Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/B936A428B4A011EC8D476F4BC4F9AE02.roa
File: B936A428B4A011EC8D476F4BC4F9AE02.roa (raw, json)
Hash identifier: zZvUOP8sqcF6Jsa8ICpqecyFRhvZclt58SPE9/ULIWc=
Subject key identifier: 5E:3B:09:92:DA:69:78:64:B5:17:EF:11:77:B1:66:3D:75:B5:B2:1D
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 1456
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/B936A428B4A011EC8D476F4BC4F9AE02.roa
Signing time: Tue 05 Apr 2022 05:24:54 +0000
ROA not before: Tue 05 Apr 2022 05:24:54 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 10113
IP address blocks: 27.0.64.0/19 maxlen: 19
115.30.32.0/19 maxlen: 19
202.62.144.0/24 maxlen: 24
202.68.96.0/19 maxlen: 19
202.76.160.0/20 maxlen: 20
203.123.68.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5206 (0x1456)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Apr 5 05:24:54 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=624bd2a5-fd94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4b:95:0a:5e:bb:03:9a:00:2c:df:6a:27:dc:
ec:0b:91:2e:80:03:b3:a5:ce:25:3a:92:50:aa:d7:
a2:82:e0:3d:88:9d:30:59:57:9f:25:98:2a:da:9b:
5b:98:18:2b:70:50:f1:b6:70:05:ee:7c:24:2f:6c:
f8:02:5f:dd:93:c2:87:ac:aa:12:2c:46:7d:6f:07:
91:bc:44:7e:84:d0:88:f1:f1:e7:fa:6d:99:db:84:
84:7c:11:99:22:ba:b9:4c:10:42:f8:bb:54:2e:6c:
bf:c9:a9:fd:ee:ea:e6:b7:32:7d:f4:35:7e:b6:76:
38:9d:86:f3:d3:22:61:7f:d3:ed:17:03:80:25:b3:
99:a6:7b:cd:fc:da:cd:d2:9f:26:f6:43:52:6f:d0:
3e:75:83:67:2d:b9:51:07:68:8a:9e:f5:ac:88:5d:
b2:cd:10:16:aa:c9:9a:9d:2c:f2:8b:e0:9c:c1:1a:
12:55:df:b4:d5:97:26:b1:be:f6:b8:03:cc:59:17:
11:fe:c7:3d:48:14:46:52:93:8d:b0:cd:26:71:71:
73:ae:57:ce:21:e3:7d:c6:14:5f:8c:7b:4d:0a:35:
4e:44:ff:b2:fe:be:32:e7:0c:91:b0:82:da:14:94:
96:f5:d3:17:c9:43:d2:86:78:c5:5e:d4:fd:ba:75:
b2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:3B:09:92:DA:69:78:64:B5:17:EF:11:77:B1:66:3D:75:B5:B2:1D
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/B936A428B4A011EC8D476F4BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.0.64.0/19
115.30.32.0/19
202.62.144.0/24
202.68.96.0/19
202.76.160.0/20
203.123.68.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:5b:76:a0:8d:d2:48:69:1d:3f:a8:80:33:60:a3:42:30:f6:
95:8c:40:bc:60:1b:79:29:24:2e:b3:df:f7:39:c3:e0:72:51:
e9:30:c2:0e:65:45:ba:f1:c8:d0:bf:71:80:60:52:2d:00:41:
c0:ad:44:50:71:e5:9a:9d:45:50:ac:36:1b:38:ff:75:8d:f9:
b0:52:8a:a7:7c:a7:10:c7:58:05:f0:7d:ba:2e:2c:4c:ea:27:
c7:41:5c:59:6e:a8:89:53:0f:7b:e4:22:ff:1f:b8:14:e8:4a:
04:af:27:40:36:80:f1:d5:1c:bc:73:ff:cd:6e:02:37:dd:1f:
84:b3:cc:3a:d5:03:9d:cb:bf:f3:2f:ec:ff:7f:a0:92:cd:5a:
d2:e3:57:ec:1c:3f:6b:41:dc:de:99:7b:a8:35:47:c3:06:16:
1c:11:c2:d5:4a:32:44:82:60:c7:3b:c5:c9:f7:ca:69:c4:53:
05:e7:54:08:1e:26:ad:38:c0:75:e3:22:eb:3b:39:13:d9:e6:
76:d4:00:f2:bf:98:e7:03:b0:9a:ae:68:ef:e7:a7:8d:a9:69:
d6:aa:13:de:25:23:01:67:a6:d6:32:1f:bd:1c:04:4f:6e:ba:
90:8c:58:8f:15:3b:8a:72:af:50:a1:1c:45:75:84:75:d9:85:
2a:75:b6:18
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICFFYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjIwNDA1MDUyNDU0WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjRiZDJhNS1mZDk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApEuVCl67A5oALN9qJ9zsC5EugAOzpc4lOpJQqteiguA9iJ0wWVefJZgq2ptb
mBgrcFDxtnAF7nwkL2z4Al/dk8KHrKoSLEZ9bweRvER+hNCI8fHn+m2Z24SEfBGZ
Irq5TBBC+LtULmy/yan97urmtzJ99DV+tnY4nYbz0yJhf9PtFwOAJbOZpnvN/NrN
0p8m9kNSb9A+dYNnLblRB2iKnvWsiF2yzRAWqsmanSzyi+CcwRoSVd+01Zcmsb72
uAPMWRcR/sc9SBRGUpONsM0mcXFzrlfOIeN9xhRfjHtNCjVORP+y/r4y5wyRsILa
FJSW9dMXyUPShnjFXtT9unWylwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFF47CZLa
aXhktRfvEXexZj11tbIdMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvQjkzNkE0MjhC
NEEwMTFFQzhENDc2RjRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAUbAEADBAVzHiADBADKPpADBAXKRGADBATKTKADBADLe0Qw
DQYJKoZIhvcNAQELBQADggEBAC9bdqCN0khpHT+ogDNgo0Iw9pWMQLxgG3kpJC6z
3/c5w+ByUekwwg5lRbrxyNC/cYBgUi0AQcCtRFBx5ZqdRVCsNhs4/3WN+bBSiqd8
pxDHWAXwfbouLEzqJ8dBXFluqIlTD3vkIv8fuBToSgSvJ0A2gPHVHLxz/81uAjfd
H4SzzDrVA53Lv/Mv7P9/oJLNWtLjV+wcP2tB3N6Ze6g1R8MGFhwRwtVKMkSCYMc7
xcn3ymnEUwXnVAgeJq04wHXjIus7ORPZ5nbUAPK/mOcDsJquaO/np42padaqE94l
IwFnptYyH70cBE9uupCMWI8VO4pyr1ChHEV1hHXZhSp1thg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org