Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/15AD2D32ED6A11EDADECD67AC4F9AE02.roa
File: 15AD2D32ED6A11EDADECD67AC4F9AE02.roa (raw, json)
Hash identifier: XdfIzf9FDTvvGOGg3pZKB9oscSFTPi/8JwbTQQhc3tU=
Subject key identifier: 85:8A:9D:D4:EF:77:77:1E:1A:30:CC:0F:AD:6F:76:01:AE:18:A7:74
Certificate issuer: /CN=A91CA496/serialNumber=A03969BAFFD67AAB75D493837FA1C7C69FFB2717
Certificate serial: 28FF
Authority key identifier: A0:39:69:BA:FF:D6:7A:AB:75:D4:93:83:7F:A1:C7:C6:9F:FB:27:17
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oDlpuv_Weqt11JODf6HHxp_7Jxc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/15AD2D32ED6A11EDADECD67AC4F9AE02.roa
Signing time: Mon 12 Jun 2023 09:32:57 +0000
ROA not before: Mon 12 Jun 2023 09:32:57 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 40065
IP address blocks: 183.90.184.0/24 maxlen: 24
183.90.185.0/24 maxlen: 24
183.90.186.0/24 maxlen: 24
183.90.188.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10495 (0x28ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CA496/serialNumber=A03969BAFFD67AAB75D493837FA1C7C69FFB2717
Validity
Not Before: Jun 12 09:32:57 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=6486e649-d049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bf:de:10:49:cb:74:31:8d:f5:7a:eb:31:05:
23:8b:80:2a:00:fe:28:35:ac:60:a8:93:3b:c2:d8:
73:5e:14:ec:51:74:53:73:7f:89:fc:9e:0d:a2:42:
b9:58:05:a0:50:89:cc:c0:d0:60:23:e2:a4:1d:46:
4a:ab:ce:f5:29:13:7e:c0:1c:4e:0e:0f:c9:5a:03:
66:3b:a8:93:d3:ab:99:f0:9a:5f:5d:8a:b6:ab:d5:
7d:64:56:c4:e7:a2:36:53:3e:17:d2:80:72:98:2c:
1a:fc:8c:63:57:6b:9e:c5:54:28:66:31:78:d7:cc:
ce:74:31:d5:c5:d7:fa:7f:29:1b:06:a7:7c:68:d3:
3e:f1:7f:b3:de:c1:06:53:3b:0d:52:97:51:4d:11:
a8:15:0e:a8:63:a5:7e:2b:b0:c7:fb:8c:a4:52:f4:
3d:5b:24:63:0c:4c:0a:77:d8:ed:51:f9:e6:97:a9:
2c:22:2e:dc:d5:57:47:33:53:33:71:1a:e4:0e:bf:
59:07:62:8f:97:1d:47:10:7a:0d:b9:0a:78:c5:f8:
dc:11:08:58:e3:c5:00:d2:72:33:b0:c6:c4:a6:c6:
ec:b5:aa:6d:4c:90:bc:f6:d5:70:79:0d:db:89:ab:
97:86:98:9a:ba:4a:dd:66:39:25:63:79:fa:27:23:
56:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:8A:9D:D4:EF:77:77:1E:1A:30:CC:0F:AD:6F:76:01:AE:18:A7:74
X509v3 Authority Key Identifier:
keyid:A0:39:69:BA:FF:D6:7A:AB:75:D4:93:83:7F:A1:C7:C6:9F:FB:27:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/oDlpuv_Weqt11JODf6HHxp_7Jxc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oDlpuv_Weqt11JODf6HHxp_7Jxc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/15AD2D32ED6A11EDADECD67AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
183.90.184.0-183.90.186.255
