Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/D67888E228DD11ED8EA0FC4FC4F9AE02.roa
File: D67888E228DD11ED8EA0FC4FC4F9AE02.roa (raw, json)
Hash identifier: Ka3pVgfsx+09JMBMk/hsekqXXv+qXPR6MonH7BXQwzs=
Subject key identifier: 62:EC:37:5D:9C:FE:01:54:A9:74:DB:93:76:33:81:DA:8A:0E:93:41
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 1634
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/D67888E228DD11ED8EA0FC4FC4F9AE02.roa
Signing time: Thu 16 Feb 2023 05:04:48 +0000
ROA not before: Thu 16 Feb 2023 05:04:48 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 10113
IP address blocks: 27.0.64.0/19 maxlen: 19
115.30.32.0/19 maxlen: 19
202.62.144.0/24 maxlen: 24
202.68.96.0/19 maxlen: 19
202.76.160.0/20 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5684 (0x1634)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Feb 16 05:04:48 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=63edb96f-245d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a9:0e:44:fb:c2:da:ee:88:1e:18:29:01:9b:
ef:d4:c3:45:46:10:a4:f8:26:0e:ca:6f:93:a7:cf:
36:79:0e:ed:ec:10:df:8f:e0:9e:57:b3:ab:11:f5:
e4:4e:a1:1c:01:b4:5d:46:9a:25:80:ef:48:0e:2b:
f4:dc:8e:09:09:42:0c:d5:49:8e:71:39:ed:0b:74:
89:11:1b:11:bb:56:fa:73:8f:f7:d3:e8:39:84:84:
0c:a7:ba:05:ff:24:5c:df:31:db:e4:52:3d:e1:dd:
a2:fb:08:e0:ad:bc:67:cf:5f:82:9f:ea:13:0a:69:
72:15:bd:24:30:d0:73:d9:e3:18:20:f4:c0:3d:bd:
33:31:ef:84:ef:64:e6:fd:86:7a:6a:1a:04:c1:b1:
89:bd:51:93:03:cd:e4:de:a1:44:12:bd:ca:ff:a9:
00:41:85:74:d9:a5:aa:37:01:d7:6c:df:fd:d9:db:
6b:06:e1:c8:e1:59:d9:be:79:38:f2:3f:74:d5:ca:
15:05:e2:05:11:cf:53:2f:74:7f:7a:46:72:8d:6c:
0a:91:f4:9c:17:a0:7d:8a:91:c9:04:1c:df:46:df:
93:2d:c7:d7:fe:8a:5b:f3:af:44:a6:9d:b1:81:4f:
4c:7d:ad:07:90:73:c7:15:ac:d3:83:1c:71:67:cb:
0f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:EC:37:5D:9C:FE:01:54:A9:74:DB:93:76:33:81:DA:8A:0E:93:41
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/D67888E228DD11ED8EA0FC4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.0.64.0/19
115.30.32.0/19
202.62.144.0/24
202.68.96.0/19
202.76.160.0/20
Signature Algorithm: sha256WithRSAEncryption
1f:07:ae:24:09:71:d3:8a:8b:7e:4a:96:f1:3e:f5:a2:0d:5d:
51:f3:6f:43:bc:fa:6a:0e:8d:71:1c:a6:5f:d4:2b:15:30:2f:
e3:ac:75:52:6e:07:98:ae:c9:dd:7b:44:42:c2:ea:b0:0b:a3:
e2:10:16:33:66:08:bb:ef:ea:56:c1:cf:3a:d2:e0:7d:23:db:
d8:80:37:c1:56:75:9c:b8:70:20:ee:63:c8:06:81:05:79:c6:
3d:4a:45:df:b3:c6:9c:f5:ab:ba:cd:a8:94:56:17:b4:c1:37:
ad:b8:0a:2c:b0:1d:ff:1a:f3:a5:6c:15:37:80:f2:30:5d:78:
ee:c7:cd:0e:46:b3:6a:83:c0:8e:d6:b2:0c:64:fc:84:d1:1f:
41:1e:25:2e:99:81:d8:8e:d3:58:d1:14:c6:62:fe:8a:fe:cc:
f2:08:3a:a1:84:08:ee:e7:13:e0:31:cc:02:ba:9e:22:fe:71:
6f:e4:d2:1b:a0:c9:68:ab:ca:f5:9c:80:a0:55:d2:0f:35:86:
54:be:3d:a4:d9:e4:b3:d7:73:5f:a2:14:68:b0:e6:a2:8e:b3:
60:00:c6:cf:01:92:7e:fb:ff:1b:7d:4d:0c:1b:89:0d:da:cb:
16:c2:e5:67:4d:f6:a8:d2:35:c5:46:32:4c:52:97:46:ea:9c:
a0:53:f0:a5
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICFjQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjMwMjE2MDUwNDQ4WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2VkYjk2Zi0yNDVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwqkORPvC2u6IHhgpAZvv1MNFRhCk+CYOym+Tp882eQ7t7BDfj+CeV7OrEfXk
TqEcAbRdRpolgO9IDiv03I4JCUIM1UmOcTntC3SJERsRu1b6c4/30+g5hIQMp7oF
/yRc3zHb5FI94d2i+wjgrbxnz1+Cn+oTCmlyFb0kMNBz2eMYIPTAPb0zMe+E72Tm
/YZ6ahoEwbGJvVGTA83k3qFEEr3K/6kAQYV02aWqNwHXbN/92dtrBuHI4VnZvnk4
8j901coVBeIFEc9TL3R/ekZyjWwKkfScF6B9ipHJBBzfRt+TLcfX/opb869Epp2x
gU9Mfa0HkHPHFazTgxxxZ8sPaQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFGLsN12c
/gFUqXTbk3YzgdqKDpNBMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvRDY3ODg4RTIy
OEREMTFFRDhFQTBGQzRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAUbAEADBAVzHiADBADKPpADBAXKRGADBATKTKAwDQYJKoZI
hvcNAQELBQADggEBAB8HriQJcdOKi35KlvE+9aINXVHzb0O8+moOjXEcpl/UKxUw
L+OsdVJuB5iuyd17RELC6rALo+IQFjNmCLvv6lbBzzrS4H0j29iAN8FWdZy4cCDu
Y8gGgQV5xj1KRd+zxpz1q7rNqJRWF7TBN624CiywHf8a86VsFTeA8jBdeO7HzQ5G
s2qDwI7Wsgxk/ITRH0EeJS6ZgdiO01jRFMZi/or+zPIIOqGECO7nE+AxzAK6niL+
cW/k0hugyWiryvWcgKBV0g81hlS+PaTZ5LPXc1+iFGiw5qKOs2AAxs8Bkn77/xt9
TQwbiQ3ayxbC5WdN9qjSNcVGMkxSl0bqnKBT8KU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org