Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9D2A/5525F5E03DC111EAAF98CB35C4F9AE02/B2C0FE52B37511ED87DE486DC4F9AE02.roa
File: B2C0FE52B37511ED87DE486DC4F9AE02.roa (raw, json)
Hash identifier: vVKSDSjU1nILOE5N1WMHe3b54BNQ+Jol5hnl5eZqe3c=
Subject key identifier: 7B:A2:BD:7A:C0:D1:3D:F1:84:31:43:61:4A:32:C1:36:97:62:C9:01
Certificate issuer: /CN=A91C9D2A/serialNumber=C99EF20F9F0B0077C70D5D7300E0BBFD8721EFFF
Certificate serial: 09D1
Authority key identifier: C9:9E:F2:0F:9F:0B:00:77:C7:0D:5D:73:00:E0:BB:FD:87:21:EF:FF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZ7yD58LAHfHDV1zAOC7_Ych7_8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C9D2A/5525F5E03DC111EAAF98CB35C4F9AE02/B2C0FE52B37511ED87DE486DC4F9AE02.roa
Signing time: Thu 08 Jun 2023 21:31:58 +0000
ROA not before: Thu 08 Jun 2023 21:31:58 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 134526
IP address blocks: 150.242.39.0/24 maxlen: 24
2403:6dc0::/40 maxlen: 40
2403:6dc0:8000::/36 maxlen: 36
2403:6dc0:8000::/48 maxlen: 48
2403:6dc0:8001::/48 maxlen: 48
2403:6dc0:8400::/39 maxlen: 40
2403:6dc0:8600::/39 maxlen: 40
2403:6dc0:8800::/37 maxlen: 40
2403:6dc0:f000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2513 (0x9d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C9D2A/serialNumber=C99EF20F9F0B0077C70D5D7300E0BBFD8721EFFF
Validity
Not Before: Jun 8 21:31:58 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=648248ce-f860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:85:91:e2:ff:fe:85:71:0d:fd:87:9a:49:e4:
21:1d:70:f0:26:54:89:f0:78:49:50:fd:80:96:ac:
af:78:c6:6a:a6:83:45:2e:b3:f6:87:35:36:32:93:
45:56:17:39:f6:13:14:31:55:a4:44:18:a6:48:92:
71:03:42:11:c2:a0:83:82:da:a0:dc:9f:2e:ff:fa:
57:02:3e:d0:bf:a8:bf:25:c0:e2:d0:aa:4d:09:21:
54:a2:00:28:12:c1:ee:10:ec:59:25:80:d9:fd:66:
e3:81:03:0b:75:ca:2c:1a:a7:3d:37:09:90:a0:1d:
78:f8:67:9f:47:6b:02:69:f4:15:9f:9f:f4:00:6d:
7a:87:13:23:7f:3f:07:71:d2:7a:2a:2f:b4:a3:6c:
44:7d:d0:44:bd:06:17:70:f2:20:63:7f:e1:36:e8:
0b:57:3f:06:17:c2:0d:fc:59:a5:15:06:8a:c2:c6:
29:e1:59:d9:3b:4c:b9:18:31:35:3c:ee:a1:dc:98:
de:21:61:70:fe:ae:f8:43:1b:bb:cb:6b:d9:9a:27:
a2:3c:1b:23:10:5f:b5:62:2c:6a:f6:33:8d:4c:cc:
06:7d:f4:a1:82:ae:45:f6:56:4e:de:38:15:7e:6e:
24:ff:91:df:0a:e1:d1:4e:0d:f6:f3:5e:87:7f:5c:
a2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:A2:BD:7A:C0:D1:3D:F1:84:31:43:61:4A:32:C1:36:97:62:C9:01
X509v3 Authority Key Identifier:
keyid:C9:9E:F2:0F:9F:0B:00:77:C7:0D:5D:73:00:E0:BB:FD:87:21:EF:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C9D2A/5525F5E03DC111EAAF98CB35C4F9AE02/yZ7yD58LAHfHDV1zAOC7_Ych7_8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZ7yD58LAHfHDV1zAOC7_Ych7_8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9D2A/5525F5E03DC111EAAF98CB35C4F9AE02/B2C0FE52B37511ED87DE486DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
