Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/7654529E08B611EDACE57065C4F9AE02.roa
File: 7654529E08B611EDACE57065C4F9AE02.roa (raw, json)
Hash identifier: jTbWtN4pOb9oawvI4VGWFHr9pO+c+yf0+Zwj4nXxmsQ=
Subject key identifier: 01:CE:A1:F8:0E:30:8F:CD:42:A8:0C:CA:77:22:C7:68:3F:35:E8:FF
Certificate issuer: /CN=A91E7561/serialNumber=25BC7D4DE77BD01B3D191587696E5AFDD8CECD04
Certificate serial: 032E
Authority key identifier: 25:BC:7D:4D:E7:7B:D0:1B:3D:19:15:87:69:6E:5A:FD:D8:CE:CD:04
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/7654529E08B611EDACE57065C4F9AE02.roa
Signing time: Tue 23 Aug 2022 03:02:00 +0000
ROA not before: Tue 23 Aug 2022 03:02:00 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 24455
IP address blocks: 203.130.144.0/24 maxlen: 24
203.130.145.0/24 maxlen: 24
203.156.116.0/24 maxlen: 24
203.156.117.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 814 (0x32e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7561/serialNumber=25BC7D4DE77BD01B3D191587696E5AFDD8CECD04
Validity
Not Before: Aug 23 03:02:00 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63044328-9370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f0:39:ed:6c:de:0b:93:7a:fa:8c:2c:21:df:
96:98:a6:13:23:c5:a5:74:17:ab:2f:d0:6e:43:01:
80:96:3b:75:61:18:3c:18:2f:25:ba:7f:ef:4f:5c:
d5:07:7c:fc:39:d2:f3:d7:03:4c:8c:26:fb:8e:4c:
6e:23:60:70:b0:37:61:a7:86:bd:82:fa:2d:c7:a7:
c7:37:9e:03:e5:39:d3:3a:b7:0a:92:33:47:24:71:
53:8e:7f:8a:ea:1b:7b:a1:e7:ff:99:e6:90:65:6e:
a6:f4:cc:67:8c:fb:45:36:77:7a:01:53:19:75:7b:
4b:ba:11:af:9a:2b:ef:c7:7c:46:20:e3:d7:9b:b3:
42:59:ad:ba:6f:a8:c3:d0:de:59:b5:02:72:7f:22:
fb:b6:86:81:f7:a4:68:56:97:0f:5d:2b:51:2d:32:
42:a2:2e:24:6b:e7:0e:a0:88:ec:ac:2b:e8:10:d7:
f8:38:51:33:2a:8f:d9:39:61:26:64:64:f1:76:ca:
a6:84:21:9b:61:d2:76:d2:ad:7b:f6:c7:00:f7:43:
b6:0f:fb:e4:a3:54:7f:2d:6e:04:fd:61:f4:4c:26:
2e:ea:0d:0c:ce:9c:e5:58:bd:94:e2:fd:73:82:0d:
52:09:55:6f:70:15:f1:b9:0f:f3:23:22:c9:11:1e:
c8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:CE:A1:F8:0E:30:8F:CD:42:A8:0C:CA:77:22:C7:68:3F:35:E8:FF
X509v3 Authority Key Identifier:
keyid:25:BC:7D:4D:E7:7B:D0:1B:3D:19:15:87:69:6E:5A:FD:D8:CE:CD:04
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/7654529E08B611EDACE57065C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.130.144.0/23
203.156.116.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:94:39:8c:39:80:1d:75:dd:b7:cf:91:fb:5a:c1:84:b1:90:
