Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/DB99AD588DBE11EB984D9439C4F9AE02.roa
File: DB99AD588DBE11EB984D9439C4F9AE02.roa (raw, json)
Hash identifier: wSLPXT7BRqAWcULXdNK9t7j96DHHTJfJYXjEyOEz2NU=
Subject key identifier: 7F:81:21:2B:BB:1C:04:66:F8:83:66:36:87:FD:C2:84:63:95:B4:0A
Certificate issuer: /CN=A91DB4FE/serialNumber=7F6BE1D5A2730FC227FAFC896D13433241783179
Certificate serial: 063A
Authority key identifier: 7F:6B:E1:D5:A2:73:0F:C2:27:FA:FC:89:6D:13:43:32:41:78:31:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/DB99AD588DBE11EB984D9439C4F9AE02.roa
Signing time: Sun 03 Dec 2023 00:12:39 +0000
ROA not before: Sun 03 Dec 2023 00:12:39 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 17667
IP address blocks: 110.238.0.0/23 maxlen: 23
110.238.0.0/24 maxlen: 24
110.238.1.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1594 (0x63a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DB4FE/serialNumber=7F6BE1D5A2730FC227FAFC896D13433241783179
Validity
Not Before: Dec 3 00:12:39 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=656bc7f7-7421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:24:3b:b0:66:b4:3b:92:20:f9:51:f6:b5:89:
ae:28:fb:31:d2:1b:b1:df:5f:0d:23:4e:8b:dd:1d:
4a:15:42:d9:2b:77:40:2a:85:64:4d:af:e0:ed:0a:
af:96:fd:2e:cd:77:fa:a7:1e:0d:da:38:84:af:0a:
2f:79:bd:3e:7b:81:3c:61:99:d8:c2:6c:b6:ce:d8:
16:d8:a2:3e:f1:91:d5:e7:44:18:f8:7d:e3:47:f2:
c3:94:c2:46:cf:48:6c:1c:60:21:75:70:71:c6:f1:
a5:84:ad:46:00:62:90:74:05:0e:0c:98:5f:8e:49:
e6:a6:52:56:f5:a6:d3:4d:17:7e:00:31:6f:6e:ca:
b2:bd:d7:58:38:bb:cd:8e:88:74:4c:72:da:32:a9:
d8:b8:c6:fa:1c:b4:9d:3b:59:42:e6:56:1f:ee:73:
c1:03:17:ff:c3:ba:65:d8:5b:35:e2:91:90:cd:23:
df:46:10:2b:a7:d3:cc:11:ca:23:39:ca:0b:06:cd:
90:37:f0:05:78:67:2a:5f:23:84:2e:57:60:73:1a:
b8:99:77:e2:72:00:66:13:d5:f1:e3:37:4d:96:b8:
2c:2d:b1:ba:d2:bb:64:b8:bb:73:c0:eb:92:70:39:
7b:8a:e2:ac:2f:97:de:4e:21:d6:ba:ca:d6:0b:05:
44:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:81:21:2B:BB:1C:04:66:F8:83:66:36:87:FD:C2:84:63:95:B4:0A
X509v3 Authority Key Identifier:
keyid:7F:6B:E1:D5:A2:73:0F:C2:27:FA:FC:89:6D:13:43:32:41:78:31:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/f2vh1aJzD8In-vyJbRNDMkF4MXk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/DB99AD588DBE11EB984D9439C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
110.238.0.0/23
Signature Algorithm: sha256WithRSAEncryption
81:1f:f9:71:e7:52:65:dc:3e:32:2a:ea:d9:33:b0:06:9e:7e:
