Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/B1188470EA2611ED8A9F301CC4F9AE02.roa
File: B1188470EA2611ED8A9F301CC4F9AE02.roa (raw, json)
Hash identifier: LDxXTEZGjGn1hNY8YNEVo/M+Gf6pGaMviPPs7jDcQ+c=
Subject key identifier: 71:81:61:07:8B:AE:46:AB:2D:4D:C0:93:82:1C:99:A8:6D:1E:56:E4
Certificate issuer: /CN=A91CA496/serialNumber=A03969BAFFD67AAB75D493837FA1C7C69FFB2717
Certificate serial: 28E4
Authority key identifier: A0:39:69:BA:FF:D6:7A:AB:75:D4:93:83:7F:A1:C7:C6:9F:FB:27:17
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oDlpuv_Weqt11JODf6HHxp_7Jxc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/B1188470EA2611ED8A9F301CC4F9AE02.roa
Signing time: Thu 04 May 2023 02:52:22 +0000
ROA not before: Thu 04 May 2023 02:52:22 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 40065
IP address blocks: 183.90.184.0/24 maxlen: 24
183.90.186.0/24 maxlen: 24
183.90.188.0/24 maxlen: 24
183.90.190.0/24 maxlen: 24
183.90.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10468 (0x28e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CA496/serialNumber=A03969BAFFD67AAB75D493837FA1C7C69FFB2717
Validity
Not Before: May 4 02:52:22 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=64531de6-27ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3d:b5:6a:5a:78:87:16:7b:ac:33:d5:ca:ad:
85:54:c8:8c:17:bb:9d:f1:ea:14:b5:61:ea:ef:47:
5b:ba:d2:05:7f:c1:f9:ca:70:cf:59:c9:73:bc:99:
be:f0:88:0e:9a:04:e1:f6:4d:41:f3:c5:16:91:46:
a9:dc:ee:ef:e3:3a:5b:65:8f:8d:59:c3:02:79:bf:
59:e1:ad:59:f8:81:e4:ef:7b:77:02:67:e6:4f:87:
0c:c2:b0:1f:35:0c:e9:bc:92:c7:02:8b:b5:a6:ec:
00:50:80:82:be:31:69:51:ed:18:1a:94:5a:69:fa:
c4:79:f1:f4:52:90:be:cb:32:a2:3f:85:be:0d:1b:
6f:19:98:ff:38:d5:d7:43:cb:02:07:d5:3f:2a:df:
38:2c:39:05:29:49:e9:b2:f2:cb:f5:c0:11:54:3e:
ff:64:a9:6c:a3:3e:4a:6d:ec:46:f9:2d:9f:b2:33:
f7:f1:17:1d:a4:d8:dc:be:7b:a8:4b:65:11:fc:31:
33:80:54:1c:b3:7f:33:26:74:ae:94:45:01:b7:a5:
47:32:19:c0:71:ed:f1:60:b0:d8:6e:63:4c:77:69:
0e:b1:a4:09:cb:fd:4d:54:e8:2d:b7:5c:76:e0:02:
c6:88:b8:d7:0c:e7:6c:02:05:ba:42:f1:03:02:21:
e0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:81:61:07:8B:AE:46:AB:2D:4D:C0:93:82:1C:99:A8:6D:1E:56:E4
X509v3 Authority Key Identifier:
keyid:A0:39:69:BA:FF:D6:7A:AB:75:D4:93:83:7F:A1:C7:C6:9F:FB:27:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/oDlpuv_Weqt11JODf6HHxp_7Jxc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oDlpuv_Weqt11JODf6HHxp_7Jxc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/B1188470EA2611ED8A9F301CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
183.90.184.0/24
