Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/73FD9CC8D8D011ECB773DB2DC4F9AE02.roa
File: 73FD9CC8D8D011ECB773DB2DC4F9AE02.roa (raw, json)
Hash identifier: kfT30ldrPOA7arQh8vpMzqDq1ZxMx5MhS3+5dT3vhGg=
Subject key identifier: 00:FE:4C:F7:50:A8:AA:F1:53:8D:86:3C:6A:DC:EB:2C:92:A1:B1:5C
Certificate issuer: /CN=A919B06C/serialNumber=C83493C0297CCB58D2837946D6063F14A7DEE986
Certificate serial: 0AE0
Authority key identifier: C8:34:93:C0:29:7C:CB:58:D2:83:79:46:D6:06:3F:14:A7:DE:E9:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yDSTwCl8y1jSg3lG1gY_FKfe6YY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/73FD9CC8D8D011ECB773DB2DC4F9AE02.roa
Signing time: Sat 21 May 2022 06:37:16 +0000
ROA not before: Sat 21 May 2022 06:37:15 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 58945
IP address blocks: 59.152.3.0/24 maxlen: 24
59.152.14.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2784 (0xae0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919B06C/serialNumber=C83493C0297CCB58D2837946D6063F14A7DEE986
Validity
Not Before: May 21 06:37:15 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=6288889b-da2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b7:9b:cd:68:a3:6a:a7:90:9f:8f:d9:94:17:
ca:ed:a2:18:9a:41:3f:f2:75:5d:65:b7:58:03:23:
f9:68:90:e2:2c:5d:bd:c3:02:19:e6:8c:e4:a2:2f:
c5:a7:19:00:bb:61:72:47:a4:e1:c7:7d:b7:52:06:
66:08:9f:6a:c4:75:28:0f:b7:6a:aa:af:5d:c1:4f:
02:a2:05:8f:d7:a2:d3:b2:31:bb:74:5d:8b:89:1e:
17:70:ce:a7:2a:34:fa:ff:78:f8:4b:6e:6c:40:00:
b0:da:7f:33:fe:8b:ee:f4:28:6f:a9:26:7b:cd:ef:
34:30:25:61:00:3e:67:d3:f9:24:bb:86:5a:0b:46:
d0:d3:31:66:b1:dd:77:61:5f:25:0e:1e:c5:95:b9:
fb:e5:d3:42:ae:1b:06:27:90:60:85:6c:65:ef:bd:
6b:c1:d8:d8:cc:d7:40:57:ad:58:73:f2:6d:0e:fb:
0a:a8:dc:64:cd:8c:d1:39:10:3f:2c:e8:fc:4c:07:
db:2f:e1:c7:d0:a6:f9:f3:d7:37:23:fe:e9:8a:a7:
c9:3d:be:a4:2d:58:04:6d:33:1a:af:98:4b:f6:66:
ea:c8:08:17:6e:06:48:15:10:31:69:a3:79:6e:47:
7c:8d:35:8d:6b:2b:bd:23:1e:5e:80:d3:7f:f2:c3:
15:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:FE:4C:F7:50:A8:AA:F1:53:8D:86:3C:6A:DC:EB:2C:92:A1:B1:5C
X509v3 Authority Key Identifier:
keyid:C8:34:93:C0:29:7C:CB:58:D2:83:79:46:D6:06:3F:14:A7:DE:E9:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/yDSTwCl8y1jSg3lG1gY_FKfe6YY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yDSTwCl8y1jSg3lG1gY_FKfe6YY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/73FD9CC8D8D011ECB773DB2DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.3.0/24
59.152.14.0/24
