Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/63E9D666DDEE11EDA378B93AC4F9AE02.roa
File: 63E9D666DDEE11EDA378B93AC4F9AE02.roa (raw, json)
Hash identifier: Uvxpwg+9ycCDjhpH2wF8jUg+6T/Z1pS2FaAwIUQoZI4=
Subject key identifier: 8F:DF:A8:77:72:77:4E:2A:7E:37:99:C7:BD:11:BE:84:0A:5E:DC:34
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0A26
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/63E9D666DDEE11EDA378B93AC4F9AE02.roa
Signing time: Tue 18 Apr 2023 13:39:07 +0000
ROA not before: Tue 18 Apr 2023 13:39:07 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 206150
IP address blocks: 113.203.247.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2598 (0xa26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Apr 18 13:39:07 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=643e9d7a-1108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a0:e3:37:2e:15:83:3c:4e:ad:67:ae:d8:9e:
1d:5d:2f:aa:39:65:b1:2e:e3:1c:e3:17:a7:3b:00:
86:6f:28:97:05:4a:3f:a0:b4:8b:76:ed:8e:e6:aa:
ed:ee:c6:e9:2d:e4:18:4b:c0:51:d6:75:3e:3b:f7:
95:1b:5f:59:38:b9:ce:37:25:95:37:d6:de:09:fe:
1e:6e:0b:69:21:3f:e9:12:cc:41:49:6f:82:4c:29:
03:8a:c2:0a:72:f1:7a:64:50:3f:6c:9e:9e:f2:6b:
c3:58:8a:92:d0:84:04:e9:2d:09:79:e8:9a:e1:91:
2c:06:37:f4:30:d2:57:08:2c:05:94:f6:9f:70:36:
0d:99:52:e6:5d:35:7b:60:73:76:4e:72:62:2c:ea:
6b:cd:4c:6c:c6:5b:de:1f:d1:55:54:8f:4c:49:b1:
a1:3c:26:6d:04:52:74:f9:d0:49:da:33:b4:8b:3e:
c4:a0:ff:7a:11:c2:e6:06:27:8b:ba:ab:af:8a:0c:
0b:d6:bc:0c:e7:d6:4f:01:05:c4:52:4f:e7:5e:6e:
09:a6:fb:31:f5:ab:af:50:82:0a:fc:2c:3f:0a:94:
b0:87:6f:d0:bc:c8:69:0c:e8:78:6b:a5:65:2c:fc:
18:09:1b:f4:0b:ba:83:2c:4e:ac:5c:57:34:64:4d:
03:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:DF:A8:77:72:77:4E:2A:7E:37:99:C7:BD:11:BE:84:0A:5E:DC:34
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/63E9D666DDEE11EDA378B93AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.247.0/24
Signature Algorithm: sha256WithRSAEncryption
25:80:e2:36:e0:cc:84:3b:0c:c9:e2:56:f4:25:a0:95:2c:37:
5d:55:9b:ae:d2:31:9d:79:d8:ec:19:1e:94:d8:37:c2:d0:2a:
e3:e9:74:e7:8f:1b:9f:45:a4:57:28:4c:e9:81:fe:55:c2:90:
b2:eb:58:5e:d7:cd:f9:d2:76:50:d8:ae:e3:1a:01:69:ec:10:
3f:c2:e0:f7:63:ce:25:ac:b6:d8:5c:4a:97:de:c0:a2:c8:20:
4e:22:aa:28:b3:ee:4a:22:ea:d3:10:b2:80:fd:e6:82:6c:df:
54:1a:2d:b2:d2:8b:91:98:78:e0:ca:06:6c:d8:bd:69:5d:05:
04:8a:b3:da:ba:d3:d2:f4:d6:63:5b:42:b1:b1:2c:4d:00:07:
2d:bd:95:f6:c6:7f:1b:b3:06:3b:c2:9a:f4:59:47:77:1f:94:
f0:40:10:89:1e:cc:32:c7:e1:02:bf:3e:9a:64:88:94:a0:4f:
33:c0:b9:5a:2e:d6:dc:b8:4d:9f:1e:66:15:b1:42:34:b6:9d:
78:88:25:6b:8e:85:a9:1b:1e:73:6a:5e:b1:02:c3:20:8b:c5:
fa:6a:23:1b:db:64:c1:9d:3b:0e:15:bb:f0:f1:e0:68:74:90:
6e:25:9b:c8:93:63:56:49:03:e0:8e:d6:54:3d:96:47:53:bd:
91:9c:6f:a9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCiYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwNDE4MTMzOTA3WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDNlOWQ3YS0xMTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1aDjNy4VgzxOrWeu2J4dXS+qOWWxLuMc4xenOwCGbyiXBUo/oLSLdu2O5qrt
7sbpLeQYS8BR1nU+O/eVG19ZOLnONyWVN9beCf4ebgtpIT/pEsxBSW+CTCkDisIK
cvF6ZFA/bJ6e8mvDWIqS0IQE6S0Jeeia4ZEsBjf0MNJXCCwFlPafcDYNmVLmXTV7
YHN2TnJiLOprzUxsxlveH9FVVI9MSbGhPCZtBFJ0+dBJ2jO0iz7EoP96EcLmBieL
uquvigwL1rwM59ZPAQXEUk/nXm4Jpvsx9auvUIIK/Cw/CpSwh2/QvMhpDOh4a6Vl
LPwYCRv0C7qDLE6sXFc0ZE0DRwIDAQABo4IClTCCApEwHQYDVR0OBBYEFI/fqHdy
d04qfjeZx70RvoQKXtw0MB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvNjNFOUQ2NjZE
REVFMTFFREEzNzhCOTNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABxy/cwDQYJKoZIhvcNAQELBQADggEBACWA4jbgzIQ7DMni
VvQloJUsN11Vm67SMZ152OwZHpTYN8LQKuPpdOePG59FpFcoTOmB/lXCkLLrWF7X
zfnSdlDYruMaAWnsED/C4PdjziWstthcSpfewKLIIE4iqiiz7koi6tMQsoD95oJs
31QaLbLSi5GYeODKBmzYvWldBQSKs9q609L01mNbQrGxLE0ABy29lfbGfxuzBjvC
mvRZR3cflPBAEIkezDLH4QK/PppkiJSgTzPAuVou1ty4TZ8eZhWxQjS2nXiIJWuO
hakbHnNqXrECwyCLxfpqIxvbZMGdOw4Vu/Dx4Gh0kG4lm8iTY1ZJA+CO1lQ9lkdT
vZGcb6k=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:14 2023 by rpki-client on console-fra.rpki-client.org