Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/77865396F43E11ED96448875C4F9AE02.roa
File: 77865396F43E11ED96448875C4F9AE02.roa (raw, json)
Hash identifier: LjcpY7N2IuU06AmrUx8akFLIt2lFFOfd4Jg50edhWVo=
Subject key identifier: 59:09:AE:8F:2A:58:75:E5:A0:46:E4:31:EE:E2:DE:A9:DA:F3:9F:3E
Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial: 0616
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/77865396F43E11ED96448875C4F9AE02.roa
Signing time: Tue 16 May 2023 23:07:45 +0000
ROA not before: Tue 16 May 2023 23:07:45 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 4826
IP address blocks: 202.139.224.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1558 (0x616)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB7AB
Validity
Not Before: May 16 23:07:45 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=64640cc1-dcc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:91:79:3d:d0:a0:37:7e:6c:1e:d1:88:93:be:
86:d7:16:61:ef:83:9c:d1:25:c6:f9:98:8e:ea:d3:
67:07:be:8d:e4:d9:0d:28:ff:b4:5b:78:48:d2:fa:
95:a4:92:79:69:9c:96:c3:26:ec:fa:eb:5c:83:d8:
a3:a1:f4:1a:31:b4:6c:c9:1b:97:6c:22:bb:fc:b7:
ae:8b:87:f9:11:f4:34:1f:1d:a0:23:1b:1b:8b:f2:
cd:96:3d:34:ec:3a:86:c2:0c:5e:4b:0e:48:37:48:
a2:ee:ff:cd:f0:75:9b:7c:b3:48:f4:64:06:ba:ee:
a7:5e:99:22:e7:d9:fd:f3:52:92:4f:eb:63:d6:b6:
e2:10:81:89:46:ae:47:01:bc:e5:e2:13:a7:81:7f:
6a:cd:52:4e:4d:cd:fb:c5:fc:3d:a0:ed:75:c2:dc:
24:57:9a:c0:98:ad:69:4a:4f:ed:35:15:3f:37:fc:
a7:64:68:9c:58:c0:3a:a3:ee:5a:bd:f6:6b:c8:7f:
f1:ee:af:4f:74:2d:31:d8:17:d9:d4:ff:4b:01:2a:
70:37:cd:66:7b:8d:60:d7:ca:99:73:3c:bb:4e:cc:
ea:28:67:08:d8:11:f1:7d:ad:9e:c4:76:ae:2c:11:
9d:f4:49:68:c3:bf:06:ce:15:80:f1:2d:df:21:e2:
8b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:09:AE:8F:2A:58:75:E5:A0:46:E4:31:EE:E2:DE:A9:DA:F3:9F:3E
X509v3 Authority Key Identifier:
keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/77865396F43E11ED96448875C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.139.224.0/22
Signature Algorithm: sha256WithRSAEncryption
14:18:27:fa:c6:a4:73:5c:d6:5a:aa:f7:84:81:ed:35:e1:57:
0c:49:99:5a:1f:2e:e3:40:92:8c:be:46:65:a1:94:ea:94:56:
cb:a7:da:0e:83:fe:4b:f3:90:87:63:5e:c5:6e:28:1a:47:de:
43:ce:63:69:c7:00:8b:23:3e:4b:f6:21:4d:7a:75:6c:e7:ba:
6c:1a:18:75:c2:08:eb:5f:23:1b:b8:e4:a1:60:d3:44:e6:9f:
1e:03:71:17:d6:82:7f:ca:cb:3e:2e:15:95:b7:82:85:47:82:
13:58:c4:67:14:68:c9:cd:40:97:2b:24:a0:83:d6:c1:f6:c4:
2a:ab:ee:14:a4:95:a6:ea:d8:ae:37:01:5b:26:ac:21:45:02:
b7:36:07:cc:76:58:b5:39:1f:43:fa:32:99:32:40:ae:81:9f:
45:15:c9:7f:e8:fc:bd:72:be:95:bf:2a:e5:ac:9d:38:a7:93:
59:48:ad:e7:c0:12:05:58:19:46:32:9c:21:dc:03:ab:c5:b2:
b3:a5:4e:62:97:ac:0c:2f:e7:6f:49:97:b4:ff:69:3c:cd:86:
ae:b3:76:d2:5f:f0:1e:75:30:d2:f5:cd:f7:ca:5b:53:00:ea:
46:0f:7d:fd:4f:66:ca:68:90:90:bd:9c:71:f3:0d:ed:f3:c8:
40:eb:86:e1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBhYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjMwNTE2MjMwNzQ1WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDY0MGNjMS1kY2M0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0ZF5PdCgN35sHtGIk76G1xZh74Oc0SXG+ZiO6tNnB76N5NkNKP+0W3hI0vqV
pJJ5aZyWwybs+utcg9ijofQaMbRsyRuXbCK7/Leui4f5EfQ0Hx2gIxsbi/LNlj00
7DqGwgxeSw5IN0ii7v/N8HWbfLNI9GQGuu6nXpki59n981KST+tj1rbiEIGJRq5H
Abzl4hOngX9qzVJOTc37xfw9oO11wtwkV5rAmK1pSk/tNRU/N/ynZGicWMA6o+5a
vfZryH/x7q9PdC0x2BfZ1P9LASpwN81me41g18qZczy7TszqKGcI2BHxfa2exHau
LBGd9Elow78GzhWA8S3fIeKLBQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFkJro8q
WHXloEbkMe7i3qna858+MB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvNzc4NjUzOTZG
NDNFMTFFRDk2NDQ4ODc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALKi+AwDQYJKoZIhvcNAQELBQADggEBABQYJ/rGpHNc1lqq
94SB7TXhVwxJmVofLuNAkoy+RmWhlOqUVsun2g6D/kvzkIdjXsVuKBpH3kPOY2nH
AIsjPkv2IU16dWznumwaGHXCCOtfIxu45KFg00Tmnx4DcRfWgn/Kyz4uFZW3goVH
ghNYxGcUaMnNQJcrJKCD1sH2xCqr7hSklabq2K43AVsmrCFFArc2B8x2WLU5H0P6
MpkyQK6Bn0UVyX/o/L1yvpW/KuWsnTink1lIrefAEgVYGUYynCHcA6vFsrOlTmKX
rAwv529Jl7T/aTzNhq6zdtJf8B51MNL1zffKW1MA6kYPff1PZspokJC9nHHzDe3z
yEDrhuE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:10 2025 by rpki-client