Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6BB9/6BDEAA7E390C11EBB2181D63C4F9AE02/67297A6EB53811ECA86FA07BC4F9AE02.roa
File: 67297A6EB53811ECA86FA07BC4F9AE02.roa (raw, json)
Hash identifier: wHtkzXIzclJATshouAVe5mTHsQPlIi3MHJ99RIasz2I=
Subject key identifier: 13:74:FA:58:70:42:60:14:BC:D3:E9:C5:2B:DF:C7:01:21:AE:4B:8B
Certificate issuer: /CN=A91C6BB9/serialNumber=C79112C7C5AC36583221D1F94675196C2136EABE
Certificate serial: 043D
Authority key identifier: C7:91:12:C7:C5:AC:36:58:32:21:D1:F9:46:75:19:6C:21:36:EA:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x5ESx8WsNlgyIdH5RnUZbCE26r4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6BB9/6BDEAA7E390C11EBB2181D63C4F9AE02/67297A6EB53811ECA86FA07BC4F9AE02.roa
Signing time: Thu 02 Jun 2022 12:58:32 +0000
ROA not before: Thu 02 Jun 2022 12:58:32 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 17763
IP address blocks: 203.12.28.0/24 maxlen: 24
203.18.216.0/24 maxlen: 24
203.18.217.0/24 maxlen: 24
203.18.218.0/24 maxlen: 24
203.18.219.0/24 maxlen: 24
203.18.220.0/24 maxlen: 24
203.18.221.0/24 maxlen: 24
203.18.222.0/24 maxlen: 24
203.18.223.0/24 maxlen: 24
203.25.32.0/24 maxlen: 24
203.25.33.0/24 maxlen: 24
203.25.34.0/24 maxlen: 24
203.25.35.0/24 maxlen: 24
203.28.64.0/24 maxlen: 24
203.28.65.0/24 maxlen: 24
203.28.66.0/24 maxlen: 24
203.28.67.0/24 maxlen: 24
203.28.68.0/24 maxlen: 24
203.28.69.0/24 maxlen: 24
203.28.70.0/24 maxlen: 24
203.28.71.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1085 (0x43d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6BB9/serialNumber=C79112C7C5AC36583221D1F94675196C2136EABE
Validity
Not Before: Jun 2 12:58:32 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=6298b3f7-1c62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:19:29:a3:ea:1c:37:b9:8b:f7:da:6e:f6:51:
42:b5:e4:bd:f1:f9:84:3c:59:4b:b8:36:d2:fd:f5:
98:8f:95:95:6c:ad:7c:3a:c1:01:a6:2e:e0:6d:3f:
ea:8a:67:b6:41:af:2a:d7:cf:4c:3f:f6:11:16:f3:
23:1b:ea:0c:ee:71:e3:31:60:92:51:15:85:27:51:
7f:99:ba:3a:25:4e:ff:90:ba:93:46:5b:8a:8a:4e:
0f:ab:47:ba:c4:c7:f8:d3:e3:de:ba:42:1b:a0:68:
c1:d3:52:fb:4e:ea:c4:26:d5:bb:2f:4d:7a:cc:c1:
c2:fa:98:b4:09:8d:19:c1:2f:fe:f0:67:f4:f0:35:
10:c4:d8:cb:2b:fd:e2:ab:82:9c:34:5c:8a:ee:92:
91:33:7c:e4:bc:e1:fd:15:cf:c5:d0:1d:77:d2:98:
4f:12:0e:f8:b4:e1:cd:7a:67:88:3a:81:ab:7b:e2:
91:4b:2f:d6:d5:7c:53:75:3e:a6:47:5e:8d:ea:d2:
dd:ba:16:c1:92:3a:13:9f:28:21:11:8a:8a:d5:e2:
78:29:d1:91:6f:35:40:28:91:61:9d:8e:40:9e:de:
21:10:fd:c0:4c:05:7e:c2:99:cb:e5:d9:22:bf:72:
4e:9f:17:fc:e9:9c:18:6d:c8:03:2b:a1:ee:a5:18:
92:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:74:FA:58:70:42:60:14:BC:D3:E9:C5:2B:DF:C7:01:21:AE:4B:8B
X509v3 Authority Key Identifier:
