Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918A311/3E6F858C1D9911E28510DC8308B02CD2/9299F284670F11EE97A49826C4F9AE02.roa
File: 9299F284670F11EE97A49826C4F9AE02.roa (raw, json)
Hash identifier: BsquEICrQLC/le4VfTvYQkLoGGnSkZF0yqTNprDtANM=
Subject key identifier: F8:80:53:DC:01:73:C3:5E:89:D5:76:79:67:D5:DC:FA:7D:B2:4A:8A
Certificate issuer: /CN=A918A311/serialNumber=5A1E2E398C306EF1DFF4C06EFCAAF6E34263B12A
Certificate serial: 3360
Authority key identifier: 5A:1E:2E:39:8C:30:6E:F1:DF:F4:C0:6E:FC:AA:F6:E3:42:63:B1:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wh4uOYwwbvHf9MBu_Kr240JjsSo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918A311/3E6F858C1D9911E28510DC8308B02CD2/9299F284670F11EE97A49826C4F9AE02.roa
Signing time: Tue 10 Oct 2023 01:51:48 +0000
ROA not before: Tue 10 Oct 2023 01:51:48 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 396982
IP address blocks: 202.90.34.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13152 (0x3360)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918A311, serialNumber=5A1E2E398C306EF1DFF4C06EFCAAF6E34263B12A
Validity
Not Before: Oct 10 01:51:48 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=6524ae33-a7e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:53:da:d4:64:88:00:12:67:c5:72:2b:90:4b:
a0:d7:c3:43:75:ea:66:fe:62:05:f6:9c:bc:36:e1:
1a:54:c3:a0:aa:6f:fe:e3:26:5e:91:42:6f:49:39:
51:72:74:ea:0e:64:9e:76:97:dd:59:2b:76:8b:36:
8c:2f:c9:b2:f9:b6:ad:d0:72:23:8c:83:df:0f:bc:
23:52:62:1b:37:74:f4:73:32:88:64:0a:26:fe:a9:
11:41:68:61:2c:d2:13:79:77:ef:4a:e6:8e:05:41:
b5:be:c1:84:d7:c5:ef:40:32:3e:0b:cf:d5:b5:b4:
a1:ba:5b:a5:a5:8a:5f:2c:73:0a:ed:a1:c2:bd:54:
b6:b5:b5:82:40:41:ae:8a:a7:7d:0e:0d:b9:7f:57:
35:8f:3d:af:14:92:9e:d2:ec:b2:85:38:0b:8c:e2:
28:8c:ae:12:bc:04:81:c9:e6:da:95:66:63:1d:bd:
62:a5:25:5a:8b:7a:f8:8f:f0:20:ff:da:43:00:3d:
16:ba:d1:e2:5a:37:ed:3f:f4:fe:3c:76:35:3d:20:
9e:96:6f:dd:26:2a:e2:3c:e7:18:c4:d9:a0:e3:8d:
0d:d6:a7:a6:98:eb:ca:20:f9:5f:89:2e:87:f8:99:
ff:ac:d5:28:7f:95:12:09:3c:5a:79:a7:40:ba:53:
9a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:80:53:DC:01:73:C3:5E:89:D5:76:79:67:D5:DC:FA:7D:B2:4A:8A
X509v3 Authority Key Identifier:
keyid:5A:1E:2E:39:8C:30:6E:F1:DF:F4:C0:6E:FC:AA:F6:E3:42:63:B1:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918A311/3E6F858C1D9911E28510DC8308B02CD2/Wh4uOYwwbvHf9MBu_Kr240JjsSo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wh4uOYwwbvHf9MBu_Kr240JjsSo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A311/3E6F858C1D9911E28510DC8308B02CD2/9299F284670F11EE97A49826C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.90.34.0/24
