Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9194C0D/AD258890575411EE940CD954C4F9AE02/34F5AE3260B311EE9EAFE153C4F9AE02.roa
File: 34F5AE3260B311EE9EAFE153C4F9AE02.roa (raw, json)
Hash identifier: RCYz/wyK7RiVK08Kvn/uIxMBpqTUDfKiGVUH/vwfkbI=
Subject key identifier: D6:74:16:34:8E:4E:AD:E8:71:C6:CA:30:D5:83:B6:FD:C1:40:1F:4E
Certificate issuer: /CN=A9194C0D/serialNumber=634E28B1002E556E8EB14F953EAD63B6D6775809
Certificate serial: 17
Authority key identifier: 63:4E:28:B1:00:2E:55:6E:8E:B1:4F:95:3E:AD:63:B6:D6:77:58:09
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y04osQAuVW6OsU-VPq1jttZ3WAk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9194C0D/AD258890575411EE940CD954C4F9AE02/34F5AE3260B311EE9EAFE153C4F9AE02.roa
Signing time: Thu 05 Oct 2023 23:14:56 +0000
ROA not before: Thu 05 Oct 2023 23:14:56 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 134090
IP address blocks: 45.249.116.0/22 maxlen: 24
103.51.112.0/22 maxlen: 24
103.85.36.0/22 maxlen: 24
103.95.112.0/22 maxlen: 24
103.106.88.0/22 maxlen: 24
123.253.188.0/22 maxlen: 24
202.128.112.0/20 maxlen: 20
202.128.112.0/21 maxlen: 24
202.128.120.0/21 maxlen: 24
202.179.128.0/22 maxlen: 24
2400:a840::/32 maxlen: 34
2400:a841::/32 maxlen: 34
2400:a842::/31 maxlen: 34
2400:a844::/31 maxlen: 34
2400:a846::/31 maxlen: 34
2402:2c80::/32 maxlen: 34
2402:3fc0::/32 maxlen: 34
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23 (0x17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9194C0D/serialNumber=634E28B1002E556E8EB14F953EAD63B6D6775809
Validity
Not Before: Oct 5 23:14:56 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=651f436f-317f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:20:70:7d:2a:c5:db:aa:04:45:43:1d:22:d8:
e7:db:ed:1e:cb:b2:b3:88:fb:ca:2d:24:18:e3:19:
6a:98:c4:98:a5:80:26:10:1b:19:04:c0:f0:d1:aa:
10:cb:9f:fe:7a:f5:5e:06:41:55:f2:82:4d:5e:93:
b2:89:df:ba:e8:74:75:83:74:d4:a0:89:47:e3:67:
27:ef:d7:0f:ae:40:4d:23:6c:1a:3f:d7:7b:3d:5a:
dc:5d:3e:88:b6:70:d9:4a:62:ce:d3:8b:0f:c9:c2:
53:d1:ec:cd:94:f4:a9:07:45:f8:0a:e4:2e:16:ec:
30:37:4c:e5:46:6b:70:55:fd:60:95:0f:6e:bd:0f:
7c:63:b3:68:9b:a3:ac:d4:88:ea:82:d3:19:3a:52:
b3:1e:7d:e8:46:37:6b:5b:68:c5:72:cb:b0:fb:05:
37:96:56:2a:51:5c:99:07:50:28:ad:25:01:ad:2f:
4a:57:4e:29:f0:fa:fe:fa:d6:a8:ad:10:59:c1:7c:
00:53:36:5d:a7:3c:db:ae:34:4f:69:94:74:a5:a1:
95:e3:9e:0d:2c:66:a8:04:db:8b:ff:f8:78:95:a5:
49:dd:4a:c4:d5:e9:c2:c0:bb:88:69:cb:d0:e1:f8:
7f:4e:3b:29:af:84:76:e3:d3:f2:4a:91:e6:eb:0b:
5a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:74:16:34:8E:4E:AD:E8:71:C6:CA:30:D5:83:B6:FD:C1:40:1F:4E
X509v3 Authority Key Identifier:
keyid:63:4E:28:B1:00:2E:55:6E:8E:B1:4F:95:3E:AD:63:B6:D6:77:58:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9194C0D/AD258890575411EE940CD954C4F9AE02/Y04osQAuVW6OsU-VPq1jttZ3WAk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y04osQAuVW6OsU-VPq1jttZ3WAk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194C0D/AD258890575411EE940CD954C4F9AE02/34F5AE3260B311EE9EAFE153C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.249.116.0/22
