Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9179BF7/4B66F12CF2C711EC8B819687C4F9AE02/55D288080E9011ED8E0DD20DC4F9AE02.roa
File: 55D288080E9011ED8E0DD20DC4F9AE02.roa (raw, json)
Hash identifier: C1B0/YSUd9IsFB0yYXTAvbzgm1dm14t4MpoKmHIKpUM=
Subject key identifier: F5:C1:8F:E4:73:D1:45:6D:A7:24:75:CB:7E:3D:67:06:6B:4C:DC:24
Certificate issuer: /CN=A9179BF7/serialNumber=7FCDEC31FAFA7E527DA7A9703932040F84558159
Certificate serial: 52
Authority key identifier: 7F:CD:EC:31:FA:FA:7E:52:7D:A7:A9:70:39:32:04:0F:84:55:81:59
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f83sMfr6flJ9p6lwOTIED4RVgVk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9179BF7/4B66F12CF2C711EC8B819687C4F9AE02/55D288080E9011ED8E0DD20DC4F9AE02.roa
Signing time: Thu 28 Jul 2022 16:14:20 +0000
ROA not before: Thu 28 Jul 2022 16:14:20 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 140934
IP address blocks: 2400:8aa0::/32 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82 (0x52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9179BF7/serialNumber=7FCDEC31FAFA7E527DA7A9703932040F84558159
Validity
Not Before: Jul 28 16:14:20 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=62e2b5db-e640
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:b1:12:d2:80:16:19:e5:b9:dd:ef:54:05:04:
37:ae:99:a6:fb:89:e3:25:17:f7:00:b5:a8:89:6d:
5a:e0:00:7d:14:67:72:9f:5b:63:d3:82:1c:2b:ec:
35:48:b6:c9:2e:2f:43:e7:14:c7:ff:a6:e9:06:35:
70:b7:23:04:18:5b:7b:9b:91:16:ef:ca:d2:03:e5:
ed:c8:7a:86:4f:14:d6:a9:0c:dd:17:da:50:2b:f7:
27:b8:41:c3:96:66:e8:b3:5d:8e:9b:43:8b:f2:66:
5b:b0:d9:35:cc:8b:88:9c:f8:57:fe:b9:49:06:bb:
27:cb:a8:1d:59:79:eb:20:d2:a9:b9:b9:14:aa:5f:
e2:5d:fc:cc:9f:19:6a:4d:7a:99:1e:4b:bf:7a:5c:
9e:90:42:be:86:38:3e:9e:48:cb:fd:3a:b0:52:ed:
a1:20:ef:2b:96:7a:58:0d:2f:17:ae:6d:ed:70:59:
4a:da:07:ea:9c:74:cd:81:61:40:23:41:0f:d5:b6:
e0:34:bc:32:49:12:6a:01:12:32:68:46:c9:f3:84:
36:51:3a:b6:fc:66:d1:e3:62:72:cb:f0:07:44:02:
ef:64:db:41:52:53:a9:5d:73:ac:c7:8c:30:e0:56:
49:70:da:1a:01:3b:f0:50:23:48:54:6b:52:84:c6:
17:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C1:8F:E4:73:D1:45:6D:A7:24:75:CB:7E:3D:67:06:6B:4C:DC:24
X509v3 Authority Key Identifier:
keyid:7F:CD:EC:31:FA:FA:7E:52:7D:A7:A9:70:39:32:04:0F:84:55:81:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9179BF7/4B66F12CF2C711EC8B819687C4F9AE02/f83sMfr6flJ9p6lwOTIED4RVgVk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f83sMfr6flJ9p6lwOTIED4RVgVk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9179BF7/4B66F12CF2C711EC8B819687C4F9AE02/55D288080E9011ED8E0DD20DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:8aa0::/32
