Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7D3C/A043F856092311EA8D8C2F6CC4F9AE02/6CD71A36E09D11EB8CE28858C4F9AE02.roa
File: 6CD71A36E09D11EB8CE28858C4F9AE02.roa (raw, json)
Hash identifier: wNHJFBnJzRNIw0hPW7MnHEWbdyNx44sH29gUIn+FsKQ=
Subject key identifier: 8A:79:40:9C:23:D1:02:43:F0:0E:C0:41:8D:1C:F6:C1:7B:C0:60:D5
Certificate issuer: /CN=A91C7D3C/serialNumber=FFADB56806FB93B16C5EC32B81E56E99DCC3C9A3
Certificate serial: 06CE
Authority key identifier: FF:AD:B5:68:06:FB:93:B1:6C:5E:C3:2B:81:E5:6E:99:DC:C3:C9:A3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_621aAb7k7FsXsMrgeVumdzDyaM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7D3C/A043F856092311EA8D8C2F6CC4F9AE02/6CD71A36E09D11EB8CE28858C4F9AE02.roa
Signing time: Fri 09 Jul 2021 10:07:11 +0000
ROA not before: Fri 09 Jul 2021 10:07:11 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 136461
IP address blocks: 116.204.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1742 (0x6ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7D3C/serialNumber=FFADB56806FB93B16C5EC32B81E56E99DCC3C9A3
Validity
Not Before: Jul 9 10:07:11 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=60e81fce-7264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:4a:ac:6c:ca:45:9a:61:3e:6a:1a:68:ac:91:
e1:4d:84:7a:15:3c:6a:0c:38:a2:08:3b:38:5b:e1:
a7:83:57:41:ac:ba:cb:20:c6:f9:df:d3:e5:1f:ad:
5b:1e:1d:41:79:92:a5:0a:a8:91:9b:77:ec:c4:9f:
f7:2c:e6:0d:9e:5e:3b:92:fe:d1:ca:8e:f2:42:61:
97:3d:62:80:47:7e:a1:61:b3:06:6e:f8:08:26:0f:
d6:16:a9:d5:07:c2:c2:a9:dd:62:e0:2b:35:70:5f:
a5:4b:11:f7:27:cd:f5:b6:d8:05:0a:34:79:29:59:
e8:37:81:01:a2:aa:ad:5e:bd:e1:ba:3c:9e:eb:79:
fe:44:ca:80:d1:dd:67:1c:3c:99:18:b3:71:ff:94:
33:2a:2a:a1:94:4c:71:ff:3d:13:0a:ac:7c:bb:2c:
71:5e:5e:0f:54:7d:a8:37:50:b7:1b:4e:3c:5e:3e:
a1:8e:76:10:ac:df:35:05:6c:8d:42:5d:45:84:32:
ac:23:49:cf:be:aa:cb:fb:04:d1:d8:2e:fb:de:35:
e9:d8:16:e7:67:70:43:4c:a7:13:4b:bc:81:32:e6:
b9:99:d2:a6:f0:43:65:82:d3:80:5f:7e:13:b0:e9:
5b:c4:7f:14:6a:ff:3c:dd:28:6a:c8:bf:d3:d8:9c:
1c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:79:40:9C:23:D1:02:43:F0:0E:C0:41:8D:1C:F6:C1:7B:C0:60:D5
X509v3 Authority Key Identifier:
keyid:FF:AD:B5:68:06:FB:93:B1:6C:5E:C3:2B:81:E5:6E:99:DC:C3:C9:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7D3C/A043F856092311EA8D8C2F6CC4F9AE02/_621aAb7k7FsXsMrgeVumdzDyaM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_621aAb7k7FsXsMrgeVumdzDyaM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7D3C/A043F856092311EA8D8C2F6CC4F9AE02/6CD71A36E09D11EB8CE28858C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.204.255.0/24
