Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/C5F1301CDF6411EDB132A551C4F9AE02.roa
File: C5F1301CDF6411EDB132A551C4F9AE02.roa (raw, json)
Hash identifier: RgHMJuBPeHG2oo5tIBZaqQ2UIFVa2xvIUwLS4kvKEbk=
Subject key identifier: E7:E7:9A:6B:A8:C6:2A:07:DF:B3:A9:B0:DB:F3:5B:78:09:71:ED:5F
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0A36
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/C5F1301CDF6411EDB132A551C4F9AE02.roa
Signing time: Thu 20 Apr 2023 10:19:03 +0000
ROA not before: Thu 20 Apr 2023 10:19:03 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 7018
IP address blocks: 113.203.208.0/24 maxlen: 24
113.203.210.0/24 maxlen: 24
113.203.218.0/24 maxlen: 24
113.203.220.0/24 maxlen: 24
113.203.222.0/24 maxlen: 24
113.203.223.0/24 maxlen: 24
113.203.224.0/24 maxlen: 24
113.203.225.0/24 maxlen: 24
113.203.227.0/24 maxlen: 24
113.203.233.0/24 maxlen: 24
113.203.245.0/24 maxlen: 24
113.203.252.0/22 maxlen: 24
223.29.226.0/24 maxlen: 24
223.29.235.0/24 maxlen: 24
223.29.236.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2614 (0xa36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Apr 20 10:19:03 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64411197-4658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b5:b2:18:8e:cb:32:9c:48:67:63:eb:02:99:
67:ec:e6:c3:76:fd:1c:a3:d7:73:64:06:3f:36:45:
f0:b6:93:29:4c:40:76:0d:68:43:1a:e7:54:30:f3:
d9:7b:3b:df:c9:64:af:ab:46:6a:da:fc:7b:e2:81:
3d:2a:b9:ff:a1:a7:19:44:c5:bd:9b:00:e8:90:a8:
74:ae:3f:f3:ca:36:22:48:32:3a:df:47:ef:8b:1b:
9f:ee:16:b0:80:4a:91:69:a9:02:8c:1c:7e:f7:60:
c3:8a:ad:77:7e:81:a8:30:e1:78:61:7e:9d:6c:ca:
11:74:e2:32:19:d7:47:26:96:e1:04:25:e1:33:da:
d5:a9:d3:a6:61:f3:44:df:c3:7b:2a:fe:97:25:33:
0a:e9:2b:c9:d7:5a:e8:da:34:93:31:47:61:2a:98:
1b:05:ab:c5:b1:b8:46:e5:79:d1:3c:78:bb:90:c6:
eb:dd:5e:2c:dc:73:df:73:fb:5e:59:2d:08:c0:fe:
3b:a5:ae:fe:26:db:a1:1d:2a:75:54:4a:56:93:88:
b4:4f:c7:90:29:13:80:94:97:d5:65:eb:f8:fa:7c:
fe:51:25:ef:b1:5e:da:e2:d7:86:e2:22:ab:79:be:
ac:1f:6b:9b:e0:a4:ce:69:c1:df:bb:a6:c5:1e:74:
4c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:E7:9A:6B:A8:C6:2A:07:DF:B3:A9:B0:DB:F3:5B:78:09:71:ED:5F
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/C5F1301CDF6411EDB132A551C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.208.0/24
113.203.210.0/24
113.203.218.0/24
113.203.220.0/24
113.203.222.0-113.203.225.255
