Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/E0DB8A1477B011EEB9D11B29C4F9AE02.roa
File: E0DB8A1477B011EEB9D11B29C4F9AE02.roa (raw, json)
Hash identifier: EW2Hib2JU3ksYoDVPUKozW5KTHDcmvpHIn9u6RWuOOY=
Subject key identifier: 3B:49:8F:33:14:87:05:97:F1:AD:94:4E:53:A5:DF:07:36:0B:1D:BD
Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial: 070D
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/E0DB8A1477B011EEB9D11B29C4F9AE02.roa
Signing time: Wed 31 Jan 2024 00:12:36 +0000
ROA not before: Wed 31 Jan 2024 00:12:36 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 61317
IP address blocks: 203.147.230.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1805 (0x70d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB7AB
Validity
Not Before: Jan 31 00:12:36 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65b99074-cbeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:33:bb:b0:37:e9:94:27:4a:18:4f:2e:d9:17:
2b:82:23:55:2a:0c:eb:88:e5:17:46:16:97:83:d2:
01:6a:4a:a4:d9:67:92:b3:09:12:58:03:af:ef:46:
d1:98:21:8c:d0:e2:93:8e:e5:56:d2:07:d9:e1:1f:
2e:7c:e8:20:c0:fd:28:82:9a:ee:5b:79:f6:22:ec:
52:29:8d:82:d2:9c:12:e2:5c:c1:99:1f:f9:86:63:
cf:6c:98:65:c1:ed:21:b6:81:6b:d8:ac:f3:10:f8:
db:d8:0a:42:b7:6d:ef:18:a6:03:03:48:18:ca:f4:
51:26:f6:37:ff:32:c4:8c:8e:a8:ae:b9:4a:98:1f:
b9:42:57:e1:00:b3:4a:e7:1e:af:5e:f4:6c:20:f3:
af:b7:35:21:7e:8e:42:cd:26:c7:23:fb:f2:4d:59:
f1:17:81:74:f0:59:33:f7:43:aa:a8:48:a4:d0:ed:
d4:fc:70:9f:21:ff:96:5c:04:77:d4:ab:84:fb:a9:
2b:93:ab:cd:b3:32:83:2e:37:12:b2:ff:a3:56:5b:
03:cf:5b:f4:64:c9:a8:1a:39:a7:30:7f:f7:33:98:
5f:da:dc:f3:89:a3:30:51:32:64:f6:90:d8:a3:b8:
cd:d0:28:a3:b4:3a:d2:33:b8:e1:17:92:d9:48:d8:
ad:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:49:8F:33:14:87:05:97:F1:AD:94:4E:53:A5:DF:07:36:0B:1D:BD
X509v3 Authority Key Identifier:
keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/E0DB8A1477B011EEB9D11B29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.147.230.0/23
Signature Algorithm: sha256WithRSAEncryption
27:d3:7f:74:46:8b:8a:23:21:c1:23:9d:9a:b9:68:9d:fd:63:
67:25:53:78:28:39:e7:dc:76:79:63:7c:ae:3f:92:03:c5:7f:
96:73:08:c2:b6:f6:0e:6f:5a:50:33:0e:b3:af:45:10:df:00:
51:86:1c:5a:42:61:01:ef:cf:3a:a7:e7:a5:e2:fe:75:96:ae:
36:74:27:d7:6b:b0:87:38:74:84:30:2d:de:37:ba:31:5b:46:
0e:e3:6b:75:5c:cf:04:e4:ab:55:2a:d3:26:7c:20:b0:c8:6a:
b4:61:1e:20:c9:ac:b5:c9:97:bf:bd:e8:90:18:48:4a:12:1b:
75:6c:42:7f:ee:0e:83:9f:1a:53:4a:e6:2a:e6:1e:57:ff:11:
96:62:2d:9b:50:10:c8:c8:2a:59:4e:53:51:fc:af:94:df:90:
b9:21:5b:73:73:ed:af:29:8c:ef:2a:bb:84:00:43:df:c3:2a:
1e:af:71:44:5e:24:9b:a3:c3:49:68:c9:a0:8e:5c:c2:3e:f8:
ea:5f:c6:0e:35:8a:bc:72:d8:96:92:2c:11:f9:4a:05:5c:0d:
77:4a:72:49:14:64:c8:48:56:59:f8:43:14:1a:57:1a:c7:25:
be:73:b8:4c:68:bc:69:b9:00:cd:23:01:a5:49:18:29:47:f9:
74:21:66:82
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBw0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjQwMTMxMDAxMjM2WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI5OTA3NC1jYmViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmzO7sDfplCdKGE8u2RcrgiNVKgzriOUXRhaXg9IBakqk2WeSswkSWAOv70bR
mCGM0OKTjuVW0gfZ4R8ufOggwP0ogpruW3n2IuxSKY2C0pwS4lzBmR/5hmPPbJhl
we0htoFr2KzzEPjb2ApCt23vGKYDA0gYyvRRJvY3/zLEjI6orrlKmB+5QlfhALNK
5x6vXvRsIPOvtzUhfo5CzSbHI/vyTVnxF4F08Fkz90OqqEik0O3U/HCfIf+WXAR3
1KuE+6krk6vNszKDLjcSsv+jVlsDz1v0ZMmoGjmnMH/3M5hf2tzziaMwUTJk9pDY
o7jN0CijtDrSM7jhF5LZSNit+wIDAQABo4IClTCCApEwHQYDVR0OBBYEFDtJjzMU
hwWX8a2UTlOl3wc2Cx29MB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvRTBEQjhBMTQ3
N0IwMTFFRUI5RDExQjI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHLk+YwDQYJKoZIhvcNAQELBQADggEBACfTf3RGi4ojIcEj
nZq5aJ39Y2clU3goOefcdnljfK4/kgPFf5ZzCMK29g5vWlAzDrOvRRDfAFGGHFpC
YQHvzzqn56Xi/nWWrjZ0J9drsIc4dIQwLd43ujFbRg7ja3VczwTkq1Uq0yZ8ILDI
arRhHiDJrLXJl7+96JAYSEoSG3VsQn/uDoOfGlNK5irmHlf/EZZiLZtQEMjIKllO
U1H8r5TfkLkhW3Nz7a8pjO8qu4QAQ9/DKh6vcUReJJujw0loyaCOXMI++Opfxg41
irxy2JaSLBH5SgVcDXdKckkUZMhIVln4QxQaVxrHJb5zuExovGm5AM0jAaVJGClH
+XQhZoI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:05 2025 by rpki-client