Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/7062D7F0F79511EE8580A633C4F9AE02.roa
File: 7062D7F0F79511EE8580A633C4F9AE02.roa (raw, json)
Hash identifier: vZ8YpLd66juA/AESQ6cFoBqQirBR9l9yZTOV5Ex6DXo=
Subject key identifier: AD:D3:18:08:D7:7E:8F:FE:A9:A5:B6:32:E8:FF:DC:F0:A7:67:5B:7A
Certificate issuer: /CN=A91DB4FE/serialNumber=7F6BE1D5A2730FC227FAFC896D13433241783179
Certificate serial: 068E
Authority key identifier: 7F:6B:E1:D5:A2:73:0F:C2:27:FA:FC:89:6D:13:43:32:41:78:31:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/7062D7F0F79511EE8580A633C4F9AE02.roa
Signing time: Wed 10 Apr 2024 23:52:51 +0000
ROA not before: Wed 10 Apr 2024 23:52:51 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 9313
IP address blocks: 1.178.175.0/24 maxlen: 24
1.179.62.0/24 maxlen: 24
1.179.63.0/24 maxlen: 24
110.238.147.0/24 maxlen: 24
110.238.148.0/22 maxlen: 24
110.239.0.0/21 maxlen: 24
110.239.15.0/24 maxlen: 24
110.239.16.0/23 maxlen: 24
110.239.26.0/24 maxlen: 24
110.239.29.0/24 maxlen: 24
110.239.30.0/23 maxlen: 24
110.239.136.0/21 maxlen: 24
110.239.177.0/24 maxlen: 24
110.239.179.0/24 maxlen: 24
110.239.180.0/24 maxlen: 24
110.239.181.0/24 maxlen: 24
110.239.182.0/24 maxlen: 24
110.239.183.0/24 maxlen: 24
119.13.179.0/24 maxlen: 24
123.200.170.0/24 maxlen: 24
123.200.171.0/24 maxlen: 24
123.200.173.0/24 maxlen: 24
123.200.176.0/24 maxlen: 24
123.200.177.0/24 maxlen: 24
123.200.178.0/24 maxlen: 24
202.183.103.0/24 maxlen: 24
202.183.109.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1678 (0x68e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DB4FE
Validity
Not Before: Apr 10 23:52:51 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66172652-a132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6b:79:32:18:3e:3d:bb:72:5e:75:7b:72:28:
2b:18:bd:55:ab:e7:b7:9f:27:f8:a7:e6:c9:30:a1:
40:76:46:7b:a2:33:9f:db:e2:0a:92:4f:f0:46:a2:
e7:6d:4a:9a:43:6a:2e:7e:b9:b2:b1:63:c2:4b:12:
47:f5:a0:62:9c:64:0c:ec:16:13:cb:a9:8d:c3:b6:
b1:f7:35:19:ae:6a:05:25:34:3d:3c:ae:64:bd:13:
5b:cf:3f:aa:1b:31:44:06:4e:38:b2:77:52:ec:23:
34:d8:f9:e0:c3:c6:5f:50:a6:61:d0:d3:c4:21:86:
a3:dd:a7:e3:98:6a:ba:14:72:28:91:d0:83:81:58:
91:a6:37:b0:73:89:73:b0:88:9c:31:ec:f7:80:61:
d3:30:34:22:79:f8:93:67:37:06:40:7b:21:af:01:
94:a8:b6:5e:e2:ee:9c:dc:d2:a8:08:29:b5:8c:70:
4d:7e:30:7d:e8:be:97:1e:2f:dd:28:39:3b:7a:7b:
fc:99:7c:8a:70:ca:1c:f3:37:cb:f5:28:9a:eb:94:
49:97:2f:19:09:f6:fa:8a:23:0c:5b:93:76:4b:a8:
2e:4f:c1:48:c5:b1:a2:a6:8a:88:58:dc:90:e8:d9:
61:52:80:b7:94:80:21:a5:00:63:db:fa:04:77:3a:
03:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:D3:18:08:D7:7E:8F:FE:A9:A5:B6:32:E8:FF:DC:F0:A7:67:5B:7A
X509v3 Authority Key Identifier:
keyid:7F:6B:E1:D5:A2:73:0F:C2:27:FA:FC:89:6D:13:43:32:41:78:31:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/f2vh1aJzD8In-vyJbRNDMkF4MXk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/7062D7F0F79511EE8580A633C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.178.175.0/24
1.179.62.0/23
