Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/F74B32001FB811EDAE7B3D3EC4F9AE02.roa
File: F74B32001FB811EDAE7B3D3EC4F9AE02.roa (raw, json)
Hash identifier: WyOWrVSUYw+xVhRN9g8EH2WKn6WazOXKqTIb3s2HzDw=
Subject key identifier: D8:3A:16:13:AE:74:24:07:7D:7E:C6:AC:B8:5F:28:71:59:46:12:59
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 08DC
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/F74B32001FB811EDAE7B3D3EC4F9AE02.roa
Signing time: Wed 19 Oct 2022 11:29:35 +0000
ROA not before: Wed 19 Oct 2022 11:29:35 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 43260
IP address blocks: 180.178.147.0/24 maxlen: 24
180.178.179.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2268 (0x8dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Oct 19 11:29:35 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=634fdf9f-882c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:84:4a:01:72:00:16:bd:0a:ac:d8:10:0f:b2:
96:41:27:82:32:16:68:fe:6d:2c:bc:28:cb:93:50:
d7:7a:00:90:bd:8b:b2:fa:ea:e4:b6:4b:ad:d0:86:
ad:30:1c:40:eb:57:c3:a6:a0:8f:61:d6:c0:df:ab:
a9:3b:a5:13:24:cb:e0:86:49:40:12:fc:c8:a7:e5:
eb:17:31:64:98:d2:17:6e:52:08:af:c3:4a:bd:0d:
9e:ff:2e:4d:a8:06:67:71:44:a6:c9:ba:dc:c2:e4:
ee:3d:9b:f6:03:1d:82:9c:5b:52:43:fb:54:7a:c8:
5f:21:4a:da:7a:c2:62:02:7f:c0:b4:3c:f2:20:19:
37:63:f6:13:3e:bb:4a:48:38:05:35:ab:a2:89:ac:
71:96:d7:58:0e:b5:18:44:3a:4a:f4:4c:e1:f0:ba:
c0:af:69:89:d7:f2:e5:0e:84:a0:0c:d6:4b:50:71:
71:9b:76:55:74:95:d5:5b:95:68:07:5d:b5:40:5e:
3e:2e:d0:d0:35:8b:ff:78:d8:af:b5:c9:04:b2:95:
14:dd:cb:ba:b1:f4:0e:9a:6b:e7:3c:b9:bc:41:8c:
02:a2:cf:80:35:c7:72:f2:e6:2a:2e:d5:d7:80:78:
7e:da:4b:f2:bc:4a:2a:eb:f2:4f:94:26:39:01:5c:
ab:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:3A:16:13:AE:74:24:07:7D:7E:C6:AC:B8:5F:28:71:59:46:12:59
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/F74B32001FB811EDAE7B3D3EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.178.147.0/24
180.178.179.0/24
Signature Algorithm: sha256WithRSAEncryption
43:ba:1a:19:f7:19:8e:eb:a8:3d:39:12:bb:c8:1a:18:51:49:
b8:bb:b2:38:27:ba:7f:08:7f:67:33:a9:d0:16:5d:63:10:65:
c6:0a:df:26:b6:a2:f1:dd:28:c0:aa:a2:34:a2:37:f1:42:7e:
2a:75:76:fc:bc:ef:da:a0:ab:1b:c7:df:9f:51:ae:e7:2d:e5:
13:a3:34:d4:41:f4:ed:c1:6d:e5:dc:b4:1e:ff:8d:50:cc:91:
2c:c4:a1:b5:2f:d0:ab:24:a5:fe:1f:16:8f:e7:e6:88:9d:23:
ff:4a:e7:ff:9b:a2:16:88:51:24:5b:b6:9e:5b:ae:20:3b:cf:
cd:9e:35:91:b8:a2:94:01:fc:e0:f8:05:ea:4a:77:66:62:cb:
9a:15:36:9e:a7:65:57:d6:9c:bd:34:34:90:fc:02:f0:a9:f9:
67:eb:0f:ae:23:13:09:75:1e:0f:d8:5c:58:57:46:56:68:79:
8c:36:04:ad:0b:7d:15:0c:ee:85:03:97:ac:0b:76:7c:20:31:
2d:f5:d5:cb:89:87:45:53:e9:1c:2a:f0:6a:46:bc:ac:40:d5:
b7:52:91:76:82:f8:0d:0b:c8:b5:09:15:61:3b:2a:8c:8e:c6:
c2:35:78:40:e3:25:d3:88:e7:46:fa:6c:fe:dd:d3:03:af:5e:
1b:99:d8:34
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCNwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjIxMDE5MTEyOTM1WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzRmZGY5Zi04ODJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApIRKAXIAFr0KrNgQD7KWQSeCMhZo/m0svCjLk1DXegCQvYuy+urktkut0Iat
MBxA61fDpqCPYdbA36upO6UTJMvghklAEvzIp+XrFzFkmNIXblIIr8NKvQ2e/y5N
qAZncUSmybrcwuTuPZv2Ax2CnFtSQ/tUeshfIUraesJiAn/AtDzyIBk3Y/YTPrtK
SDgFNauiiaxxltdYDrUYRDpK9Ezh8LrAr2mJ1/LlDoSgDNZLUHFxm3ZVdJXVW5Vo
B121QF4+LtDQNYv/eNivtckEspUU3cu6sfQOmmvnPLm8QYwCos+ANcdy8uYqLtXX
gHh+2kvyvEoq6/JPlCY5AVyr+wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNg6FhOu
dCQHfX7GrLhfKHFZRhJZMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvRjc0QjMyMDAx
RkI4MTFFREFFN0IzRDNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAC0spMDBAC0srMwDQYJKoZIhvcNAQELBQADggEBAEO6Ghn3
GY7rqD05ErvIGhhRSbi7sjgnun8If2czqdAWXWMQZcYK3ya2ovHdKMCqojSiN/FC
fip1dvy879qgqxvH359Rruct5ROjNNRB9O3BbeXctB7/jVDMkSzEobUv0Kskpf4f
Fo/n5oidI/9K5/+bohaIUSRbtp5briA7z82eNZG4opQB/OD4BepKd2Ziy5oVNp6n
ZVfWnL00NJD8AvCp+WfrD64jEwl1Hg/YXFhXRlZoeYw2BK0LfRUM7oUDl6wLdnwg
MS311cuJh0VT6Rwq8GpGvKxA1bdSkXaC+A0LyLUJFWE7KoyOxsI1eEDjJdOI50b6
bP7d0wOvXhuZ2DQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:15 2023 by rpki-client on console-fra.rpki-client.org