Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/0E543C62EA2F11ED8418C53BC4F9AE02.roa
File: 0E543C62EA2F11ED8418C53BC4F9AE02.roa (raw, json)
Hash identifier: TRnUkkTshfPC6M3y1EGhWhwtMwefP5j45Hv9Q//hHf8=
Subject key identifier: 78:C1:9C:EA:9A:BC:0D:AE:77:4C:5F:D2:6F:5E:D6:DE:C1:91:66:35
Certificate issuer: /CN=A91CA496/serialNumber=A03969BAFFD67AAB75D493837FA1C7C69FFB2717
Certificate serial: 28E6
Authority key identifier: A0:39:69:BA:FF:D6:7A:AB:75:D4:93:83:7F:A1:C7:C6:9F:FB:27:17
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oDlpuv_Weqt11JODf6HHxp_7Jxc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/0E543C62EA2F11ED8418C53BC4F9AE02.roa
Signing time: Thu 04 May 2023 03:52:14 +0000
ROA not before: Thu 04 May 2023 03:52:14 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 40065
IP address blocks: 183.90.184.0/24 maxlen: 24
183.90.188.0/24 maxlen: 24
183.90.190.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10470 (0x28e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CA496/serialNumber=A03969BAFFD67AAB75D493837FA1C7C69FFB2717
Validity
Not Before: May 4 03:52:14 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=64532bee-6795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fc:9f:c2:3d:dd:ff:02:f3:0f:aa:c8:71:ab:
d8:3d:7b:92:4e:fb:19:c2:56:4c:25:a7:e1:b1:1f:
35:65:da:e2:2e:03:a3:d3:ac:68:9d:ce:15:d5:cb:
70:5c:69:4e:c7:76:37:36:19:89:75:98:f8:78:9e:
8e:ea:e1:28:d9:3f:7c:3a:0d:b7:eb:c3:3f:b7:20:
ca:0d:15:3f:a3:12:47:67:38:75:b4:19:20:08:73:
78:99:72:6c:8f:4c:b5:c7:dd:3f:21:9f:53:82:a2:
12:86:4b:34:f2:03:59:fc:24:5d:3d:fd:51:5e:9a:
c4:29:0e:bd:a3:5b:ea:c8:a3:ee:26:a2:85:8d:54:
cb:cf:67:e6:08:46:32:3e:08:de:01:fb:11:b0:cc:
78:cf:2f:39:58:72:6d:d0:49:af:93:bf:b2:15:4f:
0f:49:34:8c:32:56:7d:d7:a4:de:62:18:d3:20:34:
e6:b5:ed:42:c7:b9:10:39:ee:19:bf:e2:a8:9c:39:
6e:10:64:10:81:4f:39:bb:4f:ae:a8:3a:e6:d1:c5:
09:a8:e8:0b:dd:77:f0:0e:1c:03:d2:53:c2:99:4d:
f7:61:07:e2:85:cc:20:d8:2e:b8:6c:23:c2:dd:7e:
46:f7:36:61:cd:2f:62:d6:2b:54:45:68:c8:03:6f:
4e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:C1:9C:EA:9A:BC:0D:AE:77:4C:5F:D2:6F:5E:D6:DE:C1:91:66:35
X509v3 Authority Key Identifier:
keyid:A0:39:69:BA:FF:D6:7A:AB:75:D4:93:83:7F:A1:C7:C6:9F:FB:27:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/oDlpuv_Weqt11JODf6HHxp_7Jxc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oDlpuv_Weqt11JODf6HHxp_7Jxc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/0E543C62EA2F11ED8418C53BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
183.90.184.0/24
183.90.188.0/24
183.90.190.0/24
