Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/4E136F9EB49811EC9E14675CC4F9AE02.roa
File: 4E136F9EB49811EC9E14675CC4F9AE02.roa (raw, json)
Hash identifier: EZurnrADBc+GwibsgZKKV8Y19cQ9pE4hE1Tvdx7tPWg=
Subject key identifier: 48:7E:41:89:2D:91:1A:A1:28:95:C7:9E:56:B0:7B:37:4D:99:70:08
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 1453
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/4E136F9EB49811EC9E14675CC4F9AE02.roa
Signing time: Tue 05 Apr 2022 04:24:38 +0000
ROA not before: Tue 05 Apr 2022 04:24:38 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 10113
IP address blocks: 14.137.112.0/22 maxlen: 22
27.0.64.0/19 maxlen: 19
115.30.32.0/19 maxlen: 19
202.7.240.0/21 maxlen: 21
202.7.248.0/21 maxlen: 21
202.7.255.0/24 maxlen: 24
202.62.144.0/24 maxlen: 24
202.68.96.0/19 maxlen: 19
202.76.144.0/20 maxlen: 20
202.76.160.0/20 maxlen: 20
203.9.148.0/24 maxlen: 24
203.21.47.0/24 maxlen: 24
203.27.124.0/24 maxlen: 24
203.30.143.0/24 maxlen: 24
203.62.143.0/24 maxlen: 24
203.123.68.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5203 (0x1453)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Apr 5 04:24:38 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=624bc486-2dbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:53:cd:80:d6:36:66:85:3a:b5:8d:f8:99:35:
0e:df:6f:29:70:ef:4b:0f:1e:50:69:47:57:fd:d3:
7e:2b:69:b6:e8:af:17:11:1a:72:c1:d5:21:5c:26:
c2:c6:5a:82:46:e1:a5:55:49:d7:84:55:96:9b:03:
63:2a:21:6d:47:02:3e:4a:ad:ed:fd:66:cf:4f:6f:
d1:93:ae:13:ba:a9:c5:b9:ed:08:76:69:24:80:f6:
22:04:d3:2f:f3:f3:60:d5:b3:ee:00:7e:aa:57:7f:
90:c7:5b:d7:d8:d1:0b:5a:4e:1c:72:3a:2f:4b:8c:
aa:5e:55:0d:4f:e2:5c:a7:da:ea:51:40:64:3a:5d:
8d:6d:d3:ee:f8:95:3e:73:ff:fd:a7:c1:1b:a3:dc:
9f:19:99:99:48:bc:e8:26:6a:cb:a3:05:7e:09:db:
27:f9:6b:a7:88:d6:98:60:a4:9b:25:bb:08:86:e8:
b4:3e:59:2b:bb:6d:62:8b:f6:fa:ce:d7:f6:d2:b2:
62:94:ee:74:70:cf:e9:20:08:b7:79:7f:8a:a5:49:
2a:fe:16:4b:67:eb:5b:1e:60:d3:5e:c4:69:04:ec:
08:4a:22:4e:d2:b6:16:1b:c2:51:2b:c7:be:cd:59:
42:11:8b:01:dd:47:d2:d2:5e:7c:ea:e3:dc:db:9d:
8b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:7E:41:89:2D:91:1A:A1:28:95:C7:9E:56:B0:7B:37:4D:99:70:08
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/4E136F9EB49811EC9E14675CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.137.112.0/22
27.0.64.0/19
115.30.32.0/19
202.7.240.0/20
