Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/480B5C14D90511ED890F5D5FC4F9AE02.roa
File: 480B5C14D90511ED890F5D5FC4F9AE02.roa (raw, json)
Hash identifier: Jnv61PHTWtkejhJEst8VBoiAgX1/uEaeGztabPVRSxk=
Subject key identifier: 22:C6:C3:6D:F2:20:27:56:C8:BC:D7:A6:96:4C:8C:3F:28:06:A5:82
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0A03
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/480B5C14D90511ED890F5D5FC4F9AE02.roa
Signing time: Wed 12 Apr 2023 07:40:22 +0000
ROA not before: Wed 12 Apr 2023 07:40:22 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 212238
IP address blocks: 180.178.152.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2563 (0xa03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Apr 12 07:40:22 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64366066-3c35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7b:2b:50:20:60:31:13:a3:fb:49:03:1e:98:
fb:80:b1:47:5e:be:c8:ee:68:b2:02:45:f5:6b:de:
63:0a:a8:99:b8:c3:bc:19:91:bc:9f:d5:ff:56:c4:
6f:06:ef:8f:d3:6c:2e:18:20:b7:91:d6:13:4e:a5:
35:d8:5a:9e:82:a7:86:11:0a:31:c2:4e:27:8b:b9:
72:bc:f8:f7:84:ca:02:db:67:e3:d2:9d:49:dd:60:
2c:3f:4a:a4:72:9e:ff:26:8f:c8:56:db:60:74:22:
fe:5f:86:aa:22:c3:93:9c:cf:eb:a0:0a:79:88:3e:
f3:9f:66:f4:f6:cb:58:c5:c1:bf:85:7d:8b:56:4b:
ed:54:2a:b0:2b:5d:d9:8c:da:48:20:ad:13:03:0a:
47:ee:53:6d:75:f5:11:84:3e:84:e4:3f:77:70:11:
16:fa:58:e4:29:0b:17:01:f3:e7:8d:45:ac:c1:7b:
7a:76:ed:54:60:a0:1b:e8:82:9a:5d:25:7d:96:d4:
ef:22:ae:72:ba:09:b3:89:5f:d8:1d:a7:2c:c2:93:
30:98:6e:41:de:ba:a6:c2:89:29:b5:bb:1f:45:e3:
01:58:6e:9b:14:bc:2a:4a:65:23:4f:5b:d0:66:68:
42:94:7a:72:34:26:b3:42:f8:01:6c:08:4e:42:dd:
36:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:C6:C3:6D:F2:20:27:56:C8:BC:D7:A6:96:4C:8C:3F:28:06:A5:82
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/480B5C14D90511ED890F5D5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.178.152.0/21
Signature Algorithm: sha256WithRSAEncryption
8d:48:d6:4d:82:a0:d6:83:7c:20:90:54:07:6e:91:4b:80:d1:
04:6b:87:f0:b2:ce:a0:3c:a7:df:0a:96:cf:e7:9c:71:6a:71:
8c:ff:3b:4f:36:cd:c8:a8:07:0a:26:f5:84:7e:64:69:b2:da:
b2:27:92:90:c5:0b:63:3d:af:6d:a6:15:ed:c1:98:14:52:65:
e2:af:ac:e8:3b:f2:2d:d7:47:42:86:8c:c2:7e:94:1d:1c:e3:
2d:55:14:d0:4b:2c:fb:8b:5d:da:7b:6f:fa:bc:9a:b6:7b:c2:
02:aa:aa:b3:df:e5:6a:bd:fd:b6:04:da:1b:a2:79:0f:21:27:
73:bd:c6:c7:95:68:fe:05:5d:fe:2b:3d:ca:c5:46:3f:65:7d:
eb:58:c7:4e:e6:b2:f3:d7:f8:ed:ee:38:ed:b2:2c:06:04:4e:
5b:d7:7b:d6:a2:89:f9:56:c3:69:4a:d5:22:40:92:05:87:fb:
c1:1e:9b:a2:67:26:a4:55:a4:43:c7:dd:90:fa:94:cb:78:3a:
6c:e4:37:04:bb:ce:5a:97:80:0a:92:c3:c5:78:91:b5:88:3c:
c9:47:65:6a:3c:1d:72:99:69:76:a0:63:23:28:2e:0e:ad:32:
d2:3e:01:69:99:4e:1c:b3:3d:84:8a:2b:3e:a6:7a:be:7f:60:
9a:06:c3:47
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCgMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwNDEyMDc0MDIyWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM2NjA2Ni0zYzM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt3srUCBgMROj+0kDHpj7gLFHXr7I7miyAkX1a95jCqiZuMO8GZG8n9X/VsRv
Bu+P02wuGCC3kdYTTqU12FqegqeGEQoxwk4ni7lyvPj3hMoC22fj0p1J3WAsP0qk
cp7/Jo/IVttgdCL+X4aqIsOTnM/roAp5iD7zn2b09stYxcG/hX2LVkvtVCqwK13Z
jNpIIK0TAwpH7lNtdfURhD6E5D93cBEW+ljkKQsXAfPnjUWswXt6du1UYKAb6IKa
XSV9ltTvIq5yugmziV/YHacswpMwmG5B3rqmwokptbsfReMBWG6bFLwqSmUjT1vQ
ZmhClHpyNCazQvgBbAhOQt022QIDAQABo4IClTCCApEwHQYDVR0OBBYEFCLGw23y
ICdWyLzXppZMjD8oBqWCMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvNDgwQjVDMTRE
OTA1MTFFRDg5MEY1RDVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAO0spgwDQYJKoZIhvcNAQELBQADggEBAI1I1k2CoNaDfCCQ
VAdukUuA0QRrh/CyzqA8p98Kls/nnHFqcYz/O082zcioBwom9YR+ZGmy2rInkpDF
C2M9r22mFe3BmBRSZeKvrOg78i3XR0KGjMJ+lB0c4y1VFNBLLPuLXdp7b/q8mrZ7
wgKqqrPf5Wq9/bYE2huieQ8hJ3O9xseVaP4FXf4rPcrFRj9lfetYx07msvPX+O3u
OO2yLAYETlvXe9aiiflWw2lK1SJAkgWH+8Eem6JnJqRVpEPH3ZD6lMt4OmzkNwS7
zlqXgAqSw8V4kbWIPMlHZWo8HXKZaXagYyMoLg6tMtI+AWmZThyzPYSKKz6mer5/
YJoGw0c=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:14 2023 by rpki-client on console-fra.rpki-client.org