f9:7e:76:b5:3f:8f:b9:eb:37:9e:d3:ec:34:1f:47:e7:80:3d:
19:50:81:c3:a1:9a:f5:da:1f:5d:44:a4:63:50:12:01:a1:29:
43:84:e7:f8:b1:34:cd:da:d1:8f:76:cf:42:01:01:ed:5e:ff:
a2:e2:97:6a:4b:95:1a:87:b7:81:e4:88:fd:40:65:92:58:7b:
f2:d7:15:15:d9:70:02:a8:69:98:c7:d1:6b:b9:7b:95:1c:fd:
5e:3d:c3:7c:bd:ca:79:b5:20:95:f1:75:90:79:05:fa:39:ff:
a5:e6:c4:d6:45:61:da:70:8c:92:83:0b:d3:7d:44:4e:ac:66:
7c:16:f7:c0:19:ef:c8:4e:17:33:86:bf:0e:80:35:87:4b:8c:
dd:00:86:a5:98:16:f1:ce:70:a7:63:8f:6d:5e:f3:6d:5d:38:
9e:64:3a:05:a9:20:f7:ee:5e:5c:29:74:3d:68:eb:8c:14:d3:
e3:12:46:5b:7d:06:11:17:4c:78:81:49:59:ac:3c:51:c3:28:
a8:81:bc:a1:c5:26:61:91:52:af:cd:eb:1b:51:c1:53:0c:b2:
98:6d:42:2c:dd:5b:af:d6:c9:fd:79:54:f0:12:da:d8:2b:2e:
b3:ba:ec:42
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAy4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTc1NjExMTAvBgNVBAUTKDI1QkM3RDRERTc3QkQwMUIzRDE5MTU4NzY5NkU1QUZE
RDhDRUNEMDQwHhcNMjIwODIzMDMwMjAwWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA0NDMyOC05MzcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx/A57WzeC5N6+owsId+WmKYTI8WldBerL9BuQwGAljt1YRg8GC8lun/vT1zV
B3z8OdLz1wNMjCb7jkxuI2BwsDdhp4a9gvotx6fHN54D5TnTOrcKkjNHJHFTjn+K
6ht7oef/meaQZW6m9MxnjPtFNnd6AVMZdXtLuhGvmivvx3xGIOPXm7NCWa26b6jD
0N5ZtQJyfyL7toaB96RoVpcPXStRLTJCoi4ka+cOoIjsrCvoENf4OFEzKo/ZOWEm
ZGTxdsqmhCGbYdJ20q179scA90O2D/vko1R/LW4E/WH0TCYu6g0MzpzlWL2U4v1z
gg1SCVVvcBXxuQ/zIyLJER7IoQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAHOofgO
MI/NQqgMyncix2g/Nej/MB8GA1UdIwQYMBaAFCW8fU3ne9AbPRkVh2luWv3Yzs0E
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzU2MS9BMjZFMDZFMDA1
NEMxMUVDQkRCNEZFNDZDNEY5QUUwMi9KYng5VGVkNzBCczlHUldIYVc1YV9kak96
UVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pieDlUZWQ3MEJzOUdSV0hhVzVhX2RqT3pRUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTc1NjEvQTI2RTA2RTAwNTRDMTFFQ0JEQjRGRTQ2QzRGOUFFMDIvNzY1NDUyOUUw
OEI2MTFFREFDRTU3MDY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAHLgpADBAHLnHQwDQYJKoZIhvcNAQELBQADggEBAKGUOYw5
gB113bfPkftawYSxkPl+drU/j7nrN57T7DQfR+eAPRlQgcOhmvXaH11EpGNQEgGh
KUOE5/ixNM3a0Y92z0IBAe1e/6Lil2pLlRqHt4HkiP1AZZJYe/LXFRXZcAKoaZjH
0Wu5e5Uc/V49w3y9ynm1IJXxdZB5Bfo5/6XmxNZFYdpwjJKDC9N9RE6sZnwW98AZ
78hOFzOGvw6ANYdLjN0AhqWYFvHOcKdjj21e821dOJ5kOgWpIPfuXlwpdD1o64wU
0+MSRlt9BhEXTHiBSVmsPFHDKKiBvKHFJmGRUq/N6xtRwVMMsphtQizdW6/Wyf15
VPAS2tgrLrO67EI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org