113.203.227.0/24
113.203.233.0/24
113.203.245.0/24
113.203.252.0/22
223.29.226.0/24
223.29.235.0-223.29.238.255
Signature Algorithm: sha256WithRSAEncryption
1a:36:1a:cc:1f:ef:4c:ab:ab:ef:69:c6:6d:2b:eb:75:de:86:
5a:a9:f4:07:f8:cb:ea:dd:64:e3:ee:ec:6b:fc:80:e9:d0:9a:
17:fb:97:e7:cb:36:db:d4:34:1b:d3:a0:ff:4d:fe:17:e7:1d:
cf:05:e8:87:e9:b7:c3:32:94:4a:81:90:e5:fe:9e:c9:d8:46:
b4:89:a8:50:6e:7f:c0:7a:8b:b7:71:cf:09:d4:c3:f8:af:0e:
88:cf:ae:23:e7:0c:eb:22:2c:cf:df:ad:0a:de:0e:34:d0:fb:
53:e5:25:5b:ca:15:cb:d7:ea:60:bc:81:b0:2c:62:e2:bf:fc:
33:0c:76:9e:84:6a:44:51:cf:ac:79:b1:ca:f0:42:b0:3f:8a:
ba:dc:db:36:3e:6f:47:07:69:7c:88:0d:3d:b0:ed:80:ee:e9:
78:1b:67:60:56:ee:97:50:69:17:44:83:2e:49:2b:21:96:05:
31:b2:ed:ff:cf:26:9a:bf:0e:1c:28:81:49:81:c6:d9:7a:bf:
6e:e5:01:1b:ea:b4:fe:2e:41:10:d9:c6:e8:b2:f6:ab:0b:94:
3f:73:74:c5:10:ac:2e:11:28:d7:66:ca:c1:7d:4f:05:6c:09:
b3:75:9d:e6:97:68:09:e9:7a:50:7b:2f:57:f6:9a:43:98:5d:
45:73:33:f6
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgICCjYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwNDIwMTAxOTAzWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDQxMTE5Ny00NjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqbWyGI7LMpxIZ2PrApln7ObDdv0co9dzZAY/NkXwtpMpTEB2DWhDGudUMPPZ
ezvfyWSvq0Zq2vx74oE9Krn/oacZRMW9mwDokKh0rj/zyjYiSDI630fvixuf7haw
gEqRaakCjBx+92DDiq13foGoMOF4YX6dbMoRdOIyGddHJpbhBCXhM9rVqdOmYfNE
38N7Kv6XJTMK6SvJ11ro2jSTMUdhKpgbBavFsbhG5XnRPHi7kMbr3V4s3HPfc/te
WS0IwP47pa7+JtuhHSp1VEpWk4i0T8eQKROAlJfVZev4+nz+USXvsV7a4teG4iKr
eb6sH2ub4KTOacHfu6bFHnRMRQIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFOfnmmuo
xioH37OpsNvzW3gJce1fMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvQzVGMTMwMUNE
RjY0MTFFREIxMzJBNTUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwawYIKwYBBQUHAQcBAf8E
XDBaMFgEAgABMFIDBABxy9ADBABxy9IDBABxy9oDBABxy9wwDAMEAXHL3gMEAXHL
4AMEAHHL4wMEAHHL6QMEAHHL9QMEAnHL/AMEAN8d4jAMAwQA3x3rAwQA3x3uMA0G
CSqGSIb3DQEBCwUAA4IBAQAaNhrMH+9Mq6vvacZtK+t13oZaqfQH+Mvq3WTj7uxr
/IDp0JoX+5fnyzbb1DQb06D/Tf4X5x3PBeiH6bfDMpRKgZDl/p7J2Ea0iahQbn/A
eou3cc8J1MP4rw6Iz64j5wzrIizP360K3g400PtT5SVbyhXL1+pgvIGwLGLiv/wz
DHaehGpEUc+sebHK8EKwP4q63Ns2Pm9HB2l8iA09sO2A7ul4G2dgVu6XUGkXRIMu
SSshlgUxsu3/zyaavw4cKIFJgcbZer9u5QEb6rT+LkEQ2cbosvarC5Q/c3TFEKwu
ESjXZsrBfU8FbAmzdZ3ml2gJ6XpQey9X9ppDmF1FczP2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-ams.rpki-client.org