy3
BZforlOgHf9c41BnWDNLs6gRnUo5mggg7A5Rrmkr4n9vZ+ChsfXhivjebcCvhjtK
nZnr+P4NDxj7+umwgj0fcDJ27bcRXdWT8Du09rin+wv/s+Y037QKycOSwyX9yN8v
u+0ClYcznUGjZGnYPHNYfkTIO1DRUxkmN9ezmQ4kSHBX1GmSIrYs70VNgldqnm5+
6y2pDw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org