Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/C0EE58BED97A11ED94D02510C4F9AE02.roa
File: C0EE58BED97A11ED94D02510C4F9AE02.roa (raw, json)
Hash identifier: GWQey/U1ex2Q6uv+LZ/OqBoVMAddqmr1dyuubP08ltA=
Subject key identifier: 5A:D8:30:FD:9B:C3:AA:77:46:0E:5E:E7:48:DF:BC:C2:4A:01:11:42
Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial: 05E7
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/C0EE58BED97A11ED94D02510C4F9AE02.roa
Signing time: Wed 12 Apr 2023 21:41:17 +0000
ROA not before: Wed 12 Apr 2023 21:41:17 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 55154
IP address blocks: 202.139.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1511 (0x5e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB7AB
Validity
Not Before: Apr 12 21:41:17 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=6437257c-46a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:98:78:5c:c9:34:07:66:31:fc:93:55:3d:bc:
41:de:71:f4:b6:08:a8:57:46:c2:8c:63:8b:c3:4e:
2e:16:f7:ac:5f:65:26:5c:03:4b:dd:fb:f0:94:f0:
2e:b2:58:5e:1c:f1:8d:28:0b:e7:a6:dd:da:e7:cb:
41:24:83:e6:e4:f0:71:af:03:1f:d6:4a:84:50:72:
e2:75:f6:55:7e:64:61:e1:6b:30:3a:d9:c4:e2:fd:
c4:93:ee:5c:f8:f4:44:28:5a:cb:70:f1:62:83:19:
18:0a:6e:ae:50:3b:a7:7a:74:77:6d:43:83:89:52:
67:70:8a:8d:7f:85:9c:f3:0e:a5:ff:b5:94:c6:c4:
f6:96:aa:1f:7c:a1:fc:e0:95:68:6a:43:6a:c9:58:
65:9c:2f:e1:8b:a4:e8:e5:58:27:42:59:e9:e6:49:
7b:39:03:07:c4:e2:e8:45:bd:12:bc:98:51:59:5b:
64:98:f6:47:30:c0:88:35:1d:b3:ac:18:f4:22:43:
69:c4:ce:0e:b7:24:2e:e6:8e:83:16:8f:2f:cc:d6:
ce:66:8d:07:6f:fb:b2:86:77:12:5c:d2:e6:ce:ac:
ca:40:3c:b2:70:60:6f:a2:bd:bc:73:d0:36:06:02:
4e:77:8a:ff:c8:b9:73:da:50:c9:48:a7:e8:07:a7:
81:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D8:30:FD:9B:C3:AA:77:46:0E:5E:E7:48:DF:BC:C2:4A:01:11:42
X509v3 Authority Key Identifier:
keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/C0EE58BED97A11ED94D02510C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.139.255.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:9d:fd:7b:c9:6f:03:a0:9c:ef:4c:4f:05:f9:54:69:01:3f:
61:b4:19:f3:5d:75:92:14:0a:c6:3d:bf:7f:25:74:d0:a2:2d:
1e:5d:45:34:2a:d2:9a:e4:4b:1e:41:d2:fc:af:e8:ca:20:45:
a9:62:f5:78:ae:3e:d6:56:e3:1d:ef:50:57:47:90:97:20:49:
31:03:d4:db:f9:eb:75:52:c6:5d:b6:b3:5c:a1:e7:f2:4e:fe:
ac:22:e9:dd:19:fc:86:b1:c9:24:ac:0f:35:97:29:4a:79:0d:
e7:4a:5f:0a:2a:0b:e9:b5:e9:89:df:97:01:e0:d1:1f:69:89:
4a:f5:90:65:78:83:fb:78:0e:1c:ee:74:13:a9:f4:7e:53:8f:
50:6a:2c:30:e0:52:0f:79:a1:17:cd:23:3e:84:b9:56:68:13:
35:6e:bb:be:39:47:35:76:ec:4f:92:95:6b:9f:3f:65:8f:7b:
9b:c0:76:9f:c3:77:d4:57:c6:f9:01:96:e2:74:8d:57:09:fc:
90:22:a6:74:6e:e3:c2:bd:9f:22:13:6a:30:99:d2:fc:d2:06:
b9:0d:fd:91:57:4f:9e:85:d3:e5:5f:3e:75:ed:dc:dd:55:a5:
d1:68:b3:ac:58:cf:f1:7e:49:aa:a3:b1:77:e4:95:76:ca:83:
dd:cf:db:49
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBecwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjMwNDEyMjE0MTE3WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM3MjU3Yy00NmExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA35h4XMk0B2Yx/JNVPbxB3nH0tgioV0bCjGOLw04uFvesX2UmXANL3fvwlPAu
slheHPGNKAvnpt3a58tBJIPm5PBxrwMf1kqEUHLidfZVfmRh4WswOtnE4v3Ek+5c
+PREKFrLcPFigxkYCm6uUDunenR3bUODiVJncIqNf4Wc8w6l/7WUxsT2lqoffKH8
4JVoakNqyVhlnC/hi6To5VgnQlnp5kl7OQMHxOLoRb0SvJhRWVtkmPZHMMCINR2z
rBj0IkNpxM4OtyQu5o6DFo8vzNbOZo0Hb/uyhncSXNLmzqzKQDyycGBvor28c9A2
BgJOd4r/yLlz2lDJSKfoB6eBiQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFrYMP2b
w6p3Rg5e50jfvMJKARFCMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvQzBFRTU4QkVE
OTdBMTFFRDk0RDAyNTEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKi/8wDQYJKoZIhvcNAQELBQADggEBAC+d/XvJbwOgnO9M
TwX5VGkBP2G0GfNddZIUCsY9v38ldNCiLR5dRTQq0prkSx5B0vyv6MogRali9Xiu
PtZW4x3vUFdHkJcgSTED1Nv563VSxl22s1yh5/JO/qwi6d0Z/IaxySSsDzWXKUp5
DedKXwoqC+m16YnflwHg0R9piUr1kGV4g/t4DhzudBOp9H5Tj1BqLDDgUg95oRfN
Iz6EuVZoEzVuu745RzV27E+SlWufP2WPe5vAdp/Dd9RXxvkBluJ0jVcJ/JAipnRu
48K9nyITajCZ0vzSBrkN/ZFXT56F0+VfPnXt3N1VpdFos6xYz/F+SaqjsXfklXbK
g93P20k=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:28 2025 by rpki-client