keyid:C7:91:12:C7:C5:AC:36:58:32:21:D1:F9:46:75:19:6C:21:36:EA:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6BB9/6BDEAA7E390C11EBB2181D63C4F9AE02/x5ESx8WsNlgyIdH5RnUZbCE26r4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x5ESx8WsNlgyIdH5RnUZbCE26r4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6BB9/6BDEAA7E390C11EBB2181D63C4F9AE02/67297A6EB53811ECA86FA07BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.12.28.0/24
203.18.216.0/21
203.25.32.0/22
203.28.64.0/21
Signature Algorithm: sha256WithRSAEncryption
13:5a:2f:20:48:a3:4e:f4:12:ef:cc:56:f2:fa:34:c0:66:6e:
9f:e9:42:3a:01:09:d7:d6:ca:b1:34:2f:55:6f:f7:80:3b:82:
5d:13:48:d9:c1:40:49:43:9b:2a:75:78:35:71:d6:b6:75:d1:
aa:65:1d:13:fc:a5:54:20:14:eb:5a:70:61:1c:9d:af:ca:ff:
6f:67:39:c7:72:58:40:7f:8f:2f:d3:c4:f3:44:44:e4:68:86:
8e:4e:12:7b:b0:ac:1a:e0:df:dd:4a:b7:17:a8:cf:65:51:d1:
96:26:ec:3f:3a:86:a2:fa:d1:30:e6:a6:4e:2b:1c:37:b4:c0:
5e:b8:e3:85:4f:3b:4d:7d:f5:57:9c:05:e2:8a:16:14:2b:09:
a8:3b:70:81:24:66:75:c7:41:2b:78:04:ef:d9:c2:3f:31:3e:
bc:a8:49:8a:76:ad:a9:b7:bc:39:41:07:57:84:57:15:8a:62:
d4:16:6a:16:99:4a:bc:97:ee:6b:de:b4:d7:89:ba:0e:74:ba:
d5:cf:a2:6a:f5:4e:af:19:61:25:76:c8:f6:73:a6:fd:d7:cc:
e8:bc:d6:d7:51:f9:83:31:9b:77:ac:bf:dc:e0:ab:a8:57:77:
2a:da:c5:7b:83:19:f3:cd:3b:b3:33:c8:ec:0e:77:5e:88:8f:
5f:e6:23:88
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBD0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzZCQjkxMTAvBgNVBAUTKEM3OTExMkM3QzVBQzM2NTgzMjIxRDFGOTQ2NzUxOTZD
MjEzNkVBQkUwHhcNMjIwNjAyMTI1ODMyWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk4YjNmNy0xYzYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoRkpo+ocN7mL99pu9lFCteS98fmEPFlLuDbS/fWYj5WVbK18OsEBpi7gbT/q
ime2Qa8q189MP/YRFvMjG+oM7nHjMWCSURWFJ1F/mbo6JU7/kLqTRluKik4Pq0e6
xMf40+PeukIboGjB01L7TurEJtW7L016zMHC+pi0CY0ZwS/+8Gf08DUQxNjLK/3i
q4KcNFyK7pKRM3zkvOH9Fc/F0B130phPEg74tOHNemeIOoGre+KRSy/W1XxTdT6m
R16N6tLduhbBkjoTnyghEYqK1eJ4KdGRbzVAKJFhnY5Ant4hEP3ATAV+wpnL5dki
v3JOnxf86ZwYbcgDK6HupRiS0wIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFBN0+lhw
QmAUvNPpxSvfxwEhrkuLMB8GA1UdIwQYMBaAFMeREsfFrDZYMiHR+UZ1GWwhNuq+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNkJCOS82QkRFQUE3RTM5
MEMxMUVCQjIxODFENjNDNEY5QUUwMi94NUVTeDhXc05sZ3lJZEg1Um5VWmJDRTI2
cjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3g1RVN4OFdzTmxneUlkSDVSblVaYkNFMjZyNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzZCQjkvNkJERUFBN0UzOTBDMTFFQkIyMTgxRDYzQzRGOUFFMDIvNjcyOTdBNkVC
NTM4MTFFQ0E4NkZBMDdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBADLDBwDBAPLEtgDBALLGSADBAPLHEAwDQYJKoZIhvcNAQEL
BQADggEBABNaLyBIo070Eu/MVvL6NMBmbp/pQjoBCdfWyrE0L1Vv94A7gl0TSNnB
QElDmyp1eDVx1rZ10aplHRP8pVQgFOtacGEcna/K/29nOcdyWEB/jy/TxPNERORo
ho5OEnuwrBrg391Ktxeoz2VR0ZYm7D86hqL60TDmpk4rHDe0wF6444VPO0199Vec
BeKKFhQrCag7cIEkZnXHQSt4BO/Zwj8xPryoSYp2ram3vDlBB1eEVxWKYtQWahaZ
SryX7mvetNeJug50utXPomr1Tq8ZYSV2yPZzpv3XzOi81tdR+YMxm3esv9zgq6hX
dyraxXuDGfPNO7MzyOwOd16Ij1/mI4g=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:07 2023 by rpki-client on console-fra.rpki-client.org