103.51.112.0/22
103.85.36.0/22
103.95.112.0/22
103.106.88.0/22
123.253.188.0/22
202.128.112.0/20
202.179.128.0/22
IPv6:
2400:a840::/29
2402:2c80::/32
2402:3fc0::/32
Signature Algorithm: sha256WithRSAEncryption
18:a6:09:e4:16:64:d6:7b:f4:07:cc:5e:73:53:52:33:97:8b:
46:4b:fb:92:76:16:c0:0b:03:8d:5f:ac:f8:85:73:94:1f:c9:
ca:42:eb:38:22:ec:05:bd:5e:fd:b1:33:8e:7d:68:8f:8e:b0:
93:57:9d:3e:7d:d2:3e:89:32:8d:73:f6:15:5c:24:93:f4:64:
24:9b:4a:5e:df:5f:2c:5a:92:ae:b7:fe:ac:a7:4d:6f:92:0b:
e2:6d:92:19:f4:0c:07:b2:91:16:b6:73:6c:ec:0b:96:09:f5:
d3:24:03:8f:1e:53:39:0c:ea:bb:c8:66:e5:ea:15:79:d4:d1:
ae:95:48:64:f9:46:49:bb:8b:b1:41:bf:b0:e8:63:01:c0:f1:
de:d7:2b:12:31:08:e4:ea:2f:71:c6:30:bf:a6:42:de:1a:d9:
28:e7:06:57:5f:d1:1c:1e:b9:19:5a:3a:f7:2c:e2:2e:59:3c:
d2:82:19:cf:0b:8f:6b:06:30:90:d9:c3:75:94:72:fb:a1:35:
a9:3c:11:33:5a:20:52:17:66:96:d3:1b:23:99:7e:df:2d:45:
96:82:4a:5e:fe:58:e5:59:33:79:98:01:21:69:5d:36:ba:ed:
3b:66:3c:46:83:89:24:45:41:7e:b5:ee:43:a2:54:48:01:27:
ec:de:a8:f1
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgIBFzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NEMwRDExMC8GA1UEBRMoNjM0RTI4QjEwMDJFNTU2RThFQjE0Rjk1M0VBRDYzQjZE
Njc3NTgwOTAeFw0yMzEwMDUyMzE0NTZaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MWY0MzZmLTMxN2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCfIHB9KsXbqgRFQx0i2Ofb7R7LsrOI+8otJBjjGWqYxJilgCYQGxkEwPDRqhDL
n/569V4GQVXygk1ek7KJ37rodHWDdNSgiUfjZyfv1w+uQE0jbBo/13s9WtxdPoi2
cNlKYs7Tiw/JwlPR7M2U9KkHRfgK5C4W7DA3TOVGa3BV/WCVD269D3xjs2ibo6zU
iOqC0xk6UrMefehGN2tbaMVyy7D7BTeWVipRXJkHUCitJQGtL0pXTinw+v761qit
EFnBfABTNl2nPNuuNE9plHSloZXjng0sZqgE24v/+HiVpUndSsTV6cLAu4hpy9Dh
+H9OOymvhHbj0/JKkebrC1oFAgMBAAGjggLcMIIC2DAdBgNVHQ4EFgQU1nQWNI5O
rehxxsow1YO2/cFAH04wHwYDVR0jBBgwFoAUY04osQAuVW6OsU+VPq1jttZ3WAkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk0QzBEL0FEMjU4ODkwNTc1
NDExRUU5NDBDRDk1NEM0RjlBRTAyL1kwNG9zUUF1Vlc2T3NVLVZQcTFqdHRaM1dB
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWTA0b3NRQXVWVzZPc1UtVlBxMWp0dFozV0FrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NEMwRC9BRDI1ODg5MDU3NTQxMUVFOTQwQ0Q5NTRDNEY5QUUwMi8zNEY1QUUzMjYw
QjMxMUVFOUVBRkUxNTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBmBggrBgEFBQcBBwEB/wRX
MFUwNgQCAAEwMAMEAi35dAMEAmczcAMEAmdVJAMEAmdfcAMEAmdqWAMEAnv9vAME
BMqAcAMEAsqzgDAbBAIAAjAVAwUDJACoQAMFACQCLIADBQAkAj/AMA0GCSqGSIb3
DQEBCwUAA4IBAQAYpgnkFmTWe/QHzF5zU1Izl4tGS/uSdhbACwONX6z4hXOUH8nK
Qus4IuwFvV79sTOOfWiPjrCTV50+fdI+iTKNc/YVXCST9GQkm0pe318sWpKut/6s
p01vkgvibZIZ9AwHspEWtnNs7AuWCfXTJAOPHlM5DOq7yGbl6hV51NGulUhk+UZJ
u4uxQb+w6GMBwPHe1ysSMQjk6i9xxjC/pkLeGtko5wZXX9EcHrkZWjr3LOIuWTzS
ghnPC49rBjCQ2cN1lHL7oTWpPBEzWiBSF2aW0xsjmX7fLUWWgkpe/ljlWTN5mAEh
aV02uu07ZjxGg4kkRUF+te5DolRIASfs3qjx
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:34 2024 by rpki-client on console-fra.rpki-client.org