183.90.186.0/24
183.90.188.0/24
183.90.190.0/23
Signature Algorithm: sha256WithRSAEncryption
92:59:23:4f:cb:77:f2:43:ea:d3:19:48:68:b8:38:96:13:cd:
f6:c8:79:36:da:67:db:39:27:1d:60:74:35:a2:cb:1d:aa:f3:
af:fe:5b:cf:43:5d:3e:62:8c:71:f4:87:80:f3:1a:31:9b:0b:
ea:8e:54:6a:24:36:87:05:8e:f2:48:50:3f:75:44:55:32:80:
d9:96:37:c0:22:34:58:f1:00:ba:67:05:ca:81:04:59:a9:e2:
8e:f5:3e:41:ec:d0:30:f0:53:0a:4b:2e:7d:05:62:c6:2c:f6:
8d:29:07:f1:f9:5a:d5:0a:8d:9c:61:de:29:f5:fe:5f:ac:6d:
44:5f:f1:05:b8:38:3e:df:32:b5:a9:16:e0:33:01:0a:99:ff:
69:64:d7:0a:bc:e6:23:f3:6b:be:61:5e:ae:27:9c:7d:80:65:
9f:54:7d:d4:c6:24:fa:6e:27:da:19:08:89:4d:54:ac:56:87:
57:59:48:ac:60:a5:da:50:ba:c7:0e:e3:13:64:21:7d:a5:ed:
e8:45:d5:6c:c1:9d:ce:4c:e4:1c:04:2f:c4:eb:e4:f1:cb:5d:
db:44:e2:b3:62:24:8a:62:32:3d:df:1f:b1:73:df:b9:4c:aa:
90:1e:64:ca:d4:f6:5c:fa:fd:09:6b:f6:95:ec:3c:37:cb:29:
04:af:57:d2
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICKOQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0E0OTYxMTAvBgNVBAUTKEEwMzk2OUJBRkZENjdBQUI3NUQ0OTM4MzdGQTFDN0M2
OUZGQjI3MTcwHhcNMjMwNTA0MDI1MjIyWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDUzMWRlNi0yN2VlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtj21alp4hxZ7rDPVyq2FVMiMF7ud8eoUtWHq70dbutIFf8H5ynDPWclzvJm+
8IgOmgTh9k1B88UWkUap3O7v4zpbZY+NWcMCeb9Z4a1Z+IHk73t3AmfmT4cMwrAf
NQzpvJLHAou1puwAUICCvjFpUe0YGpRaafrEefH0UpC+yzKiP4W+DRtvGZj/ONXX
Q8sCB9U/Kt84LDkFKUnpsvLL9cARVD7/ZKlsoz5KbexG+S2fsjP38RcdpNjcvnuo
S2UR/DEzgFQcs38zJnSulEUBt6VHMhnAce3xYLDYbmNMd2kOsaQJy/1NVOgtt1x2
4ALGiLjXDOdsAgW6QvEDAiHgAQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFHGBYQeL
rkarLU3Ak4IcmahtHlbkMB8GA1UdIwQYMBaAFKA5abr/1nqrddSTg3+hx8af+ycX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQTQ5Ni9GQjEyQTI3ODND
MEYxMUU0Qjc4OEZGNEFDNEY5QUUwMi9vRGxwdXZfV2VxdDExSk9EZjZISHhwXzdK
eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29EbHB1dl9XZXF0MTFKT0RmNkhIeHBfN0p4Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0E0OTYvRkIxMkEyNzgzQzBGMTFFNEI3ODhGRjRBQzRGOUFFMDIvQjExODg0NzBF
QTI2MTFFRDhBOUYzMDFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAC3WrgDBAC3WroDBAC3WrwDBAG3Wr4wDQYJKoZIhvcNAQEL
BQADggEBAJJZI0/Ld/JD6tMZSGi4OJYTzfbIeTbaZ9s5Jx1gdDWiyx2q86/+W89D
XT5ijHH0h4DzGjGbC+qOVGokNocFjvJIUD91RFUygNmWN8AiNFjxALpnBcqBBFmp
4o71PkHs0DDwUwpLLn0FYsYs9o0pB/H5WtUKjZxh3in1/l+sbURf8QW4OD7fMrWp
FuAzAQqZ/2lk1wq85iPza75hXq4nnH2AZZ9UfdTGJPpuJ9oZCIlNVKxWh1dZSKxg
pdpQuscO4xNkIX2l7ehF1WzBnc5M5BwEL8Tr5PHLXdtE4rNiJIpiMj3fH7Fz37lM
qpAeZMrU9lz6/Qlr9pXsPDfLKQSvV9I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org