Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/2430861C5AB511ED83FBB753C4F9AE02.roa
File: 2430861C5AB511ED83FBB753C4F9AE02.roa (raw, json)
Hash identifier: CC02I0Gucd44ZHV1ryUqdZUUuDLYbLvw8JV79mGIE5Q=
Subject key identifier: EE:C3:87:F7:8D:4C:FF:AF:D4:EE:EF:7F:BD:15:71:AF:A7:F7:79:8A
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 08F1
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/2430861C5AB511ED83FBB753C4F9AE02.roa
Signing time: Wed 02 Nov 2022 13:49:16 +0000
ROA not before: Wed 02 Nov 2022 13:49:16 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 206150
IP address blocks: 113.203.247.0/24 maxlen: 24
180.178.145.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2289 (0x8f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Nov 2 13:49:16 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6362755c-17e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c4:b3:f8:ab:e4:ca:8d:3e:86:39:7d:4e:bd:
b4:0e:63:ea:73:5f:66:96:f4:4c:a9:30:14:22:ae:
e2:95:2b:94:c2:43:ea:07:f2:e8:0e:1b:ca:0c:cf:
0f:2a:95:5b:9c:6b:93:67:1e:b0:42:2e:cf:6c:a9:
d2:0b:a5:be:1e:b6:f3:b3:e8:ab:c8:56:cc:c6:aa:
f1:94:2d:07:4b:36:31:b5:1d:b3:b4:a9:62:80:9e:
97:63:f7:57:ed:05:15:de:57:38:00:c5:5a:8c:c3:
bd:aa:53:de:83:d4:1b:8e:f7:b2:da:5e:54:eb:79:
80:66:a8:25:de:d0:0e:9a:66:f0:17:35:75:06:49:
b8:8a:85:52:e9:68:f0:b1:1f:07:b5:6c:a0:ce:ac:
48:e1:00:21:54:3b:24:4a:7c:07:2b:15:ef:17:a2:
ff:12:f2:d9:ff:d3:98:ce:f1:98:7b:30:19:9f:d3:
93:4c:42:c1:9f:76:09:ab:6b:b1:1a:14:2a:88:58:
e0:73:11:de:26:64:86:19:f9:47:46:dd:18:4d:b7:
75:1a:14:38:17:96:41:6b:ff:9a:6b:27:ec:c3:7a:
ad:e9:86:9d:9c:c9:e7:81:d5:0e:cb:28:a9:6f:a0:
82:d8:95:f3:80:a0:53:21:79:0a:a7:7f:38:f7:ef:
76:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C3:87:F7:8D:4C:FF:AF:D4:EE:EF:7F:BD:15:71:AF:A7:F7:79:8A
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/2430861C5AB511ED83FBB753C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.247.0/24
180.178.145.0/24
Signature Algorithm: sha256WithRSAEncryption
42:cf:75:1b:82:95:9c:f3:13:20:1f:17:dc:56:6e:7f:fa:fb:
04:81:c6:6e:5f:8e:dd:d5:82:3a:fd:b8:0f:49:ad:57:94:1b:
03:1a:60:12:75:6c:06:77:28:20:eb:71:2d:a6:f6:4b:82:be:
ee:15:36:95:d4:10:fc:80:c4:58:1f:97:07:88:53:eb:75:35:
ab:ac:73:dc:ae:3e:d7:e7:16:bc:dc:be:68:4e:d0:fa:87:4e:
61:8d:cd:82:3e:85:d6:a4:c1:f0:75:f6:c1:be:e0:83:e3:9f:
de:b8:5b:7c:58:26:a3:71:06:9d:20:71:39:c3:ee:7f:74:66:
f3:a4:a1:50:5c:65:66:b2:2e:6d:dd:9d:35:57:ac:95:76:fb:
57:4a:a4:09:e9:76:98:86:d3:40:8a:83:44:35:a6:00:f5:1a:
d7:56:57:0d:06:b0:cd:3f:82:5e:ba:99:64:e0:7c:16:69:bd:
b8:08:ed:19:f7:93:b4:fa:ea:1d:75:78:db:02:71:44:93:6a:
8c:2a:8d:9f:19:1a:01:c0:7e:25:18:d5:e6:3c:52:21:e0:4e:
5f:51:4d:db:8f:aa:5d:a2:54:6b:20:aa:fa:e8:cb:3b:8e:e5:
c5:19:99:aa:c6:48:d6:db:03:85:fd:f1:e2:fa:29:c8:15:fd:
c5:4f:26:07
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCPEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjIxMTAyMTM0OTE2WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzYyNzU1Yy0xN2UyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwcSz+Kvkyo0+hjl9Tr20DmPqc19mlvRMqTAUIq7ilSuUwkPqB/LoDhvKDM8P
KpVbnGuTZx6wQi7PbKnSC6W+Hrbzs+iryFbMxqrxlC0HSzYxtR2ztKligJ6XY/dX
7QUV3lc4AMVajMO9qlPeg9Qbjvey2l5U63mAZqgl3tAOmmbwFzV1Bkm4ioVS6Wjw
sR8HtWygzqxI4QAhVDskSnwHKxXvF6L/EvLZ/9OYzvGYezAZn9OTTELBn3YJq2ux
GhQqiFjgcxHeJmSGGflHRt0YTbd1GhQ4F5ZBa/+aayfsw3qt6YadnMnngdUOyyip
b6CC2JXzgKBTIXkKp3849+923QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFO7Dh/eN
TP+v1O7vf70Vca+n93mKMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvMjQzMDg2MUM1
QUI1MTFFRDgzRkJCNzUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABxy/cDBAC0spEwDQYJKoZIhvcNAQELBQADggEBAELPdRuC
lZzzEyAfF9xWbn/6+wSBxm5fjt3Vgjr9uA9JrVeUGwMaYBJ1bAZ3KCDrcS2m9kuC
vu4VNpXUEPyAxFgflweIU+t1Nausc9yuPtfnFrzcvmhO0PqHTmGNzYI+hdakwfB1
9sG+4IPjn964W3xYJqNxBp0gcTnD7n90ZvOkoVBcZWayLm3dnTVXrJV2+1dKpAnp
dpiG00CKg0Q1pgD1GtdWVw0GsM0/gl66mWTgfBZpvbgI7Rn3k7T66h11eNsCcUST
aowqjZ8ZGgHAfiUY1eY8UiHgTl9RTduPql2iVGsgqvroyzuO5cUZmarGSNbbA4X9
8eL6KcgV/cVPJgc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:14 2023 by rpki-client on console-fra.rpki-client.org