Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/6BD41408828311EC9A7C1D34C4F9AE02.roa
File: 6BD41408828311EC9A7C1D34C4F9AE02.roa (raw, json)
Hash identifier: 3FonJpUx9yhJnhF4TQ7xtjd/6aHgZNfQr2waMJqYvx8=
Subject key identifier: C3:33:1E:95:ED:DC:73:B7:CA:9C:0E:33:99:7A:74:5C:EC:4B:3F:3A
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0895
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/6BD41408828311EC9A7C1D34C4F9AE02.roa
Signing time: Thu 15 Sep 2022 10:00:29 +0000
ROA not before: Thu 15 Sep 2022 10:00:29 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 141361
IP address blocks: 180.178.163.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2197 (0x895)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Sep 15 10:00:29 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6322f7bc-53f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5d:10:6e:40:c5:c5:21:4a:7e:31:31:4b:82:
45:d0:98:25:f4:65:c1:b6:25:9e:f3:e6:45:69:eb:
21:68:3b:41:2c:82:d5:00:02:4b:3d:3d:ab:66:22:
94:24:f5:96:94:69:f7:2f:88:77:33:0f:99:41:f8:
76:ad:db:1e:2c:90:50:75:48:ca:84:23:25:ec:ab:
18:e0:42:8e:7f:f3:67:96:c4:74:cc:4c:af:c0:5b:
d0:1e:5a:6c:c9:be:b1:8c:00:f7:c7:75:af:1a:e2:
96:f7:35:55:42:2f:3a:88:d1:47:2b:02:a2:00:77:
e7:41:dc:ce:1a:1b:af:15:54:d7:f5:ba:7e:19:8e:
74:9c:c5:d3:61:f4:1a:82:7f:02:3d:cd:47:01:49:
a1:b0:2d:56:6a:df:81:f0:aa:3f:29:f2:36:82:35:
f1:39:74:41:b2:c4:d9:48:ea:45:97:d7:e7:8e:7e:
6e:89:83:79:ef:53:db:01:79:96:79:5e:f8:6b:80:
31:6e:dc:7d:b9:c6:5f:04:70:68:4f:b6:26:78:30:
a0:01:eb:d7:94:58:29:c4:ce:56:01:83:f8:f9:7e:
4a:3f:46:fb:10:a1:1a:24:41:78:65:93:bc:7f:ee:
3d:35:b5:cc:03:10:cd:87:e7:88:7d:a7:07:61:d1:
af:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:33:1E:95:ED:DC:73:B7:CA:9C:0E:33:99:7A:74:5C:EC:4B:3F:3A
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/6BD41408828311EC9A7C1D34C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.178.163.0/24
Signature Algorithm: sha256WithRSAEncryption
25:b9:a7:74:76:69:fb:c0:76:76:f3:e0:06:78:d1:f5:70:8f:
7a:c1:df:30:35:a9:03:e5:b9:8f:ab:ba:e0:22:b5:1e:c2:40:
ef:63:fc:35:74:bd:aa:b1:0f:3d:1a:31:17:32:1b:38:1b:1d:
98:47:5f:5c:a1:d4:d8:07:24:7a:0d:01:10:27:f6:72:fb:de:
7f:1a:9f:32:5d:16:ee:c4:72:7b:2d:7e:5c:bd:a8:25:ca:4e:
da:e2:02:c1:00:44:18:24:fe:33:19:fc:9b:61:51:7b:8e:e9:
20:af:fe:ed:43:d5:23:18:56:56:69:29:5f:34:d7:29:6d:5e:
ca:60:c7:01:71:6b:0e:2f:7d:67:40:8c:ae:00:9c:ad:f5:95:
98:75:0c:0f:12:94:d5:13:f8:3e:0e:81:90:d9:9c:9e:8a:9a:
cb:73:b0:ec:56:fc:85:71:3f:4e:d8:ca:99:9c:f7:d7:8b:97:
dd:8c:4e:8e:e1:c1:57:eb:92:bd:96:24:6c:a7:01:12:15:3a:
4b:21:bd:36:f7:b7:f4:7a:0b:d3:6d:5d:c8:48:82:f6:62:b7:
d5:07:25:18:bc:e7:8e:c0:37:2a:d2:da:7e:9c:be:9d:82:5b:
94:cc:42:23:03:ca:e7:82:e5:02:4d:e5:4d:6d:47:73:3e:b0:
f9:16:67:5f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCJUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjIwOTE1MTAwMDI5WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzIyZjdiYy01M2Y5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwF0QbkDFxSFKfjExS4JF0Jgl9GXBtiWe8+ZFaeshaDtBLILVAAJLPT2rZiKU
JPWWlGn3L4h3Mw+ZQfh2rdseLJBQdUjKhCMl7KsY4EKOf/NnlsR0zEyvwFvQHlps
yb6xjAD3x3WvGuKW9zVVQi86iNFHKwKiAHfnQdzOGhuvFVTX9bp+GY50nMXTYfQa
gn8CPc1HAUmhsC1Wat+B8Ko/KfI2gjXxOXRBssTZSOpFl9fnjn5uiYN571PbAXmW
eV74a4Axbtx9ucZfBHBoT7YmeDCgAevXlFgpxM5WAYP4+X5KP0b7EKEaJEF4ZZO8
f+49NbXMAxDNh+eIfacHYdGvFwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMMzHpXt
3HO3ypwOM5l6dFzsSz86MB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvNkJENDE0MDg4
MjgzMTFFQzlBN0MxRDM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAC0sqMwDQYJKoZIhvcNAQELBQADggEBACW5p3R2afvAdnbz
4AZ40fVwj3rB3zA1qQPluY+ruuAitR7CQO9j/DV0vaqxDz0aMRcyGzgbHZhHX1yh
1NgHJHoNARAn9nL73n8anzJdFu7Ecnstfly9qCXKTtriAsEARBgk/jMZ/JthUXuO
6SCv/u1D1SMYVlZpKV801yltXspgxwFxaw4vfWdAjK4AnK31lZh1DA8SlNUT+D4O
gZDZnJ6KmstzsOxW/IVxP07Yypmc99eLl92MTo7hwVfrkr2WJGynARIVOkshvTb3
t/R6C9NtXchIgvZit9UHJRi8547ANyrS2n6cvp2CW5TMQiMDyueC5QJN5U1tR3M+
sPkWZ18=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:14 2023 by rpki-client on console-fra.rpki-client.org