Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/62D89DB6DDEE11EDA378B93AC4F9AE02.roa
File: 62D89DB6DDEE11EDA378B93AC4F9AE02.roa (raw, json)
Hash identifier: okvHEsBynw5f1JnJdN4ON0L+DaiesJ24tJYmC9ZS82o=
Subject key identifier: 86:31:2E:4E:8F:B5:5D:44:4A:9A:26:4B:7C:F9:43:E3:D7:FB:62:36
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0A25
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/62D89DB6DDEE11EDA378B93AC4F9AE02.roa
Signing time: Tue 18 Apr 2023 13:39:05 +0000
ROA not before: Tue 18 Apr 2023 13:39:05 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 140900
IP address blocks: 113.203.246.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2597 (0xa25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Apr 18 13:39:05 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=643e9d79-6c15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4d:3e:f9:cd:90:a4:c3:b8:4c:fb:d1:09:2f:
d5:32:f5:e3:64:d3:68:fa:e2:07:cf:ac:a7:dd:e5:
33:c1:d5:95:19:98:b6:16:88:ab:c5:71:20:93:37:
be:ca:5a:55:0a:17:b6:29:1e:89:00:21:0b:e8:c6:
48:5c:00:27:7c:8b:8e:9e:1d:0a:23:3d:38:34:07:
4c:20:12:ba:7e:bd:53:34:33:5e:d7:8c:32:0a:69:
d3:37:f5:36:56:f2:2c:1d:e5:7d:e2:e4:8f:bd:df:
9f:3e:94:2a:20:66:5d:f2:03:ae:e2:92:f9:72:6a:
66:fc:77:c9:d4:a9:6a:38:5d:ef:cf:c3:2d:23:58:
05:0c:96:82:56:12:10:cf:e7:a8:66:00:1a:e9:e5:
bf:08:80:b5:96:20:ba:29:99:ec:8d:81:e4:0b:af:
82:45:45:24:4d:70:60:eb:c9:14:d0:8a:9c:e4:e7:
6b:f5:ac:a1:b4:9b:d0:ad:e9:37:bd:0c:aa:b8:ef:
19:08:05:fc:5b:01:a8:09:c9:52:57:9a:23:e4:68:
5e:89:52:68:34:e2:c4:1f:cc:25:0b:66:f6:f2:a7:
b5:0b:0d:28:84:68:4b:cb:4c:9b:10:46:8c:fe:1e:
32:ea:48:02:77:82:12:cc:de:a7:ba:eb:a3:5c:bd:
b4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:31:2E:4E:8F:B5:5D:44:4A:9A:26:4B:7C:F9:43:E3:D7:FB:62:36
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/62D89DB6DDEE11EDA378B93AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.246.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:59:7c:73:3a:72:58:69:a6:f4:99:60:2f:7b:66:5f:91:d2:
f3:52:8d:3c:31:24:8c:d3:a8:1e:9a:42:3a:dd:65:28:45:5b:
b4:20:90:17:39:85:64:c8:3b:b7:20:b6:68:80:e4:7f:9f:f7:
01:b0:f3:b8:c7:14:10:98:2e:89:35:cc:16:13:68:a0:62:66:
52:eb:c1:14:98:28:bb:eb:28:e5:27:40:ba:0c:c5:29:67:d0:
f8:88:ff:f3:50:1a:23:58:c1:cd:d5:bc:2c:95:09:02:a1:b2:
28:bc:03:6b:d2:23:fa:db:a6:f8:dd:60:93:3a:a9:67:c6:dc:
c7:48:1a:6a:43:41:63:ea:55:5d:8b:2c:b8:26:41:30:71:27:
93:8e:6f:0d:23:26:c1:25:3b:ac:83:5f:16:a3:d8:5e:dd:fb:
81:e7:61:0c:43:b6:17:d7:e7:51:03:da:cd:7e:b6:34:c9:d0:
c7:0d:14:97:fa:80:ce:73:28:9d:58:b3:39:b0:9c:43:d2:8a:
1e:32:c5:d3:6d:1b:9a:47:9f:f3:f0:4c:fa:22:64:89:0c:f0:
b0:0f:0a:df:7b:d2:39:a4:21:d3:37:4a:f4:c1:0a:3a:bc:1c:
07:44:7b:e3:fe:d9:6d:f3:ca:88:f9:4f:1b:4a:64:93:d4:f8:
1d:58:ba:ae
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCiUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwNDE4MTMzOTA1WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDNlOWQ3OS02YzE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmE0++c2QpMO4TPvRCS/VMvXjZNNo+uIHz6yn3eUzwdWVGZi2FoirxXEgkze+
ylpVChe2KR6JACEL6MZIXAAnfIuOnh0KIz04NAdMIBK6fr1TNDNe14wyCmnTN/U2
VvIsHeV94uSPvd+fPpQqIGZd8gOu4pL5cmpm/HfJ1KlqOF3vz8MtI1gFDJaCVhIQ
z+eoZgAa6eW/CIC1liC6KZnsjYHkC6+CRUUkTXBg68kU0Iqc5Odr9ayhtJvQrek3
vQyquO8ZCAX8WwGoCclSV5oj5GheiVJoNOLEH8wlC2b28qe1Cw0ohGhLy0ybEEaM
/h4y6kgCd4ISzN6nuuujXL20YQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIYxLk6P
tV1ESpomS3z5Q+PX+2I2MB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvNjJEODlEQjZE
REVFMTFFREEzNzhCOTNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABxy/YwDQYJKoZIhvcNAQELBQADggEBAB9ZfHM6clhppvSZ
YC97Zl+R0vNSjTwxJIzTqB6aQjrdZShFW7QgkBc5hWTIO7cgtmiA5H+f9wGw87jH
FBCYLok1zBYTaKBiZlLrwRSYKLvrKOUnQLoMxSln0PiI//NQGiNYwc3VvCyVCQKh
sii8A2vSI/rbpvjdYJM6qWfG3MdIGmpDQWPqVV2LLLgmQTBxJ5OObw0jJsElO6yD
Xxaj2F7d+4HnYQxDthfX51ED2s1+tjTJ0McNFJf6gM5zKJ1YszmwnEPSih4yxdNt
G5pHn/PwTPoiZIkM8LAPCt970jmkIdM3SvTBCjq8HAdEe+P+2W3zyoj5TxtKZJPU
+B1Yuq4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:12 2023 by rpki-client on console-ams.rpki-client.org