Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/026AF4E6566711EE90FD2747C4F9AE02.roa
File: 026AF4E6566711EE90FD2747C4F9AE02.roa (raw, json)
Hash identifier: H2Z0MS5nscrc1JYJpXVPDpxadPXQrf/53j4J8yBjomc=
Subject key identifier: 9F:F2:D6:CF:95:82:D4:B6:C7:E2:91:10:CB:D7:A4:42:77:78:3B:21
Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial: 070A
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/026AF4E6566711EE90FD2747C4F9AE02.roa
Signing time: Wed 31 Jan 2024 00:12:34 +0000
ROA not before: Wed 31 Jan 2024 00:12:34 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 56913
IP address blocks: 203.147.236.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1802 (0x70a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB7AB
Validity
Not Before: Jan 31 00:12:34 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65b99072-e6b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ef:18:d3:b7:ef:68:89:80:e1:d9:cc:80:57:
ec:8c:ae:24:c4:c8:ff:d0:eb:0f:92:84:86:f4:50:
16:29:1d:2e:36:9b:9a:d1:45:40:c5:f2:17:c0:23:
b3:15:70:55:66:3a:a0:78:79:70:b3:4d:8d:a9:25:
ac:b8:8a:3c:da:cb:86:49:fa:a4:c9:3e:7b:31:c3:
4f:d7:a0:d4:25:3d:51:93:80:b5:be:64:dc:51:33:
2d:90:16:e9:68:9b:f9:ac:32:2e:4f:8c:35:87:6f:
35:fa:bf:ef:24:94:88:ba:92:02:3b:76:75:10:61:
65:93:a8:9b:b8:83:cb:4a:35:bc:c6:64:c1:75:a0:
35:40:33:ef:73:c2:58:13:f9:64:86:70:23:a0:a5:
68:0e:ab:6f:b7:54:69:0f:aa:d6:cf:13:df:d3:60:
ae:c0:bb:95:aa:6c:06:07:8c:f9:88:9f:1c:fe:ed:
5e:2f:20:98:38:14:36:96:23:dd:97:dc:8c:07:17:
c7:6f:83:42:ff:c3:2a:d1:1c:b8:ba:23:e9:1e:af:
7d:8f:2c:cf:1c:64:46:a5:38:9b:e7:6e:4f:e0:c0:
a4:4b:0a:74:4d:d6:61:d6:0e:3d:03:38:d8:5e:b0:
74:d5:45:ab:77:21:07:aa:75:f9:7a:b0:09:48:a7:
b5:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:F2:D6:CF:95:82:D4:B6:C7:E2:91:10:CB:D7:A4:42:77:78:3B:21
X509v3 Authority Key Identifier:
keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/026AF4E6566711EE90FD2747C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.147.236.0/23
Signature Algorithm: sha256WithRSAEncryption
14:05:bb:de:fa:26:0b:05:37:6f:3d:92:3c:e5:b5:f3:27:0b:
75:bc:a7:09:fc:b1:38:63:38:aa:01:50:a4:64:1c:03:3d:9e:
64:5e:a0:75:a8:14:c3:8e:74:18:7c:d1:f1:41:48:1b:61:d0:
97:15:fb:57:5e:67:37:a3:85:c0:79:89:8f:a9:80:71:e2:c3:
4b:4b:f7:17:f3:85:d1:c2:a5:54:e1:c3:66:42:b3:75:df:7b:
16:24:be:04:23:7b:67:54:cd:b9:5c:0f:e9:14:a9:55:72:6e:
3c:9c:2a:a4:0b:cd:0f:99:32:6b:3a:96:97:9b:96:18:15:4c:
96:dc:68:6f:84:40:f7:82:ec:12:3d:59:ce:f4:4b:4d:15:ec:
1d:5b:2b:d1:27:0b:7e:e1:1f:f0:9f:1d:35:7f:3e:7c:db:75:
41:e6:24:fa:9f:e0:f1:9c:9b:eb:5b:ff:17:35:10:8b:dc:fe:
e8:3a:89:2a:92:2c:0a:7a:06:51:b0:a0:2e:1d:6a:17:6b:e2:
b5:7c:48:a0:a1:74:17:4c:27:8f:5d:0e:d3:1f:44:0d:40:57:
e4:94:d1:df:2a:a7:75:73:4b:7b:18:83:da:68:45:8f:d2:bf:
11:ec:bd:92:ae:d3:c5:c1:51:8f:e3:2b:ad:80:12:03:d7:93:
2f:c0:12:5b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBwowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjQwMTMxMDAxMjM0WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI5OTA3Mi1lNmIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1+8Y07fvaImA4dnMgFfsjK4kxMj/0OsPkoSG9FAWKR0uNpua0UVAxfIXwCOz
FXBVZjqgeHlws02NqSWsuIo82suGSfqkyT57McNP16DUJT1Rk4C1vmTcUTMtkBbp
aJv5rDIuT4w1h281+r/vJJSIupICO3Z1EGFlk6ibuIPLSjW8xmTBdaA1QDPvc8JY
E/lkhnAjoKVoDqtvt1RpD6rWzxPf02CuwLuVqmwGB4z5iJ8c/u1eLyCYOBQ2liPd
l9yMBxfHb4NC/8Mq0Ry4uiPpHq99jyzPHGRGpTib525P4MCkSwp0TdZh1g49AzjY
XrB01UWrdyEHqnX5erAJSKe1zQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJ/y1s+V
gtS2x+KREMvXpEJ3eDshMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvMDI2QUY0RTY1
NjY3MTFFRTkwRkQyNzQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHLk+wwDQYJKoZIhvcNAQELBQADggEBABQFu976JgsFN289
kjzltfMnC3W8pwn8sThjOKoBUKRkHAM9nmReoHWoFMOOdBh80fFBSBth0JcV+1de
ZzejhcB5iY+pgHHiw0tL9xfzhdHCpVThw2ZCs3XfexYkvgQje2dUzblcD+kUqVVy
bjycKqQLzQ+ZMms6lpeblhgVTJbcaG+EQPeC7BI9Wc70S00V7B1bK9EnC37hH/Cf
HTV/PnzbdUHmJPqf4PGcm+tb/xc1EIvc/ug6iSqSLAp6BlGwoC4dahdr4rV8SKCh
dBdMJ49dDtMfRA1AV+SU0d8qp3VzS3sYg9poRY/SvxHsvZKu08XBUY/jK62AEgPX
ky/AEls=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:13 2025 by rpki-client