Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/261014D2A37311EDB7FB8273C4F9AE02.roa
File: 261014D2A37311EDB7FB8273C4F9AE02.roa (raw, json)
Hash identifier: Q+aqZ1CqC9BygBZaHzeu2fkVEvWIzf5aFa5lATOAXfA=
Subject key identifier: 3B:FF:3B:F2:D5:A1:CE:E6:AA:71:38:75:3D:1A:B5:6D:D7:A9:0E:F2
Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial: 0591
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/261014D2A37311EDB7FB8273C4F9AE02.roa
Signing time: Fri 03 Feb 2023 22:10:11 +0000
ROA not before: Fri 03 Feb 2023 22:10:11 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 834
IP address blocks: 202.139.240.0/20 maxlen: 20
202.148.128.0/20 maxlen: 20
202.148.144.0/20 maxlen: 20
203.147.128.0/21 maxlen: 21
203.147.136.0/21 maxlen: 21
203.147.144.0/21 maxlen: 21
203.147.152.0/21 maxlen: 21
203.147.160.0/20 maxlen: 20
203.147.176.0/20 maxlen: 20
203.147.192.0/20 maxlen: 20
203.147.208.0/20 maxlen: 20
203.147.224.0/20 maxlen: 20
203.147.240.0/20 maxlen: 20
210.247.224.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1425 (0x591)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB7AB
Validity
Not Before: Feb 3 22:10:11 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63dd8642-ca07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:9d:da:73:02:2b:3c:0b:a4:b8:79:19:a1:56:
53:fe:a7:69:a8:89:4c:50:df:70:bf:e4:e4:22:9e:
81:2e:02:32:b8:9b:47:7d:a2:ac:38:b8:84:e6:27:
5a:0d:85:ee:39:b1:3e:50:0d:42:98:09:81:d9:16:
81:35:52:f9:35:33:4d:6b:f1:4b:a6:b0:4a:87:b0:
1b:71:cf:80:0f:57:ee:e7:f5:2f:ce:ed:d9:09:74:
7b:34:cf:70:bc:64:ac:dd:6e:80:86:b2:e4:86:9b:
28:a1:a4:45:da:7e:68:7a:34:92:28:ce:5f:96:7a:
04:a8:8a:be:f6:fa:fe:2b:a7:76:bf:8f:08:4e:56:
bf:13:35:5f:f0:6d:fd:f4:6d:d6:34:65:93:74:a4:
c4:7b:9e:63:09:1c:1a:0e:1b:e0:8f:5d:ce:76:21:
b3:4c:19:5a:d0:9b:52:6b:17:df:dd:f5:ae:ea:e5:
01:d8:3d:77:08:7b:6b:5a:5a:4b:3a:ff:4e:2b:8c:
8f:fb:12:a1:81:8c:e8:27:94:8c:18:02:ce:54:92:
34:49:35:42:ac:20:82:df:23:c6:48:d5:62:8a:b3:
a5:c9:46:03:0f:9e:60:62:32:ca:98:92:11:7d:62:
9e:eb:7b:2e:4f:34:23:7c:4c:dc:b0:5e:71:a8:ed:
8c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FF:3B:F2:D5:A1:CE:E6:AA:71:38:75:3D:1A:B5:6D:D7:A9:0E:F2
X509v3 Authority Key Identifier:
keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/261014D2A37311EDB7FB8273C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.139.240.0/20
202.148.128.0/19
203.147.128.0/17
210.247.224.0/21
Signature Algorithm: sha256WithRSAEncryption
93:c9:93:97:39:39:84:4a:eb:98:2b:6a:65:69:05:44:da:95:
e4:e4:16:5a:86:a6:31:b8:d5:f5:40:43:6c:30:3b:e0:4c:58:
21:26:22:66:69:59:e6:b6:40:01:34:5e:7f:91:e0:5c:9f:ea:
47:08:10:7d:6f:58:03:ff:c4:4e:14:d3:3b:cd:40:30:01:69:
ed:e5:75:5b:d2:50:6f:52:0a:d3:83:9e:2d:b7:71:21:d7:74:
e7:12:64:64:bf:71:52:ff:d9:3d:71:0c:e2:87:c7:34:c5:2f:
d4:58:e6:5d:b0:51:0c:58:9c:d2:a7:e7:7b:7c:26:e5:b7:ce:
97:15:0e:10:53:18:e5:a5:8d:53:ae:3d:9b:c1:9c:68:03:4e:
da:4b:41:4f:ee:f0:67:27:12:0f:97:ab:29:34:af:99:13:b9:
b6:df:64:ec:1d:8e:58:26:5c:a0:0d:63:a7:ca:9f:16:da:86:
66:c5:26:1e:b2:a8:02:1a:e2:13:a8:c0:b5:0b:cc:0a:b7:d4:
3c:fd:e1:a6:41:8f:30:ec:a2:24:3f:06:85:8f:14:36:4f:4d:
b0:8b:4e:31:77:04:6b:d3:47:4e:c8:09:d8:d2:de:14:fd:a5:
52:51:8c:27:39:8c:46:c5:9d:a4:4d:4f:55:3e:59:9f:41:b7:
50:e7:57:d8
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBZEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjMwMjAzMjIxMDExWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2RkODY0Mi1jYTA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3J3acwIrPAukuHkZoVZT/qdpqIlMUN9wv+TkIp6BLgIyuJtHfaKsOLiE5ida
DYXuObE+UA1CmAmB2RaBNVL5NTNNa/FLprBKh7Abcc+AD1fu5/Uvzu3ZCXR7NM9w
vGSs3W6AhrLkhpsooaRF2n5oejSSKM5flnoEqIq+9vr+K6d2v48ITla/EzVf8G39
9G3WNGWTdKTEe55jCRwaDhvgj13OdiGzTBla0JtSaxff3fWu6uUB2D13CHtrWlpL
Ov9OK4yP+xKhgYzoJ5SMGALOVJI0STVCrCCC3yPGSNViirOlyUYDD55gYjLKmJIR
fWKe63suTzQjfEzcsF5xqO2MPQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFDv/O/LV
oc7mqnE4dT0atW3XqQ7yMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvMjYxMDE0RDJB
MzczMTFFREI3RkI4MjczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBATKi/ADBAXKlIADBAfLk4ADBAPS9+AwDQYJKoZIhvcNAQEL
BQADggEBAJPJk5c5OYRK65gramVpBUTaleTkFlqGpjG41fVAQ2wwO+BMWCEmImZp
Wea2QAE0Xn+R4Fyf6kcIEH1vWAP/xE4U0zvNQDABae3ldVvSUG9SCtODni23cSHX
dOcSZGS/cVL/2T1xDOKHxzTFL9RY5l2wUQxYnNKn53t8JuW3zpcVDhBTGOWljVOu
PZvBnGgDTtpLQU/u8GcnEg+Xqyk0r5kTubbfZOwdjlgmXKANY6fKnxbahmbFJh6y
qAIa4hOowLULzAq31Dz94aZBjzDsoiQ/BoWPFDZPTbCLTjF3BGvTR07ICdjS3hT9
pVJRjCc5jEbFnaRNT1U+WZ9Bt1DnV9g=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:10 2025 by rpki-client