Signature Algorithm: sha256WithRSAEncryption
73:b2:49:d2:6b:11:25:50:a4:ea:a7:03:c0:e1:f9:71:39:07:
86:66:38:4f:02:b3:b4:81:94:aa:11:39:1f:c8:08:3e:23:4b:
42:2b:0e:71:8f:0b:f8:d4:8f:cd:0a:91:08:54:3a:48:ee:dd:
b3:a1:21:4b:fd:ab:76:a6:fa:cc:aa:19:88:5b:49:c7:d7:43:
92:97:8b:80:c2:3b:dd:e9:e2:c5:e3:e8:11:4d:d6:d2:1b:bd:
c7:d9:ae:51:da:bf:9d:db:a3:58:30:03:0a:11:17:17:03:4e:
29:db:32:be:6e:ea:58:fb:67:c9:66:9d:20:90:bf:a5:a5:bf:
d9:5d:c6:37:8e:7d:0f:64:6e:87:c2:ef:74:33:db:ed:41:9c:
42:f6:c1:8f:8e:d4:e5:a3:e5:9f:a1:81:54:f3:3e:b7:2c:71:
11:06:34:93:ab:2c:51:3a:0e:2a:01:e3:e5:89:f9:33:4a:15:
95:c2:15:31:97:52:b0:fc:34:29:42:98:c2:cf:72:f9:f0:be:
f2:78:6e:c5:f3:79:a6:a6:1e:ed:17:eb:5a:0f:70:de:5c:cf:
1d:62:93:90:69:0d:58:5a:39:0b:d3:89:7c:c3:1a:27:12:ea:
18:c9:2d:0e:a1:9d:fc:93:63:29:8e:98:4d:36:08:7d:d8:03:
49:ec:8e:15
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICM2AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEEzMTExMTAvBgNVBAUTKDVBMUUyRTM5OEMzMDZFRjFERkY0QzA2RUZDQUFGNkUz
NDI2M0IxMkEwHhcNMjMxMDEwMDE1MTQ4WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI0YWUzMy1hN2U0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAplPa1GSIABJnxXIrkEug18NDdepm/mIF9py8NuEaVMOgqm/+4yZekUJvSTlR
cnTqDmSedpfdWSt2izaML8my+bat0HIjjIPfD7wjUmIbN3T0czKIZAom/qkRQWhh
LNITeXfvSuaOBUG1vsGE18XvQDI+C8/VtbShululpYpfLHMK7aHCvVS2tbWCQEGu
iqd9Dg25f1c1jz2vFJKe0uyyhTgLjOIojK4SvASByebalWZjHb1ipSVai3r4j/Ag
/9pDAD0WutHiWjftP/T+PHY1PSCelm/dJiriPOcYxNmg440N1qemmOvKIPlfiS6H
+Jn/rNUof5USCTxaeadAulOaQQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPiAU9wB
c8NeidV2eWfV3Pp9skqKMB8GA1UdIwQYMBaAFFoeLjmMMG7x3/TAbvyq9uNCY7Eq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QTMxMS8zRTZGODU4QzFE
OTkxMUUyODUxMERDODMwOEIwMkNEMi9XaDR1T1l3d2J2SGY5TUJ1X0tyMjQwSmpz
U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1doNHVPWXd3YnZIZjlNQnVfS3IyNDBKanNTby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEEzMTEvM0U2Rjg1OEMxRDk5MTFFMjg1MTBEQzgzMDhCMDJDRDIvOTI5OUYyODQ2
NzBGMTFFRTk3QTQ5ODI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKWiIwDQYJKoZIhvcNAQELBQADggEBAHOySdJrESVQpOqn
A8Dh+XE5B4ZmOE8Cs7SBlKoROR/ICD4jS0IrDnGPC/jUj80KkQhUOkju3bOhIUv9
q3am+syqGYhbScfXQ5KXi4DCO93p4sXj6BFN1tIbvcfZrlHav53bo1gwAwoRFxcD
TinbMr5u6lj7Z8lmnSCQv6Wlv9ldxjeOfQ9kbofC73Qz2+1BnEL2wY+O1OWj5Z+h
gVTzPrcscREGNJOrLFE6DioB4+WJ+TNKFZXCFTGXUrD8NClCmMLPcvnwvvJ4bsXz
eaamHu0X61oPcN5czx1ik5BpDVhaOQvTiXzDGicS6hjJLQ6hnfyTYymOmE02CH3Y
A0nsjhU=
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:33:13 2025 by rpki-client