Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/587048AE2A6511F08858B980C4F9AE02.roa
File: 587048AE2A6511F08858B980C4F9AE02.roa (raw, json)
Hash identifier: sNp4GFkxs4BU4V2SkT9MlVclZJIZyYuVb8g06BHlJ20=
Subject key identifier: DE:36:DF:EB:07:E0:22:3E:F3:FC:47:F9:81:3A:D0:A0:A6:62:1D:44
Certificate issuer: /CN=A91DD4A6/serialNumber=17004AA33105B0A0E6D3EB4E47C513063D92CEC2
Certificate serial: 041F
Authority key identifier: 17:00:4A:A3:31:05:B0:A0:E6:D3:EB:4E:47:C5:13:06:3D:92:CE:C2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FwBKozEFsKDm0-tOR8UTBj2SzsI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/587048AE2A6511F08858B980C4F9AE02.roa
Signing time: Tue 06 May 2025 10:32:01 +0000
ROA not before: Tue 06 May 2025 10:32:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56209
IP address blocks: 202.47.112.0/21 maxlen: 21
202.47.112.0/24 maxlen: 24
202.47.113.0/24 maxlen: 24
202.47.114.0/24 maxlen: 24
202.47.115.0/24 maxlen: 24
202.47.116.0/24 maxlen: 24
202.47.117.0/24 maxlen: 24
202.47.118.0/24 maxlen: 24
202.47.119.0/24 maxlen: 24
202.71.0.0/23 maxlen: 23
202.71.0.0/24 maxlen: 24
202.71.1.0/24 maxlen: 24
202.71.2.0/23 maxlen: 23
202.71.2.0/24 maxlen: 24
2406:2100::/32 maxlen: 32
2406:2100::/48 maxlen: 48
2406:2100:1::/48 maxlen: 48
2406:2100:2::/48 maxlen: 48
2406:2100:3::/48 maxlen: 48
2406:2100:4::/48 maxlen: 48
2406:2100:5::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1055 (0x41f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DD4A6, serialNumber=17004AA33105B0A0E6D3EB4E47C513063D92CEC2
Validity
Not Before: May 6 10:32:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6819e521-afe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:87:29:b0:d7:db:83:5e:bf:e2:e8:41:e5:8a:
57:e8:fe:64:63:3e:2f:18:76:01:b2:75:17:63:22:
20:61:2b:9b:b9:47:1d:b9:13:60:75:ab:39:55:94:
e5:91:bb:79:b9:d1:00:f8:bb:44:f5:dd:bc:bc:7f:
fb:db:62:81:1d:83:73:80:5c:f1:58:3a:ea:9a:97:
f0:4a:0c:3f:5c:d3:39:96:27:86:11:bc:74:60:cb:
a0:2f:4b:26:a2:b3:0c:a8:a0:78:fc:9a:21:13:8d:
99:5d:c9:21:cc:fa:c1:f0:73:9e:63:ea:ba:1c:f7:
81:69:23:c7:98:f4:65:b6:cc:e4:be:ed:bd:9c:38:
cf:c7:dc:62:7e:e6:6e:85:ec:44:89:4a:5b:f3:ee:
cc:5e:be:81:fd:38:5a:9f:15:73:ca:f0:8c:11:1e:
55:e4:bd:8e:bb:1c:8d:6d:fa:a4:60:bf:f7:49:d5:
45:8a:09:ed:e8:00:0b:9e:d2:93:64:28:db:c4:14:
0f:e3:2d:7e:fa:01:05:3f:7d:2b:a7:98:81:4c:e3:
22:83:64:6a:a4:a8:96:4e:08:23:b2:22:5a:87:d8:
2b:5a:4f:66:41:b4:4d:8d:2a:58:e5:5c:08:55:e0:
e4:24:49:88:41:56:3e:2c:b3:91:af:47:37:88:82:
27:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:36:DF:EB:07:E0:22:3E:F3:FC:47:F9:81:3A:D0:A0:A6:62:1D:44
X509v3 Authority Key Identifier:
