Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/E60394BEAF6611ECBD905C2CC4F9AE02.roa
File: E60394BEAF6611ECBD905C2CC4F9AE02.roa (raw, json)
Hash identifier: T7AQ50h8SztRpI3mi25YTHBO3nzFC+E56s8i4aD0MEc=
Subject key identifier: E3:7E:BA:92:70:46:C2:14:BB:F2:E9:23:AE:28:33:1F:1E:83:21:32
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 06D6
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/E60394BEAF6611ECBD905C2CC4F9AE02.roa
Signing time: Tue 29 Mar 2022 13:48:22 +0000
ROA not before: Tue 29 Mar 2022 13:48:22 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 140499
IP address blocks: 223.29.226.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1750 (0x6d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Mar 29 13:48:22 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=62430e26-6286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a3:b6:b2:f7:f9:9e:d5:9f:65:6d:c6:49:92:
c1:1a:48:8a:18:4a:a7:5c:08:3c:de:f2:ff:8a:40:
14:a5:5d:7e:51:f4:d6:71:41:04:06:72:d4:cd:30:
2e:37:40:0b:27:99:99:a6:7e:5f:07:39:58:41:7a:
c9:4c:b9:6f:1d:4c:d3:ec:42:f2:e7:3c:ce:61:83:
eb:58:66:a2:f0:3a:58:34:e7:82:78:82:8a:9b:0d:
4e:72:9e:5c:2b:9d:67:77:41:14:a9:e6:1a:46:3a:
1c:c2:ea:89:8e:d2:1e:de:5f:b8:b3:17:99:8f:ec:
30:27:48:97:e8:e9:f4:1f:29:03:fb:38:31:bc:f5:
f7:3c:d8:fb:f7:8e:74:40:05:76:55:90:55:a0:88:
09:d8:40:c9:76:c3:8a:7d:cf:1e:03:e3:2c:b5:5f:
1d:1d:8e:fa:fd:bc:59:33:98:19:ba:77:cf:c3:7e:
90:11:98:81:5d:98:d5:3e:59:3e:3b:dc:7e:88:6f:
a5:be:5a:98:18:f3:d4:36:27:0f:72:d6:a2:51:0a:
55:5e:d5:98:36:da:88:db:e3:91:26:52:19:88:97:
fd:46:27:81:ef:26:da:db:84:d8:c3:a4:66:89:bf:
87:07:1d:11:78:49:7b:29:24:9f:12:2c:65:57:64:
17:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:7E:BA:92:70:46:C2:14:BB:F2:E9:23:AE:28:33:1F:1E:83:21:32
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/E60394BEAF6611ECBD905C2CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
223.29.226.0/24
Signature Algorithm: sha256WithRSAEncryption
37:56:30:2b:51:57:6a:2c:70:b4:84:0c:55:cd:a8:f2:9e:82:
58:3b:06:e0:e6:a4:13:23:71:8b:75:7f:98:db:cb:54:50:73:
78:df:67:1d:78:77:4f:85:f3:79:30:14:43:60:0c:c7:d7:1f:
af:3e:7d:6a:5c:c2:7d:44:c3:31:11:99:07:31:a6:9a:64:90:
2b:78:1d:58:44:bb:25:3a:5b:14:8c:1b:7c:e8:ce:ba:ae:6b:
ed:be:bd:b7:67:e9:41:8a:83:ce:1c:88:64:01:f4:e3:44:24:
24:17:0f:cc:d3:cd:a2:1a:f2:7e:dc:ac:71:db:86:93:5a:4d:
69:77:c1:ea:27:0a:a1:3c:19:53:1f:fd:93:1c:41:52:95:e4:
ce:4d:c9:de:50:51:e2:45:c9:a7:86:60:fc:94:bd:08:77:b7:
d9:71:33:e2:52:1c:34:86:ba:fe:1b:cb:c9:15:b8:e8:ec:b6:
61:ac:8d:02:98:55:55:b7:ad:5c:f6:9c:45:91:21:e0:d0:84:
2d:30:0e:2a:0c:01:dc:8e:a8:56:eb:84:5f:9d:95:3b:ee:31:
92:4d:be:69:b2:a1:71:6d:b8:34:08:d2:76:e1:1a:f4:ca:82:
aa:97:7d:b7:53:d6:83:a4:64:9d:91:3b:a2:90:33:5b:e6:5f:
51:7a:b0:d7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBtYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjIwMzI5MTM0ODIyWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjQzMGUyNi02Mjg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuKO2svf5ntWfZW3GSZLBGkiKGEqnXAg83vL/ikAUpV1+UfTWcUEEBnLUzTAu
N0ALJ5mZpn5fBzlYQXrJTLlvHUzT7ELy5zzOYYPrWGai8DpYNOeCeIKKmw1Ocp5c
K51nd0EUqeYaRjocwuqJjtIe3l+4sxeZj+wwJ0iX6On0HykD+zgxvPX3PNj79450
QAV2VZBVoIgJ2EDJdsOKfc8eA+MstV8dHY76/bxZM5gZunfPw36QEZiBXZjVPlk+
O9x+iG+lvlqYGPPUNicPctaiUQpVXtWYNtqI2+ORJlIZiJf9RieB7yba24TYw6Rm
ib+HBx0ReEl7KSSfEixlV2QXOQIDAQABo4IClTCCApEwHQYDVR0OBBYEFON+upJw
RsIUu/LpI64oMx8egyEyMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvRTYwMzk0QkVB
RjY2MTFFQ0JEOTA1QzJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADfHeIwDQYJKoZIhvcNAQELBQADggEBADdWMCtRV2oscLSE
DFXNqPKeglg7BuDmpBMjcYt1f5jby1RQc3jfZx14d0+F83kwFENgDMfXH68+fWpc
wn1EwzERmQcxpppkkCt4HVhEuyU6WxSMG3zozrqua+2+vbdn6UGKg84ciGQB9ONE
JCQXD8zTzaIa8n7crHHbhpNaTWl3weonCqE8GVMf/ZMcQVKV5M5Nyd5QUeJFyaeG
YPyUvQh3t9lxM+JSHDSGuv4by8kVuOjstmGsjQKYVVW3rVz2nEWRIeDQhC0wDioM
AdyOqFbrhF+dlTvuMZJNvmmyoXFtuDQI0nbhGvTKgqqXfbdT1oOkZJ2RO6KQM1vm
X1F6sNc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:15 2023 by rpki-client on console-fra.rpki-client.org