Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6BB9/6BDEAA7E390C11EBB2181D63C4F9AE02/C12DAF948D6611EB9B803759C4F9AE02.roa
File: C12DAF948D6611EB9B803759C4F9AE02.roa (raw, json)
Hash identifier: kKAcwS5g7z/ZbYenyvccPGnckkjtxy56B+JMHrFvYPM=
Subject key identifier: C0:EA:C2:4A:BF:90:70:09:EB:F2:99:C0:81:8D:F0:14:FF:60:E2:4C
Certificate issuer: /CN=A91C6BB9/serialNumber=C79112C7C5AC36583221D1F94675196C2136EABE
Certificate serial: 0181
Authority key identifier: C7:91:12:C7:C5:AC:36:58:32:21:D1:F9:46:75:19:6C:21:36:EA:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x5ESx8WsNlgyIdH5RnUZbCE26r4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6BB9/6BDEAA7E390C11EBB2181D63C4F9AE02/C12DAF948D6611EB9B803759C4F9AE02.roa
Signing time: Thu 17 Jun 2021 12:31:58 +0000
ROA not before: Thu 17 Jun 2021 12:31:58 +0000
ROA not after: Wed 31 Aug 2022 00:00:00 +0000
asID: 17763
IP address blocks: 203.12.28.0/24 maxlen: 24
203.12.29.0/24 maxlen: 24
203.18.216.0/24 maxlen: 24
203.18.217.0/24 maxlen: 24
203.18.218.0/24 maxlen: 24
203.18.219.0/24 maxlen: 24
203.18.220.0/24 maxlen: 24
203.18.221.0/24 maxlen: 24
203.18.222.0/24 maxlen: 24
203.18.223.0/24 maxlen: 24
203.25.32.0/24 maxlen: 24
203.25.33.0/24 maxlen: 24
203.25.34.0/24 maxlen: 24
203.25.35.0/24 maxlen: 24
203.28.64.0/24 maxlen: 24
203.28.65.0/24 maxlen: 24
203.28.66.0/24 maxlen: 24
203.28.67.0/24 maxlen: 24
203.28.68.0/24 maxlen: 24
203.28.69.0/24 maxlen: 24
203.28.70.0/24 maxlen: 24
203.28.71.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 385 (0x181)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6BB9/serialNumber=C79112C7C5AC36583221D1F94675196C2136EABE
Validity
Not Before: Jun 17 12:31:58 2021 GMT
Not After : Aug 31 00:00:00 2022 GMT
Subject: CN=60cb40bd-25de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:30:44:a4:e3:92:b6:d1:cf:c2:0b:8e:0d:28:
e4:f1:51:80:ba:a8:47:8e:ae:e9:90:2a:e9:33:2f:
9a:91:ce:59:d2:f3:e5:17:44:56:ad:0c:f1:f3:77:
0a:1b:53:fd:84:f7:f4:3f:b4:17:34:c9:63:87:f5:
c3:72:f6:5a:f9:5c:17:67:b6:66:6a:04:3e:f2:ba:
c1:33:70:eb:c9:a7:bd:ba:30:10:52:08:ed:67:e3:
0b:1d:0a:37:a0:b5:55:03:f5:3a:5b:34:f2:45:a7:
91:64:7f:46:af:8f:11:4d:3b:9b:de:37:01:4f:3c:
80:3a:9f:0a:b3:cd:24:1f:65:45:e7:07:1a:be:27:
cc:c5:f0:2a:22:4a:e2:a1:06:29:58:58:e3:9f:49:
c0:30:da:3e:96:7b:ec:15:db:f9:c2:88:46:d7:19:
75:09:e6:a5:29:21:e1:60:92:5b:49:7d:b6:6b:ed:
73:e0:87:e9:d6:e4:ba:9e:79:39:e8:31:f8:d7:99:
36:d9:4d:42:13:ef:97:37:b3:86:9e:6f:d5:c6:d6:
91:57:6d:7d:e5:06:a4:ef:ed:3d:0e:bc:16:35:9a:
82:1a:56:0b:b9:22:be:21:df:83:b6:7d:11:96:27:
86:d7:db:15:ff:4f:07:46:c3:f4:17:fc:1f:5f:d2:
fd:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:EA:C2:4A:BF:90:70:09:EB:F2:99:C0:81:8D:F0:14:FF:60:E2:4C
X509v3 Authority Key Identifier:
