Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B46B5/D8A525EA18D511EB81B6E441C4F9AE02/EA7A500C9AFA11EDBBB03229C4F9AE02.roa
File: EA7A500C9AFA11EDBBB03229C4F9AE02.roa (raw, json)
Hash identifier: lVuVutvbiGWX7TxdclgCfDRQ2V/MZZ/CBvkkM9tRhR0=
Subject key identifier: 59:F1:FE:C7:81:EE:DF:F3:BC:91:00:B3:DF:E5:20:E3:6D:A8:2A:11
Certificate issuer: /CN=A91B46B5/serialNumber=1F0F9996977A7AEF84B54F3DAD3B96461EE49CDE
Certificate serial: 05CC
Authority key identifier: 1F:0F:99:96:97:7A:7A:EF:84:B5:4F:3D:AD:3B:96:46:1E:E4:9C:DE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hw-Zlpd6eu-EtU89rTuWRh7knN4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B46B5/D8A525EA18D511EB81B6E441C4F9AE02/EA7A500C9AFA11EDBBB03229C4F9AE02.roa
Signing time: Mon 23 Jan 2023 08:49:59 +0000
ROA not before: Mon 23 Jan 2023 08:49:59 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 38195
IP address blocks: 202.169.96.0/19 maxlen: 19
202.169.96.0/24 maxlen: 24
202.169.97.0/24 maxlen: 24
202.169.98.0/24 maxlen: 24
202.169.99.0/24 maxlen: 24
202.169.100.0/24 maxlen: 24
202.169.101.0/24 maxlen: 24
202.169.102.0/24 maxlen: 24
202.169.103.0/24 maxlen: 24
202.169.104.0/24 maxlen: 24
202.169.105.0/24 maxlen: 24
202.169.106.0/24 maxlen: 24
202.169.107.0/24 maxlen: 24
202.169.108.0/24 maxlen: 24
202.169.109.0/24 maxlen: 24
202.169.110.0/24 maxlen: 24
202.169.111.0/24 maxlen: 24
202.169.112.0/24 maxlen: 24
202.169.113.0/24 maxlen: 24
202.169.114.0/24 maxlen: 24
202.169.115.0/24 maxlen: 24
202.169.116.0/24 maxlen: 24
202.169.117.0/24 maxlen: 24
202.169.118.0/24 maxlen: 24
202.169.119.0/24 maxlen: 24
202.169.120.0/24 maxlen: 24
202.169.121.0/24 maxlen: 24
202.169.122.0/24 maxlen: 24
202.169.123.0/24 maxlen: 24
202.169.124.0/24 maxlen: 24
202.169.125.0/24 maxlen: 24
202.169.126.0/24 maxlen: 24
202.169.127.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1484 (0x5cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B46B5/serialNumber=1F0F9996977A7AEF84B54F3DAD3B96461EE49CDE
Validity
Not Before: Jan 23 08:49:59 2023 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63ce4a36-e5a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:73:ff:32:91:0e:38:b9:f8:31:32:ab:6b:25:
08:9f:90:d2:8f:d6:0a:5e:5f:4b:7e:e3:db:d2:7e:
e0:60:c6:c0:94:39:91:e3:9b:f5:43:69:02:fa:20:
dc:5f:6a:38:c0:a4:5c:a5:3d:7d:3a:53:6a:98:c3:
cc:79:06:99:a6:10:16:fb:ca:a2:5d:86:ee:85:71:
a3:1b:a2:ac:4d:a8:b1:97:70:e8:e3:0e:90:c8:14:
21:6d:fa:8f:18:f1:9b:e2:02:3b:7c:14:ec:49:89:
f4:64:8f:e9:cf:ce:4d:da:28:2e:c2:50:ae:31:31:
04:1a:85:dd:08:65:04:5e:d4:ff:9c:0d:f9:c3:34:
e8:b1:e7:48:0f:a0:20:a1:22:f7:3b:c4:0c:33:fc:
fc:1e:68:3e:61:e4:2d:2c:b7:fa:84:c2:cb:aa:ac:
c2:2b:6a:55:07:a0:4b:03:27:db:0d:45:5b:f3:79:
65:bd:a6:2c:60:d6:7c:ff:b6:de:54:e5:c4:d6:7b:
72:8b:50:8a:5e:c3:41:b5:eb:89:f8:8c:a4:85:f4:
12:f5:75:8d:1d:a9:06:bd:88:b4:3e:56:8e:58:bd:
83:f7:9a:6a:63:a1:de:57:c0:4f:ec:1e:42:32:bd:
71:a6:bb:e8:85:a0:a9:89:db:82:42:fb:13:9b:07:
c3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:F1:FE:C7:81:EE:DF:F3:BC:91:00:B3:DF:E5:20:E3:6D:A8:2A:11
