Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/198D316EDF6D11EDA8253121C4F9AE02.roa
File: 198D316EDF6D11EDA8253121C4F9AE02.roa (raw, json)
Hash identifier: rEp7CV37027BLm/QQ1Dd5d4FQUPhXKy3PC2d7muw6t4=
Subject key identifier: 91:89:CA:2F:91:45:D7:1C:CA:7D:92:9A:64:87:A4:94:7A:00:4F:4C
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0A3B
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/198D316EDF6D11EDA8253121C4F9AE02.roa
Signing time: Thu 20 Apr 2023 11:18:39 +0000
ROA not before: Thu 20 Apr 2023 11:18:39 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 9387
IP address blocks: 113.203.219.0/24 maxlen: 24
113.203.226.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
223.29.224.0/20 maxlen: 20
2401:4100::/32 maxlen: 32
2401:4100::/33 maxlen: 33
2401:4100:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2619 (0xa3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Apr 20 11:18:39 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64411f8f-bd49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e8:c7:49:db:05:c6:7e:10:5c:5d:a2:c4:86:
96:1d:2d:f7:ed:d2:f9:f1:e5:c5:91:7c:da:99:22:
c3:14:04:43:8e:07:48:18:94:a2:21:2b:33:dc:d2:
8b:77:88:39:a2:97:f3:fc:69:05:62:40:a3:ea:ed:
d1:3b:5a:91:0c:55:75:9c:7a:f1:72:d4:64:d2:44:
ff:19:2f:d9:bb:20:8e:bb:3c:c4:33:36:25:96:98:
e2:09:0c:75:ad:b2:59:97:08:8a:b1:51:24:9b:53:
ac:63:ab:9a:ed:50:91:6d:04:57:ee:37:c7:f1:de:
cf:ca:0c:54:52:86:56:d3:f3:82:07:59:93:ba:ac:
54:b6:f7:03:88:70:b7:6a:37:e9:b6:05:46:82:bf:
90:51:15:c1:2d:28:25:67:5a:0e:ac:43:67:69:d2:
2b:f3:86:f1:27:06:7d:8f:98:01:ef:f3:30:89:bf:
dc:ab:c8:01:fd:a8:1e:e2:25:a5:57:fb:e2:c3:7c:
20:44:14:9e:e9:9d:86:c2:88:ae:83:73:60:d4:fd:
57:60:75:c3:01:57:02:44:dc:07:34:50:73:c3:5b:
ee:ff:1a:6d:7e:14:0e:2d:03:d7:a4:61:dd:ab:2d:
72:0b:a5:f9:88:70:64:b5:52:a6:bf:a1:be:58:f2:
ad:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:89:CA:2F:91:45:D7:1C:CA:7D:92:9A:64:87:A4:94:7A:00:4F:4C
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/198D316EDF6D11EDA8253121C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.219.0/24
113.203.226.0/24
113.203.234.0-113.203.240.255
113.203.244.0/24
223.29.224.0/20
IPv6:
2401:4100::/32
Signature Algorithm: sha256WithRSAEncryption
0b:8b:68:bb:b9:26:56:76:52:29:53:07:7b:25:b7:77:8c:bf:
6a:a2:8b:87:e8:3f:3d:95:17:3c:73:c2:5f:e1:e0:fe:07:33:
45:26:8b:ea:12:6b:eb:4c:4f:f1:ba:ef:25:33:6a:cd:a5:4c:
59:5c:88:34:6c:ec:47:85:9c:ca:87:a2:8d:5f:2f:a8:83:93:
70:8a:f0:a9:64:a8:e7:ac:f5:f9:f7:23:4c:e6:3d:f8:73:70:
be:49:4e:b2:80:37:9b:51:0d:8f:a1:51:da:0d:2b:e4:94:7b:
81:ff:24:59:23:92:1b:d1:a8:3f:1e:4e:c9:92:ca:d7:77:98:
89:13:6f:82:83:51:37:f3:c2:90:ef:ac:9f:41:64:b7:06:34:
6a:e0:6b:d0:d7:07:b5:f4:96:a1:1c:e2:73:57:0a:da:3f:6b:
94:60:b7:3c:90:41:35:96:6e:7a:09:3a:ce:5b:ce:4c:56:b0:
55:c0:18:d3:3a:b3:6d:0b:22:ea:99:33:89:4a:62:95:31:f6:
8e:7f:96:df:23:87:87:f0:48:36:c7:ac:25:ec:0d:fd:63:fe:
ac:6e:2b:43:a3:1e:14:58:6f:82:a7:25:07:0a:9b:54:9b:45:
28:4c:cb:4b:95:13:72:9c:70:32:4a:c5:df:9f:59:f9:07:2a:
58:a7:ee:cd
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgICCjswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwNDIwMTExODM5WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDQxMWY4Zi1iZDQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy+jHSdsFxn4QXF2ixIaWHS337dL58eXFkXzamSLDFARDjgdIGJSiISsz3NKL
d4g5opfz/GkFYkCj6u3RO1qRDFV1nHrxctRk0kT/GS/ZuyCOuzzEMzYllpjiCQx1
rbJZlwiKsVEkm1OsY6ua7VCRbQRX7jfH8d7PygxUUoZW0/OCB1mTuqxUtvcDiHC3
ajfptgVGgr+QURXBLSglZ1oOrENnadIr84bxJwZ9j5gB7/Mwib/cq8gB/age4iWl
V/viw3wgRBSe6Z2Gwoiug3Ng1P1XYHXDAVcCRNwHNFBzw1vu/xptfhQOLQPXpGHd
qy1yC6X5iHBktVKmv6G+WPKtMwIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFJGJyi+R
Rdccyn2SmmSHpJR6AE9MMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvMTk4RDMxNkVE
RjZEMTFFREE4MjUzMTIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTgYIKwYBBQUHAQcBAf8E
PzA9MCwEAgABMCYDBABxy9sDBABxy+IwDAMEAXHL6gMEAHHL8AMEAHHL9AMEBN8d
4DANBAIAAjAHAwUAJAFBADANBgkqhkiG9w0BAQsFAAOCAQEAC4tou7kmVnZSKVMH
eyW3d4y/aqKLh+g/PZUXPHPCX+Hg/gczRSaL6hJr60xP8brvJTNqzaVMWVyINGzs
R4WcyoeijV8vqIOTcIrwqWSo56z1+fcjTOY9+HNwvklOsoA3m1ENj6FR2g0r5JR7
gf8kWSOSG9GoPx5OyZLK13eYiRNvgoNRN/PCkO+sn0FktwY0auBr0NcHtfSWoRzi
c1cK2j9rlGC3PJBBNZZuegk6zlvOTFawVcAY0zqzbQsi6pkziUpilTH2jn+W3yOH
h/BINsesJewN/WP+rG4rQ6MeFFhvgqclBwqbVJtFKEzLS5UTcpxwMkrF359Z+Qcq
WKfuzQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:14 2023 by rpki-client on console-fra.rpki-client.org