Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/6E469B04DEA111ED84E5D17BC4F9AE02.roa
File: 6E469B04DEA111ED84E5D17BC4F9AE02.roa (raw, json)
Hash identifier: JNTEP+BEPdABoes5Td8ch0BcArRXAyZLMTkkTHx0zUs=
Subject key identifier: FD:37:C3:E0:12:04:2B:F5:80:89:8A:41:2C:9D:2B:D4:96:08:8C:7A
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0A2E
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/6E469B04DEA111ED84E5D17BC4F9AE02.roa
Signing time: Wed 19 Apr 2023 11:00:44 +0000
ROA not before: Wed 19 Apr 2023 11:00:44 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 9387
IP address blocks: 113.203.209.0/24 maxlen: 24
113.203.211.0/24 maxlen: 24
113.203.212.0/24 maxlen: 24
113.203.213.0/24 maxlen: 24
113.203.214.0/23 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.219.0/24 maxlen: 24
113.203.226.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
180.178.164.0/22 maxlen: 24
180.178.168.0/24 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
180.178.178.0/24 maxlen: 24
180.178.180.0/22 maxlen: 24
223.29.224.0/20 maxlen: 20
2401:4100::/32 maxlen: 32
2401:4100::/33 maxlen: 33
2401:4100:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2606 (0xa2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Apr 19 11:00:44 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=643fc9dc-cc29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6c:81:c0:a1:2a:be:9f:cb:e4:f7:75:1c:64:
b9:51:b4:03:10:8d:5f:09:0d:41:2d:cb:27:d8:3c:
ec:e8:91:33:33:5e:b9:27:9a:5f:2c:46:05:79:e2:
b9:4c:6e:cd:f0:9f:1f:24:97:0f:90:a7:85:1e:17:
42:6d:7b:70:f0:2a:35:5f:d3:f5:bd:2b:3b:11:0f:
52:38:e7:2d:07:a4:f3:df:7e:52:b8:71:fe:61:13:
a7:c6:02:af:5a:b6:72:c3:42:89:07:af:53:ae:2a:
31:6e:f6:28:88:ff:5a:e9:8d:c7:33:a4:54:4a:db:
84:d4:28:14:ae:6d:c1:a9:17:ca:ab:15:2c:db:6d:
ed:ac:00:e4:98:dc:3f:22:b8:b2:d4:ad:61:7f:b6:
22:26:e2:d1:eb:78:fd:fc:ad:85:c6:7c:91:b5:fd:
9b:f7:63:76:fa:e2:57:a7:43:4c:a9:5d:89:9e:99:
fc:db:8e:8d:57:58:60:90:1f:e1:fd:8d:44:14:ea:
1e:83:5b:59:7e:7f:37:4c:d4:c6:90:7c:1b:e7:c4:
db:2d:29:a0:78:81:92:c7:ab:d3:78:1d:f1:5b:af:
97:a4:d5:2a:ab:b6:e3:83:9e:2b:05:07:c8:cf:52:
70:58:15:bf:6b:d7:d9:8e:c6:26:14:14:85:23:34:
2b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:37:C3:E0:12:04:2B:F5:80:89:8A:41:2C:9D:2B:D4:96:08:8C:7A
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/6E469B04DEA111ED84E5D17BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.209.0/24
113.203.211.0-113.203.216.255
113.203.219.0/24