X509v3 Authority Key Identifier:
keyid:1F:0F:99:96:97:7A:7A:EF:84:B5:4F:3D:AD:3B:96:46:1E:E4:9C:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B46B5/D8A525EA18D511EB81B6E441C4F9AE02/Hw-Zlpd6eu-EtU89rTuWRh7knN4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hw-Zlpd6eu-EtU89rTuWRh7knN4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B46B5/D8A525EA18D511EB81B6E441C4F9AE02/EA7A500C9AFA11EDBBB03229C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.169.96.0/19
Signature Algorithm: sha256WithRSAEncryption
67:c2:6c:07:49:ab:d6:74:2f:01:eb:a8:23:95:f9:9f:07:3b:
1e:83:15:6e:05:04:e6:74:33:66:fa:a1:bd:a7:03:16:ba:37:
d2:d4:fe:ec:d7:2f:ce:ed:77:61:0b:c5:40:be:f6:4b:39:3c:
e2:65:f1:ee:54:a7:32:f0:ea:0a:6e:4b:00:bb:a7:ec:f4:8a:
d4:c6:c4:ea:0d:72:77:14:43:c6:81:b1:99:a2:ef:10:10:7d:
b3:81:5f:70:57:c9:3a:44:7d:20:a8:ce:78:e6:bb:3b:bb:e3:
e6:4d:2a:44:aa:38:ab:29:d9:9c:ec:a8:3d:71:72:65:2e:dc:
e4:76:ca:41:e7:de:bb:8d:49:4d:19:86:21:70:ee:ba:6d:1f:
35:98:d8:b0:c1:0d:f5:ba:6b:7a:f5:32:cb:fa:b9:65:f5:47:
42:27:00:98:6d:92:79:10:14:8d:62:b4:59:65:a0:67:93:ca:
b7:5e:f5:af:b8:09:50:75:f6:fa:76:03:74:09:cd:46:4d:fe:
5d:35:0f:97:4a:a0:87:07:a1:fc:90:9d:f3:2e:c9:76:c4:0b:
ea:83:0f:dc:30:3c:b6:a2:63:7f:2e:7b:02:e8:27:00:40:55:
70:4f:2c:c9:86:3f:cb:39:1b:86:e1:c0:e2:e9:95:c4:94:53:
12:f5:c9:2d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBcwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjQ2QjUxMTAvBgNVBAUTKDFGMEY5OTk2OTc3QTdBRUY4NEI1NEYzREFEM0I5NjQ2
MUVFNDlDREUwHhcNMjMwMTIzMDg0OTU5WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2NlNGEzNi1lNWEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuXP/MpEOOLn4MTKrayUIn5DSj9YKXl9LfuPb0n7gYMbAlDmR45v1Q2kC+iDc
X2o4wKRcpT19OlNqmMPMeQaZphAW+8qiXYbuhXGjG6KsTaixl3Do4w6QyBQhbfqP
GPGb4gI7fBTsSYn0ZI/pz85N2iguwlCuMTEEGoXdCGUEXtT/nA35wzTosedID6Ag
oSL3O8QMM/z8Hmg+YeQtLLf6hMLLqqzCK2pVB6BLAyfbDUVb83llvaYsYNZ8/7be
VOXE1ntyi1CKXsNBteuJ+IykhfQS9XWNHakGvYi0PlaOWL2D95pqY6HeV8BP7B5C
Mr1xprvohaCpiduCQvsTmwfDiQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFnx/seB
7t/zvJEAs9/lIONtqCoRMB8GA1UdIwQYMBaAFB8PmZaXenrvhLVPPa07lkYe5Jze
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDZCNS9EOEE1MjVFQTE4
RDUxMUVCODFCNkU0NDFDNEY5QUUwMi9Idy1abHBkNmV1LUV0VTg5clR1V1JoN2tu
TjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0h3LVpscGQ2ZXUtRXRVODlyVHVXUmg3a25ONC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjQ2QjUvRDhBNTI1RUExOEQ1MTFFQjgxQjZFNDQxQzRGOUFFMDIvRUE3QTUwMEM5
QUZBMTFFREJCQjAzMjI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAXKqWAwDQYJKoZIhvcNAQELBQADggEBAGfCbAdJq9Z0LwHr
qCOV+Z8HOx6DFW4FBOZ0M2b6ob2nAxa6N9LU/uzXL87td2ELxUC+9ks5POJl8e5U
pzLw6gpuSwC7p+z0itTGxOoNcncUQ8aBsZmi7xAQfbOBX3BXyTpEfSCoznjmuzu7
4+ZNKkSqOKsp2ZzsqD1xcmUu3OR2ykHn3ruNSU0ZhiFw7rptHzWY2LDBDfW6a3r1
Msv6uWX1R0InAJhtknkQFI1itFlloGeTyrde9a+4CVB19vp2A3QJzUZN/l01D5dK
oIcHofyQnfMuyXbEC+qDD9wwPLaiY38uewLoJwBAVXBPLMmGP8s5G4bhwOLplcSU
UxL1yS0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:56 2024 by rpki-client on console-ams.rpki-client.org