110.238.147.0-110.238.151.255
110.239.0.0/21
110.239.15.0-110.239.17.255
110.239.26.0/24
110.239.29.0-110.239.31.255
110.239.136.0/21
110.239.177.0/24
110.239.179.0-110.239.183.255
119.13.179.0/24
123.200.170.0/23
123.200.173.0/24
123.200.176.0-123.200.178.255
202.183.103.0/24
202.183.109.0/24
Signature Algorithm: sha256WithRSAEncryption
36:8b:ee:df:32:0e:c4:31:45:2a:98:cc:35:f6:56:02:71:64:
95:7d:41:46:69:66:70:e6:15:d6:17:bd:cc:aa:24:2c:3a:64:
20:ea:e4:9b:5a:04:0b:c1:35:98:0e:2c:41:9a:32:e8:f0:00:
79:66:53:75:b2:be:e3:2c:5d:3e:e1:cf:ef:cb:93:c0:d3:aa:
2c:7f:8a:6c:3c:2e:e8:1a:01:28:af:9b:9b:34:43:f1:cc:28:
39:03:24:56:ee:0b:72:ae:11:db:89:5a:5a:a8:ad:a9:3a:14:
96:4d:16:5a:90:c8:ef:3b:5a:74:db:ec:50:17:0c:f5:8a:ec:
95:ee:35:be:bb:bd:e7:8a:7b:17:aa:89:dc:df:5d:7a:e0:fa:
0a:ef:65:cb:a0:36:17:ca:89:f3:a6:30:da:be:fa:98:7f:2f:
75:84:ea:17:bd:db:58:08:94:fe:b3:74:5f:31:2d:e7:f2:fe:
8b:bc:31:44:15:af:92:87:0c:1b:cd:08:e8:c9:52:ad:d5:57:
8f:ef:df:7a:16:69:8c:67:a3:8c:ed:7f:ee:62:59:f5:dc:d1:
fb:29:cd:0c:fe:cc:43:78:45:04:13:27:46:32:d6:f9:a2:05:
14:c1:f9:eb:01:2e:5c:29:d0:6e:ca:83:a4:07:5e:9e:2a:ab:
40:a2:2a:e4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgICBo4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REI0RkUxMTAvBgNVBAUTKDdGNkJFMUQ1QTI3MzBGQzIyN0ZBRkM4OTZEMTM0MzMy
NDE3ODMxNzkwHhcNMjQwNDEwMjM1MjUxWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjE3MjY1Mi1hMTMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Gt5Mhg+PbtyXnV7cigrGL1Vq+e3nyf4p+bJMKFAdkZ7ojOf2+IKkk/wRqLn
bUqaQ2oufrmysWPCSxJH9aBinGQM7BYTy6mNw7ax9zUZrmoFJTQ9PK5kvRNbzz+q
GzFEBk44sndS7CM02Pngw8ZfUKZh0NPEIYaj3afjmGq6FHIokdCDgViRpjewc4lz
sIicMez3gGHTMDQiefiTZzcGQHshrwGUqLZe4u6c3NKoCCm1jHBNfjB96L6XHi/d
KDk7env8mXyKcMoc8zfL9Sia65RJly8ZCfb6iiMMW5N2S6guT8FIxbGipoqIWNyQ
6NlhUoC3lIAhpQBj2/oEdzoDaQIDAQABo4IDHDCCAxgwHQYDVR0OBBYEFK3TGAjX
fo/+qaW2Muj/3PCnZ1t6MB8GA1UdIwQYMBaAFH9r4dWicw/CJ/r8iW0TQzJBeDF5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQjRGRS9DRjRBMTBFQTg1
RTExMUVCQUZCNTFFODRDNEY5QUUwMi9mMnZoMWFKekQ4SW4tdnlKYlJORE1rRjRN
WGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2YydmgxYUp6RDhJbi12eUpiUk5ETWtGNE1Yay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REI0RkUvQ0Y0QTEwRUE4NUUxMTFFQkFGQjUxRTg0QzRGOUFFMDIvNzA2MkQ3RjBG
Nzk1MTFFRTg1ODBBNjMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaUGCCsGAQUFBwEHAQH/
BIGVMIGSMIGPBAIAATCBiAMEAAGyrwMEAQGzPjAMAwQAbu6TAwQDbu6QAwQDbu8A
MAwDBABu7w8DBAFu7xADBABu7xowDAMEAG7vHQMEBW7vAAMEA27viAMEAG7vsTAM
AwQAbu+zAwQDbu+wAwQAdw2zAwQBe8iqAwQAe8itMAwDBAR7yLADBAB7yLIDBADK
t2cDBADKt20wDQYJKoZIhvcNAQELBQADggEBADaL7t8yDsQxRSqYzDX2VgJxZJV9
QUZpZnDmFdYXvcyqJCw6ZCDq5JtaBAvBNZgOLEGaMujwAHlmU3WyvuMsXT7hz+/L
k8DTqix/imw8LugaASivm5s0Q/HMKDkDJFbuC3KuEduJWlqorak6FJZNFlqQyO87
WnTb7FAXDPWK7JXuNb67veeKexeqidzfXXrg+grvZcugNhfKifOmMNq++ph/L3WE
6he921gIlP6zdF8xLefy/ou8MUQVr5KHDBvNCOjJUq3VV4/v33oWaYxno4ztf+5i
WfXc0fspzQz+zEN4RQQTJ0Yy1vmiBRTB+esBLlwp0G7Kg6QHXp4qq0CiKuQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:18 2025 by rpki-client