Signature Algorithm: sha256WithRSAEncryption
57:53:b8:59:70:d9:93:4c:b7:1f:7a:92:ec:c9:55:ac:56:87:
99:92:04:3f:ce:92:fe:80:6a:45:ab:c8:74:59:97:0c:0e:fa:
8a:28:54:77:00:26:a2:99:07:ad:6c:6a:45:f8:a5:64:87:bb:
5b:57:ae:0f:9d:08:47:ac:d1:4e:c9:fa:89:6f:57:9c:2e:4e:
87:4f:58:e7:b3:69:6e:54:f8:86:4a:46:55:cb:7d:19:77:92:
38:21:b4:7d:96:95:c5:f9:80:79:d1:60:4f:7f:98:f0:0e:33:
3d:45:5e:b8:ba:2e:d2:55:5d:f1:73:0c:a8:3d:98:da:bb:0d:
87:88:b8:24:7d:09:91:4a:3e:c6:47:8b:6c:71:7b:2e:fe:e7:
1e:ca:af:5d:09:6e:22:32:cc:c8:03:b4:e7:e7:5f:21:af:71:
d3:16:40:9e:4e:8e:f1:cc:39:f7:1b:be:db:eb:95:b3:e7:0c:
0f:ce:60:6b:d0:75:42:3c:e3:6f:f8:c0:4a:27:e6:c1:40:4a:
d1:4d:9b:06:44:d6:fb:c5:c9:d1:cc:58:bb:24:fa:ab:31:c6:
0e:a4:38:73:94:f9:2b:7b:57:c7:9c:34:5c:b2:10:51:41:d1:
18:e7:55:b7:de:d5:60:31:bb:a2:08:8e:91:6b:1b:dd:8d:33:
dc:c5:03:21
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBUjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
OUJGNzExMC8GA1UEBRMoN0ZDREVDMzFGQUZBN0U1MjdEQTdBOTcwMzkzMjA0MEY4
NDU1ODE1OTAeFw0yMjA3MjgxNjE0MjBaFw0yMzA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyZTJiNWRiLWU2NDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDpsRLSgBYZ5bnd71QFBDeumab7ieMlF/cAtaiJbVrgAH0UZ3KfW2PTghwr7DVI
tskuL0PnFMf/pukGNXC3IwQYW3ubkRbvytID5e3IeoZPFNapDN0X2lAr9ye4QcOW
ZuizXY6bQ4vyZluw2TXMi4ic+Ff+uUkGuyfLqB1Zeesg0qm5uRSqX+Jd/MyfGWpN
epkeS796XJ6QQr6GOD6eSMv9OrBS7aEg7yuWelgNLxeube1wWUraB+qcdM2BYUAj
QQ/VtuA0vDJJEmoBEjJoRsnzhDZROrb8ZtHjYnLL8AdEAu9k20FSU6ldc6zHjDDg
Vklw2hoBO/BQI0hUa1KExhevAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQU9cGP5HPR
RW2nJHXLfj1nBmtM3CQwHwYDVR0jBBgwFoAUf83sMfr6flJ9p6lwOTIED4RVgVkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc5QkY3LzRCNjZGMTJDRjJD
NzExRUM4QjgxOTY4N0M0RjlBRTAyL2Y4M3NNZnI2ZmxKOXA2bHdPVElFRDRSVmdW
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZjgzc01mcjZmbEo5cDZsd09USUVENFJWZ1ZrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
OUJGNy80QjY2RjEyQ0YyQzcxMUVDOEI4MTk2ODdDNEY5QUUwMi81NUQyODgwODBF
OTAxMUVEOEUwREQyMERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQAiqAwDQYJKoZIhvcNAQELBQADggEBAFdTuFlw2ZNMtx96
kuzJVaxWh5mSBD/Okv6AakWryHRZlwwO+oooVHcAJqKZB61sakX4pWSHu1tXrg+d
CEes0U7J+olvV5wuTodPWOezaW5U+IZKRlXLfRl3kjghtH2WlcX5gHnRYE9/mPAO
Mz1FXri6LtJVXfFzDKg9mNq7DYeIuCR9CZFKPsZHi2xxey7+5x7Kr10JbiIyzMgD
tOfnXyGvcdMWQJ5OjvHMOfcbvtvrlbPnDA/OYGvQdUI842/4wEon5sFAStFNmwZE
1vvFydHMWLsk+qsxxg6kOHOU+St7V8ecNFyyEFFB0RjnVbfe1WAxu6IIjpFrG92N
M9zFAyE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:47 2023 by rpki-client on console-fra.rpki-client.org