Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918127C/E697112A06AD11EB9821057FC4F9AE02/8D07BFD006B011EBAB4C0882C4F9AE02.roa
File: 8D07BFD006B011EBAB4C0882C4F9AE02.roa (raw, json)
Hash identifier: 9T/JQi+5+aEn875B0nTPGSgmILm5zz1UIb4F6dZAgXU=
Subject key identifier: 83:05:23:32:9E:66:65:74:C2:F6:3F:4E:F1:BB:0C:CF:AE:0D:F8:EC
Certificate issuer: /CN=A918127C/serialNumber=8F942252B7D404E33DB9B1E354E09103AAC50184
Certificate serial: 03C3
Authority key identifier: 8F:94:22:52:B7:D4:04:E3:3D:B9:B1:E3:54:E0:91:03:AA:C5:01:84
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/j5QiUrfUBOM9ubHjVOCRA6rFAYQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918127C/E697112A06AD11EB9821057FC4F9AE02/8D07BFD006B011EBAB4C0882C4F9AE02.roa
Signing time: Fri 28 Jan 2022 12:19:22 +0000
ROA not before: Fri 28 Jan 2022 12:19:22 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 17457
IP address blocks: 202.86.4.0/22 maxlen: 22
202.86.4.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 963 (0x3c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918127C/serialNumber=8F942252B7D404E33DB9B1E354E09103AAC50184
Validity
Not Before: Jan 28 12:19:22 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=61f3df4a-30db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4c:7b:b5:94:fe:c9:62:c2:12:59:2b:5f:81:
ee:44:5a:d7:d2:17:70:c4:a9:3c:b8:97:d7:b5:b2:
df:98:7b:bb:1a:d1:6b:89:09:ca:ed:a2:6f:0a:f2:
49:2a:27:da:91:b7:de:15:47:b7:f6:db:40:c7:53:
aa:61:f0:32:01:7f:e6:4a:57:da:74:a9:69:bb:87:
03:da:34:5d:a0:29:6a:40:69:80:13:bc:73:51:7d:
2c:d3:a0:0b:aa:9c:6e:57:4c:94:aa:d8:85:2e:fe:
aa:62:8c:36:70:ec:0b:c1:6d:0a:ad:1b:8b:c8:76:
36:04:c7:d2:1f:60:24:13:ab:3f:44:cb:9c:69:77:
b5:6f:bb:63:40:1e:75:59:8d:0a:9a:15:58:cf:a7:
16:11:b5:52:5b:19:f3:55:bd:6c:16:53:66:6e:03:
e1:19:bb:e3:87:d5:67:26:81:74:9f:d9:1f:7a:b7:
1e:83:93:66:02:97:68:dd:69:10:07:ac:a6:f1:74:
e4:f8:31:e5:ce:45:7c:63:a2:13:f8:5a:6d:3f:9f:
72:df:10:55:0e:c8:18:55:d0:79:fe:0f:12:15:23:
98:7f:b0:25:45:c8:41:41:b3:5d:c4:33:b2:82:b6:
80:c9:c3:79:bb:2c:d8:9b:dc:29:9d:ce:4c:cb:32:
01:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:05:23:32:9E:66:65:74:C2:F6:3F:4E:F1:BB:0C:CF:AE:0D:F8:EC
X509v3 Authority Key Identifier:
keyid:8F:94:22:52:B7:D4:04:E3:3D:B9:B1:E3:54:E0:91:03:AA:C5:01:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918127C/E697112A06AD11EB9821057FC4F9AE02/j5QiUrfUBOM9ubHjVOCRA6rFAYQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/j5QiUrfUBOM9ubHjVOCRA6rFAYQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918127C/E697112A06AD11EB9821057FC4F9AE02/8D07BFD006B011EBAB4C0882C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.86.4.0/22
