Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/A3EEC79A461111EE94CE6C38C4F9AE02.roa
File: A3EEC79A461111EE94CE6C38C4F9AE02.roa (raw, json)
Hash identifier: T1CUI5v0BnV6iJyY1szNzCltwnHrv0CVHZDhGX70lac=
Subject key identifier: 8F:69:93:B2:5F:F7:AA:E2:C6:77:19:F4:37:71:3F:C7:DB:A5:E9:12
Certificate issuer: /CN=A91E7561/serialNumber=25BC7D4DE77BD01B3D191587696E5AFDD8CECD04
Certificate serial: 045F
Authority key identifier: 25:BC:7D:4D:E7:7B:D0:1B:3D:19:15:87:69:6E:5A:FD:D8:CE:CD:04
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/A3EEC79A461111EE94CE6C38C4F9AE02.roa
Signing time: Tue 29 Aug 2023 02:13:28 +0000
ROA not before: Tue 29 Aug 2023 02:13:28 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 7616
IP address blocks: 203.130.128.0/19 maxlen: 20
203.147.16.0/20 maxlen: 20
203.147.31.0/24 maxlen: 24
203.147.32.0/20 maxlen: 20
203.147.42.0/24 maxlen: 24
203.147.48.0/20 maxlen: 20
203.156.48.0/20 maxlen: 20
203.156.64.0/20 maxlen: 20
203.156.80.0/20 maxlen: 20
203.156.128.0/18 maxlen: 18
203.156.128.0/20 maxlen: 20
203.156.144.0/20 maxlen: 20
203.156.160.0/20 maxlen: 20
203.156.176.0/20 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1119 (0x45f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7561/serialNumber=25BC7D4DE77BD01B3D191587696E5AFDD8CECD04
Validity
Not Before: Aug 29 02:13:28 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64ed5447-7761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:5a:01:0b:2a:d9:de:df:5f:07:22:92:df:8d:
88:2d:23:ae:7e:24:7c:04:71:eb:14:da:9e:bd:c2:
57:86:e4:4a:77:c6:51:21:51:7a:7b:40:ca:20:6c:
07:4b:87:2e:b7:7d:25:1b:be:95:3f:46:7f:fc:dc:
12:07:39:83:ca:29:1c:2e:5d:aa:fb:d4:92:3c:c9:
92:90:35:97:29:7f:1a:66:9b:7e:ef:07:b8:fe:fd:
66:30:98:d0:ea:36:91:5e:5e:af:06:59:65:da:d9:
ba:4c:6b:f9:ce:c1:b5:b7:91:02:3f:3d:93:d6:ce:
0a:49:74:68:86:66:38:35:f4:0c:ab:d5:b6:6b:8a:
58:2c:de:6c:bf:41:95:1e:a8:06:a1:c4:c4:46:2e:
02:be:ab:cd:28:e7:88:9f:d6:f9:0d:35:f7:cd:90:
9f:bd:b6:f6:7d:69:4f:6d:0f:21:3d:d2:f6:4d:8d:
d3:0c:f1:26:8b:2c:42:0c:58:f2:16:9b:46:16:72:
95:5d:47:3e:4f:a8:4d:1c:e7:fa:4f:91:d5:d8:a4:
24:1d:d7:73:8a:e4:a9:e7:d7:f3:2c:3d:57:b0:bf:
35:be:8d:05:75:86:33:03:69:7f:6e:2b:0e:0c:01:
b5:5b:17:4a:d7:d0:66:4f:75:2e:97:2f:ef:3c:42:
07:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:69:93:B2:5F:F7:AA:E2:C6:77:19:F4:37:71:3F:C7:DB:A5:E9:12
X509v3 Authority Key Identifier:
keyid:25:BC:7D:4D:E7:7B:D0:1B:3D:19:15:87:69:6E:5A:FD:D8:CE:CD:04
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/A3EEC79A461111EE94CE6C38C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.130.128.0/19
203.147.16.0-203.147.63.255