85:18:34:86:44:df:44:d3:3f:57:62:4e:37:50:d5:54:bc:26:
54:a0:bb:68:84:49:aa:92:39:4b:73:98:8c:ba:d4:1e:62:82:
17:89:64:78:05:93:27:1b:a0:34:c9:7d:d0:46:13:0a:35:dc:
09:0e:75:87:85:44:f9:08:d2:62:ec:4f:db:d6:16:b3:5e:13:
a6:35:e3:9d:71:4a:83:6a:c1:f9:a8:e5:63:2f:5b:de:d1:e1:
e3:16:45:98:df:ff:32:61:91:6d:2b:0c:59:98:46:88:49:8e:
5e:eb:bb:b1:15:ac:80:e6:fe:ea:fd:2e:c8:fe:80:4b:6c:b6:
3a:a0:d7:07:63:c6:7f:7d:62:b6:8c:e2:90:b6:ab:d2:27:58:
b5:23:7c:61:46:84:7f:7a:15:25:30:1e:30:af:7f:4d:e9:04:
e0:74:92:7c:d2:a4:b3:98:42:74:9b:37:a4:7a:04:6c:f9:80:
df:e9:cb:05:4a:85:b8:99:1a:76:b1:53:b8:1f:0d:70:be:48:
5a:fe:5a:ba:cc:cf:9f:93:4a:f4:16:9b:84:e9:88:89:16:49:
66:8d:f1:c9:a9:67:85:38:01:ad:4c:57:b2:53:16:11:17:43:
55:08:01:98
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBjowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REI0RkUxMTAvBgNVBAUTKDdGNkJFMUQ1QTI3MzBGQzIyN0ZBRkM4OTZEMTM0MzMy
NDE3ODMxNzkwHhcNMjMxMjAzMDAxMjM5WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTZiYzdmNy03NDIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqyQ7sGa0O5Ig+VH2tYmuKPsx0hux318NI06L3R1KFULZK3dAKoVkTa/g7Qqv
lv0uzXf6px4N2jiErwoveb0+e4E8YZnYwmy2ztgW2KI+8ZHV50QY+H3jR/LDlMJG
z0hsHGAhdXBxxvGlhK1GAGKQdAUODJhfjknmplJW9abTTRd+ADFvbsqyvddYOLvN
joh0THLaMqnYuMb6HLSdO1lC5lYf7nPBAxf/w7pl2Fs14pGQzSPfRhArp9PMEcoj
OcoLBs2QN/AFeGcqXyOELldgcxq4mXficgBmE9Xx4zdNlrgsLbG60rtkuLtzwOuS
cDl7iuKsL5feTiHWusrWCwVEAQIDAQABo4IClTCCApEwHQYDVR0OBBYEFH+BISu7
HARm+INmNof9woRjlbQKMB8GA1UdIwQYMBaAFH9r4dWicw/CJ/r8iW0TQzJBeDF5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQjRGRS9DRjRBMTBFQTg1
RTExMUVCQUZCNTFFODRDNEY5QUUwMi9mMnZoMWFKekQ4SW4tdnlKYlJORE1rRjRN
WGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2YydmgxYUp6RDhJbi12eUpiUk5ETWtGNE1Yay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REI0RkUvQ0Y0QTEwRUE4NUUxMTFFQkFGQjUxRTg0QzRGOUFFMDIvREI5OUFENTg4
REJFMTFFQjk4NEQ5NDM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFu7gAwDQYJKoZIhvcNAQELBQADggEBAIEf+XHnUmXcPjIq
6tkzsAaefoUYNIZE30TTP1diTjdQ1VS8JlSgu2iESaqSOUtzmIy61B5igheJZHgF
kycboDTJfdBGEwo13AkOdYeFRPkI0mLsT9vWFrNeE6Y1451xSoNqwfmo5WMvW97R
4eMWRZjf/zJhkW0rDFmYRohJjl7ru7EVrIDm/ur9Lsj+gEtstjqg1wdjxn99YraM
4pC2q9InWLUjfGFGhH96FSUwHjCvf03pBOB0knzSpLOYQnSbN6R6BGz5gN/pywVK
hbiZGnaxU7gfDXC+SFr+WrrMz5+TSvQWm4TpiIkWSWaN8cmpZ4U4Aa1MV7JTFhEX
Q1UIAZg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:30 2024 by rpki-client on console-ams.rpki-client.org