150.242.39.0/24
IPv6:
2403:6dc0::/40
2403:6dc0:8000::/36
2403:6dc0:f000::/36
Signature Algorithm: sha256WithRSAEncryption
54:38:f3:2e:bf:3d:81:40:c5:1a:14:e1:d6:ce:b3:af:83:ac:
2c:ef:3c:80:80:9e:bf:9a:f3:0f:69:06:86:cd:44:89:0f:d2:
e0:84:8d:f1:eb:fe:dc:66:ce:6d:fd:b3:46:15:3d:24:5a:af:
71:59:df:fc:cf:8e:69:f5:e4:b7:68:28:46:65:61:95:80:25:
e2:06:ca:14:10:26:7d:ee:ee:64:45:42:59:64:14:8f:88:06:
17:06:e8:c4:8f:8c:4c:f9:c6:39:f2:54:52:21:eb:1d:a7:2e:
ae:6a:07:4f:43:35:02:ef:fe:a3:0b:e2:e0:04:e2:a6:a3:28:
79:0c:c1:9f:48:bd:aa:73:a6:a5:6e:28:19:29:52:5d:02:68:
ef:03:1e:56:11:57:14:f1:10:e5:08:31:71:79:81:49:24:5e:
36:9b:25:05:2b:29:4f:79:02:c6:aa:e7:40:5a:a2:8e:dc:f8:
e2:0e:11:41:1e:b7:22:38:4d:82:3d:3a:e3:39:23:a3:fb:b8:
cb:b0:46:a6:fe:26:c1:81:32:8d:02:9f:09:bc:e3:f0:8e:03:
f0:a5:9e:9e:ea:7b:16:0c:71:40:4c:17:88:0c:f3:4e:6e:a9:
38:ca:60:bc:e5:3f:e3:37:95:e3:b6:2c:fb:b4:01:39:e0:b4:
5d:5c:07:e9
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICCdEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzlEMkExMTAvBgNVBAUTKEM5OUVGMjBGOUYwQjAwNzdDNzBENUQ3MzAwRTBCQkZE
ODcyMUVGRkYwHhcNMjMwNjA4MjEzMTU4WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgyNDhjZS1mODYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwIWR4v/+hXEN/YeaSeQhHXDwJlSJ8HhJUP2AlqyveMZqpoNFLrP2hzU2MpNF
Vhc59hMUMVWkRBimSJJxA0IRwqCDgtqg3J8u//pXAj7Qv6i/JcDi0KpNCSFUogAo
EsHuEOxZJYDZ/WbjgQMLdcosGqc9NwmQoB14+GefR2sCafQVn5/0AG16hxMjfz8H
cdJ6Ki+0o2xEfdBEvQYXcPIgY3/hNugLVz8GF8IN/FmlFQaKwsYp4VnZO0y5GDE1
PO6h3JjeIWFw/q74Qxu7y2vZmieiPBsjEF+1Yixq9jONTMwGffShgq5F9lZO3jgV
fm4k/5HfCuHRTg32816Hf1yiwwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFHuivXrA
0T3xhDFDYUoywTaXYskBMB8GA1UdIwQYMBaAFMme8g+fCwB3xw1dcwDgu/2HIe//
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUQyQS81NTI1RjVFMDNE
QzExMUVBQUY5OENCMzVDNEY5QUUwMi95Wjd5RDU4TEFIZkhEVjF6QU9DN19ZY2g3
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3laN3lENThMQUhmSERWMXpBT0M3X1ljaDdfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzlEMkEvNTUyNUY1RTAzREMxMTFFQUFGOThDQjM1QzRGOUFFMDIvQjJDMEZFNTJC
Mzc1MTFFRDg3REU0ODZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMAwEAgABMAYDBACW8icwHgQCAAIwGAMGACQDbcAAAwYEJANtwIADBgQkA23A
8DANBgkqhkiG9w0BAQsFAAOCAQEAVDjzLr89gUDFGhTh1s6zr4OsLO88gICev5rz
D2kGhs1EiQ/S4ISN8ev+3GbObf2zRhU9JFqvcVnf/M+OafXkt2goRmVhlYAl4gbK
FBAmfe7uZEVCWWQUj4gGFwboxI+MTPnGOfJUUiHrHacurmoHT0M1Au/+owvi4ATi
pqMoeQzBn0i9qnOmpW4oGSlSXQJo7wMeVhFXFPEQ5QgxcXmBSSReNpslBSspT3kC
xqrnQFqijtz44g4RQR63IjhNgj064zkjo/u4y7BGpv4mwYEyjQKfCbzj8I4D8KWe
nup7FgxxQEwXiAzzTm6pOMpgvOU/4zeV47Ys+7QBOeC0XVwH6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:26 2024 by rpki-client on console-ams.rpki-client.org