203.156.48.0-203.156.95.255
203.156.128.0/18
Signature Algorithm: sha256WithRSAEncryption
9a:09:75:6e:98:37:b2:8e:72:74:66:d9:6c:57:83:53:50:31:
f7:ef:bc:06:55:05:ab:97:7a:d9:f5:93:ae:7b:c0:19:75:8a:
b8:2e:5f:96:6a:e9:70:fa:86:e6:eb:6f:fe:eb:84:5a:18:82:
9a:10:8f:59:ff:91:e2:07:32:24:40:2e:17:4f:dc:ba:bb:1c:
83:93:08:9c:ec:b6:ff:c8:22:33:bd:bc:c6:1f:81:b8:04:51:
90:48:51:b2:9f:53:0f:55:22:b3:64:b6:21:f4:07:47:d2:62:
cd:bc:49:00:46:e2:51:d7:ec:b7:2e:1b:06:dd:c9:65:cd:3e:
ab:ec:b3:d4:37:b6:ac:fe:7e:ae:1e:7e:43:5a:f1:9a:2c:9f:
3e:88:db:27:27:c5:d1:53:35:be:e8:0a:86:0f:48:6e:d4:05:
4d:c5:f8:48:bb:ff:6f:17:5f:90:06:c9:9f:4c:01:4d:96:14:
de:99:68:67:07:22:98:a9:77:ba:0c:92:ba:ee:0e:0d:75:96:
0f:aa:77:2b:1b:03:d4:45:60:17:63:b6:2c:49:f9:95:a4:29:
95:b5:bf:c8:c8:1b:c7:6e:18:43:3f:b1:57:e4:2c:e9:a3:03:
e0:a3:79:5e:75:6b:96:85:c2:f0:36:e2:3f:6e:02:32:d7:a4:
92:0c:21:fc
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICBF8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTc1NjExMTAvBgNVBAUTKDI1QkM3RDRERTc3QkQwMUIzRDE5MTU4NzY5NkU1QUZE
RDhDRUNEMDQwHhcNMjMwODI5MDIxMzI4WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVkNTQ0Ny03NzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8VoBCyrZ3t9fByKS342ILSOufiR8BHHrFNqevcJXhuRKd8ZRIVF6e0DKIGwH
S4cut30lG76VP0Z//NwSBzmDyikcLl2q+9SSPMmSkDWXKX8aZpt+7we4/v1mMJjQ
6jaRXl6vBlll2tm6TGv5zsG1t5ECPz2T1s4KSXRohmY4NfQMq9W2a4pYLN5sv0GV
HqgGocTERi4CvqvNKOeIn9b5DTX3zZCfvbb2fWlPbQ8hPdL2TY3TDPEmiyxCDFjy
FptGFnKVXUc+T6hNHOf6T5HV2KQkHddziuSp59fzLD1XsL81vo0FdYYzA2l/bisO
DAG1WxdK19BmT3Uuly/vPEIHIQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFI9pk7Jf
96rixncZ9DdxP8fbpekSMB8GA1UdIwQYMBaAFCW8fU3ne9AbPRkVh2luWv3Yzs0E
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzU2MS9BMjZFMDZFMDA1
NEMxMUVDQkRCNEZFNDZDNEY5QUUwMi9KYng5VGVkNzBCczlHUldIYVc1YV9kak96
UVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pieDlUZWQ3MEJzOUdSV0hhVzVhX2RqT3pRUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTc1NjEvQTI2RTA2RTAwNTRDMTFFQ0JEQjRGRTQ2QzRGOUFFMDIvQTNFRUM3OUE0
NjExMTFFRTk0Q0U2QzM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMC4EAgABMCgDBAXLgoAwDAMEBMuTEAMEBsuTADAMAwQEy5wwAwQFy5xAAwQG
y5yAMA0GCSqGSIb3DQEBCwUAA4IBAQCaCXVumDeyjnJ0ZtlsV4NTUDH377wGVQWr
l3rZ9ZOue8AZdYq4Ll+Waulw+obm62/+64RaGIKaEI9Z/5HiBzIkQC4XT9y6uxyD
kwic7Lb/yCIzvbzGH4G4BFGQSFGyn1MPVSKzZLYh9AdH0mLNvEkARuJR1+y3LhsG
3cllzT6r7LPUN7as/n6uHn5DWvGaLJ8+iNsnJ8XRUzW+6AqGD0hu1AVNxfhIu/9v
F1+QBsmfTAFNlhTemWhnByKYqXe6DJK67g4NdZYPqncrGwPURWAXY7YsSfmVpCmV
tb/IyBvHbhhDP7FX5CzpowPgo3ledWuWhcLwNuI/bgIy16SSDCH8
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:46 2024 by rpki-client on console-fra.rpki-client.org