202.62.144.0/24
202.68.96.0/19
202.76.144.0-202.76.175.255
203.9.148.0/24
203.21.47.0/24
203.27.124.0/24
203.30.143.0/24
203.62.143.0/24
203.123.68.0/24
Signature Algorithm: sha256WithRSAEncryption
40:68:2c:e8:96:f8:ee:77:79:2b:ed:b6:a9:49:93:c4:bb:89:
e3:81:06:0e:99:84:d8:96:a4:c7:ca:bd:71:0b:dc:79:2c:aa:
02:ed:ad:e3:22:1a:5e:d2:9d:eb:36:5f:7f:69:e7:eb:70:f8:
95:e6:25:ef:ec:df:82:42:8d:9c:ea:a0:a5:62:40:a3:68:c8:
eb:67:e2:b6:26:44:f7:f9:88:a9:cf:cd:29:c1:9a:21:6d:40:
72:55:ae:23:7c:87:2e:db:e7:34:81:ed:02:89:da:56:5c:d8:
d5:bb:d7:6a:56:31:4b:11:f1:d5:a8:f1:b8:f1:54:69:9c:d9:
86:38:ea:58:12:e8:bb:ba:26:a9:c8:af:f9:21:db:29:6a:9b:
33:62:86:84:83:18:18:56:a1:10:ad:20:d4:df:ea:00:ca:b5:
bb:47:a6:ed:77:9d:ee:8f:c9:ce:47:ec:40:42:6c:3e:ce:86:
c5:fc:2a:94:cb:4a:db:43:71:91:9c:34:dc:22:ba:20:13:4c:
2c:1e:cb:47:ef:51:52:cc:f4:2a:1a:4c:1a:1f:9e:a5:e3:10:
58:7d:f2:92:1d:40:67:8f:ab:51:67:96:be:17:dc:68:76:ba:
d4:da:95:86:54:7e:2b:c4:21:23:62:ea:a0:53:1c:1c:11:96:
d8:a0:03:62
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgICFFMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjIwNDA1MDQyNDM4WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjRiYzQ4Ni0yZGJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5VPNgNY2ZoU6tY34mTUO328pcO9LDx5QaUdX/dN+K2m26K8XERpywdUhXCbC
xlqCRuGlVUnXhFWWmwNjKiFtRwI+Sq3t/WbPT2/Rk64TuqnFue0IdmkkgPYiBNMv
8/Ng1bPuAH6qV3+Qx1vX2NELWk4ccjovS4yqXlUNT+Jcp9rqUUBkOl2NbdPu+JU+
c//9p8Ebo9yfGZmZSLzoJmrLowV+Cdsn+WuniNaYYKSbJbsIhui0Plkru21ii/b6
ztf20rJilO50cM/pIAi3eX+KpUkq/hZLZ+tbHmDTXsRpBOwISiJO0rYWG8JRK8e+
zVlCEYsB3UfS0l586uPc252LLQIDAQABo4IC5TCCAuEwHQYDVR0OBBYEFEh+QYkt
kRqhKJXHnlawezdNmXAIMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvNEUxMzZGOUVC
NDk4MTFFQzlFMTQ2NzVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbwYIKwYBBQUHAQcBAf8E
YDBeMFwEAgABMFYDBAIOiXADBAUbAEADBAVzHiADBATKB/ADBADKPpADBAXKRGAw
DAMEBMpMkAMEBMpMoAMEAMsJlAMEAMsVLwMEAMsbfAMEAMsejwMEAMs+jwMEAMt7
RDANBgkqhkiG9w0BAQsFAAOCAQEAQGgs6Jb47nd5K+22qUmTxLuJ44EGDpmE2Jak
x8q9cQvceSyqAu2t4yIaXtKd6zZff2nn63D4leYl7+zfgkKNnOqgpWJAo2jI62fi
tiZE9/mIqc/NKcGaIW1AclWuI3yHLtvnNIHtAonaVlzY1bvXalYxSxHx1ajxuPFU
aZzZhjjqWBLou7omqciv+SHbKWqbM2KGhIMYGFahEK0g1N/qAMq1u0em7Xed7o/J
zkfsQEJsPs6GxfwqlMtK20NxkZw03CK6IBNMLB7LR+9RUsz0KhpMGh+epeMQWH3y
kh1AZ4+rUWeWvhfcaHa61NqVhlR+K8QhI2LqoFMcHBGW2KADYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org