Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/C90444DAA9BC11EC8E7B7C7EC4F9AE02.roa
File: C90444DAA9BC11EC8E7B7C7EC4F9AE02.roa (raw, json)
Hash identifier: UsCsWyFmJxcw9yvQW3Gr7k3C3JNdHcC0qWL2V278bbU=
Subject key identifier: 66:E1:3D:51:B8:3D:0E:E2:6F:79:A6:17:6D:32:CD:53:BF:68:FF:00
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 06C3
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/C90444DAA9BC11EC8E7B7C7EC4F9AE02.roa
Signing time: Tue 22 Mar 2022 08:48:03 +0000
ROA not before: Tue 22 Mar 2022 08:48:03 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 17557
IP address blocks: 223.29.226.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1731 (0x6c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Mar 22 08:48:03 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=62398d43-0521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:50:bb:4b:aa:32:57:23:4c:5f:ce:0b:47:d5:
83:e8:28:d7:c2:15:fe:da:c1:bc:2d:82:1e:de:44:
cf:c2:71:76:6e:11:4a:ae:f5:32:34:2a:88:f3:7c:
f3:a1:44:c5:8e:34:4c:d6:2d:6d:d8:92:c8:6d:23:
f1:38:47:a4:17:32:db:2d:e8:76:08:a1:f5:61:55:
6b:0b:09:76:da:8f:83:6a:7b:1b:7a:7c:0b:77:be:
4b:d6:b6:e8:1a:90:ad:48:30:29:77:d2:70:ea:4e:
ca:c2:7d:60:d7:cb:0f:59:e3:13:38:cc:d8:20:a9:
b6:9e:e0:d2:22:0f:6a:30:12:ed:24:cd:fb:61:17:
51:b9:f0:23:c3:4d:6c:f3:8d:c0:0e:e7:8b:c9:d7:
3b:e7:13:93:ce:81:09:8a:9b:c6:09:69:f2:b3:2e:
97:3b:10:14:d8:06:0d:3e:c6:bf:49:0d:15:78:6a:
b6:7d:69:c1:38:c0:ea:6e:f9:7a:fb:86:36:8e:7d:
c1:b4:25:c1:c7:ea:ec:f0:46:8f:1b:53:ac:de:94:
43:1d:14:d2:44:22:d2:9a:75:ec:68:2c:87:8f:ab:
36:43:bd:ec:b6:93:75:9e:62:30:18:79:c1:63:c9:
b2:04:27:35:86:8a:1c:26:c4:e0:ad:79:a8:7f:21:
1a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:E1:3D:51:B8:3D:0E:E2:6F:79:A6:17:6D:32:CD:53:BF:68:FF:00
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/C90444DAA9BC11EC8E7B7C7EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
223.29.226.0/24
Signature Algorithm: sha256WithRSAEncryption
49:14:7b:30:4f:e2:2c:16:ee:9b:c7:96:f9:fc:53:7d:e5:2d:
0f:e7:6d:ad:18:da:80:55:1a:9a:19:76:22:10:4e:14:ff:86:
3d:72:b7:cd:f9:62:76:31:23:6d:af:61:60:4d:49:a5:9a:2a:
1a:e2:ad:d0:6d:ce:db:a2:b2:c0:1f:57:40:8d:13:e1:90:83:
0e:ce:32:a4:09:d8:15:27:03:06:36:c7:cd:d9:89:d4:7a:9c:
32:72:b8:a1:61:62:16:94:34:6d:6b:cc:11:70:6c:de:18:5a:
19:f1:d2:a5:9b:9d:3c:d5:15:0d:21:e7:ca:46:11:df:de:3f:
41:f5:06:70:39:aa:28:31:92:06:20:0e:7d:38:4a:92:3a:f7:
bf:69:ae:73:8c:93:b0:af:0d:9b:ac:c4:b5:99:26:a2:47:e2:
bb:b3:a4:5c:c7:0d:aa:e2:a6:f7:92:c0:70:d8:92:1e:87:c1:
77:eb:53:ed:a4:f1:bb:fd:13:20:05:e7:54:f6:ef:48:e1:56:
10:73:ca:1b:eb:11:6f:da:fd:d9:db:ca:ce:69:9b:b7:ea:3e:
48:13:57:a8:d6:c1:8b:a4:fb:2c:f9:50:4a:65:76:e5:c6:4a:
a3:98:34:dd:3a:5c:32:59:f8:ea:1d:b7:36:87:25:10:00:b6:
b4:60:2b:c4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBsMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjIwMzIyMDg0ODAzWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjM5OGQ0My0wNTIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtVC7S6oyVyNMX84LR9WD6CjXwhX+2sG8LYIe3kTPwnF2bhFKrvUyNCqI83zz
oUTFjjRM1i1t2JLIbSPxOEekFzLbLeh2CKH1YVVrCwl22o+DansbenwLd75L1rbo
GpCtSDApd9Jw6k7Kwn1g18sPWeMTOMzYIKm2nuDSIg9qMBLtJM37YRdRufAjw01s
843ADueLydc75xOTzoEJipvGCWnysy6XOxAU2AYNPsa/SQ0VeGq2fWnBOMDqbvl6
+4Y2jn3BtCXBx+rs8EaPG1Os3pRDHRTSRCLSmnXsaCyHj6s2Q73stpN1nmIwGHnB
Y8myBCc1hoocJsTgrXmofyEazwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGbhPVG4
PQ7ib3mmF20yzVO/aP8AMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvQzkwNDQ0REFB
OUJDMTFFQzhFN0I3QzdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADfHeIwDQYJKoZIhvcNAQELBQADggEBAEkUezBP4iwW7pvH
lvn8U33lLQ/nba0Y2oBVGpoZdiIQThT/hj1yt835YnYxI22vYWBNSaWaKhrirdBt
ztuissAfV0CNE+GQgw7OMqQJ2BUnAwY2x83ZidR6nDJyuKFhYhaUNG1rzBFwbN4Y
Whnx0qWbnTzVFQ0h58pGEd/eP0H1BnA5qigxkgYgDn04SpI6979prnOMk7CvDZus
xLWZJqJH4ruzpFzHDaripveSwHDYkh6HwXfrU+2k8bv9EyAF51T270jhVhBzyhvr
EW/a/dnbys5pm7fqPkgTV6jWwYuk+yz5UEplduXGSqOYNN06XDJZ+OodtzaHJRAA
trRgK8Q=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:15 2023 by rpki-client on console-fra.rpki-client.org