keyid:C7:91:12:C7:C5:AC:36:58:32:21:D1:F9:46:75:19:6C:21:36:EA:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6BB9/6BDEAA7E390C11EBB2181D63C4F9AE02/x5ESx8WsNlgyIdH5RnUZbCE26r4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x5ESx8WsNlgyIdH5RnUZbCE26r4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6BB9/6BDEAA7E390C11EBB2181D63C4F9AE02/C12DAF948D6611EB9B803759C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.12.28.0/23
203.18.216.0/21
203.25.32.0/22
203.28.64.0/21
Signature Algorithm: sha256WithRSAEncryption
02:47:1c:e6:e1:af:68:13:9e:1e:45:e1:7c:b8:ba:91:a5:01:
91:41:07:b2:76:3f:18:1b:53:08:4c:bb:a1:07:7f:a9:3a:57:
3d:16:ed:ed:41:27:ea:48:9c:15:4b:d4:d3:9c:52:51:fa:2b:
65:2d:d2:9a:6e:b8:4d:79:b7:04:b2:29:9e:b9:0e:05:73:9f:
0c:f5:84:5d:5f:1d:86:fc:d3:9c:73:6d:a9:57:16:f7:7d:f8:
57:77:06:ad:a9:d1:8f:6e:9c:7c:85:ce:0b:f1:45:9b:07:d6:
df:7b:d2:7f:9c:d5:e6:18:57:a5:37:19:c3:75:33:d2:09:0c:
c9:42:d8:27:77:77:4d:a3:36:85:21:12:f7:1e:92:07:21:e2:
bc:20:c5:5f:e5:d3:38:62:d0:f5:78:e3:7c:4d:c0:cc:c7:f2:
36:d9:c4:5b:90:96:a3:70:f3:a4:90:31:a9:8e:74:d7:77:ed:
6f:00:ad:95:a9:85:0d:50:71:c7:f0:10:c3:84:af:9e:85:8d:
cb:9a:1f:93:f4:ef:88:c9:c0:81:8d:52:4c:97:5e:58:77:84:
cf:81:ff:0d:b6:87:f7:7a:a2:c1:6b:cf:e5:09:16:a1:2d:d2:
bb:6f:9c:02:ee:d8:ea:01:33:55:57:80:f5:e0:c8:bb:75:6a:
82:a0:26:d8
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAYEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzZCQjkxMTAvBgNVBAUTKEM3OTExMkM3QzVBQzM2NTgzMjIxRDFGOTQ2NzUxOTZD
MjEzNkVBQkUwHhcNMjEwNjE3MTIzMTU4WhcNMjIwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGNiNDBiZC0yNWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArjBEpOOSttHPwguODSjk8VGAuqhHjq7pkCrpMy+akc5Z0vPlF0RWrQzx83cK
G1P9hPf0P7QXNMljh/XDcvZa+VwXZ7ZmagQ+8rrBM3Dryae9ujAQUgjtZ+MLHQo3
oLVVA/U6WzTyRaeRZH9Gr48RTTub3jcBTzyAOp8Ks80kH2VF5wcavifMxfAqIkri
oQYpWFjjn0nAMNo+lnvsFdv5wohG1xl1CealKSHhYJJbSX22a+1z4Ifp1uS6nnk5
6DH415k22U1CE++XN7OGnm/VxtaRV2195Qak7+09DrwWNZqCGlYLuSK+Id+Dtn0R
lieG19sV/08HRsP0F/wfX9L9twIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFMDqwkq/
kHAJ6/KZwIGN8BT/YOJMMB8GA1UdIwQYMBaAFMeREsfFrDZYMiHR+UZ1GWwhNuq+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNkJCOS82QkRFQUE3RTM5
MEMxMUVCQjIxODFENjNDNEY5QUUwMi94NUVTeDhXc05sZ3lJZEg1Um5VWmJDRTI2
cjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3g1RVN4OFdzTmxneUlkSDVSblVaYkNFMjZyNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzZCQjkvNkJERUFBN0UzOTBDMTFFQkIyMTgxRDYzQzRGOUFFMDIvQzEyREFGOTQ4
RDY2MTFFQjlCODAzNzU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAHLDBwDBAPLEtgDBALLGSADBAPLHEAwDQYJKoZIhvcNAQEL
BQADggEBAAJHHObhr2gTnh5F4Xy4upGlAZFBB7J2PxgbUwhMu6EHf6k6Vz0W7e1B
J+pInBVL1NOcUlH6K2Ut0ppuuE15twSyKZ65DgVznwz1hF1fHYb805xzbalXFvd9
+Fd3Bq2p0Y9unHyFzgvxRZsH1t970n+c1eYYV6U3GcN1M9IJDMlC2Cd3d02jNoUh
Evcekgch4rwgxV/l0zhi0PV443xNwMzH8jbZxFuQlqNw86SQMamOdNd37W8ArZWp
hQ1QccfwEMOEr56FjcuaH5P074jJwIGNUkyXXlh3hM+B/w22h/d6osFrz+UJFqEt
0rtvnALu2OoBM1VXgPXgyLt1aoKgJtg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:07 2023 by rpki-client on console-fra.rpki-client.org