Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/E41DBAC6C41411EDB026573AC4F9AE02.roa
File: E41DBAC6C41411EDB026573AC4F9AE02.roa (raw, json)
Hash identifier: Rbne6oWevux/RRZtjEDMWewUpoW8fWTAAfCMfH+tc3k=
Subject key identifier: EC:27:9D:DC:F5:19:63:7E:D2:6B:2F:EA:6A:01:42:92:64:C2:C3:15
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 09BA
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/E41DBAC6C41411EDB026573AC4F9AE02.roa
Signing time: Thu 16 Mar 2023 16:09:12 +0000
ROA not before: Thu 16 Mar 2023 16:09:12 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 17539
IP address blocks: 113.203.232.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2490 (0x9ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Mar 16 16:09:12 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64133f28-1c84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6a:0b:a8:95:51:2d:66:90:a4:16:f0:be:e5:
9d:1e:63:c0:09:f6:41:92:8a:d9:30:64:05:99:8e:
21:4b:82:53:0c:14:62:e0:e0:cf:7f:a8:e5:f8:d0:
0c:2d:65:8d:0a:4d:db:84:95:77:ec:e9:4a:31:42:
18:9e:2a:d3:85:e7:42:84:29:a4:71:23:e9:3d:a0:
6c:84:18:4d:65:f4:dc:e5:41:e9:1c:6c:75:e3:d2:
63:84:8a:b8:cb:c6:98:e8:ee:6f:07:4f:b8:d9:34:
08:ae:5a:71:7e:58:0d:0a:18:5d:6b:92:1b:f6:dd:
0d:1b:67:10:fe:ba:8b:a0:c0:48:f0:e1:58:a6:67:
66:7b:c7:fa:d3:f3:80:15:56:53:9f:9e:cf:fe:20:
6b:67:1a:c7:c2:f0:47:13:5f:31:ec:32:70:63:52:
bf:42:85:bb:32:a8:a9:75:bd:65:d5:8d:c4:af:4e:
21:07:61:a6:4e:2c:24:10:aa:4f:74:b5:80:18:ef:
aa:9a:57:c6:dc:08:4d:a9:48:2b:51:05:94:14:d0:
82:21:cb:8f:9f:e2:3a:89:29:6e:0a:0b:85:f0:3e:
01:a1:4e:e0:5d:13:6e:83:69:7d:d9:0c:9e:24:b3:
62:fb:f9:bb:ca:ff:d1:8b:d9:77:b5:ee:36:e5:82:
f8:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:27:9D:DC:F5:19:63:7E:D2:6B:2F:EA:6A:01:42:92:64:C2:C3:15
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/E41DBAC6C41411EDB026573AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.232.0/24
Signature Algorithm: sha256WithRSAEncryption
78:3d:4e:c0:d1:2a:6c:c6:4a:77:2d:95:5e:79:04:fe:79:f0:
84:b2:4c:3b:b6:fe:23:b8:76:63:9a:de:4c:19:e4:b3:30:f8:
ee:f9:ea:2c:e6:ca:ab:30:2e:de:ff:12:d0:fa:e3:7e:02:bf:
c6:28:3c:ea:35:98:6a:3a:9c:f3:10:e5:45:10:6e:73:c7:e4:
37:89:d9:ab:5a:15:cd:78:4e:e7:99:48:f5:b4:7f:4a:5a:0f:
ef:8b:6d:28:48:e2:d7:02:ee:9e:95:17:32:6c:80:05:86:79:
5c:06:2a:98:8c:68:cc:45:08:c3:b3:6a:12:c0:7e:76:a7:86:
71:fa:28:91:92:7e:13:52:ea:7d:b7:8f:7b:5d:55:5f:43:c1:
bc:f9:f3:a5:c1:28:6b:00:e3:4e:5b:e0:33:c6:9c:7b:55:85:
b7:de:09:a7:0a:e7:03:95:b7:40:7d:97:06:bd:7d:5b:72:32:
a2:ce:e2:34:15:15:cb:8a:36:6a:00:90:42:44:ab:fe:0f:80:
d4:08:c6:0e:4c:40:97:ec:e1:8f:01:e2:01:59:5b:3c:0c:b6:
c3:87:ce:f8:28:cb:4d:cb:ee:5a:dd:b9:92:68:c4:95:6d:be:
be:3c:6f:5a:ce:c6:2d:eb:dd:57:89:a6:01:67:9e:76:74:51:
6a:6f:7a:5e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCbowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwMzE2MTYwOTEyWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDEzM2YyOC0xYzg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqGoLqJVRLWaQpBbwvuWdHmPACfZBkorZMGQFmY4hS4JTDBRi4ODPf6jl+NAM
LWWNCk3bhJV37OlKMUIYnirThedChCmkcSPpPaBshBhNZfTc5UHpHGx149JjhIq4
y8aY6O5vB0+42TQIrlpxflgNChhda5Ib9t0NG2cQ/rqLoMBI8OFYpmdme8f60/OA
FVZTn57P/iBrZxrHwvBHE18x7DJwY1K/QoW7Mqipdb1l1Y3Er04hB2GmTiwkEKpP
dLWAGO+qmlfG3AhNqUgrUQWUFNCCIcuPn+I6iSluCguF8D4BoU7gXRNug2l92Qye
JLNi+/m7yv/Ri9l3te425YL4hQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOwnndz1
GWN+0msv6moBQpJkwsMVMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvRTQxREJBQzZD
NDE0MTFFREIwMjY1NzNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABxy+gwDQYJKoZIhvcNAQELBQADggEBAHg9TsDRKmzGSnct
lV55BP558ISyTDu2/iO4dmOa3kwZ5LMw+O756izmyqswLt7/EtD6434Cv8YoPOo1
mGo6nPMQ5UUQbnPH5DeJ2ataFc14TueZSPW0f0paD++LbShI4tcC7p6VFzJsgAWG
eVwGKpiMaMxFCMOzahLAfnanhnH6KJGSfhNS6n23j3tdVV9Dwbz586XBKGsA405b
4DPGnHtVhbfeCacK5wOVt0B9lwa9fVtyMqLO4jQVFcuKNmoAkEJEq/4PgNQIxg5M
QJfs4Y8B4gFZWzwMtsOHzvgoy03L7lrduZJoxJVtvr48b1rOxi3r3VeJpgFnnnZ0
UWpvel4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:15 2023 by rpki-client on console-fra.rpki-client.org