Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/EB45AC7ACBB511ED8B2B1951C4F9AE02.roa
File: EB45AC7ACBB511ED8B2B1951C4F9AE02.roa (raw, json)
Hash identifier: UEynXGCCX6t+cFF586kxWyHfusn20HaS6boRCkNQJb4=
Subject key identifier: 2C:C5:BF:94:A4:8D:1B:16:7F:CB:B9:D8:7C:72:0C:4E:15:EB:CA:9F
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 09D1
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/EB45AC7ACBB511ED8B2B1951C4F9AE02.roa
Signing time: Sun 26 Mar 2023 09:09:32 +0000
ROA not before: Sun 26 Mar 2023 09:09:32 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 132165
IP address blocks: 113.203.226.0/24 maxlen: 24
113.203.228.0/24 maxlen: 24
113.203.229.0/24 maxlen: 24
113.203.230.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.252.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2513 (0x9d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Mar 26 09:09:32 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64200bcb-1a67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b4:c3:52:c2:dd:3b:4c:56:11:6e:22:7d:ab:
8f:1f:66:3e:13:c6:b4:a9:be:87:10:9c:48:a2:e2:
45:36:8c:d8:45:f6:ca:44:4f:78:f5:f1:a3:7f:f4:
94:b6:57:96:b5:90:7c:84:35:df:ca:51:53:07:53:
e1:14:a9:c4:b3:de:95:db:65:4e:13:eb:9a:31:f2:
67:d3:f5:85:7c:96:76:05:21:78:0e:13:3e:a4:55:
53:7d:8e:7e:fd:f6:c0:85:b3:cc:4a:62:34:4d:62:
43:c7:c7:c2:31:e7:d6:b8:75:80:93:d4:c1:bd:ec:
f2:7d:ec:4e:f9:ed:f5:68:26:b0:a5:9a:7e:5b:f7:
96:f5:32:7a:24:00:3f:bc:f3:2c:b1:01:99:61:d3:
9c:a9:51:b3:5a:ba:2d:96:d0:18:33:73:79:26:96:
e2:6f:22:66:f9:b7:e3:67:b3:52:3b:70:90:bb:55:
b3:ff:b7:0d:04:7f:a5:54:80:da:f4:05:aa:01:7a:
61:c1:a8:5b:0b:3f:1c:69:24:da:a2:9d:d1:20:cd:
51:e5:a8:59:b6:17:c2:48:2c:0c:78:89:5d:50:6c:
7a:32:ef:3c:13:bd:8e:7a:0d:81:12:c4:b8:e7:31:
a9:83:7e:10:2f:14:8f:9d:30:3d:f8:34:a0:0b:ec:
97:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C5:BF:94:A4:8D:1B:16:7F:CB:B9:D8:7C:72:0C:4E:15:EB:CA:9F
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/EB45AC7ACBB511ED8B2B1951C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.226.0/24
113.203.228.0/22
113.203.252.0/22
Signature Algorithm: sha256WithRSAEncryption
64:00:8e:f3:c8:09:b3:1c:96:98:6e:e5:f7:4d:a5:d5:12:cd:
f7:9a:31:92:47:da:ca:2c:77:39:c7:cd:f2:20:78:e7:7f:cb:
68:06:5b:f2:b1:0d:ba:bf:71:28:db:f8:bd:94:b8:f4:12:7e:
61:26:a6:d7:85:f9:ae:0a:93:a5:bb:66:dd:3a:17:c3:d5:63:
7a:e5:48:83:31:9a:8e:d7:da:6e:25:0e:01:23:7c:54:91:ba:
49:89:10:1d:37:67:83:c4:28:ce:0f:7e:bc:6b:96:87:97:0e:
2b:80:05:14:c9:2c:f8:dc:9b:cb:96:a1:74:3f:d9:73:e9:14:
0b:b7:ba:b7:f1:f0:1b:e2:f5:81:8f:24:40:fd:86:2f:b7:ed:
92:6e:e9:cd:7b:bc:9e:f4:84:7d:06:39:4a:f4:f8:f6:46:0f:
6b:9f:af:99:95:1a:56:7a:ac:ee:ca:00:e6:4f:3a:ad:89:ca:
52:6f:a0:e5:5a:d0:43:06:eb:b4:b5:91:9a:3e:dc:b2:31:24:
7d:f2:61:86:a0:f8:6f:e0:41:32:d4:00:01:e2:f3:a0:5a:82:
0b:4f:9c:3b:52:99:25:dc:11:c4:a0:dd:1b:d1:6c:75:e2:1a:
89:09:b2:bf:11:88:38:53:38:a0:8e:e2:4b:23:9f:d8:ae:9d:
d6:ce:57:d1
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCdEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwMzI2MDkwOTMyWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDIwMGJjYi0xYTY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzbTDUsLdO0xWEW4ifauPH2Y+E8a0qb6HEJxIouJFNozYRfbKRE949fGjf/SU
tleWtZB8hDXfylFTB1PhFKnEs96V22VOE+uaMfJn0/WFfJZ2BSF4DhM+pFVTfY5+
/fbAhbPMSmI0TWJDx8fCMefWuHWAk9TBvezyfexO+e31aCawpZp+W/eW9TJ6JAA/
vPMssQGZYdOcqVGzWrotltAYM3N5JpbibyJm+bfjZ7NSO3CQu1Wz/7cNBH+lVIDa
9AWqAXphwahbCz8caSTaop3RIM1R5ahZthfCSCwMeIldUGx6Mu88E72Oeg2BEsS4
5zGpg34QLxSPnTA9+DSgC+yXAQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFCzFv5Sk
jRsWf8u52HxyDE4V68qfMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvRUI0NUFDN0FD
QkI1MTFFRDhCMkIxOTUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABxy+IDBAJxy+QDBAJxy/wwDQYJKoZIhvcNAQELBQADggEB
AGQAjvPICbMclphu5fdNpdUSzfeaMZJH2sosdznHzfIgeOd/y2gGW/KxDbq/cSjb
+L2UuPQSfmEmpteF+a4Kk6W7Zt06F8PVY3rlSIMxmo7X2m4lDgEjfFSRukmJEB03
Z4PEKM4PfrxrloeXDiuABRTJLPjcm8uWoXQ/2XPpFAu3urfx8Bvi9YGPJED9hi+3
7ZJu6c17vJ70hH0GOUr0+PZGD2ufr5mVGlZ6rO7KAOZPOq2JylJvoOVa0EMG67S1
kZo+3LIxJH3yYYag+G/gQTLUAAHi86BaggtPnDtSmSXcEcSg3RvRbHXiGokJsr8R
iDhTOKCO4ksjn9iundbOV9E=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-ams.rpki-client.org