Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917B12B/A509EC1EBD9D11E49996554CC4F9AE02/584C4B0EB57A11EE9A894553C4F9AE02.roa
File: 584C4B0EB57A11EE9A894553C4F9AE02.roa (raw, json)
Hash identifier: 2ZnILT5Zuu9gukTr46vybRSmItM8kbK1CIaOuzqKiYw=
Subject key identifier: A9:27:5B:A1:08:B5:05:A8:B2:8A:EE:84:E7:1B:76:38:AF:58:C3:52
Certificate issuer: /CN=A917B12B/serialNumber=F26923453F0170309FD58BF3B0B5DCE43FF9B41C
Certificate serial: 2669
Authority key identifier: F2:69:23:45:3F:01:70:30:9F:D5:8B:F3:B0:B5:DC:E4:3F:F9:B4:1C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8mkjRT8BcDCf1YvzsLXc5D_5tBw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917B12B/A509EC1EBD9D11E49996554CC4F9AE02/584C4B0EB57A11EE9A894553C4F9AE02.roa
Signing time: Wed 17 Jan 2024 20:52:37 +0000
ROA not before: Wed 17 Jan 2024 20:52:37 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 132724
IP address blocks: 2400:8380::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9833 (0x2669)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917B12B/serialNumber=F26923453F0170309FD58BF3B0B5DCE43FF9B41C
Validity
Not Before: Jan 17 20:52:37 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=65a83e14-8d70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f8:6c:a7:b5:ab:08:65:3e:e5:96:d1:4f:58:
75:28:bc:67:83:0e:da:43:7b:da:83:30:83:07:65:
8f:0f:3a:22:36:2f:a4:16:06:02:69:c5:b2:0b:75:
b9:7b:e4:ca:cc:ff:dc:a1:c3:02:0f:f2:f9:fd:f5:
b4:d9:ad:7f:31:aa:fd:16:c2:38:ab:be:48:00:1a:
30:1c:bf:15:da:50:0f:23:06:ba:89:1a:e8:f2:e4:
8b:08:d1:0a:96:7e:18:10:e6:14:cc:44:32:09:d2:
b4:89:d0:37:b5:d7:f7:fc:f6:a8:27:0b:1e:08:bd:
65:21:c8:4f:50:af:d0:e4:1d:d7:df:30:00:7c:f7:
0c:43:31:37:ef:f8:f9:2b:15:ec:8b:39:a1:a9:3b:
7b:0b:99:10:6d:c5:90:e8:85:a9:b9:36:26:bd:51:
ef:ea:cd:9d:12:7f:fd:f1:5d:78:a1:3b:1f:c9:2e:
ae:ec:d0:d3:91:1b:c8:ca:66:bf:b9:b3:8b:40:57:
82:63:0a:ed:c8:ec:40:7e:92:96:4e:f0:f0:5d:ca:
7e:4b:a7:6e:8b:2f:32:ed:52:00:cd:d3:8e:3f:5e:
f9:5f:c6:ef:0d:68:2d:85:e5:eb:bc:1c:99:1a:f8:
a4:2c:ef:f5:0b:ba:d0:c1:3b:17:16:ad:c2:7a:09:
55:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:27:5B:A1:08:B5:05:A8:B2:8A:EE:84:E7:1B:76:38:AF:58:C3:52
X509v3 Authority Key Identifier:
keyid:F2:69:23:45:3F:01:70:30:9F:D5:8B:F3:B0:B5:DC:E4:3F:F9:B4:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917B12B/A509EC1EBD9D11E49996554CC4F9AE02/8mkjRT8BcDCf1YvzsLXc5D_5tBw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8mkjRT8BcDCf1YvzsLXc5D_5tBw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B12B/A509EC1EBD9D11E49996554CC4F9AE02/584C4B0EB57A11EE9A894553C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:8380::/32
