Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8A41/A4742092140411EDB6BE681DC4F9AE02/479CC3B6140811EDBF3D2F27C4F9AE02.roa
File: 479CC3B6140811EDBF3D2F27C4F9AE02.roa (raw, json)
Hash identifier: ZWw8kzClx2YEw3RemruJw60iNoiWzWZguN4T3FmOPkY=
Subject key identifier: 00:93:46:3E:8F:17:24:54:69:E9:7A:25:5B:18:FE:15:02:C7:A5:6D
Certificate issuer: /CN=A91E8A41/serialNumber=A5BE6A44B900A4001173951685606B7BB53CA6B2
Certificate serial: F1
Authority key identifier: A5:BE:6A:44:B9:00:A4:00:11:73:95:16:85:60:6B:7B:B5:3C:A6:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pb5qRLkApAARc5UWhWBre7U8prI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8A41/A4742092140411EDB6BE681DC4F9AE02/479CC3B6140811EDBF3D2F27C4F9AE02.roa
Signing time: Sat 13 May 2023 06:26:06 +0000
ROA not before: Sat 13 May 2023 06:26:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132721
IP address blocks: 43.227.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 241 (0xf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8A41
Validity
Not Before: May 13 06:26:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645f2d7d-bd3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0c:35:53:32:34:9c:a8:3c:f9:bf:63:6b:ee:
f6:c6:8c:0d:09:71:d7:5c:23:c9:2a:af:76:bc:94:
8d:d1:cc:18:db:f8:fa:21:1e:0f:cf:de:48:44:ef:
cc:0f:b6:02:18:b7:bf:28:82:23:3b:dd:1b:5a:25:
1d:fd:03:44:2b:1c:13:bf:e2:ed:90:29:16:45:d4:
93:26:5f:5f:d8:f9:11:7a:4c:cf:98:7d:5d:7e:58:
d9:e3:73:20:4f:5f:2b:00:da:81:4c:84:55:47:18:
8c:34:95:10:f6:dc:58:76:91:0c:bf:0d:18:02:93:
cb:ae:b9:5e:34:e2:ae:3c:e4:b1:c2:54:f5:bc:19:
7e:a1:26:53:81:ca:a1:b2:9f:cd:ad:30:3f:93:e0:
d7:39:a0:13:74:b3:3b:57:4e:54:d9:51:9b:87:b3:
30:bb:3a:52:18:3b:47:33:f2:86:71:b1:f8:91:ad:
e6:90:5d:2a:dc:0e:15:90:64:32:e3:20:d2:46:8c:
5b:3d:b0:00:32:72:05:5b:fb:2b:dd:b3:1d:85:eb:
04:98:63:41:b2:39:26:4b:23:a9:72:19:70:3f:04:
7e:ae:ed:3d:12:9e:cd:6d:c0:70:24:ff:c0:65:14:
a1:9b:b0:6a:d5:98:20:4e:08:91:90:21:bb:04:41:
48:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:93:46:3E:8F:17:24:54:69:E9:7A:25:5B:18:FE:15:02:C7:A5:6D
X509v3 Authority Key Identifier:
keyid:A5:BE:6A:44:B9:00:A4:00:11:73:95:16:85:60:6B:7B:B5:3C:A6:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8A41/A4742092140411EDB6BE681DC4F9AE02/pb5qRLkApAARc5UWhWBre7U8prI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pb5qRLkApAARc5UWhWBre7U8prI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8A41/A4742092140411EDB6BE681DC4F9AE02/479CC3B6140811EDBF3D2F27C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.227.115.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:bd:28:d3:f5:6a:99:f2:ae:d7:3b:02:ec:9a:71:bf:f4:4d:
