Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/5C29D860067911EDBBC7F133C4F9AE02.roa
File: 5C29D860067911EDBBC7F133C4F9AE02.roa (raw, json)
Hash identifier: yDTXWe8jOSXzIo+/W+TEbNViInMrMC4CDw6/EGNglGc=
Subject key identifier: 0F:EC:48:B7:74:5D:00:43:29:4C:48:8C:1D:B6:D2:C6:AA:42:5E:06
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 07EE
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/5C29D860067911EDBBC7F133C4F9AE02.roa
Signing time: Mon 18 Jul 2022 09:09:43 +0000
ROA not before: Mon 18 Jul 2022 09:09:43 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 208485
IP address blocks: 113.203.230.0/24 maxlen: 24
113.203.247.0/24 maxlen: 24
180.178.145.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2030 (0x7ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Jul 18 09:09:43 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=62d52356-cce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:87:b0:54:94:80:c8:ed:48:54:e3:1d:7e:f3:
ad:d6:c8:e7:21:bb:1d:c6:2c:f6:49:2e:b7:87:dc:
15:20:2c:c5:f3:18:8c:cc:e3:d3:47:56:c1:00:b5:
e3:a1:1a:9f:44:46:e5:ae:2a:46:f2:de:9f:d2:1f:
48:9b:fa:68:4d:15:e7:2d:f8:ce:51:16:b0:2e:3f:
77:b9:12:8b:00:4a:f5:b5:99:c8:02:40:41:e0:f8:
8b:a5:2e:db:b7:e3:59:a9:a0:49:e8:b4:88:7b:2f:
5d:a7:89:4a:a1:be:78:79:9e:85:9e:b1:5c:02:ec:
a6:80:70:87:d0:92:e7:2a:7c:35:fa:b4:1b:fc:3a:
e8:73:b6:28:a4:b2:0b:6e:89:14:e0:79:fa:9d:68:
b8:b4:45:c0:06:c4:43:e8:b3:62:00:57:93:8e:8e:
6a:b0:ad:74:04:33:17:08:99:f4:28:7c:c7:aa:9b:
47:27:36:bf:44:b3:25:a1:b3:a0:72:e1:d8:15:a0:
d1:c9:f3:54:0b:af:97:90:8f:90:52:0f:7b:52:7f:
ec:43:7d:73:19:4c:d9:3d:62:03:db:f7:87:8e:93:
83:d4:76:41:09:6d:35:e6:64:09:81:eb:5f:7d:2e:
09:7d:69:8a:f0:0b:f7:b9:b8:72:38:cc:b7:ad:18:
be:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:EC:48:B7:74:5D:00:43:29:4C:48:8C:1D:B6:D2:C6:AA:42:5E:06
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/5C29D860067911EDBBC7F133C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.230.0/24
113.203.247.0/24
180.178.145.0/24
Signature Algorithm: sha256WithRSAEncryption
96:84:1b:29:ad:9d:c9:ef:54:27:c7:34:67:55:98:79:49:67:
0f:34:65:72:5c:ef:4f:71:66:e3:de:31:f5:41:dd:7d:b2:f7:
d5:8c:d9:75:85:bf:86:01:65:91:87:b2:bd:9c:67:31:13:3e:
82:b2:ab:68:7c:6d:cc:52:07:0f:e3:db:fb:8e:40:d0:45:21:
68:ae:ad:02:b1:b5:bd:60:20:c9:b3:1f:65:41:c6:91:51:6f:
e7:ff:c0:ed:f7:ba:db:53:28:14:a2:e4:e5:bc:d6:39:06:05:
81:46:47:bb:4f:00:63:c1:70:f7:d3:4e:0d:01:51:38:90:06:
64:1d:c6:84:6c:8b:66:3e:5b:65:ce:81:22:8a:db:ec:00:d1:
6c:5f:68:45:bd:eb:e4:8a:f7:93:9f:aa:2b:28:8a:8b:07:71:
0f:7c:4f:73:99:4a:ac:61:9c:c4:a7:38:1b:71:29:b5:e2:ac:
95:85:e5:44:95:93:36:ae:26:d4:ac:5a:fc:ed:24:2e:38:ed:
9e:70:2c:2c:c0:11:50:eb:8d:e2:96:1c:5c:b8:55:d5:e8:c7:
ce:1e:c0:e8:5e:52:45:cf:bb:a2:70:39:69:2b:3d:2d:f2:9d:
78:94:72:da:ac:02:0f:6a:a6:13:5f:36:d1:3d:2f:a4:0f:a9:
b9:f4:bc:43
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICB+4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjIwNzE4MDkwOTQzWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmQ1MjM1Ni1jY2UyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtYewVJSAyO1IVOMdfvOt1sjnIbsdxiz2SS63h9wVICzF8xiMzOPTR1bBALXj
oRqfREblripG8t6f0h9Im/poTRXnLfjOURawLj93uRKLAEr1tZnIAkBB4PiLpS7b
t+NZqaBJ6LSIey9dp4lKob54eZ6FnrFcAuymgHCH0JLnKnw1+rQb/Droc7YopLIL
bokU4Hn6nWi4tEXABsRD6LNiAFeTjo5qsK10BDMXCJn0KHzHqptHJza/RLMlobOg
cuHYFaDRyfNUC6+XkI+QUg97Un/sQ31zGUzZPWID2/eHjpOD1HZBCW015mQJgetf
fS4JfWmK8Av3ubhyOMy3rRi+vwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFA/sSLd0
XQBDKUxIjB220saqQl4GMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvNUMyOUQ4NjAw
Njc5MTFFREJCQzdGMTMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABxy+YDBABxy/cDBAC0spEwDQYJKoZIhvcNAQELBQADggEB
AJaEGymtncnvVCfHNGdVmHlJZw80ZXJc709xZuPeMfVB3X2y99WM2XWFv4YBZZGH
sr2cZzETPoKyq2h8bcxSBw/j2/uOQNBFIWiurQKxtb1gIMmzH2VBxpFRb+f/wO33
uttTKBSi5OW81jkGBYFGR7tPAGPBcPfTTg0BUTiQBmQdxoRsi2Y+W2XOgSKK2+wA
0WxfaEW96+SK95OfqisoiosHcQ98T3OZSqxhnMSnOBtxKbXirJWF5USVkzauJtSs
WvztJC447Z5wLCzAEVDrjeKWHFy4VdXox84ewOheUkXPu6JwOWkrPS3ynXiUctqs
Ag9qphNfNtE9L6QPqbn0vEM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:12 2023 by rpki-client on console-ams.rpki-client.org