Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/C84A6414DF6411EDB132A551C4F9AE02.roa
File: C84A6414DF6411EDB132A551C4F9AE02.roa (raw, json)
Hash identifier: LEy+Nw4aaQgdjJpDOyJkHsk3YOx/vr+XK/CiyLvJZCs=
Subject key identifier: 7E:26:62:79:61:00:A4:CC:F1:B8:76:55:9D:B2:14:6B:43:2A:62:B1
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0A38
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/C84A6414DF6411EDB132A551C4F9AE02.roa
Signing time: Thu 20 Apr 2023 10:19:07 +0000
ROA not before: Thu 20 Apr 2023 10:19:07 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 996
IP address blocks: 113.203.228.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2616 (0xa38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Apr 20 10:19:07 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6441119b-1ce5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:de:61:ea:a2:a1:ed:ba:09:50:bd:d5:af:d9:
85:51:b4:ca:23:16:4f:a5:e2:40:76:e5:83:8c:23:
d7:da:e9:40:0e:7a:ea:fd:d0:45:11:70:a9:31:6d:
d9:cf:2d:5a:37:8a:a0:ba:d1:42:77:69:63:d0:60:
79:f5:37:7d:51:5e:c6:5d:55:9a:28:fd:be:68:7b:
bc:cf:4b:6c:c2:e2:3e:ab:62:e9:6b:ce:ae:0a:82:
ee:ca:5d:d1:cc:9a:3a:e8:aa:a9:06:b1:cc:53:6d:
39:51:2c:7e:ca:26:83:9f:bc:fa:35:1a:e9:9d:a9:
3b:99:47:ee:a7:64:b6:dd:c8:0e:69:4a:62:97:92:
96:05:18:2f:90:4a:65:8d:c9:82:36:8e:eb:c1:bd:
45:30:cb:20:74:e7:f7:88:9d:a7:ae:1d:74:92:78:
c1:79:17:e4:ca:19:3d:aa:8f:c1:37:4f:5a:b3:f8:
bb:5c:1f:32:cc:46:60:2a:0a:3b:3c:68:cd:d0:63:
fb:ec:2f:ce:d7:7b:1b:27:8c:76:06:07:8e:85:42:
50:af:bf:12:7b:26:71:af:61:2f:2e:48:21:cf:25:
ad:6c:a6:d3:6f:86:bc:1b:2b:2f:a7:b5:d7:b7:cf:
7d:32:77:6d:ef:e7:85:9c:2e:f6:78:de:5d:6f:2c:
14:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:26:62:79:61:00:A4:CC:F1:B8:76:55:9D:B2:14:6B:43:2A:62:B1
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/C84A6414DF6411EDB132A551C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.228.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:5a:c5:a0:1a:45:8f:a3:c8:4f:e0:33:4d:2a:90:cc:ca:98:
d0:97:f8:2a:42:a7:13:8f:15:ef:82:9c:bf:45:2b:91:c1:48:
92:f9:f2:a0:97:43:9d:85:66:a4:33:23:b9:2b:62:9e:cc:71:
8a:c6:6b:67:cc:ad:2e:ff:98:9c:f0:94:c8:71:5a:d1:c3:8c:
a9:1b:39:f7:9b:29:be:1b:5f:c4:64:c0:7c:47:f2:96:4f:9e:
72:6f:d7:2b:53:11:f7:27:55:d8:bd:ab:2d:b2:25:ec:83:7b:
ad:48:54:90:f8:86:e5:58:c0:90:e5:87:db:e2:ea:19:30:62:
57:45:ff:da:62:75:7f:a8:38:70:26:2c:3a:bc:4c:57:ba:c8:
20:0d:f7:48:cf:4e:c6:9f:fb:79:73:92:a3:4a:78:d7:28:b5:
e1:41:7a:97:37:a6:e7:1f:33:d7:71:7e:37:f9:d0:bb:32:8f:
72:f3:4c:64:6e:7a:95:fe:3d:8a:ee:8e:68:50:81:64:0f:a2:
6c:30:ba:8e:25:37:9b:26:41:09:80:90:2b:fa:b8:4a:e0:f9:
1f:56:ec:9e:ed:ac:33:2c:83:d1:ee:bb:4c:90:3b:67:ce:a8:
66:cd:7f:b3:89:10:9a:0a:2c:b0:fe:92:34:cf:ec:6b:b0:9e:
02:e0:1f:f4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCjgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwNDIwMTAxOTA3WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDQxMTE5Yi0xY2U1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuN5h6qKh7boJUL3Vr9mFUbTKIxZPpeJAduWDjCPX2ulADnrq/dBFEXCpMW3Z
zy1aN4qgutFCd2lj0GB59Td9UV7GXVWaKP2+aHu8z0tswuI+q2Lpa86uCoLuyl3R
zJo66KqpBrHMU205USx+yiaDn7z6NRrpnak7mUfup2S23cgOaUpil5KWBRgvkEpl
jcmCNo7rwb1FMMsgdOf3iJ2nrh10knjBeRfkyhk9qo/BN09as/i7XB8yzEZgKgo7
PGjN0GP77C/O13sbJ4x2BgeOhUJQr78SeyZxr2EvLkghzyWtbKbTb4a8Gysvp7XX
t899Mndt7+eFnC72eN5dbywUGwIDAQABo4IClTCCApEwHQYDVR0OBBYEFH4mYnlh
AKTM8bh2VZ2yFGtDKmKxMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvQzg0QTY0MTRE
RjY0MTFFREIxMzJBNTUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJxy+QwDQYJKoZIhvcNAQELBQADggEBAA1axaAaRY+jyE/g
M00qkMzKmNCX+CpCpxOPFe+CnL9FK5HBSJL58qCXQ52FZqQzI7krYp7McYrGa2fM
rS7/mJzwlMhxWtHDjKkbOfebKb4bX8RkwHxH8pZPnnJv1ytTEfcnVdi9qy2yJeyD
e61IVJD4huVYwJDlh9vi6hkwYldF/9pidX+oOHAmLDq8TFe6yCAN90jPTsaf+3lz
kqNKeNcoteFBepc3pucfM9dxfjf50Lsyj3LzTGRuepX+PYrujmhQgWQPomwwuo4l
N5smQQmAkCv6uErg+R9W7J7trDMsg9Huu0yQO2fOqGbNf7OJEJoKLLD+kjTP7Guw
ngLgH/Q=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:15 2023 by rpki-client on console-fra.rpki-client.org