113.203.226.0/24
113.203.234.0-113.203.240.255
113.203.244.0/24
180.178.164.0-180.178.168.255
180.178.172.0/24
180.178.174.0/23
180.178.178.0/24
180.178.180.0/22
223.29.224.0/20
IPv6:
2401:4100::/32
Signature Algorithm: sha256WithRSAEncryption
93:f7:0c:b5:4d:1e:05:6c:91:b8:84:ae:7a:24:e3:28:30:83:
ec:f2:cb:77:89:68:de:74:c5:be:c3:2b:56:b1:95:a6:64:21:
60:ab:d9:85:1e:74:1e:ab:49:49:a1:64:6f:93:14:52:9e:c4:
05:0d:d8:96:1c:7a:eb:40:08:58:ec:8a:fb:9a:74:44:ef:bc:
b9:63:40:0d:11:b8:fa:e9:1b:3a:af:f1:0c:88:68:a4:23:0e:
2b:d0:fa:ed:95:13:7e:a5:64:42:ce:d7:23:52:0e:aa:c0:ba:
42:af:47:87:45:14:38:b7:ba:17:b2:d9:35:17:35:17:51:9e:
74:b7:11:3a:6b:af:b7:1a:b9:99:26:30:5d:ca:5a:5d:a9:5f:
91:4b:13:84:b5:a1:c7:79:ab:59:5f:ff:7d:0e:39:71:4d:44:
c8:79:8f:8f:c1:85:9b:3f:37:da:ed:14:2b:0f:2f:9f:e1:2a:
6c:66:a7:85:8e:a1:d8:f9:0b:56:eb:3e:db:2b:38:24:aa:ea:
86:b3:1a:2f:c4:a9:94:3f:da:f1:a7:6b:33:a7:e7:fd:d7:ae:
c9:94:c0:4c:87:83:a0:37:5c:33:50:2b:f7:ec:f8:1c:8f:ba:
97:05:4b:bd:ec:b4:af:45:ef:8b:76:ae:9e:79:7e:d1:04:7a:
53:1b:37:3b
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgICCi4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwNDE5MTEwMDQ0WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDNmYzlkYy1jYzI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsGyBwKEqvp/L5Pd1HGS5UbQDEI1fCQ1BLcsn2Dzs6JEzM165J5pfLEYFeeK5
TG7N8J8fJJcPkKeFHhdCbXtw8Co1X9P1vSs7EQ9SOOctB6Tz335SuHH+YROnxgKv
WrZyw0KJB69TrioxbvYoiP9a6Y3HM6RUStuE1CgUrm3BqRfKqxUs223trADkmNw/
Iriy1K1hf7YiJuLR63j9/K2FxnyRtf2b92N2+uJXp0NMqV2Jnpn8246NV1hgkB/h
/Y1EFOoeg1tZfn83TNTGkHwb58TbLSmgeIGSx6vTeB3xW6+XpNUqq7bjg54rBQfI
z1JwWBW/a9fZjsYmFBSFIzQrbQIDAQABo4IC/zCCAvswHQYDVR0OBBYEFP03w+AS
BCv1gImKQSydK9SWCIx6MB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvNkU0NjlCMDRE
RUExMTFFRDg0RTVEMTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYgGCCsGAQUFBwEHAQH/
BHkwdzBmBAIAATBgAwQAccvRMAwDBABxy9MDBABxy9gDBABxy9sDBABxy+IwDAME
AXHL6gMEAHHL8AMEAHHL9DAMAwQCtLKkAwQAtLKoAwQAtLKsAwQBtLKuAwQAtLKy
AwQCtLK0AwQE3x3gMA0EAgACMAcDBQAkAUEAMA0GCSqGSIb3DQEBCwUAA4IBAQCT
9wy1TR4FbJG4hK56JOMoMIPs8st3iWjedMW+wytWsZWmZCFgq9mFHnQeq0lJoWRv
kxRSnsQFDdiWHHrrQAhY7Ir7mnRE77y5Y0ANEbj66Rs6r/EMiGikIw4r0PrtlRN+
pWRCztcjUg6qwLpCr0eHRRQ4t7oXstk1FzUXUZ50txE6a6+3GrmZJjBdylpdqV+R
SxOEtaHHeatZX/99DjlxTUTIeY+PwYWbPzfa7RQrDy+f4SpsZqeFjqHY+QtW6z7b
KzgkquqGsxovxKmUP9rxp2szp+f9167JlMBMh4OgN1wzUCv37Pgcj7qXBUu97LSv
Re+Ldq6eeX7RBHpTGzc7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-ams.rpki-client.org