Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/4B76495E3B3611ECB60C5429C4F9AE02.roa
File: 4B76495E3B3611ECB60C5429C4F9AE02.roa (raw, json)
Hash identifier: Kpoy6/QRSsVRvSdhYU/YbeNaNM6kP3IVLCpRbUq3a2E=
Subject key identifier: BD:18:9D:83:35:64:8E:1C:EE:BB:63:AA:B8:AF:BB:71:08:4B:0A:79
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0567
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/4B76495E3B3611ECB60C5429C4F9AE02.roa
Signing time: Mon 01 Nov 2021 17:08:12 +0000
ROA not before: Mon 01 Nov 2021 17:08:12 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 210654
IP address blocks: 113.203.230.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1383 (0x567)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Nov 1 17:08:12 2021 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=61801efc-b899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7a:63:d3:56:ca:8f:06:5a:9b:c3:ac:e3:c9:
6a:c9:b4:82:6b:aa:71:e3:7b:57:30:7a:57:25:78:
b7:5b:97:09:32:7e:ac:79:25:24:dd:bc:91:15:68:
1a:de:28:8a:9d:92:82:a4:de:79:84:9a:a5:9c:52:
26:a5:33:3d:2f:bd:77:fe:bb:33:20:04:71:30:42:
6e:f5:9c:e5:a5:74:7f:c7:6b:ca:ab:03:ec:40:43:
d5:a2:f9:41:36:84:27:bb:ce:e3:a6:a0:b1:77:87:
e9:67:8f:1e:db:de:23:45:f8:a5:bc:2c:e5:06:ac:
dd:d5:9d:91:47:46:51:46:c3:fe:27:a6:52:ac:2b:
0e:7b:82:07:b8:ca:e5:72:72:49:01:ed:6c:ac:08:
ee:1f:58:7c:56:d1:ae:ea:ec:32:53:62:4c:29:83:
fb:28:f4:01:9f:ac:0b:a3:d2:d3:b7:ac:13:37:1a:
06:9e:cb:a9:1a:ee:54:08:a3:84:a6:bd:f0:bf:dd:
d7:04:9c:b7:cb:03:4c:40:73:2b:af:1d:ad:ac:2c:
06:c3:d8:29:11:2b:8b:a2:d6:6a:92:3b:54:75:fe:
3a:a5:b2:6c:d3:12:b8:82:95:d2:bd:32:0c:18:70:
91:27:fa:8c:6e:ca:07:9b:9e:e3:90:52:1a:2a:ae:
1b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:18:9D:83:35:64:8E:1C:EE:BB:63:AA:B8:AF:BB:71:08:4B:0A:79
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/4B76495E3B3611ECB60C5429C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.230.0/24
Signature Algorithm: sha256WithRSAEncryption
99:23:4a:67:44:2f:a7:eb:42:e6:cd:70:d0:4a:44:65:75:a1:
6b:e5:70:63:07:31:18:4c:6e:31:c5:5a:6d:86:c5:a7:0b:3b:
03:bb:e9:06:f6:bb:96:15:c7:3d:31:f8:e0:da:14:b1:12:6c:
ae:e7:bb:2c:9f:93:a5:2e:0e:53:ae:9c:d3:28:65:8c:b5:25:
7b:25:c3:16:60:e2:65:73:00:20:eb:08:4c:cd:51:71:cb:97:
dc:ff:9a:4f:c3:fc:b2:51:cf:77:bf:d4:ee:07:c4:ff:4d:99:
c2:44:41:cd:90:41:d7:5b:52:ad:14:4b:4f:8e:6b:5b:85:63:
8f:17:b1:f3:94:96:56:b0:c6:aa:f9:86:a8:a7:5c:3d:b2:05:
42:8d:d8:0b:bc:8a:a4:63:41:32:fb:01:d4:d2:cc:5f:ba:d7:
7d:5e:bb:0f:b0:4b:75:b3:52:21:f9:62:50:41:ac:ab:15:d5:
89:b0:83:4d:ed:c9:b5:4d:16:34:6a:07:4f:e1:75:3a:b1:b4:
ca:00:88:59:6a:38:12:8b:f7:05:f3:4e:8d:00:0e:40:ce:3b:
78:aa:76:20:be:c8:ad:f8:5c:53:c1:8d:d7:16:03:50:f2:9d:
4f:cd:d1:10:57:8f:b8:91:7e:81:f4:32:e3:36:be:15:25:ae:
e1:1b:a7:05
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBWcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjExMTAxMTcwODEyWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTgwMWVmYy1iODk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmXpj01bKjwZam8Os48lqybSCa6px43tXMHpXJXi3W5cJMn6seSUk3byRFWga
3iiKnZKCpN55hJqlnFImpTM9L713/rszIARxMEJu9ZzlpXR/x2vKqwPsQEPVovlB
NoQnu87jpqCxd4fpZ48e294jRfilvCzlBqzd1Z2RR0ZRRsP+J6ZSrCsOe4IHuMrl
cnJJAe1srAjuH1h8VtGu6uwyU2JMKYP7KPQBn6wLo9LTt6wTNxoGnsupGu5UCKOE
pr3wv93XBJy3ywNMQHMrrx2trCwGw9gpESuLotZqkjtUdf46pbJs0xK4gpXSvTIM
GHCRJ/qMbsoHm57jkFIaKq4bHQIDAQABo4IClTCCApEwHQYDVR0OBBYEFL0YnYM1
ZI4c7rtjqrivu3EISwp5MB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvNEI3NjQ5NUUz
QjM2MTFFQ0I2MEM1NDI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABxy+YwDQYJKoZIhvcNAQELBQADggEBAJkjSmdEL6frQubN
cNBKRGV1oWvlcGMHMRhMbjHFWm2GxacLOwO76Qb2u5YVxz0x+ODaFLESbK7nuyyf
k6UuDlOunNMoZYy1JXslwxZg4mVzACDrCEzNUXHLl9z/mk/D/LJRz3e/1O4HxP9N
mcJEQc2QQddbUq0US0+Oa1uFY48XsfOUllawxqr5hqinXD2yBUKN2Au8iqRjQTL7
AdTSzF+6131euw+wS3WzUiH5YlBBrKsV1Ymwg03tybVNFjRqB0/hdTqxtMoAiFlq
OBKL9wXzTo0ADkDOO3iqdiC+yK34XFPBjdcWA1DynU/N0RBXj7iRfoH0MuM2vhUl
ruEbpwU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:14 2023 by rpki-client on console-fra.rpki-client.org