Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/273D5AEAB4D911EEB45E5654C4F9AE02.roa
File: 273D5AEAB4D911EEB45E5654C4F9AE02.roa (raw, json)
Hash identifier: TuVihLf0fuOG4RwSMVTeTjmU2fdFUUZ+jzH3/1WGrdc=
Subject key identifier: C8:FB:07:38:B7:08:BA:4A:54:76:B7:DA:4C:1E:BC:98:98:24:D6:F2
Certificate issuer: /CN=A91DB4FE/serialNumber=7F6BE1D5A2730FC227FAFC896D13433241783179
Certificate serial: 0658
Authority key identifier: 7F:6B:E1:D5:A2:73:0F:C2:27:FA:FC:89:6D:13:43:32:41:78:31:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/273D5AEAB4D911EEB45E5654C4F9AE02.roa
Signing time: Wed 17 Jan 2024 01:38:45 +0000
ROA not before: Wed 17 Jan 2024 01:38:45 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 17667
IP address blocks: 110.238.1.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1624 (0x658)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DB4FE/serialNumber=7F6BE1D5A2730FC227FAFC896D13433241783179
Validity
Not Before: Jan 17 01:38:45 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=65a72fa5-15d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:18:b6:f7:b5:01:04:7b:3b:ef:ad:a8:99:6b:
71:d5:55:8a:5c:dd:25:b1:82:c9:62:37:eb:c5:7d:
80:27:98:e0:5a:1e:46:82:bb:5c:26:52:7c:09:80:
e5:f0:78:71:ce:8f:a1:b4:c7:f0:82:5c:3a:18:95:
f3:48:9a:a8:db:43:b4:b4:ab:00:4f:ef:89:e3:b2:
75:52:6a:0a:fe:39:e1:fd:fd:21:57:fa:dc:1a:6e:
a4:32:c7:3e:20:5c:d0:d0:6f:af:df:4a:b4:b4:d7:
d6:ec:58:82:8f:13:c1:d9:45:33:a5:85:a8:d9:d2:
33:ec:b8:b1:1e:1a:4a:a0:2d:cf:9d:83:45:33:cb:
c9:59:c0:31:2f:78:d3:68:d8:5d:f6:1e:76:de:47:
f7:f5:0d:ba:36:32:eb:e0:9e:7e:a9:18:af:e8:93:
4b:8e:0d:67:86:80:dd:54:6b:6f:f6:9c:06:95:e2:
02:5f:24:d9:d1:99:72:69:f9:02:8e:18:95:d5:20:
d8:5f:03:34:04:a2:57:d8:ca:e4:4e:f6:4b:15:2d:
1e:4f:5a:8b:53:c9:55:1b:6e:fb:b9:95:f1:b8:70:
06:4b:9e:82:ff:66:79:a9:1b:20:e6:9b:2a:f8:0e:
3a:1d:59:88:71:fa:0c:69:54:ea:1e:00:68:28:9e:
e1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:FB:07:38:B7:08:BA:4A:54:76:B7:DA:4C:1E:BC:98:98:24:D6:F2
X509v3 Authority Key Identifier:
keyid:7F:6B:E1:D5:A2:73:0F:C2:27:FA:FC:89:6D:13:43:32:41:78:31:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/f2vh1aJzD8In-vyJbRNDMkF4MXk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/273D5AEAB4D911EEB45E5654C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
110.238.1.0/24
Signature Algorithm: sha256WithRSAEncryption
88:19:6b:59:f9:29:4c:77:13:27:39:60:f4:79:80:01:7e:09:
ae:43:0c:9d:e0:38:8e:3b:fd:43:20:b2:fb:d8:5a:8e:cc:9e:
5d:2e:a6:63:2f:5a:b9:90:ff:8d:b2:bc:4c:fa:ed:8d:b9:a8:
d3:4b:af:d5:01:51:98:b2:e0:05:94:6c:18:d8:ab:95:ac:fb:
48:53:35:13:5f:81:18:fb:50:42:01:58:5c:5e:06:db:61:6d:
fa:e1:59:04:e6:56:14:c6:d1:b1:a3:55:a9:81:e2:f9:49:3f:
c4:86:26:44:b7:1e:2e:66:01:44:58:90:2e:c8:9c:18:b6:c1:
83:5d:87:75:6f:39:56:ee:3e:c2:43:be:3a:31:0d:3a:1a:43:
e9:1b:be:cf:1e:40:c3:48:9e:58:b3:23:2b:9b:de:db:21:66:
d8:26:14:69:0a:9f:8e:f1:93:ef:cd:0a:d4:e1:65:28:c6:cb:
89:7c:76:f9:14:d2:59:01:95:fb:c0:ad:3b:3e:3d:46:58:03:
42:63:92:93:ce:6a:9c:19:d0:f3:58:c6:d9:b0:94:4e:e5:ec:
56:d8:5f:3e:69:2c:ed:e9:fa:80:97:5f:a0:69:a6:b0:bf:37:
e9:b9:b2:2d:92:d5:ee:69:25:b0:2b:79:34:c5:72:82:82:7b:
6c:32:d9:86
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBlgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REI0RkUxMTAvBgNVBAUTKDdGNkJFMUQ1QTI3MzBGQzIyN0ZBRkM4OTZEMTM0MzMy
NDE3ODMxNzkwHhcNMjQwMTE3MDEzODQ1WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWE3MmZhNS0xNWQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlhi297UBBHs7762omWtx1VWKXN0lsYLJYjfrxX2AJ5jgWh5GgrtcJlJ8CYDl
8Hhxzo+htMfwglw6GJXzSJqo20O0tKsAT++J47J1UmoK/jnh/f0hV/rcGm6kMsc+
IFzQ0G+v30q0tNfW7FiCjxPB2UUzpYWo2dIz7LixHhpKoC3PnYNFM8vJWcAxL3jT
aNhd9h523kf39Q26NjLr4J5+qRiv6JNLjg1nhoDdVGtv9pwGleICXyTZ0ZlyafkC
jhiV1SDYXwM0BKJX2MrkTvZLFS0eT1qLU8lVG277uZXxuHAGS56C/2Z5qRsg5psq
+A46HVmIcfoMaVTqHgBoKJ7h/QIDAQABo4IClTCCApEwHQYDVR0OBBYEFMj7Bzi3
CLpKVHa32kwevJiYJNbyMB8GA1UdIwQYMBaAFH9r4dWicw/CJ/r8iW0TQzJBeDF5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQjRGRS9DRjRBMTBFQTg1
RTExMUVCQUZCNTFFODRDNEY5QUUwMi9mMnZoMWFKekQ4SW4tdnlKYlJORE1rRjRN
WGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2YydmgxYUp6RDhJbi12eUpiUk5ETWtGNE1Yay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REI0RkUvQ0Y0QTEwRUE4NUUxMTFFQkFGQjUxRTg0QzRGOUFFMDIvMjczRDVBRUFC
NEQ5MTFFRUI0NUU1NjU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABu7gEwDQYJKoZIhvcNAQELBQADggEBAIgZa1n5KUx3Eyc5
YPR5gAF+Ca5DDJ3gOI47/UMgsvvYWo7Mnl0upmMvWrmQ/42yvEz67Y25qNNLr9UB
UZiy4AWUbBjYq5Ws+0hTNRNfgRj7UEIBWFxeBtthbfrhWQTmVhTG0bGjVamB4vlJ
P8SGJkS3Hi5mAURYkC7InBi2wYNdh3VvOVbuPsJDvjoxDToaQ+kbvs8eQMNInliz
Iyub3tshZtgmFGkKn47xk+/NCtThZSjGy4l8dvkU0lkBlfvArTs+PUZYA0JjkpPO
apwZ0PNYxtmwlE7l7FbYXz5pLO3p+oCXX6BpprC/N+m5si2S1e5pJbAreTTFcoKC
e2wy2YY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org