Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/E5CA088E65C811EDBDA3C43DC4F9AE02.roa
File: E5CA088E65C811EDBDA3C43DC4F9AE02.roa (raw, json)
Hash identifier: 1Z2/B3SfHljVpyITrZB7gkHNg8XpnNufS1nhTS3j1e0=
Subject key identifier: A6:1D:95:14:A2:CF:FB:85:C7:87:2A:52:C6:4D:54:FD:C4:1D:D3:B3
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 090A
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/E5CA088E65C811EDBDA3C43DC4F9AE02.roa
Signing time: Wed 16 Nov 2022 16:28:17 +0000
ROA not before: Wed 16 Nov 2022 16:28:17 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 209371
IP address blocks: 113.203.248.0/24 maxlen: 24
113.203.249.0/24 maxlen: 24
113.203.250.0/24 maxlen: 24
113.203.251.0/24 maxlen: 24
113.203.252.0/24 maxlen: 24
113.203.253.0/24 maxlen: 24
113.203.254.0/24 maxlen: 24
113.203.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2314 (0x90a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Nov 16 16:28:17 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63750fa1-ffba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a5:0b:b0:02:dd:6e:f1:8f:0c:74:79:84:41:
c6:b0:7f:79:04:8d:d7:25:14:d2:7c:20:65:3a:01:
e9:ab:8f:dc:53:a7:27:79:90:72:5f:34:4a:f0:84:
23:01:38:e2:e6:bf:3c:22:4d:3f:b8:00:87:be:22:
f7:0d:af:62:b4:6b:a4:47:07:d8:81:d3:e0:63:93:
ab:d2:ce:8f:82:7c:5d:4c:37:d7:2b:78:89:57:f1:
74:5e:33:f1:5f:22:af:dc:b7:52:5a:4c:b4:a8:24:
9f:97:3d:66:a0:cc:c2:7f:d1:56:5d:03:b3:9d:9a:
b4:70:a2:7e:57:99:75:4e:a8:e9:7c:4f:6a:05:e9:
47:b3:68:c5:6e:d8:30:16:b8:bc:20:0f:ae:bc:a0:
14:f7:ab:d2:24:de:6e:7a:81:4f:de:f8:73:6b:e3:
88:21:51:48:7a:77:10:14:3c:82:e3:fe:38:5e:09:
5a:5d:90:a8:ef:ce:bd:a8:3a:0e:15:44:77:56:14:
9d:cd:aa:2f:89:ee:c5:21:53:88:9a:18:14:11:c6:
e9:07:48:8e:68:d1:bc:d8:05:c8:31:a4:57:09:68:
1b:2f:95:8f:41:bc:3c:31:56:25:07:e8:8f:ed:44:
99:24:fc:59:0f:d6:04:6a:32:5e:2e:d0:1e:cb:d4:
0c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:1D:95:14:A2:CF:FB:85:C7:87:2A:52:C6:4D:54:FD:C4:1D:D3:B3
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/E5CA088E65C811EDBDA3C43DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.248.0/21
Signature Algorithm: sha256WithRSAEncryption
25:4a:e9:37:2a:f5:cc:fe:13:39:26:51:ec:de:27:36:cc:aa:
92:75:7f:93:72:da:a9:cb:23:b6:93:79:25:ed:d2:da:dc:42:
99:d3:d7:38:c8:da:7b:75:ce:1f:cb:44:1e:cf:dc:1c:28:e8:
e4:b2:54:e7:80:84:53:f6:9b:41:09:01:6c:3c:72:04:50:5a:
7d:eb:fa:70:80:ff:da:de:70:b4:5b:ce:09:98:c1:8f:df:19:
8e:61:7e:01:3a:1b:5a:35:f5:86:df:b7:1a:fc:d0:46:ba:be:
b0:8a:d8:f2:a3:ce:04:d7:6f:8b:15:d4:f6:d5:a7:dc:0a:94:
7f:64:07:55:e0:bf:2f:05:72:01:95:29:01:1b:c7:c5:bc:69:
f4:bc:ef:e5:35:bb:d2:81:de:f8:64:15:f5:80:4b:ec:e3:17:
21:b1:de:1a:1c:41:a1:7a:67:c5:78:c2:08:5a:3d:ee:5f:95:
6e:59:3d:56:41:b9:33:de:f8:08:11:c7:bd:0d:f0:25:19:ef:
52:b9:9c:a0:1a:21:77:d0:5d:14:cc:eb:74:44:59:a3:52:ae:
ed:97:a7:12:5d:31:1d:ae:4e:8d:80:96:17:e9:81:01:27:51:
45:fc:b6:ea:6c:eb:55:6e:85:e6:9d:67:e2:f9:83:41:bd:45:
d7:71:b5:91
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCQowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjIxMTE2MTYyODE3WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzc1MGZhMS1mZmJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt6ULsALdbvGPDHR5hEHGsH95BI3XJRTSfCBlOgHpq4/cU6cneZByXzRK8IQj
ATji5r88Ik0/uACHviL3Da9itGukRwfYgdPgY5Or0s6PgnxdTDfXK3iJV/F0XjPx
XyKv3LdSWky0qCSflz1moMzCf9FWXQOznZq0cKJ+V5l1TqjpfE9qBelHs2jFbtgw
Fri8IA+uvKAU96vSJN5ueoFP3vhza+OIIVFIencQFDyC4/44XglaXZCo7869qDoO
FUR3VhSdzaovie7FIVOImhgUEcbpB0iOaNG82AXIMaRXCWgbL5WPQbw8MVYlB+iP
7USZJPxZD9YEajJeLtAey9QMAQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKYdlRSi
z/uFx4cqUsZNVP3EHdOzMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvRTVDQTA4OEU2
NUM4MTFFREJEQTNDNDNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBANxy/gwDQYJKoZIhvcNAQELBQADggEBACVK6Tcq9cz+Ezkm
UezeJzbMqpJ1f5Ny2qnLI7aTeSXt0trcQpnT1zjI2nt1zh/LRB7P3Bwo6OSyVOeA
hFP2m0EJAWw8cgRQWn3r+nCA/9recLRbzgmYwY/fGY5hfgE6G1o19Ybftxr80Ea6
vrCK2PKjzgTXb4sV1PbVp9wKlH9kB1Xgvy8FcgGVKQEbx8W8afS87+U1u9KB3vhk
FfWAS+zjFyGx3hocQaF6Z8V4wghaPe5flW5ZPVZBuTPe+AgRx70N8CUZ71K5nKAa
IXfQXRTM63REWaNSru2XpxJdMR2uTo2AlhfpgQEnUUX8tups61VuheadZ+L5g0G9
RddxtZE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-ams.rpki-client.org