Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9189BB3/A4478674DFCE11EB959B501FC4F9AE02/C5EFE604190D11ECB8166C50C4F9AE02.roa
File: C5EFE604190D11ECB8166C50C4F9AE02.roa (raw, json)
Hash identifier: cH3gLGEp13XiM9uEyJmnQsEvfCteyfZt6tmY+EI23W4=
Subject key identifier: C5:F8:B4:DA:64:11:43:AF:69:98:F8:68:FD:7A:54:62:3B:48:45:ED
Certificate issuer: /CN=A9189BB3/serialNumber=1528F63D28F3E1366902C6B64AF5866CCBA8DAC4
Certificate serial: 99
Authority key identifier: 15:28:F6:3D:28:F3:E1:36:69:02:C6:B6:4A:F5:86:6C:CB:A8:DA:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FSj2PSjz4TZpAsa2SvWGbMuo2sQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9189BB3/A4478674DFCE11EB959B501FC4F9AE02/C5EFE604190D11ECB8166C50C4F9AE02.roa
Signing time: Sun 19 Sep 2021 05:52:29 +0000
ROA not before: Sun 19 Sep 2021 05:52:29 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 23939
IP address blocks: 202.69.144.0/20 maxlen: 20
202.69.144.0/24 maxlen: 24
202.69.145.0/24 maxlen: 24
202.69.146.0/24 maxlen: 24
202.69.147.0/24 maxlen: 24
202.69.148.0/24 maxlen: 24
202.69.149.0/24 maxlen: 24
202.69.150.0/24 maxlen: 24
202.69.151.0/24 maxlen: 24
202.69.152.0/24 maxlen: 24
202.69.153.0/24 maxlen: 24
202.69.154.0/24 maxlen: 24
202.69.155.0/24 maxlen: 24
202.69.156.0/24 maxlen: 24
202.69.157.0/24 maxlen: 24
202.69.158.0/24 maxlen: 24
202.69.159.0/24 maxlen: 24
202.79.176.0/20 maxlen: 20
202.79.176.0/24 maxlen: 24
202.79.177.0/24 maxlen: 24
202.79.178.0/24 maxlen: 24
202.79.179.0/24 maxlen: 24
202.79.180.0/24 maxlen: 24
202.79.181.0/24 maxlen: 24
202.79.182.0/24 maxlen: 24
202.79.183.0/24 maxlen: 24
202.79.184.0/24 maxlen: 24
202.79.185.0/24 maxlen: 24
202.79.186.0/24 maxlen: 24
202.79.187.0/24 maxlen: 24
202.79.188.0/24 maxlen: 24
202.79.189.0/24 maxlen: 24
202.79.190.0/24 maxlen: 24
202.79.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153 (0x99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9189BB3/serialNumber=1528F63D28F3E1366902C6B64AF5866CCBA8DAC4
Validity
Not Before: Sep 19 05:52:29 2021 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=6146d01d-6f88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a1:b5:d6:12:1a:c6:c0:0b:6f:e3:97:98:56:
62:c8:c7:35:1e:bf:1a:44:8d:30:2f:09:4e:f4:14:
bf:be:b4:24:68:5d:66:a0:7a:30:de:6f:50:c3:03:
85:6a:3b:da:e7:d3:9a:6d:c8:b2:d1:3e:ba:ee:14:
91:3d:cb:ae:ec:36:54:08:f7:20:86:2e:f3:14:e7:
8c:03:fb:c3:37:0a:03:db:13:64:ee:62:09:19:53:
48:fd:be:e0:fd:c7:f3:3a:7e:b7:b8:4b:a9:ba:85:
ac:d3:1d:51:c2:d2:13:ab:6e:e0:76:51:f5:11:f2:
4f:b0:5f:75:41:a6:82:97:1f:ea:c6:fd:f1:a2:d3:
70:38:6c:a6:d1:1d:35:7d:21:41:b3:11:ad:a5:0d:
b1:2f:ed:1a:79:59:69:98:1b:e0:95:58:da:34:fa:
0a:eb:7d:5c:8a:87:88:6d:74:95:a8:6e:bd:1c:ab:
ef:ac:54:9c:7e:cf:f9:a4:49:1e:01:16:52:03:a4:
eb:01:3f:fa:b2:95:ee:5e:46:6e:dc:87:76:5d:ef:
95:14:3b:60:ac:af:bd:22:fa:57:81:05:75:b7:ad:
5d:ff:11:4b:b3:49:a6:aa:1c:fa:51:0c:5a:7c:14:
49:9f:70:82:7d:3d:e3:4b:31:f1:fe:5a:51:f4:60:
95:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:F8:B4:DA:64:11:43:AF:69:98:F8:68:FD:7A:54:62:3B:48:45:ED