Signature Algorithm: sha256WithRSAEncryption
03:2a:c8:30:b8:9e:02:50:52:e1:a0:a2:1a:98:de:4f:44:25:
15:44:53:86:ec:d9:a9:d7:df:96:e7:37:1d:ba:d5:3d:ad:b0:
e6:08:8d:a2:e9:6f:ee:1e:f2:aa:40:48:af:9f:41:6f:db:79:
96:55:36:2b:e1:c9:42:20:fe:7f:17:da:7f:c0:70:e3:31:55:
88:e6:19:ac:5a:b9:21:bc:6c:fe:b4:9a:79:99:75:51:f4:76:
78:7b:cb:0e:a6:43:84:33:0d:e4:20:1b:06:70:6e:0b:ae:90:
b6:c5:70:3c:1e:30:78:bd:2a:29:f3:76:ce:61:97:cf:97:69:
3c:10:c5:f0:e9:d9:28:16:30:da:08:0a:3e:fc:80:45:ca:7d:
6a:32:6f:af:26:6d:2f:ba:46:06:40:0e:56:27:4b:06:e3:a8:
b2:bc:ec:f2:c0:3b:7a:59:8a:a0:1c:49:b2:6f:79:cc:8d:36:
c2:95:88:f6:c1:ca:18:2a:c1:44:14:65:42:de:e4:17:a0:c5:
c1:98:49:da:b3:cb:11:03:d9:94:6d:9c:eb:6e:3e:9f:49:81:
16:d9:7d:e9:cb:47:2c:b0:86:7f:4d:36:5b:7a:7c:2b:4f:ca:
47:3f:0a:c2:fe:dc:0b:17:01:1d:f6:30:f3:d0:0f:a4:b4:87:
86:4a:91:84
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA8MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODEyN0MxMTAvBgNVBAUTKDhGOTQyMjUyQjdENDA0RTMzREI5QjFFMzU0RTA5MTAz
QUFDNTAxODQwHhcNMjIwMTI4MTIxOTIyWhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWYzZGY0YS0zMGRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqUx7tZT+yWLCElkrX4HuRFrX0hdwxKk8uJfXtbLfmHu7GtFriQnK7aJvCvJJ
KifakbfeFUe39ttAx1OqYfAyAX/mSlfadKlpu4cD2jRdoClqQGmAE7xzUX0s06AL
qpxuV0yUqtiFLv6qYow2cOwLwW0KrRuLyHY2BMfSH2AkE6s/RMucaXe1b7tjQB51
WY0KmhVYz6cWEbVSWxnzVb1sFlNmbgPhGbvjh9VnJoF0n9kferceg5NmApdo3WkQ
B6ym8XTk+DHlzkV8Y6IT+FptP59y3xBVDsgYVdB5/g8SFSOYf7AlRchBQbNdxDOy
graAycN5uyzYm9wpnc5MyzIBEQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIMFIzKe
ZmV0wvY/TvG7DM+uDfjsMB8GA1UdIwQYMBaAFI+UIlK31ATjPbmx41TgkQOqxQGE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MTI3Qy9FNjk3MTEyQTA2
QUQxMUVCOTgyMTA1N0ZDNEY5QUUwMi9qNVFpVXJmVUJPTTl1YkhqVk9DUkE2ckZB
WVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2o1UWlVcmZVQk9NOXViSGpWT0NSQTZyRkFZUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODEyN0MvRTY5NzExMkEwNkFEMTFFQjk4MjEwNTdGQzRGOUFFMDIvOEQwN0JGRDAw
NkIwMTFFQkFCNEMwODgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALKVgQwDQYJKoZIhvcNAQELBQADggEBAAMqyDC4ngJQUuGg
ohqY3k9EJRVEU4bs2anX35bnNx261T2tsOYIjaLpb+4e8qpASK+fQW/beZZVNivh
yUIg/n8X2n/AcOMxVYjmGaxauSG8bP60mnmZdVH0dnh7yw6mQ4QzDeQgGwZwbguu
kLbFcDweMHi9Kinzds5hl8+XaTwQxfDp2SgWMNoICj78gEXKfWoyb68mbS+6RgZA
DlYnSwbjqLK87PLAO3pZiqAcSbJvecyNNsKViPbByhgqwUQUZULe5BegxcGYSdqz
yxED2ZRtnOtuPp9JgRbZfenLRyywhn9NNlt6fCtPykc/CsL+3AsXAR32MPPQD6S0
h4ZKkYQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:48 2023 by rpki-client on console-fra.rpki-client.org