Signature Algorithm: sha256WithRSAEncryption
14:87:94:2f:00:8d:48:83:db:22:5b:d0:06:6c:98:8a:8b:2e:
96:34:2d:fa:7e:0e:58:8b:c8:05:e5:34:ca:6c:1a:9a:dd:19:
ad:99:03:80:b5:5f:e2:66:98:67:7d:54:03:08:fc:28:12:df:
93:e5:f4:f3:e6:a0:ea:e3:98:1b:98:9c:42:e3:cf:58:01:d7:
0d:39:6f:04:df:31:ca:e4:52:0c:06:17:f2:9a:64:47:c4:81:
a0:87:ad:69:3d:2c:ea:7f:87:b7:62:64:5b:5d:8c:9e:a0:2b:
e6:8a:6c:42:23:ea:00:8e:d4:0d:c3:93:9a:38:30:5b:9f:45:
40:ea:d2:8f:29:bd:c3:30:96:b9:77:f5:bb:c1:b1:c8:72:59:
8c:97:90:f7:4a:6f:7f:ef:ac:91:a4:e4:21:da:c5:93:4a:59:
5a:52:39:f7:a6:01:4e:48:b7:75:ce:4a:a4:16:c1:2b:af:06:
b9:cf:5d:77:6b:6e:44:43:0d:c0:cb:a7:4e:bd:10:72:b5:fd:
03:94:b2:41:0c:e2:e8:a3:79:e1:8d:8f:f9:6a:4f:a6:df:a3:
25:b7:e8:20:e7:e3:93:e0:2a:09:dc:97:b5:3a:2c:fa:5c:08:
4e:f9:90:27:9c:d9:ac:fb:54:20:33:77:ee:37:b2:47:6e:04:
74:1e:fb:c9
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCuAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUIwNkMxMTAvBgNVBAUTKEM4MzQ5M0MwMjk3Q0NCNThEMjgzNzk0NkQ2MDYzRjE0
QTdERUU5ODYwHhcNMjIwNTIxMDYzNzE1WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjg4ODg5Yi1kYTJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3LebzWijaqeQn4/ZlBfK7aIYmkE/8nVdZbdYAyP5aJDiLF29wwIZ5ozkoi/F
pxkAu2FyR6Thx323UgZmCJ9qxHUoD7dqqq9dwU8CogWP16LTsjG7dF2LiR4XcM6n
KjT6/3j4S25sQACw2n8z/ovu9ChvqSZ7ze80MCVhAD5n0/kku4ZaC0bQ0zFmsd13
YV8lDh7Flbn75dNCrhsGJ5BghWxl771rwdjYzNdAV61Yc/JtDvsKqNxkzYzRORA/
LOj8TAfbL+HH0Kb589c3I/7piqfJPb6kLVgEbTMar5hL9mbqyAgXbgZIFRAxaaN5
bkd8jTWNayu9Ix5egNN/8sMVWwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAD+TPdQ
qKrxU42GPGrc6yySobFcMB8GA1UdIwQYMBaAFMg0k8ApfMtY0oN5RtYGPxSn3umG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QjA2Qy9FOUQ2MkU3NEZF
QUUxMUU4OTEwRDRENjZDNEY5QUUwMi95RFNUd0NsOHkxalNnM2xHMWdZX0ZLZmU2
WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lEU1R3Q2w4eTFqU2czbEcxZ1lfRktmZTZZWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUIwNkMvRTlENjJFNzRGRUFFMTFFODkxMEQ0RDY2QzRGOUFFMDIvNzNGRDlDQzhE
OEQwMTFFQ0I3NzNEQjJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAA7mAMDBAA7mA4wDQYJKoZIhvcNAQELBQADggEBABSHlC8A
jUiD2yJb0AZsmIqLLpY0Lfp+DliLyAXlNMpsGprdGa2ZA4C1X+JmmGd9VAMI/CgS
35Pl9PPmoOrjmBuYnELjz1gB1w05bwTfMcrkUgwGF/KaZEfEgaCHrWk9LOp/h7di
ZFtdjJ6gK+aKbEIj6gCO1A3Dk5o4MFufRUDq0o8pvcMwlrl39bvBschyWYyXkPdK
b3/vrJGk5CHaxZNKWVpSOfemAU5It3XOSqQWwSuvBrnPXXdrbkRDDcDLp069EHK1
/QOUskEM4uijeeGNj/lqT6bfoyW36CDn45PgKgncl7U6LPpcCE75kCec2az7VCAz
d+43skduBHQe+8k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:48 2024 by rpki-client on console-ams.rpki-client.org