Signature Algorithm: sha256WithRSAEncryption
17:f6:5b:0c:d2:c1:e0:c7:7a:bf:8c:51:03:c2:7f:9c:22:3c:
17:e1:13:72:f8:4a:81:6f:25:20:83:3c:da:16:2d:bb:29:e3:
21:be:21:92:aa:ad:6d:d7:3b:0e:17:35:77:3d:be:2a:ae:ed:
8a:7e:34:d1:27:9d:19:aa:d2:9c:cb:4c:68:4d:e2:11:68:31:
3d:69:c1:2e:1d:9f:c6:a2:81:00:e1:bd:0a:1f:03:f2:d6:65:
ed:43:98:7b:48:dc:1f:43:cd:bc:55:cb:0d:84:ff:54:89:51:
13:da:5d:26:28:e6:90:3e:e6:a0:4a:d3:43:6a:dd:ca:9b:4c:
bb:e6:0c:8f:c8:e6:7a:a6:8b:5c:f6:80:cc:b8:c0:c8:ce:7f:
77:15:02:8b:fb:55:a7:cb:46:83:12:04:31:21:3a:54:d4:3a:
90:1a:33:9d:11:33:89:38:f0:e1:16:72:12:29:1d:ba:7b:a4:
3b:06:16:a4:32:0e:10:07:f0:0d:55:1e:45:a5:bd:3e:1f:c3:
dc:a8:e9:98:f1:d9:15:dd:2c:55:35:2e:a4:66:3e:5d:2e:6e:
23:73:5d:2a:c0:82:7b:25:39:18:e8:03:52:5f:1c:46:05:22:
18:ef:4d:07:95:8f:9f:57:0b:fc:bb:10:98:59:27:22:46:3f:
44:88:62:5e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBs4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzdEM0MxMTAvBgNVBAUTKEZGQURCNTY4MDZGQjkzQjE2QzVFQzMyQjgxRTU2RTk5
RENDM0M5QTMwHhcNMjEwNzA5MTAwNzExWhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGU4MWZjZS03MjY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1kqsbMpFmmE+ahporJHhTYR6FTxqDDiiCDs4W+Gng1dBrLrLIMb539PlH61b
Hh1BeZKlCqiRm3fsxJ/3LOYNnl47kv7Ryo7yQmGXPWKAR36hYbMGbvgIJg/WFqnV
B8LCqd1i4Cs1cF+lSxH3J831ttgFCjR5KVnoN4EBoqqtXr3hujye63n+RMqA0d1n
HDyZGLNx/5QzKiqhlExx/z0TCqx8uyxxXl4PVH2oN1C3G048Xj6hjnYQrN81BWyN
Ql1FhDKsI0nPvqrL+wTR2C773jXp2BbnZ3BDTKcTS7yBMua5mdKm8ENlgtOAX34T
sOlbxH8Uav883ShqyL/T2Jwc6wIDAQABo4IClTCCApEwHQYDVR0OBBYEFIp5QJwj
0QJD8A7AQY0c9sF7wGDVMB8GA1UdIwQYMBaAFP+ttWgG+5OxbF7DK4Hlbpncw8mj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDN0QzQy9BMDQzRjg1NjA5
MjMxMUVBOEQ4QzJGNkNDNEY5QUUwMi9fNjIxYUFiN2s3RnNYc01yZ2VWdW1kekR5
YU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL182MjFhQWI3azdGc1hzTXJnZVZ1bWR6RHlhTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzdEM0MvQTA0M0Y4NTYwOTIzMTFFQThEOEMyRjZDQzRGOUFFMDIvNkNENzFBMzZF
MDlEMTFFQjhDRTI4ODU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB0zP8wDQYJKoZIhvcNAQELBQADggEBABf2WwzSweDHer+M
UQPCf5wiPBfhE3L4SoFvJSCDPNoWLbsp4yG+IZKqrW3XOw4XNXc9viqu7Yp+NNEn
nRmq0pzLTGhN4hFoMT1pwS4dn8aigQDhvQofA/LWZe1DmHtI3B9DzbxVyw2E/1SJ
URPaXSYo5pA+5qBK00Nq3cqbTLvmDI/I5nqmi1z2gMy4wMjOf3cVAov7VafLRoMS
BDEhOlTUOpAaM50RM4k48OEWchIpHbp7pDsGFqQyDhAH8A1VHkWlvT4fw9yo6Zjx
2RXdLFU1LqRmPl0ubiNzXSrAgnslORjoA1JfHEYFIhjvTQeVj59XC/y7EJhZJyJG
P0SIYl4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:05 2023 by rpki-client on console-ams.rpki-client.org