Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/AC6160B4529211EC8FB35F14C4F9AE02.roa
File: AC6160B4529211EC8FB35F14C4F9AE02.roa (raw, json)
Hash identifier: 6EYM+7HVfDcgwAAuOsv2aVxWhNGFI/VHJKXEK9zBiIs=
Subject key identifier: EE:28:36:A3:4B:89:85:19:D7:6B:C5:1A:96:76:65:14:96:E1:EF:25
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 05C4
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/AC6160B4529211EC8FB35F14C4F9AE02.roa
Signing time: Fri 03 Dec 2021 11:38:30 +0000
ROA not before: Fri 03 Dec 2021 11:38:30 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 57844
IP address blocks: 113.203.242.0/24 maxlen: 24
113.203.243.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1476 (0x5c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Dec 3 11:38:30 2021 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=61aa01b6-0ca8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:fa:19:ca:9c:ca:99:ab:e6:e3:3c:62:72:e1:
40:40:50:90:06:06:0a:10:e2:ea:a3:d5:5d:0e:a9:
10:1f:92:40:0a:70:cd:47:4f:e9:36:f3:ed:20:de:
05:1e:08:b0:ce:b0:3b:a3:38:5d:e6:bb:de:20:51:
b0:cb:5d:f8:45:af:b0:73:6e:07:dc:5f:30:44:f1:
5b:a5:46:9d:6b:43:84:96:3c:c8:9f:c1:bb:e2:46:
9e:6c:be:f7:36:20:eb:5e:92:cc:7e:00:07:e4:4a:
e0:60:9b:6c:1d:47:af:9d:d5:34:f1:84:f7:85:da:
70:32:08:4f:31:89:77:dc:9b:e1:3f:8d:45:3d:b9:
b8:05:dc:28:e6:b5:90:be:8f:ab:f8:21:83:f7:20:
03:c1:b3:ae:d6:72:56:a7:43:3a:e9:83:31:04:77:
14:c7:64:33:f7:d9:31:77:83:88:94:38:e6:2f:65:
f8:f1:d2:80:2c:7e:6b:a9:47:98:a4:1f:75:18:32:
6c:0e:88:bb:db:a5:38:63:ff:2c:28:9b:00:69:16:
57:db:2f:77:c1:5c:76:23:97:e2:9f:e4:24:76:66:
e6:d1:57:29:4e:c0:43:7b:8a:72:a4:e1:4e:c2:ba:
64:a1:86:2a:29:72:9c:28:ac:a5:fb:12:9e:50:be:
27:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:28:36:A3:4B:89:85:19:D7:6B:C5:1A:96:76:65:14:96:E1:EF:25
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/AC6160B4529211EC8FB35F14C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.242.0/23
Signature Algorithm: sha256WithRSAEncryption
54:04:e9:0a:f8:3c:b0:76:f6:d1:0b:a2:fb:8a:62:57:09:24:
e9:3d:89:27:55:fc:6a:3f:a0:91:1c:7c:9a:ea:50:94:7f:60:
2e:82:87:9f:36:ff:ad:b2:cf:1f:46:d8:fa:11:29:26:6e:b7:
64:fd:06:9f:98:1f:6e:16:d6:22:77:63:44:aa:db:91:38:75:
13:66:78:c4:2e:ef:54:21:ca:9c:48:f2:b5:11:f2:d0:77:34:
85:21:85:23:38:0a:b6:14:7e:fc:88:88:f0:29:38:9d:9f:7e:
6b:5b:eb:dc:08:7a:1b:00:25:32:38:f3:cc:6b:e4:2c:32:35:
54:9e:f4:f2:a5:ac:11:74:73:8b:10:0e:3f:f4:57:e8:b6:7b:
f9:ef:88:c3:16:c3:d0:0e:cf:37:ef:d4:c5:fb:d4:ca:04:26:
fa:f0:9c:b8:71:c8:4c:7d:67:93:81:82:48:1b:a6:5f:47:70:
62:f1:ea:3e:8f:bc:74:31:f9:d7:80:9d:96:2f:37:ec:c6:48:
77:f6:89:08:29:0f:20:ed:09:8a:e5:d0:b0:b4:f4:f2:35:f4:
c8:bb:a9:3d:26:e2:4d:ab:a5:bc:d6:63:1d:d6:e6:4e:fe:1a:
d6:b5:fb:cf:6e:39:06:61:ba:5e:d4:af:a9:85:c9:15:8d:8f:
67:54:84:78
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBcQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjExMjAzMTEzODMwWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWFhMDFiNi0wY2E4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4/oZypzKmavm4zxicuFAQFCQBgYKEOLqo9VdDqkQH5JACnDNR0/pNvPtIN4F
HgiwzrA7ozhd5rveIFGwy134Ra+wc24H3F8wRPFbpUada0OEljzIn8G74kaebL73
NiDrXpLMfgAH5ErgYJtsHUevndU08YT3hdpwMghPMYl33JvhP41FPbm4Bdwo5rWQ
vo+r+CGD9yADwbOu1nJWp0M66YMxBHcUx2Qz99kxd4OIlDjmL2X48dKALH5rqUeY
pB91GDJsDoi726U4Y/8sKJsAaRZX2y93wVx2I5fin+Qkdmbm0VcpTsBDe4pypOFO
wrpkoYYqKXKcKKyl+xKeUL4nxQIDAQABo4IClTCCApEwHQYDVR0OBBYEFO4oNqNL
iYUZ12vFGpZ2ZRSW4e8lMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvQUM2MTYwQjQ1
MjkyMTFFQzhGQjM1RjE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFxy/IwDQYJKoZIhvcNAQELBQADggEBAFQE6Qr4PLB29tEL
ovuKYlcJJOk9iSdV/Go/oJEcfJrqUJR/YC6Ch582/62yzx9G2PoRKSZut2T9Bp+Y
H24W1iJ3Y0Sq25E4dRNmeMQu71QhypxI8rUR8tB3NIUhhSM4CrYUfvyIiPApOJ2f
fmtb69wIehsAJTI488xr5CwyNVSe9PKlrBF0c4sQDj/0V+i2e/nviMMWw9AOzzfv
1MX71MoEJvrwnLhxyEx9Z5OBgkgbpl9HcGLx6j6PvHQx+deAnZYvN+zGSHf2iQgp
DyDtCYrl0LC09PI19Mi7qT0m4k2rpbzWYx3W5k7+Gta1+89uOQZhul7Ur6mFyRWN
j2dUhHg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-ams.rpki-client.org