Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9160EEF/6C4CD690F88811E98FA00A7CC4F9AE02/C1E14BD85BB711EC93E3525AC4F9AE02.roa
File: C1E14BD85BB711EC93E3525AC4F9AE02.roa (raw, json)
Hash identifier: 92S9LI3jIBEXD+eGzwEqMdTM/dE9s2xQ6KyC+yxABNo=
Subject key identifier: 55:80:C1:51:B2:C9:50:CA:8A:84:C6:48:CB:63:4B:92:B8:36:43:0F
Certificate issuer: /CN=A9160EEF/serialNumber=958A4ED9D7D64FAC87BD16EC8A36571E1A2F508A
Certificate serial: 09E6
Authority key identifier: 95:8A:4E:D9:D7:D6:4F:AC:87:BD:16:EC:8A:36:57:1E:1A:2F:50:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lYpO2dfWT6yHvRbsijZXHhovUIo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9160EEF/6C4CD690F88811E98FA00A7CC4F9AE02/C1E14BD85BB711EC93E3525AC4F9AE02.roa
Signing time: Sat 02 Jul 2022 07:45:47 +0000
ROA not before: Sat 02 Jul 2022 07:45:47 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 136557
IP address blocks: 103.139.78.0/23 maxlen: 23
103.139.78.0/24 maxlen: 24
2404:ddc0:6000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2534 (0x9e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9160EEF, serialNumber=958A4ED9D7D64FAC87BD16EC8A36571E1A2F508A
Validity
Not Before: Jul 2 07:45:47 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62bff7ab-adbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b3:d3:6d:51:3b:19:cb:70:25:14:bf:ec:8e:
6b:e8:a9:22:ff:d1:69:ed:2b:4a:f6:2d:b7:62:ed:
15:57:43:7e:36:e8:54:25:2c:df:6c:8f:9e:dc:29:
c7:8f:0e:7b:11:81:c8:c5:fa:57:df:c8:fb:58:9b:
dc:38:52:2f:42:8d:b9:ef:98:b5:d6:8c:4b:d5:2c:
62:23:0d:c7:a1:9d:79:be:b1:79:cd:d8:d5:c9:f9:
11:43:ca:f1:d1:2e:17:f0:93:b5:dd:ec:df:06:bf:
16:6c:ee:bd:46:d9:20:c7:88:13:44:29:01:c9:bb:
b8:48:d9:68:fc:2b:cf:97:e7:80:0f:db:36:9d:c6:
00:86:7d:0b:d3:95:88:fc:53:a8:86:f2:bd:3e:b2:
0c:93:a9:83:27:23:9e:73:9e:dd:d4:1f:50:67:c9:
85:63:d7:3b:b2:24:89:e9:3a:1b:bd:6e:d2:46:9f:
09:48:d6:08:51:a0:e6:79:d3:6e:f2:0c:56:d2:e7:
f1:5c:0d:27:2a:57:9b:a3:cf:7c:d2:43:e0:7a:c9:
f8:fd:69:42:be:e6:8b:5d:74:01:da:bd:36:64:96:
19:de:b9:4a:eb:d6:3f:2f:ec:36:9e:84:33:0f:a1:
d3:cd:58:11:2f:e9:4e:a5:46:a2:2a:23:40:23:7f:
96:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:80:C1:51:B2:C9:50:CA:8A:84:C6:48:CB:63:4B:92:B8:36:43:0F
X509v3 Authority Key Identifier:
