Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9183898/2091B01AB83811EB9D7EA24FC4F9AE02/7EE5BC4AB83A11EB869C6A53C4F9AE02.roa
File: 7EE5BC4AB83A11EB869C6A53C4F9AE02.roa (raw, json)
Hash identifier: 8dQzaw3GXgoR/ZOxSWLRcx7jXj1ly5t5Zm5JvmPIt4s=
Subject key identifier: E8:6B:AD:25:E5:BD:09:1A:6F:E8:50:34:53:C4:B1:85:66:3E:00:D0
Certificate issuer: /CN=A9183898/serialNumber=B47674313B943EC6CBEF7562BD1970D5C733EA5B
Certificate serial: 0364
Authority key identifier: B4:76:74:31:3B:94:3E:C6:CB:EF:75:62:BD:19:70:D5:C7:33:EA:5B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tHZ0MTuUPsbL73VivRlw1ccz6ls.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9183898/2091B01AB83811EB9D7EA24FC4F9AE02/7EE5BC4AB83A11EB869C6A53C4F9AE02.roa
Signing time: Mon 25 Jul 2022 01:50:26 +0000
ROA not before: Mon 25 Jul 2022 01:50:26 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 38829
IP address blocks: 118.127.160.0/19 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 868 (0x364)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9183898/serialNumber=B47674313B943EC6CBEF7562BD1970D5C733EA5B
Validity
Not Before: Jul 25 01:50:26 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=62ddf6e1-d754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:cc:07:1b:d3:0a:ae:7e:ba:17:43:e1:2a:b7:
dd:ec:ec:60:a2:21:c1:e8:60:d0:ed:ab:7f:34:4b:
69:bf:be:ad:1f:5c:a5:24:90:82:96:4c:84:e1:cf:
f8:27:b5:81:75:7f:a2:72:a7:2d:82:a0:33:c6:2c:
c0:6d:9e:65:97:14:54:75:7a:f6:dd:d8:8f:1d:d0:
42:10:44:ee:76:35:25:5d:ee:d2:d4:05:b7:5e:de:
88:34:15:df:28:50:67:3f:2a:eb:96:11:0d:d0:57:
85:4a:3d:72:0c:0f:93:36:36:93:2e:92:f2:62:39:
b0:12:ec:a4:04:58:2c:94:49:fb:c8:22:b3:d8:81:
d9:48:0c:88:a7:c8:ab:26:c5:cf:f5:4f:22:f4:fe:
a2:ed:e1:d1:d9:1d:ee:f6:85:d1:e3:0f:d4:e8:33:
44:5f:2f:c2:51:fd:c9:50:13:09:f9:a9:eb:05:1b:
c8:96:e6:98:d1:51:2a:9e:21:78:f6:47:00:be:bf:
b1:ea:81:26:f7:5d:12:ad:ce:95:0f:e6:85:89:48:
71:0a:18:9c:2e:db:78:4c:1d:c4:54:78:d4:21:13:
15:ed:98:87:5f:6b:b8:1d:57:8a:b9:4a:44:8c:2e:
77:83:66:b8:06:ad:3b:85:a9:cf:5d:eb:1f:52:ef:
b0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:6B:AD:25:E5:BD:09:1A:6F:E8:50:34:53:C4:B1:85:66:3E:00:D0
X509v3 Authority Key Identifier:
keyid:B4:76:74:31:3B:94:3E:C6:CB:EF:75:62:BD:19:70:D5:C7:33:EA:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9183898/2091B01AB83811EB9D7EA24FC4F9AE02/tHZ0MTuUPsbL73VivRlw1ccz6ls.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tHZ0MTuUPsbL73VivRlw1ccz6ls.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9183898/2091B01AB83811EB9D7EA24FC4F9AE02/7EE5BC4AB83A11EB869C6A53C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.127.160.0/19
