Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/3692B99A45EB11EC9511E263C4F9AE02.roa
File: 3692B99A45EB11EC9511E263C4F9AE02.roa (raw, json)
Hash identifier: 3RThTeIUmONi6fW3f3nqCPc1zQykw7F0TNLlPivS2Ew=
Subject key identifier: BC:98:8B:08:63:F1:DA:2F:AC:A6:93:38:F9:1B:5F:F8:C9:14:B9:0A
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0585
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/3692B99A45EB11EC9511E263C4F9AE02.roa
Signing time: Mon 15 Nov 2021 08:08:28 +0000
ROA not before: Mon 15 Nov 2021 08:08:28 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 1239
IP address blocks: 113.203.232.0/23 maxlen: 24
113.203.248.0/22 maxlen: 24
113.203.252.0/22 maxlen: 24
180.178.184.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1413 (0x585)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7, serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Nov 15 08:08:28 2021 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=6192157c-d943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a5:4c:7a:6c:2d:73:94:b0:43:63:f6:71:e3:
74:fa:5b:cc:c4:25:4c:a1:56:a5:2a:88:70:79:96:
71:71:55:8d:48:94:57:3f:86:a9:aa:5d:c8:76:b5:
7f:80:dc:88:ad:2d:99:d2:e9:b9:0d:6d:82:19:cd:
47:17:1c:7d:11:a9:c5:ae:b5:20:d2:20:8d:67:f5:
c5:27:86:53:b4:79:96:0d:4e:5a:9d:27:9f:95:44:
8f:4f:5e:9a:f2:13:57:ca:7e:2e:82:bd:4e:be:75:
d4:c2:b8:cc:ef:56:b3:b3:db:fb:64:65:94:29:84:
b8:65:55:e4:e2:a5:bd:ed:3f:58:16:99:ec:2e:a4:
39:96:28:03:f1:95:da:cb:11:e4:73:9b:b2:02:f2:
6c:71:1b:59:b6:21:e8:7a:c6:79:04:ee:f0:98:bb:
b7:17:ca:f0:63:27:0a:95:87:6c:86:cb:8e:93:ed:
20:d0:a9:bc:c6:9e:ca:4d:05:53:bf:17:13:7a:83:
36:91:32:e7:14:0e:fb:03:88:bd:12:e9:97:3a:d0:
10:d8:7b:94:7d:38:86:3a:41:9e:0e:07:32:2d:48:
37:f5:af:c4:e5:59:ce:e4:17:01:19:bf:67:89:81:
d6:db:7c:bf:47:f6:8a:c3:5e:60:6f:a1:54:0b:b8:
62:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:98:8B:08:63:F1:DA:2F:AC:A6:93:38:F9:1B:5F:F8:C9:14:B9:0A
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/3692B99A45EB11EC9511E263C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.232.0/23
113.203.248.0/21
180.178.184.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:f7:bb:05:8d:4b:6a:6a:af:ee:56:6a:bd:27:59:93:b8:98:
cb:f9:a6:bf:b0:4a:5d:fc:26:db:61:74:96:6b:b1:dc:46:97:
7e:90:e2:7c:60:45:fa:5e:b4:11:00:e5:48:83:ac:9b:20:a4:
01:c8:52:34:cc:c8:54:d8:db:c0:84:9c:32:e6:ed:4e:0c:f1:
81:97:15:b7:f5:3b:db:12:f8:16:d2:47:49:92:e4:2a:9e:65:
42:70:a7:41:a3:d4:90:9d:34:4f:73:71:1a:7a:c8:ab:f3:dd:
04:38:5e:54:50:2b:d4:93:87:b8:2c:00:b7:74:97:46:00:6e:
d4:dc:51:c6:bf:e1:b5:9c:4d:89:91:26:13:bc:15:be:d6:07:
4e:46:14:d2:fe:2a:ad:cf:86:1f:58:93:15:78:80:cb:82:69:
eb:05:db:44:7e:90:be:a6:44:92:80:b5:e0:2e:3f:25:0e:59:
0c:fb:b3:12:5f:ff:14:00:c7:2a:13:d3:db:82:1b:5a:18:c8:
45:01:fa:fd:b5:dc:6e:e4:4e:60:0d:c9:ef:26:3e:ec:19:e3:
e7:0c:1f:34:14:df:7c:e8:63:d7:11:a9:b8:75:b2:52:dc:6e:
60:1c:f9:4e:20:65:b6:dc:0c:1e:50:50:d3:d3:7d:0a:bb:58:
85:e9:0b:e8
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBYUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjExMTE1MDgwODI4WhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTkyMTU3Yy1kOTQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuqVMemwtc5SwQ2P2ceN0+lvMxCVMoValKohweZZxcVWNSJRXP4apql3IdrV/
gNyIrS2Z0um5DW2CGc1HFxx9EanFrrUg0iCNZ/XFJ4ZTtHmWDU5anSeflUSPT16a
8hNXyn4ugr1OvnXUwrjM71azs9v7ZGWUKYS4ZVXk4qW97T9YFpnsLqQ5ligD8ZXa
yxHkc5uyAvJscRtZtiHoesZ5BO7wmLu3F8rwYycKlYdshsuOk+0g0Km8xp7KTQVT
vxcTeoM2kTLnFA77A4i9EumXOtAQ2HuUfTiGOkGeDgcyLUg39a/E5VnO5BcBGb9n
iYHW23y/R/aKw15gb6FUC7hiNQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFLyYiwhj
8dovrKaTOPkbX/jJFLkKMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvMzY5MkI5OUE0
NUVCMTFFQzk1MTFFMjYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAFxy+gDBANxy/gDBAK0srgwDQYJKoZIhvcNAQELBQADggEB
AI73uwWNS2pqr+5War0nWZO4mMv5pr+wSl38JtthdJZrsdxGl36Q4nxgRfpetBEA
5UiDrJsgpAHIUjTMyFTY28CEnDLm7U4M8YGXFbf1O9sS+BbSR0mS5CqeZUJwp0Gj
1JCdNE9zcRp6yKvz3QQ4XlRQK9STh7gsALd0l0YAbtTcUca/4bWcTYmRJhO8Fb7W
B05GFNL+Kq3Phh9YkxV4gMuCaesF20R+kL6mRJKAteAuPyUOWQz7sxJf/xQAxyoT
09uCG1oYyEUB+v213G7kTmANye8mPuwZ4+cMHzQU33zoY9cRqbh1slLcbmAc+U4g
ZbbcDB5QUNPTfQq7WIXpC+g=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:05:42 2025 by rpki-client