Signature Algorithm: sha256WithRSAEncryption
41:3c:58:15:7e:0d:69:7c:aa:4b:6c:54:cd:12:e0:1e:08:1e:
18:25:5e:bd:77:f9:8f:91:ca:13:56:30:8b:5f:cf:63:20:a4:
ca:22:16:eb:01:1f:5d:be:f4:8f:ac:e0:74:86:88:8d:1a:f9:
8c:76:78:11:68:22:76:48:38:ea:01:7c:50:a9:ca:be:17:5e:
12:cc:75:f2:93:32:e7:0b:7a:a2:6d:d9:66:a6:90:6d:f8:88:
55:02:94:f4:6d:27:d2:9c:a1:2f:79:04:ec:91:ee:45:34:5c:
58:65:0e:ad:21:a2:e1:7a:60:c8:72:30:4b:a1:23:9b:71:3a:
54:a5:2c:6a:30:03:ae:36:03:73:a5:ae:cf:77:75:f5:d1:be:
e6:6d:bc:e6:b7:d4:25:f1:32:fa:cb:8b:c6:be:42:59:36:fd:
a1:39:2f:ab:ba:8e:65:2a:a0:65:63:60:6b:ce:bf:43:e4:67:
ef:8e:b2:1d:8a:43:4d:33:42:47:ea:bf:16:f4:af:b2:32:a8:
0b:b2:37:3c:2e:9a:a8:b2:d9:be:77:9a:c1:19:ec:50:64:48:
fe:0f:11:c0:7d:86:b9:be:bf:72:ed:2b:3c:91:ae:a8:ab:50:
d7:70:72:84:f8:a6:45:6e:9a:18:cf:41:91:13:af:09:ce:ce:
49:72:6c:c3
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICKOYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0E0OTYxMTAvBgNVBAUTKEEwMzk2OUJBRkZENjdBQUI3NUQ0OTM4MzdGQTFDN0M2
OUZGQjI3MTcwHhcNMjMwNTA0MDM1MjE0WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDUzMmJlZS02Nzk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAofyfwj3d/wLzD6rIcavYPXuSTvsZwlZMJafhsR81ZdriLgOj06xonc4V1ctw
XGlOx3Y3NhmJdZj4eJ6O6uEo2T98Og2368M/tyDKDRU/oxJHZzh1tBkgCHN4mXJs
j0y1x90/IZ9TgqIShks08gNZ/CRdPf1RXprEKQ69o1vqyKPuJqKFjVTLz2fmCEYy
PgjeAfsRsMx4zy85WHJt0Emvk7+yFU8PSTSMMlZ916TeYhjTIDTmte1Cx7kQOe4Z
v+KonDluEGQQgU85u0+uqDrm0cUJqOgL3XfwDhwD0lPCmU33YQfihcwg2C64bCPC
3X5G9zZhzS9i1itURWjIA29OfQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFHjBnOqa
vA2ud0xf0m9e1t7BkWY1MB8GA1UdIwQYMBaAFKA5abr/1nqrddSTg3+hx8af+ycX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQTQ5Ni9GQjEyQTI3ODND
MEYxMUU0Qjc4OEZGNEFDNEY5QUUwMi9vRGxwdXZfV2VxdDExSk9EZjZISHhwXzdK
eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29EbHB1dl9XZXF0MTFKT0RmNkhIeHBfN0p4Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0E0OTYvRkIxMkEyNzgzQzBGMTFFNEI3ODhGRjRBQzRGOUFFMDIvMEU1NDNDNjJF
QTJGMTFFRDg0MThDNTNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAC3WrgDBAC3WrwDBAC3Wr4wDQYJKoZIhvcNAQELBQADggEB
AEE8WBV+DWl8qktsVM0S4B4IHhglXr13+Y+RyhNWMItfz2MgpMoiFusBH12+9I+s
4HSGiI0a+Yx2eBFoInZIOOoBfFCpyr4XXhLMdfKTMucLeqJt2WamkG34iFUClPRt
J9KcoS95BOyR7kU0XFhlDq0houF6YMhyMEuhI5txOlSlLGowA642A3Olrs93dfXR
vuZtvOa31CXxMvrLi8a+Qlk2/aE5L6u6jmUqoGVjYGvOv0PkZ++Osh2KQ00zQkfq
vxb0r7IyqAuyNzwumqiy2b53msEZ7FBkSP4PEcB9hrm+v3LtKzyRrqirUNdwcoT4
pkVumhjPQZETrwnOzklybMM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:26 2024 by rpki-client on console-ams.rpki-client.org