Signature Algorithm: sha256WithRSAEncryption
51:2e:b7:23:3b:42:9f:9b:e5:70:93:73:cd:55:dc:a7:31:27:
a4:36:18:df:c5:f6:f2:5c:a9:3e:86:e2:ef:84:e7:43:7b:4b:
aa:a2:4e:c6:c2:05:c1:50:6c:ff:dd:f3:96:45:de:17:9d:85:
76:90:65:20:82:ea:29:c7:8f:2c:a9:1f:cc:b7:9d:63:e4:69:
7c:8d:46:74:9e:4b:b8:8d:7a:9f:04:4f:36:e9:69:f3:85:8e:
7a:15:7b:64:41:95:f5:0f:05:e9:f5:fe:fd:a9:22:8a:77:86:
5b:0f:79:f1:a7:ab:9a:08:a5:66:9a:26:29:86:61:68:be:a0:
9e:b8:c3:72:47:78:d8:d9:05:ac:b3:ed:fa:e4:9c:0f:f6:d1:
d7:3f:6a:31:99:f2:c6:ba:a7:f0:c8:16:08:95:b6:ff:9f:01:
a3:b5:ea:ff:d8:fd:0f:ec:6d:28:ea:af:5b:fd:f9:e0:df:56:
1f:97:8f:71:5b:17:c0:0d:3f:67:5d:f0:0e:e3:91:7c:ec:c0:
f7:23:c1:20:fb:b9:de:56:45:49:47:a1:34:28:26:3f:75:8c:
d3:92:18:6e:69:88:ce:9a:75:3d:2f:d1:1f:6f:6b:16:a2:51:
c8:8b:57:fc:6a:c0:98:df:19:42:7b:6c:db:7c:db:91:0b:15:
47:12:f2:e0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA2QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODM4OTgxMTAvBgNVBAUTKEI0NzY3NDMxM0I5NDNFQzZDQkVGNzU2MkJEMTk3MEQ1
QzczM0VBNUIwHhcNMjIwNzI1MDE1MDI2WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmRkZjZlMS1kNzU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0swHG9MKrn66F0PhKrfd7OxgoiHB6GDQ7at/NEtpv76tH1ylJJCClkyE4c/4
J7WBdX+icqctgqAzxizAbZ5llxRUdXr23diPHdBCEETudjUlXe7S1AW3Xt6INBXf
KFBnPyrrlhEN0FeFSj1yDA+TNjaTLpLyYjmwEuykBFgslEn7yCKz2IHZSAyIp8ir
JsXP9U8i9P6i7eHR2R3u9oXR4w/U6DNEXy/CUf3JUBMJ+anrBRvIluaY0VEqniF4
9kcAvr+x6oEm910Src6VD+aFiUhxChicLtt4TB3EVHjUIRMV7ZiHX2u4HVeKuUpE
jC53g2a4Bq07hanPXesfUu+wuQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOhrrSXl
vQkab+hQNFPEsYVmPgDQMB8GA1UdIwQYMBaAFLR2dDE7lD7Gy+91Yr0ZcNXHM+pb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4Mzg5OC8yMDkxQjAxQUI4
MzgxMUVCOUQ3RUEyNEZDNEY5QUUwMi90SFowTVR1VVBzYkw3M1ZpdlJsdzFjY3o2
bHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RIWjBNVHVVUHNiTDczVml2Umx3MWNjejZscy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODM4OTgvMjA5MUIwMUFCODM4MTFFQjlEN0VBMjRGQzRGOUFFMDIvN0VFNUJDNEFC
ODNBMTFFQjg2OUM2QTUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAV2f6AwDQYJKoZIhvcNAQELBQADggEBAFEutyM7Qp+b5XCT
c81V3KcxJ6Q2GN/F9vJcqT6G4u+E50N7S6qiTsbCBcFQbP/d85ZF3hedhXaQZSCC
6inHjyypH8y3nWPkaXyNRnSeS7iNep8ETzbpafOFjnoVe2RBlfUPBen1/v2pIop3
hlsPefGnq5oIpWaaJimGYWi+oJ64w3JHeNjZBayz7frknA/20dc/ajGZ8sa6p/DI
FgiVtv+fAaO16v/Y/Q/sbSjqr1v9+eDfVh+Xj3FbF8ANP2dd8A7jkXzswPcjwSD7
ud5WRUlHoTQoJj91jNOSGG5piM6adT0v0R9vaxaiUciLV/xqwJjfGUJ7bNt825EL
FUcS8uA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:46 2023 by rpki-client on console-ams.rpki-client.org