Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/9624695046C311EE88E1D342C4F9AE02.roa
File: 9624695046C311EE88E1D342C4F9AE02.roa (raw, json)
Hash identifier: ng6XkzntChElG0nya5JjMAEhRCC6BVBrLITLbsxdaUM=
Subject key identifier: DE:46:F4:62:66:50:F3:92:6E:47:D9:62:75:06:AA:D8:E1:65:84:72
Certificate issuer: /CN=A91AB6EB/serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A
Certificate serial: 09C2
Authority key identifier: FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/9624695046C311EE88E1D342C4F9AE02.roa
Signing time: Sat 02 Mar 2024 21:29:55 +0000
ROA not before: Sat 02 Mar 2024 21:29:55 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 23604
IP address blocks: 27.255.35.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2498 (0x9c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AB6EB/serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A
Validity
Not Before: Mar 2 21:29:55 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65e39a52-11b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:eb:74:d2:ee:eb:81:ba:ce:b1:df:00:68:f8:
35:3d:12:93:04:a1:ca:87:32:e6:95:d4:a4:cc:4d:
d8:c8:39:81:2c:5c:af:6d:83:a2:06:91:7c:46:66:
3d:f8:b9:25:a6:0b:23:d5:23:84:22:af:a1:12:1f:
c7:73:f8:87:20:77:a5:4d:d8:e8:6b:14:fb:c1:e3:
ed:49:4a:b3:a9:11:f6:1a:23:4b:e2:24:a9:0d:bd:
47:5f:9b:98:68:49:cb:a1:23:73:0f:cc:38:45:0b:
68:8f:41:14:a4:2f:c0:2f:5d:eb:2f:f4:7f:23:c6:
c7:f1:cb:41:65:d4:13:c9:7f:1f:55:13:1c:25:b2:
97:51:d2:30:e9:8b:c2:2f:cc:08:ab:6a:8d:7d:a0:
0c:88:8b:dc:43:b3:94:27:77:16:b5:f7:bd:13:ee:
dd:89:fd:48:c6:b5:23:61:7a:61:88:bf:f1:2c:43:
11:43:5b:5b:78:ff:c4:f2:2f:fa:4d:93:99:ac:e6:
94:df:1b:d0:95:36:1f:9f:a6:aa:03:01:3a:91:0d:
da:65:3d:75:2a:65:6b:11:90:fe:e2:d1:80:5f:ff:
1f:09:96:c0:84:bf:46:c9:a7:5e:46:a3:e4:1b:0d:
ac:2a:9d:fa:61:0f:47:70:ee:01:ad:5d:f0:30:2d:
fa:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:46:F4:62:66:50:F3:92:6E:47:D9:62:75:06:AA:D8:E1:65:84:72
X509v3 Authority Key Identifier:
keyid:FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/_JvUY9Aun9Lfw8Oa5M1asyJljCo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/9624695046C311EE88E1D342C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.255.35.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:48:83:c2:eb:ea:dc:12:d0:d1:bb:fd:e8:51:f2:6d:02:db:
16:52:02:13:f5:b8:e1:ea:9d:8f:ca:e0:42:c0:57:82:e9:22:
1f:86:bd:dc:2c:31:98:77:20:4b:ec:0a:87:b6:9a:dd:be:24:
6b:c8:b7:b0:ea:8b:52:00:28:9e:2b:78:1f:ea:22:f0:01:44:
ef:89:99:07:59:83:ed:db:ac:d4:43:1c:c9:37:4f:11:e5:8f:
46:3a:29:82:b0:f9:5d:79:89:85:6b:7d:5b:24:be:19:72:f0:
25:80:d0:4a:10:6b:e7:56:2d:45:e1:13:4b:88:86:70:f5:f7:
f1:36:2d:3e:b3:62:3d:43:c0:e9:90:23:53:35:31:db:d9:7e:
2a:00:2f:db:d8:af:2a:60:cf:8c:b4:e7:4d:38:e7:a2:62:d9:
3c:45:dc:6b:04:36:3c:5d:e8:f4:88:de:99:74:7f:d5:2e:df:
f0:af:be:9f:4f:97:63:ed:59:ae:61:fb:c2:2c:69:13:99:b8:
7a:f8:2a:ec:70:31:4e:cd:d0:73:47:76:bb:e0:cb:cf:57:c4:
f8:79:b2:8b:70:3e:3b:2f:44:29:98:c0:cf:81:09:05:94:ed:
7e:b8:2a:74:a2:86:a0:27:5c:bd:90:df:29:8a:0d:3a:9b:63:
35:a1:e7:65
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCcIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUI2RUIxMTAvBgNVBAUTKEZDOUJENDYzRDAyRTlGRDJERkMzQzM5QUU0Q0Q1QUIz
MjI2NThDMkEwHhcNMjQwMzAyMjEyOTU1WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUzOWE1Mi0xMWIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6+t00u7rgbrOsd8AaPg1PRKTBKHKhzLmldSkzE3YyDmBLFyvbYOiBpF8RmY9
+Lklpgsj1SOEIq+hEh/Hc/iHIHelTdjoaxT7wePtSUqzqRH2GiNL4iSpDb1HX5uY
aEnLoSNzD8w4RQtoj0EUpC/AL13rL/R/I8bH8ctBZdQTyX8fVRMcJbKXUdIw6YvC
L8wIq2qNfaAMiIvcQ7OUJ3cWtfe9E+7dif1IxrUjYXphiL/xLEMRQ1tbeP/E8i/6
TZOZrOaU3xvQlTYfn6aqAwE6kQ3aZT11KmVrEZD+4tGAX/8fCZbAhL9GyadeRqPk
Gw2sKp36YQ9HcO4BrV3wMC36VwIDAQABo4IClTCCApEwHQYDVR0OBBYEFN5G9GJm
UPOSbkfZYnUGqtjhZYRyMB8GA1UdIwQYMBaAFPyb1GPQLp/S38PDmuTNWrMiZYwq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjZFQi8wMTM5MUIwMDhF
MkIxMUVBQkY4NkRBNENDNEY5QUUwMi9fSnZVWTlBdW45TGZ3OE9hNU0xYXN5Smxq
Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19KdlVZOUF1bjlMZnc4T2E1TTFhc3lKbGpDby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUI2RUIvMDEzOTFCMDA4RTJCMTFFQUJGODZEQTRDQzRGOUFFMDIvOTYyNDY5NTA0
NkMzMTFFRTg4RTFEMzQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAb/yMwDQYJKoZIhvcNAQELBQADggEBAKJIg8Lr6twS0NG7
/ehR8m0C2xZSAhP1uOHqnY/K4ELAV4LpIh+GvdwsMZh3IEvsCoe2mt2+JGvIt7Dq
i1IAKJ4reB/qIvABRO+JmQdZg+3brNRDHMk3TxHlj0Y6KYKw+V15iYVrfVskvhly
8CWA0EoQa+dWLUXhE0uIhnD19/E2LT6zYj1DwOmQI1M1MdvZfioAL9vYrypgz4y0
500456Ji2TxF3GsENjxd6PSI3pl0f9Uu3/Cvvp9Pl2PtWa5h+8IsaROZuHr4Kuxw
MU7N0HNHdrvgy89XxPh5sotwPjsvRCmYwM+BCQWU7X64KnSihqAnXL2Q3ymKDTqb
YzWh52U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org