Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/ED5EBDF8CBB511ED8B2B1951C4F9AE02.roa
File: ED5EBDF8CBB511ED8B2B1951C4F9AE02.roa (raw, json)
Hash identifier: YsZm9p3hCY5of1E2pGuFXqO/qBrJ9Et0NeZeC8++Urk=
Subject key identifier: C8:D4:FD:98:DB:37:FE:02:F6:7F:5E:65:55:5E:BE:CB:04:4B:55:75
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 09D3
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/ED5EBDF8CBB511ED8B2B1951C4F9AE02.roa
Signing time: Sun 26 Mar 2023 09:09:35 +0000
ROA not before: Sun 26 Mar 2023 09:09:35 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 996
IP address blocks: 113.203.223.0/24 maxlen: 24
113.203.224.0/24 maxlen: 24
113.203.225.0/24 maxlen: 24
113.203.228.0/22 maxlen: 24
113.203.245.0/24 maxlen: 24
180.178.148.0/24 maxlen: 24
180.178.151.0/24 maxlen: 24
180.178.162.0/24 maxlen: 24
180.178.176.0/23 maxlen: 24
223.29.235.0/24 maxlen: 24
223.29.236.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2515 (0x9d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Mar 26 09:09:35 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64200bcf-ea40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b2:ce:4e:12:05:a4:fc:0b:c3:5f:2e:a0:91:
de:63:1e:f4:79:c1:2c:8a:fa:d5:54:c4:8e:58:a6:
50:50:83:26:93:e4:08:ca:e9:3a:b9:30:f0:ec:30:
c6:41:eb:3e:1e:19:5e:8d:fd:14:10:ea:da:fc:d5:
92:41:86:e2:21:cd:26:61:9b:5f:a8:32:04:55:21:
32:05:7b:4d:3d:6b:a7:44:a5:1e:79:d7:16:a1:7c:
a6:2a:71:f0:51:72:9c:a5:29:18:fa:3a:83:ba:60:
e7:d7:b2:5b:c8:a9:2c:8c:f7:4d:2d:20:3a:5b:38:
00:89:35:af:66:26:3b:db:b6:02:8c:0f:32:b1:37:
e8:84:29:db:ee:f2:61:0b:c8:0c:98:1a:28:6b:87:
a9:ee:0a:01:b2:82:ad:92:fd:2d:bf:e0:28:78:c5:
85:71:aa:96:c2:26:bf:24:f3:46:fb:42:b1:87:26:
73:7b:59:bc:f7:2e:56:b3:87:29:a3:82:74:67:f0:
ef:cf:d2:b6:09:c8:e4:71:8f:35:ab:dd:4e:fc:7d:
28:3c:ec:05:1c:d1:ed:da:f9:68:ec:b2:c4:3c:7a:
8f:2b:56:4b:5e:c8:4a:d1:d8:c0:c9:7f:02:cb:31:
4d:75:a3:3c:82:57:8d:9a:f3:90:93:96:2a:5a:de:
fd:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:D4:FD:98:DB:37:FE:02:F6:7F:5E:65:55:5E:BE:CB:04:4B:55:75
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/ED5EBDF8CBB511ED8B2B1951C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.223.0-113.203.225.255
113.203.228.0/22
113.203.245.0/24
180.178.148.0/24
180.178.151.0/24
180.178.162.0/24
180.178.176.0/23
223.29.235.0-223.29.238.255
Signature Algorithm: sha256WithRSAEncryption
86:26:98:4c:29:82:a4:c6:70:48:e0:4d:87:fe:2f:0c:76:bb:
5b:45:88:2e:da:7a:39:64:84:f7:64:70:78:94:51:7b:b2:a8:
e6:81:62:1d:b2:2c:1d:b8:11:5b:af:cf:23:52:34:aa:eb:9d:
d5:12:b1:06:8c:b3:8e:63:9f:0e:12:56:c7:96:ff:1b:85:82:
3a:04:55:2c:cf:36:c0:55:9e:72:24:b6:b6:a6:e4:34:4c:cb:
bc:e1:90:bd:5a:3c:d5:93:7f:51:b2:9c:93:7c:06:08:ff:e0:
7e:bd:5b:b2:ae:cf:5c:6c:70:74:93:da:0d:97:b4:93:de:16:
c2:d8:a1:5b:85:27:6a:20:36:f4:56:f4:fb:f0:97:4c:4c:00:
bb:52:fd:f4:ae:19:11:14:6a:3d:2a:a1:c6:80:0c:84:fc:de:
2c:08:7a:30:55:59:71:30:6f:85:30:11:96:2f:d4:02:fa:be:
48:3e:9b:ca:1f:77:c1:1d:2c:24:d7:39:1c:55:b4:66:bc:41:
cc:ba:57:b9:35:e2:b6:7d:19:d8:1e:97:93:84:26:86:10:bb:
8b:3b:29:58:fe:84:a4:6b:d9:58:1f:7b:c3:34:50:57:72:03:
ae:98:5a:27:69:bb:a1:68:f5:95:5a:8f:4a:4c:87:1d:61:bf:
87:fe:e5:27
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICCdMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwMzI2MDkwOTM1WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDIwMGJjZi1lYTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu7LOThIFpPwLw18uoJHeYx70ecEsivrVVMSOWKZQUIMmk+QIyuk6uTDw7DDG
Qes+Hhlejf0UEOra/NWSQYbiIc0mYZtfqDIEVSEyBXtNPWunRKUeedcWoXymKnHw
UXKcpSkY+jqDumDn17JbyKksjPdNLSA6WzgAiTWvZiY727YCjA8ysTfohCnb7vJh
C8gMmBooa4ep7goBsoKtkv0tv+AoeMWFcaqWwia/JPNG+0KxhyZze1m89y5Ws4cp
o4J0Z/Dvz9K2CcjkcY81q91O/H0oPOwFHNHt2vlo7LLEPHqPK1ZLXshK0djAyX8C
yzFNdaM8gleNmvOQk5YqWt79iwIDAQABo4ICzzCCAsswHQYDVR0OBBYEFMjU/Zjb
N/4C9n9eZVVevssES1V1MB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvRUQ1RUJERjhD
QkI1MTFFRDhCMkIxOTUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMEYEAgABMEAwDAMEAHHL3wMEAXHL4AMEAnHL5AMEAHHL9QMEALSylAMEALSy
lwMEALSyogMEAbSysDAMAwQA3x3rAwQA3x3uMA0GCSqGSIb3DQEBCwUAA4IBAQCG
JphMKYKkxnBI4E2H/i8MdrtbRYgu2no5ZIT3ZHB4lFF7sqjmgWIdsiwduBFbr88j
UjSq653VErEGjLOOY58OElbHlv8bhYI6BFUszzbAVZ5yJLa2puQ0TMu84ZC9WjzV
k39RspyTfAYI/+B+vVuyrs9cbHB0k9oNl7ST3hbC2KFbhSdqIDb0VvT78JdMTAC7
Uv30rhkRFGo9KqHGgAyE/N4sCHowVVlxMG+FMBGWL9QC+r5IPpvKH3fBHSwk1zkc
VbRmvEHMule5NeK2fRnYHpeThCaGELuLOylY/oSka9lYH3vDNFBXcgOumFonabuh
aPWVWo9KTIcdYb+H/uUn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-ams.rpki-client.org