Signature Algorithm: sha256WithRSAEncryption
3f:95:b0:c7:08:62:37:b5:b1:37:0f:36:3e:cd:55:23:85:8c:
58:27:50:3c:30:8c:d8:ea:b4:95:90:f7:29:1e:be:61:87:99:
bb:10:5b:c8:0f:d3:6d:5e:8e:8b:92:bd:fc:94:9c:4b:2d:8d:
e9:52:82:0c:14:cc:9f:39:75:00:65:1a:b1:a7:8c:7d:c3:d5:
ee:d9:58:e5:26:f9:c9:e5:d9:c4:82:2f:c0:ce:55:fe:a0:43:
41:29:ef:05:cf:cf:ef:9d:c4:a8:db:00:3c:76:da:0a:68:50:
f8:b0:80:23:3b:57:df:22:17:18:f2:e7:52:e0:9c:49:46:bf:
fa:cd:e7:a6:3b:7a:e9:01:67:18:7c:5a:4c:7b:b5:e4:cd:d7:
73:44:a4:76:6b:6e:b3:98:1b:a5:8c:0b:41:d6:99:35:0e:71:
3a:59:7d:32:81:3e:cb:bf:10:2f:35:cf:d4:89:6e:ff:87:64:
71:e2:7a:99:fe:81:62:76:b4:e0:ed:49:09:83:be:cb:33:eb:
65:d3:c9:da:85:cf:a2:80:66:15:be:5e:0c:23:aa:cb:59:b5:
5f:78:62:76:7e:3f:90:91:38:eb:fd:00:2f:7b:02:32:02:41:
c1:6a:2b:50:50:b8:be:78:0d:96:04:cb:19:bb:6f:82:6f:5e:
ce:47:4d:a8
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICJmkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0IxMkIxMTAvBgNVBAUTKEYyNjkyMzQ1M0YwMTcwMzA5RkQ1OEJGM0IwQjVEQ0U0
M0ZGOUI0MUMwHhcNMjQwMTE3MjA1MjM3WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWE4M2UxNC04ZDcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqfhsp7WrCGU+5ZbRT1h1KLxngw7aQ3vagzCDB2WPDzoiNi+kFgYCacWyC3W5
e+TKzP/cocMCD/L5/fW02a1/Mar9FsI4q75IABowHL8V2lAPIwa6iRro8uSLCNEK
ln4YEOYUzEQyCdK0idA3tdf3/PaoJwseCL1lIchPUK/Q5B3X3zAAfPcMQzE37/j5
KxXsizmhqTt7C5kQbcWQ6IWpuTYmvVHv6s2dEn/98V14oTsfyS6u7NDTkRvIyma/
ubOLQFeCYwrtyOxAfpKWTvDwXcp+S6duiy8y7VIAzdOOP175X8bvDWgtheXrvByZ
GvikLO/1C7rQwTsXFq3CeglV6wIDAQABo4ICljCCApIwHQYDVR0OBBYEFKknW6EI
tQWosoruhOcbdjivWMNSMB8GA1UdIwQYMBaAFPJpI0U/AXAwn9WL87C13OQ/+bQc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjEyQi9BNTA5RUMxRUJE
OUQxMUU0OTk5NjU1NENDNEY5QUUwMi84bWtqUlQ4QmNEQ2YxWXZ6c0xYYzVEXzV0
QncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhta2pSVDhCY0RDZjFZdnpzTFhjNURfNXRCdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0IxMkIvQTUwOUVDMUVCRDlEMTFFNDk5OTY1NTRDQzRGOUFFMDIvNTg0QzRCMEVC
NTdBMTFFRTlBODk0NTUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAIOAMA0GCSqGSIb3DQEBCwUAA4IBAQA/lbDHCGI3tbE3
DzY+zVUjhYxYJ1A8MIzY6rSVkPcpHr5hh5m7EFvID9NtXo6Lkr38lJxLLY3pUoIM
FMyfOXUAZRqxp4x9w9Xu2VjlJvnJ5dnEgi/AzlX+oENBKe8Fz8/vncSo2wA8dtoK
aFD4sIAjO1ffIhcY8udS4JxJRr/6zeemO3rpAWcYfFpMe7XkzddzRKR2a26zmBul
jAtB1pk1DnE6WX0ygT7LvxAvNc/UiW7/h2Rx4nqZ/oFidrTg7UkJg77LM+tl08na
hc+igGYVvl4MI6rLWbVfeGJ2fj+QkTjr/QAvewIyAkHBaitQULi+eA2WBMsZu2+C
b17OR02o
-----END CERTIFICATE-----
Generated at Thu Mar 7 04:52:01 2024 by rpki-client on console-ams.rpki-client.org