183.90.188.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:90:1f:8e:1e:d7:cc:2f:79:97:f7:de:5b:12:15:2b:7a:e1:
76:41:3f:ba:5d:fb:d5:08:90:85:9c:05:c1:ca:d0:a1:6a:c9:
af:18:6b:e4:eb:3c:f9:b0:f4:0a:e7:1b:1b:a3:6f:7c:6d:f5:
05:e4:41:2a:f5:d3:c5:40:9e:44:5e:f7:ab:52:3a:a3:57:7c:
a8:ee:a1:04:5d:79:85:31:c8:a6:e4:78:50:31:45:45:c2:51:
1e:8f:84:2b:dc:75:0e:a1:13:14:c1:1f:22:3a:27:39:65:2e:
0e:8b:0c:13:99:dd:3a:ed:e3:56:c4:c7:74:6a:df:07:82:94:
ac:f5:9e:51:42:8c:14:79:fc:f0:c4:b0:fb:b4:e9:8e:e8:dc:
6a:f5:10:0f:55:d1:8d:94:83:bf:05:3c:55:bd:30:d2:3e:03:
25:48:20:d0:1f:dc:1d:da:5f:6d:70:4d:d8:87:92:77:d5:65:
8c:d8:f9:36:08:ed:32:60:dd:5d:51:a0:a3:7c:10:d0:99:9a:
9a:67:9c:f9:55:5a:96:01:4e:a2:5b:f9:62:4e:12:d8:ce:be:
e2:00:b1:5e:75:bb:bd:39:b9:aa:3e:68:0e:8f:46:90:2b:56:
e3:49:e5:91:a3:67:3e:18:0f:23:ce:9e:41:e0:13:cb:5a:38:
b9:a5:54:d3
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICKP8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0E0OTYxMTAvBgNVBAUTKEEwMzk2OUJBRkZENjdBQUI3NUQ0OTM4MzdGQTFDN0M2
OUZGQjI3MTcwHhcNMjMwNjEyMDkzMjU3WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDg2ZTY0OS1kMDQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvb/eEEnLdDGN9XrrMQUji4AqAP4oNaxgqJM7wthzXhTsUXRTc3+J/J4NokK5
WAWgUInMwNBgI+KkHUZKq871KRN+wBxODg/JWgNmO6iT06uZ8JpfXYq2q9V9ZFbE
56I2Uz4X0oBymCwa/IxjV2uexVQoZjF418zOdDHVxdf6fykbBqd8aNM+8X+z3sEG
UzsNUpdRTRGoFQ6oY6V+K7DH+4ykUvQ9WyRjDEwKd9jtUfnml6ksIi7c1VdHM1Mz
cRrkDr9ZB2KPlx1HEHoNuQp4xfjcEQhY48UA0nIzsMbEpsbstaptTJC89tVweQ3b
iauXhpiaukrdZjklY3n6JyNWXwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFIWKndTv
d3ceGjDMD61vdgGuGKd0MB8GA1UdIwQYMBaAFKA5abr/1nqrddSTg3+hx8af+ycX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQTQ5Ni9GQjEyQTI3ODND
MEYxMUU0Qjc4OEZGNEFDNEY5QUUwMi9vRGxwdXZfV2VxdDExSk9EZjZISHhwXzdK
eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29EbHB1dl9XZXF0MTFKT0RmNkhIeHBfN0p4Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0E0OTYvRkIxMkEyNzgzQzBGMTFFNEI3ODhGRjRBQzRGOUFFMDIvMTVBRDJEMzJF
RDZBMTFFREFERUNENjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEA7dauAMEALdaugMEALdavDANBgkqhkiG9w0BAQsFAAOC
AQEAv5Afjh7XzC95l/feWxIVK3rhdkE/ul371QiQhZwFwcrQoWrJrxhr5Os8+bD0
CucbG6NvfG31BeRBKvXTxUCeRF73q1I6o1d8qO6hBF15hTHIpuR4UDFFRcJRHo+E
K9x1DqETFMEfIjonOWUuDosME5ndOu3jVsTHdGrfB4KUrPWeUUKMFHn88MSw+7Tp
jujcavUQD1XRjZSDvwU8Vb0w0j4DJUgg0B/cHdpfbXBN2IeSd9VljNj5NgjtMmDd
XVGgo3wQ0Jmammec+VValgFOolv5Yk4S2M6+4gCxXnW7vTm5qj5oDo9GkCtW40nl
kaNnPhgPI86eQeATy1o4uaVU0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:26 2024 by rpki-client on console-ams.rpki-client.org