24:5b:3d:b5:06:e3:ac:43:30:10:ee:1c:10:3d:9f:81:cc:2e:
51:8b:70:e6:50:8e:d0:e8:f9:d7:62:d3:5c:83:fb:92:7c:60:
52:a3:62:49:6e:77:93:20:a5:57:35:0d:d5:c9:0a:f8:70:c4:
77:37:43:4c:65:48:64:b0:37:a7:e7:72:5b:21:f3:3a:cd:a2:
18:c6:fc:12:ba:c8:03:70:9c:51:d8:e8:e0:e7:2b:51:07:ac:
53:be:aa:b1:72:fe:66:f9:88:23:85:c8:ff:44:db:ad:3e:73:
ab:78:e4:77:c2:f4:b2:eb:db:6d:ee:fc:9c:c7:e0:5b:3a:87:
ff:be:e0:10:20:23:ae:02:c5:8f:c0:f7:c7:ea:f6:7f:fb:41:
c6:46:f1:04:d4:55:52:03:ba:e9:be:15:c8:41:13:81:6e:86:
f2:70:e8:23:df:be:b4:09:b3:48:db:80:c1:66:e9:26:79:1c:
59:45:5b:2a:26:fc:57:02:27:be:15:fe:96:6a:cc:bb:d8:cf:
54:d4:e9:0e:c3:13:1c:42:09:cc:53:60:cc:5b:e8:e7:af:f7:
5a:af:63:ab:3f:41:3e:bf:cc:87:44:df:a1:c3:cc:68:18:43:
13:ab:49:9c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAPEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThBNDExMTAvBgNVBAUTKEE1QkU2QTQ0QjkwMEE0MDAxMTczOTUxNjg1NjA2QjdC
QjUzQ0E2QjIwHhcNMjMwNTEzMDYyNjA2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDVmMmQ3ZC1iZDNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxgw1UzI0nKg8+b9ja+72xowNCXHXXCPJKq92vJSN0cwY2/j6IR4Pz95IRO/M
D7YCGLe/KIIjO90bWiUd/QNEKxwTv+LtkCkWRdSTJl9f2PkRekzPmH1dfljZ43Mg
T18rANqBTIRVRxiMNJUQ9txYdpEMvw0YApPLrrleNOKuPOSxwlT1vBl+oSZTgcqh
sp/NrTA/k+DXOaATdLM7V05U2VGbh7MwuzpSGDtHM/KGcbH4ka3mkF0q3A4VkGQy
4yDSRoxbPbAAMnIFW/sr3bMdhesEmGNBsjkmSyOpchlwPwR+ru09Ep7NbcBwJP/A
ZRShm7Bq1ZggTgiRkCG7BEFITQIDAQABo4IClTCCApEwHQYDVR0OBBYEFACTRj6P
FyRUael6JVsY/hUCx6VtMB8GA1UdIwQYMBaAFKW+akS5AKQAEXOVFoVga3u1PKay
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEE0MS9BNDc0MjA5MjE0
MDQxMUVEQjZCRTY4MURDNEY5QUUwMi9wYjVxUkxrQXBBQVJjNVVXaFdCcmU3VThw
ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BiNXFSTGtBcEFBUmM1VVdoV0JyZTdVOHBySS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThBNDEvQTQ3NDIwOTIxNDA0MTFFREI2QkU2ODFEQzRGOUFFMDIvNDc5Q0MzQjYx
NDA4MTFFREJGM0QyRjI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr43MwDQYJKoZIhvcNAQELBQADggEBAH+9KNP1apnyrtc7
Auyacb/0TSRbPbUG46xDMBDuHBA9n4HMLlGLcOZQjtDo+ddi01yD+5J8YFKjYklu
d5MgpVc1DdXJCvhwxHc3Q0xlSGSwN6fnclsh8zrNohjG/BK6yANwnFHY6ODnK1EH
rFO+qrFy/mb5iCOFyP9E260+c6t45HfC9LLr223u/JzH4Fs6h/++4BAgI64CxY/A
98fq9n/7QcZG8QTUVVIDuum+FchBE4FuhvJw6CPfvrQJs0jbgMFm6SZ5HFlFWyom
/FcCJ74V/pZqzLvYz1TU6Q7DExxCCcxTYMxb6Oev91qvY6s/QT6/zIdE36HDzGgY
QxOrSZw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:49:51 2025 by rpki-client