Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/11D04296449E11ED915A577DC4F9AE02.roa
File: 11D04296449E11ED915A577DC4F9AE02.roa (raw, json)
Hash identifier: AD68YjpOwmbEkUj9hMO3civnZKv86K0MIKlMBEj5Ix8=
Subject key identifier: 3B:83:69:F6:54:B3:7A:8E:AC:F9:0B:92:82:75:1E:63:BF:2A:CF:0B
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 08C9
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/11D04296449E11ED915A577DC4F9AE02.roa
Signing time: Wed 05 Oct 2022 11:08:41 +0000
ROA not before: Wed 05 Oct 2022 11:08:41 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 210654
IP address blocks: 113.203.222.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2249 (0x8c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Oct 5 11:08:41 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=633d65b9-f753
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:26:de:42:1b:bc:e1:78:7a:a1:52:1e:a6:23:
c7:df:27:1d:c8:50:7f:c2:dc:19:b6:3d:c2:0c:cb:
15:74:36:30:4d:55:95:ba:6a:78:aa:98:af:f7:90:
f8:94:02:74:d5:62:0a:f2:f2:32:2d:d6:c7:f0:a9:
46:13:c3:8c:f3:7b:33:38:3c:30:18:a0:2d:d7:16:
88:6b:e8:06:0c:95:62:53:e2:2f:c7:a8:37:91:bf:
d7:87:5e:32:3b:2c:58:5d:66:a6:38:1d:91:b7:aa:
67:59:37:f3:ef:0e:e2:52:f6:33:af:7e:3d:89:e5:
10:f1:7e:df:a1:6d:b7:ae:5d:27:62:40:8d:83:62:
cd:01:5f:2e:b6:23:73:34:30:60:29:79:89:29:a9:
2a:0a:ff:2a:af:db:07:cb:35:36:d4:5b:d1:7c:0a:
cf:d5:ca:7d:48:bf:98:9d:5f:20:5a:b1:85:85:ab:
87:0f:6a:f2:5f:a4:5a:5a:04:22:ba:a6:e8:3e:f7:
43:bd:55:b8:5a:32:4d:7e:2d:a5:b1:9e:a4:02:96:
e5:0a:28:3c:3f:31:a1:6b:ab:52:16:3a:f4:dd:e7:
3a:7b:85:70:04:62:bb:cc:16:de:10:fc:5f:8e:bf:
40:29:49:17:7b:05:91:31:62:01:e3:8f:7e:63:73:
58:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:83:69:F6:54:B3:7A:8E:AC:F9:0B:92:82:75:1E:63:BF:2A:CF:0B
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/11D04296449E11ED915A577DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.222.0/24
Signature Algorithm: sha256WithRSAEncryption
20:04:6a:be:ad:92:bb:8c:1b:98:63:97:9d:08:a3:d8:e9:90:
79:72:92:59:63:bf:a3:01:a7:89:05:d5:72:ad:4d:29:c5:1b:
78:d8:3b:c3:c7:62:4b:0a:83:59:fc:bc:8e:ee:4a:ee:cb:f3:
07:7f:9a:da:53:c9:b9:8c:3b:32:a7:3e:1e:d7:3c:a6:57:5d:
ae:66:a7:16:34:3f:1f:47:4d:bf:01:31:c0:ed:bf:4c:2d:b5:
98:2e:ad:3c:95:94:1e:c0:04:42:51:c7:38:1e:e5:38:1c:23:
9e:5b:48:f0:4c:35:85:10:0f:32:0e:03:75:98:c6:03:99:ba:
0c:cb:d3:8e:90:19:b8:5d:b3:d2:5d:1f:84:1d:94:82:f4:df:
a1:82:30:f8:c9:c4:ad:ec:44:13:68:75:24:21:70:4e:79:be:
2a:b8:96:d2:81:a5:5b:e0:5c:c4:7e:a5:46:d2:3d:ac:7b:f9:
21:d4:0a:d3:e6:43:d5:dc:1d:9f:3e:0c:42:2a:1b:eb:95:9a:
4d:91:13:b8:ed:e4:81:ca:75:be:90:54:92:50:96:5d:d7:25:
3e:10:44:e1:08:63:14:18:a2:7d:4a:46:49:6b:5e:69:5b:a3:
08:ca:87:04:7b:24:63:f2:4b:fa:b5:48:5f:d6:ae:e0:82:a9:
ba:3f:57:34
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCMkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjIxMDA1MTEwODQxWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzNkNjViOS1mNzUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwSbeQhu84Xh6oVIepiPH3ycdyFB/wtwZtj3CDMsVdDYwTVWVump4qpiv95D4
lAJ01WIK8vIyLdbH8KlGE8OM83szODwwGKAt1xaIa+gGDJViU+Ivx6g3kb/Xh14y
OyxYXWamOB2Rt6pnWTfz7w7iUvYzr349ieUQ8X7foW23rl0nYkCNg2LNAV8utiNz
NDBgKXmJKakqCv8qr9sHyzU21FvRfArP1cp9SL+YnV8gWrGFhauHD2ryX6RaWgQi
uqboPvdDvVW4WjJNfi2lsZ6kApblCig8PzGha6tSFjr03ec6e4VwBGK7zBbeEPxf
jr9AKUkXewWRMWIB449+Y3NYhQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDuDafZU
s3qOrPkLkoJ1HmO/Ks8LMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvMTFEMDQyOTY0
NDlFMTFFRDkxNUE1NzdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABxy94wDQYJKoZIhvcNAQELBQADggEBACAEar6tkruMG5hj
l50Io9jpkHlyklljv6MBp4kF1XKtTSnFG3jYO8PHYksKg1n8vI7uSu7L8wd/mtpT
ybmMOzKnPh7XPKZXXa5mpxY0Px9HTb8BMcDtv0wttZgurTyVlB7ABEJRxzge5Tgc
I55bSPBMNYUQDzIOA3WYxgOZugzL046QGbhds9JdH4QdlIL036GCMPjJxK3sRBNo
dSQhcE55viq4ltKBpVvgXMR+pUbSPax7+SHUCtPmQ9XcHZ8+DEIqG+uVmk2RE7jt
5IHKdb6QVJJQll3XJT4QROEIYxQYon1KRklrXmlbowjKhwR7JGPyS/q1SF/WruCC
qbo/VzQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:14 2023 by rpki-client on console-fra.rpki-client.org