Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/7C9FCB7AA0FE11ED9EF73577C4F9AE02.roa
File: 7C9FCB7AA0FE11ED9EF73577C4F9AE02.roa (raw, json)
Hash identifier: nomTEV4Y2b941dENO1wCftfLizzk6XGoHPh42ALo5n4=
Subject key identifier: A5:23:98:D0:7B:93:49:01:79:5F:71:C6:10:BD:66:52:2E:59:FD:59
Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial: 0585
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/7C9FCB7AA0FE11ED9EF73577C4F9AE02.roa
Signing time: Tue 31 Jan 2023 00:30:39 +0000
ROA not before: Tue 31 Jan 2023 00:30:39 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 142617
IP address blocks: 202.139.224.0/20 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1413 (0x585)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB7AB
Validity
Not Before: Jan 31 00:30:39 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63d8612f-94e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:07:a9:d8:c5:58:c1:bc:75:f7:17:72:fb:f5:
e3:fb:72:09:23:07:73:ff:d7:98:4a:22:f1:75:76:
64:f1:63:35:d3:ed:f8:17:cc:58:17:9d:18:3b:ef:
96:d5:e8:9d:e1:53:f5:05:ec:53:4b:8c:3d:3e:80:
e2:1c:86:17:27:77:2c:00:1d:a3:bf:56:af:da:b2:
62:02:cb:c4:32:40:95:7b:de:95:e2:56:8f:5e:64:
ce:99:04:e8:89:b9:29:31:d3:f5:c8:a8:90:98:d8:
71:d6:d6:7d:e4:2a:f4:a1:fe:19:2d:b5:37:c2:3a:
4b:27:6d:10:70:96:3b:5b:f8:76:b1:a8:94:1b:ec:
1a:31:97:b6:ee:4b:59:6a:f5:c2:57:a2:21:84:d9:
68:50:02:06:b8:d3:24:07:b8:b0:6b:19:f2:df:68:
86:01:14:92:ae:36:79:0f:bd:85:86:d7:44:2b:4a:
37:52:8c:c1:b3:30:9e:15:c6:f4:c2:9a:24:c2:e7:
66:66:b6:8f:3f:05:58:84:0e:4f:6e:ae:90:1d:c9:
92:41:ed:11:cc:62:72:ae:85:ae:04:40:1b:c6:0d:
e6:08:0a:82:d3:5f:35:7a:c7:0c:22:bc:cc:d0:9a:
f0:29:e3:2b:d3:bf:b0:fe:33:7b:2f:48:00:da:07:
f3:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:23:98:D0:7B:93:49:01:79:5F:71:C6:10:BD:66:52:2E:59:FD:59
X509v3 Authority Key Identifier:
keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/7C9FCB7AA0FE11ED9EF73577C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.139.224.0/20
Signature Algorithm: sha256WithRSAEncryption
18:90:59:00:af:78:c3:3c:f3:c9:16:0a:4f:31:9f:90:5e:36:
ba:8e:5b:a5:a8:3f:36:c6:61:44:87:40:3a:52:de:b5:49:ae:
2f:ee:1f:ef:d5:af:7f:f7:01:78:78:99:38:3d:0f:08:f4:2c:
21:3d:71:c8:5a:6e:77:90:8c:98:0c:61:4b:4d:13:1d:b7:ec:
c9:d1:7b:7d:76:22:6a:c8:0b:3a:b5:0b:36:63:83:2d:2f:99:
a3:39:eb:86:1d:7a:99:e7:7e:13:4d:a6:18:b1:07:47:b9:c6:
48:36:39:96:0f:80:92:c1:33:90:9f:2c:5b:77:3b:83:a0:6d:
64:93:c4:ca:62:77:de:ad:d3:1b:b3:d3:9b:72:52:fc:32:55:
a4:69:00:5b:61:79:15:1b:f2:89:3b:c4:ed:54:db:6e:ce:ef:
e6:37:ec:94:e9:2b:16:5a:24:3b:35:a9:59:bc:c1:f5:28:8f:
3e:13:25:30:86:72:16:c8:be:50:ca:d8:5c:05:bb:c5:f5:55:
9c:00:56:f6:29:2b:f2:88:8c:cb:ab:8a:1f:e1:f9:e3:52:60:
77:68:49:af:20:cd:21:7a:84:6c:0d:23:62:ef:70:7e:88:cd:
6e:d5:5c:b7:a7:9d:0a:28:a2:07:34:a9:96:ae:2c:fe:10:3c:
ee:7c:1e:f7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBYUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjMwMTMxMDAzMDM5WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Q4NjEyZi05NGUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqAep2MVYwbx19xdy+/Xj+3IJIwdz/9eYSiLxdXZk8WM10+34F8xYF50YO++W
1eid4VP1BexTS4w9PoDiHIYXJ3csAB2jv1av2rJiAsvEMkCVe96V4laPXmTOmQTo
ibkpMdP1yKiQmNhx1tZ95Cr0of4ZLbU3wjpLJ20QcJY7W/h2saiUG+waMZe27ktZ
avXCV6IhhNloUAIGuNMkB7iwaxny32iGARSSrjZ5D72FhtdEK0o3UozBszCeFcb0
wpokwudmZraPPwVYhA5Pbq6QHcmSQe0RzGJyroWuBEAbxg3mCAqC0181escMIrzM
0JrwKeMr07+w/jN7L0gA2gfzOwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKUjmNB7
k0kBeV9xxhC9ZlIuWf1ZMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvN0M5RkNCN0FB
MEZFMTFFRDlFRjczNTc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBATKi+AwDQYJKoZIhvcNAQELBQADggEBABiQWQCveMM888kW
Ck8xn5BeNrqOW6WoPzbGYUSHQDpS3rVJri/uH+/Vr3/3AXh4mTg9Dwj0LCE9ccha
bneQjJgMYUtNEx237MnRe312ImrICzq1CzZjgy0vmaM564YdepnnfhNNphixB0e5
xkg2OZYPgJLBM5CfLFt3O4OgbWSTxMpid96t0xuz05tyUvwyVaRpAFtheRUb8ok7
xO1U227O7+Y37JTpKxZaJDs1qVm8wfUojz4TJTCGchbIvlDK2FwFu8X1VZwAVvYp
K/KIjMurih/h+eNSYHdoSa8gzSF6hGwNI2LvcH6IzW7VXLennQooogc0qZauLP4Q
PO58Hvc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:14 2025 by rpki-client