X509v3 Authority Key Identifier:
keyid:15:28:F6:3D:28:F3:E1:36:69:02:C6:B6:4A:F5:86:6C:CB:A8:DA:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9189BB3/A4478674DFCE11EB959B501FC4F9AE02/FSj2PSjz4TZpAsa2SvWGbMuo2sQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FSj2PSjz4TZpAsa2SvWGbMuo2sQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9189BB3/A4478674DFCE11EB959B501FC4F9AE02/C5EFE604190D11ECB8166C50C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.69.144.0/20
202.79.176.0/20
Signature Algorithm: sha256WithRSAEncryption
00:84:f2:5b:f9:d0:e0:b3:c5:1b:eb:25:7e:fc:2a:af:73:8e:
fb:8e:31:b0:1c:39:cc:d2:6a:06:c0:8a:a0:a4:31:18:09:72:
8a:af:dd:19:cf:53:36:7a:f9:0f:07:e9:51:70:48:77:09:0e:
73:bc:3b:72:6f:61:83:5e:14:5b:61:c6:99:20:7e:e0:61:25:
0a:e3:dd:e3:0b:82:03:59:ac:a8:ba:3e:bf:c5:83:f9:92:87:
47:16:7c:06:f2:29:84:bd:48:83:6a:11:c0:a9:b4:5b:98:1d:
db:fd:ad:90:a6:75:a4:40:99:a1:66:35:93:53:cf:c8:28:27:
9b:e0:42:f8:07:fa:d1:8d:2a:d0:b2:c6:ab:64:2b:37:4b:8b:
9b:0e:04:79:f2:d6:95:08:d6:58:0b:1a:dc:46:b7:5d:2a:78:
e7:fa:f2:0a:31:62:6b:3b:b8:60:af:51:63:99:3c:e6:f1:08:
c5:f1:e7:e7:ea:14:b1:43:5e:6a:13:bf:fb:ec:d8:7c:dc:a4:
96:17:7a:cb:20:ed:93:b7:47:d9:89:6f:85:7b:06:1e:08:8c:
9e:d6:2b:66:d8:b5:f1:3a:f0:ac:b1:8b:ce:f1:5d:3a:f5:89:
96:c8:b4:1b:d1:07:b9:4d:f4:dd:3c:2f:46:de:58:67:dd:2b:
97:ba:66:5a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAJkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODlCQjMxMTAvBgNVBAUTKDE1MjhGNjNEMjhGM0UxMzY2OTAyQzZCNjRBRjU4NjZD
Q0JBOERBQzQwHhcNMjEwOTE5MDU1MjI5WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTQ2ZDAxZC02Zjg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlKG11hIaxsALb+OXmFZiyMc1Hr8aRI0wLwlO9BS/vrQkaF1moHow3m9QwwOF
ajva59Oabciy0T667hSRPcuu7DZUCPcghi7zFOeMA/vDNwoD2xNk7mIJGVNI/b7g
/cfzOn63uEupuoWs0x1RwtITq27gdlH1EfJPsF91QaaClx/qxv3xotNwOGym0R01
fSFBsxGtpQ2xL+0aeVlpmBvglVjaNPoK631cioeIbXSVqG69HKvvrFScfs/5pEke
ARZSA6TrAT/6spXuXkZu3Id2Xe+VFDtgrK+9IvpXgQV1t61d/xFLs0mmqhz6UQxa
fBRJn3CCfT3jSzHx/lpR9GCVuQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMX4tNpk
EUOvaZj4aP16VGI7SEXtMB8GA1UdIwQYMBaAFBUo9j0o8+E2aQLGtkr1hmzLqNrE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OUJCMy9BNDQ3ODY3NERG
Q0UxMUVCOTU5QjUwMUZDNEY5QUUwMi9GU2oyUFNqejRUWnBBc2EyU3ZXR2JNdW8y
c1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZTajJQU2p6NFRacEFzYTJTdldHYk11bzJzUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODlCQjMvQTQ0Nzg2NzRERkNFMTFFQjk1OUI1MDFGQzRGOUFFMDIvQzVFRkU2MDQx
OTBEMTFFQ0I4MTY2QzUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBATKRZADBATKT7AwDQYJKoZIhvcNAQELBQADggEBAACE8lv5
0OCzxRvrJX78Kq9zjvuOMbAcOczSagbAiqCkMRgJcoqv3RnPUzZ6+Q8H6VFwSHcJ
DnO8O3JvYYNeFFthxpkgfuBhJQrj3eMLggNZrKi6Pr/Fg/mSh0cWfAbyKYS9SINq
EcCptFuYHdv9rZCmdaRAmaFmNZNTz8goJ5vgQvgH+tGNKtCyxqtkKzdLi5sOBHny
1pUI1lgLGtxGt10qeOf68goxYms7uGCvUWOZPObxCMXx5+fqFLFDXmoTv/vs2Hzc
pJYXessg7ZO3R9mJb4V7Bh4IjJ7WK2bYtfE68Kyxi87xXTr1iZbItBvRB7lN9N08
L0beWGfdK5e6Zlo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:46 2023 by rpki-client on console-ams.rpki-client.org