keyid:17:00:4A:A3:31:05:B0:A0:E6:D3:EB:4E:47:C5:13:06:3D:92:CE:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/FwBKozEFsKDm0-tOR8UTBj2SzsI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FwBKozEFsKDm0-tOR8UTBj2SzsI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/587048AE2A6511F08858B980C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.47.112.0/21
202.71.0.0/22
IPv6:
2406:2100::/32
Signature Algorithm: sha256WithRSAEncryption
92:5c:d6:76:2b:43:d3:fe:2a:3d:2d:c7:4b:fb:0e:2c:05:74:
22:fd:ed:a9:89:84:f0:53:07:a5:2f:03:b4:49:f2:04:1f:65:
96:0f:3d:13:8b:e5:23:39:36:30:2b:07:ce:e8:6e:dc:ea:46:
b7:35:55:be:0b:84:e4:9c:36:59:b8:07:1e:a3:08:76:7b:cf:
71:8c:7f:8c:41:c9:50:ea:ab:95:71:25:fd:cd:9b:d1:ce:f1:
ba:04:36:02:e6:48:34:97:67:96:00:13:4e:c2:92:dd:85:3f:
b2:cd:c4:43:b7:2d:e4:3d:59:29:13:aa:fd:d7:a3:23:9d:76:
71:0e:5c:80:53:37:7c:e6:87:e4:17:26:86:19:2b:62:0e:0b:
b1:c7:bf:3b:ec:71:3e:28:2b:3b:f9:32:e2:7b:86:9f:b0:7a:
44:4d:2e:be:07:d9:dd:15:2a:d0:03:47:68:a5:16:82:8f:b1:
eb:d7:e3:a0:01:9a:7d:f7:40:e0:20:f2:13:61:b5:14:c1:de:
39:5a:f8:ef:2e:17:9b:dd:c9:b2:e1:ec:3f:61:a0:32:9e:58:
9d:71:88:af:8e:cb:4f:7d:a6:54:9e:dd:2a:ac:1c:62:34:e9:
f3:3f:71:42:b0:bf:b1:40:21:60:04:9f:8d:f6:a3:90:3e:bc:
0c:79:4f:5b
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBB8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REQ0QTYxMTAvBgNVBAUTKDE3MDA0QUEzMzEwNUIwQTBFNkQzRUI0RTQ3QzUxMzA2
M0Q5MkNFQzIwHhcNMjUwNTA2MTAzMjAxWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODE5ZTUyMS1hZmU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1ocpsNfbg16/4uhB5YpX6P5kYz4vGHYBsnUXYyIgYSubuUcduRNgdas5VZTl
kbt5udEA+LtE9d28vH/722KBHYNzgFzxWDrqmpfwSgw/XNM5lieGEbx0YMugL0sm
orMMqKB4/JohE42ZXckhzPrB8HOeY+q6HPeBaSPHmPRltszkvu29nDjPx9xifuZu
hexEiUpb8+7MXr6B/ThanxVzyvCMER5V5L2OuxyNbfqkYL/3SdVFignt6AALntKT
ZCjbxBQP4y1++gEFP30rp5iBTOMig2RqpKiWTggjsiJah9grWk9mQbRNjSpY5VwI
VeDkJEmIQVY+LLORr0c3iIInlQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFN423+sH
4CI+8/xH+YE60KCmYh1EMB8GA1UdIwQYMBaAFBcASqMxBbCg5tPrTkfFEwY9ks7C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDRBNi82QTU5NjlBODdF
OTUxMUVDODJFRTUyMEFDNEY5QUUwMi9Gd0JLb3pFRnNLRG0wLXRPUjhVVEJqMlN6
c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0Z3QktvekVGc0tEbTAtdE9SOFVUQmoyU3pzSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REQ0QTYvNkE1OTY5QTg3RTk1MTFFQzgyRUU1MjBBQzRGOUFFMDIvNTg3MDQ4QUUy
QTY1MTFGMDg4NThCOTgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAPKL3ADBALKRwAwDQQCAAIwBwMFACQGIQAwDQYJKoZIhvcN
AQELBQADggEBAJJc1nYrQ9P+Kj0tx0v7DiwFdCL97amJhPBTB6UvA7RJ8gQfZZYP
PROL5SM5NjArB87obtzqRrc1Vb4LhOScNlm4Bx6jCHZ7z3GMf4xByVDqq5VxJf3N
m9HO8boENgLmSDSXZ5YAE07Ckt2FP7LNxEO3LeQ9WSkTqv3XoyOddnEOXIBTN3zm
h+QXJoYZK2IOC7HHvzvscT4oKzv5MuJ7hp+wekRNLr4H2d0VKtADR2ilFoKPsevX
46ABmn33QOAg8hNhtRTB3jla+O8uF5vdybLh7D9hoDKeWJ1xiK+Oy099plSe3Sqs
HGI06fM/cUKwv7FAIWAEn432o5A+vAx5T1s=
-----END CERTIFICATE-----
Generated at Mon Jun 2 07:03:13 2025 by rpki-client