Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/B3CA96FA2E0A11ED8128767CC4F9AE02.roa
File: B3CA96FA2E0A11ED8128767CC4F9AE02.roa (raw, json)
Hash identifier: GoyaMBD1+ijJUPoqdHuYYVk2QPe4/99SHsL+wS1/4zk=
Subject key identifier: FB:48:A9:26:AD:BB:50:46:D5:03:6B:9D:DB:33:84:AC:59:1D:C1:7C
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 086E
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/B3CA96FA2E0A11ED8128767CC4F9AE02.roa
Signing time: Tue 06 Sep 2022 17:38:22 +0000
ROA not before: Tue 06 Sep 2022 17:38:22 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 137409
IP address blocks: 113.203.233.0/24 maxlen: 24
180.178.140.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2158 (0x86e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Sep 6 17:38:22 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=6317858e-ba95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d7:b4:49:7b:74:66:89:f4:ac:88:1a:f9:b0:
f1:99:02:1d:88:92:89:7f:cb:cb:9f:69:62:55:7a:
97:07:3a:79:fa:71:24:e3:bf:80:cd:57:93:e4:76:
a1:45:87:75:5f:f6:e9:63:49:36:50:2a:c9:4d:31:
4a:75:d6:b8:71:f1:fa:b9:2b:a9:99:b3:fb:e1:59:
fd:a0:63:2e:31:d3:61:a4:94:db:6a:59:43:40:18:
f0:d4:f8:1a:56:fc:4e:c7:8f:69:a5:06:9b:42:dd:
f7:02:6b:3b:14:1a:ad:0f:07:53:db:a9:be:03:ff:
ee:ac:99:6a:4f:a7:3b:85:2f:cc:03:88:9a:44:e8:
8d:60:b9:24:0c:2c:9d:a7:ad:7c:a5:af:6d:af:9e:
ef:20:75:b6:f1:54:e8:57:64:bb:37:59:d0:a7:a4:
81:01:0d:81:b3:78:3a:7b:3e:7f:a8:f2:54:02:f2:
6e:8e:2d:f2:2c:c7:f3:fb:ae:4e:4e:64:c5:fb:62:
24:a0:d4:a7:26:48:a8:76:53:3c:0b:63:f1:d3:24:
14:93:98:1d:92:74:90:6f:b3:ab:30:47:07:05:63:
94:71:06:57:bd:f7:90:1b:a5:38:f7:8e:f3:b5:80:
36:6c:c7:9f:af:81:5d:5d:34:ba:c4:03:43:69:f4:
e9:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:48:A9:26:AD:BB:50:46:D5:03:6B:9D:DB:33:84:AC:59:1D:C1:7C
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/B3CA96FA2E0A11ED8128767CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.233.0/24
180.178.140.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:e7:88:a2:b1:af:7a:44:59:16:d7:8c:1c:5e:86:7e:cb:c2:
2c:d7:a9:9b:03:5f:3a:72:d2:d7:e0:35:e3:95:e5:82:d1:c3:
ee:96:0a:5e:b8:71:b9:ea:0b:98:64:7d:3e:54:3e:ff:42:81:
88:2d:2a:ab:e6:99:5a:1e:e9:24:a6:1a:b1:c7:6e:89:88:23:
50:90:b1:4a:2b:f1:a7:02:07:f9:d9:b1:7e:ce:2d:a8:e5:96:
84:4e:63:e1:1d:9c:60:b8:12:7c:9a:77:b4:2c:8b:19:c5:b1:
7c:94:c3:9e:26:4e:ce:db:77:63:ad:fd:8c:b9:a6:c5:61:8b:
58:a6:17:2b:30:5b:26:d8:cb:20:b5:be:b6:92:22:e3:3f:7c:
7b:3e:15:23:c2:f5:55:0f:96:0b:7a:8b:3b:85:cc:30:45:3b:
6a:13:0a:49:fd:34:ab:70:0c:b1:62:95:88:e4:7a:19:77:93:
aa:0a:6f:a2:1b:3f:e4:e3:cb:62:8a:96:96:19:83:6c:cf:01:
b6:08:68:ba:fd:b8:27:66:1f:85:dc:a0:2b:70:12:99:a6:c0:
fb:46:6b:3f:bc:04:6f:47:36:dd:bc:d8:da:a7:27:d1:64:28:
81:a4:5f:ca:ea:16:a0:7f:ac:bb:ff:45:79:ff:2f:e3:00:b9:
f7:2d:8f:3b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCG4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjIwOTA2MTczODIyWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzE3ODU4ZS1iYTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzde0SXt0Zon0rIga+bDxmQIdiJKJf8vLn2liVXqXBzp5+nEk47+AzVeT5Hah
RYd1X/bpY0k2UCrJTTFKdda4cfH6uSupmbP74Vn9oGMuMdNhpJTballDQBjw1Pga
VvxOx49ppQabQt33Ams7FBqtDwdT26m+A//urJlqT6c7hS/MA4iaROiNYLkkDCyd
p618pa9tr57vIHW28VToV2S7N1nQp6SBAQ2Bs3g6ez5/qPJUAvJuji3yLMfz+65O
TmTF+2IkoNSnJkiodlM8C2Px0yQUk5gdknSQb7OrMEcHBWOUcQZXvfeQG6U4947z
tYA2bMefr4FdXTS6xANDafTpHQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPtIqSat
u1BG1QNrndszhKxZHcF8MB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvQjNDQTk2RkEy
RTBBMTFFRDgxMjg3NjdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABxy+kDBAC0sowwDQYJKoZIhvcNAQELBQADggEBAD3niKKx
r3pEWRbXjBxehn7LwizXqZsDXzpy0tfgNeOV5YLRw+6WCl64cbnqC5hkfT5UPv9C
gYgtKqvmmVoe6SSmGrHHbomII1CQsUor8acCB/nZsX7OLajlloROY+EdnGC4Enya
d7QsixnFsXyUw54mTs7bd2Ot/Yy5psVhi1imFyswWybYyyC1vraSIuM/fHs+FSPC
9VUPlgt6izuFzDBFO2oTCkn9NKtwDLFilYjkehl3k6oKb6IbP+Tjy2KKlpYZg2zP
AbYIaLr9uCdmH4XcoCtwEpmmwPtGaz+8BG9HNt282NqnJ9FkKIGkX8rqFqB/rLv/
RXn/L+MAufctjzs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-ams.rpki-client.org