keyid:95:8A:4E:D9:D7:D6:4F:AC:87:BD:16:EC:8A:36:57:1E:1A:2F:50:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9160EEF/6C4CD690F88811E98FA00A7CC4F9AE02/lYpO2dfWT6yHvRbsijZXHhovUIo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lYpO2dfWT6yHvRbsijZXHhovUIo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9160EEF/6C4CD690F88811E98FA00A7CC4F9AE02/C1E14BD85BB711EC93E3525AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.139.78.0/23
IPv6:
2404:ddc0:6000::/36
Signature Algorithm: sha256WithRSAEncryption
95:6a:e6:df:89:07:a5:76:41:e1:65:3c:62:62:0a:49:8b:b0:
34:a9:e7:53:37:89:5b:7f:04:4c:d0:58:b6:5f:09:34:18:02:
cd:48:be:6b:c6:45:2f:9d:63:20:5c:70:7e:d7:56:83:26:a0:
9d:04:1c:88:b0:71:f6:1c:aa:d6:91:5d:25:41:16:bc:e2:68:
b5:5f:b0:26:c5:8f:45:38:fe:59:70:e1:4d:2d:b6:d8:67:ea:
fa:c7:2c:a3:58:cc:69:82:8f:7e:fb:eb:aa:39:71:1b:5c:0f:
68:a1:10:ca:c4:48:c6:51:40:79:75:22:62:7e:dd:ff:0d:89:
33:43:cc:0d:ac:93:32:49:ee:6e:12:cf:a5:36:e0:74:cf:de:
18:31:ab:03:22:f6:0d:79:0b:f3:32:02:33:98:68:05:07:46:
1e:9a:f7:da:ca:58:61:13:3d:69:21:c4:64:3b:d4:75:99:8b:
17:43:56:44:e3:31:8a:f8:1e:0a:ce:54:a8:1f:84:24:1a:65:
57:63:ab:5f:d1:48:25:39:48:de:ef:31:2d:5f:3d:d1:39:7b:
7a:03:c3:59:48:01:43:f2:f0:11:75:85:2d:89:fa:a8:f4:f5:
c3:2c:8c:70:ce:77:45:a7:34:2e:ce:b9:27:af:0a:2e:8f:eb:
f4:34:27:94
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICCeYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjBFRUYxMTAvBgNVBAUTKDk1OEE0RUQ5RDdENjRGQUM4N0JEMTZFQzhBMzY1NzFF
MUEyRjUwOEEwHhcNMjIwNzAyMDc0NTQ3WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmJmZjdhYi1hZGJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2bPTbVE7GctwJRS/7I5r6Kki/9Fp7StK9i23Yu0VV0N+NuhUJSzfbI+e3CnH
jw57EYHIxfpX38j7WJvcOFIvQo2575i11oxL1SxiIw3HoZ15vrF5zdjVyfkRQ8rx
0S4X8JO13ezfBr8WbO69Rtkgx4gTRCkBybu4SNlo/CvPl+eAD9s2ncYAhn0L05WI
/FOohvK9PrIMk6mDJyOec57d1B9QZ8mFY9c7siSJ6TobvW7SRp8JSNYIUaDmedNu
8gxW0ufxXA0nKlebo8980kPgesn4/WlCvuaLXXQB2r02ZJYZ3rlK69Y/L+w2noQz
D6HTzVgRL+lOpUaiKiNAI3+WgQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFWAwVGy
yVDKioTGSMtjS5K4NkMPMB8GA1UdIwQYMBaAFJWKTtnX1k+sh70W7Io2Vx4aL1CK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MEVFRi82QzRDRDY5MEY4
ODgxMUU5OEZBMDBBN0NDNEY5QUUwMi9sWXBPMmRmV1Q2eUh2UmJzaWpaWEhob3ZV
SW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xZcE8yZGZXVDZ5SHZSYnNpalpYSGhvdlVJby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjBFRUYvNkM0Q0Q2OTBGODg4MTFFOThGQTAwQTdDQzRGOUFFMDIvQzFFMTRCRDg1
QkI3MTFFQzkzRTM1MjVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBAFni04wDgQCAAIwCAMGBCQE3cBgMA0GCSqGSIb3DQEBCwUA
A4IBAQCVaubfiQeldkHhZTxiYgpJi7A0qedTN4lbfwRM0Fi2Xwk0GALNSL5rxkUv
nWMgXHB+11aDJqCdBByIsHH2HKrWkV0lQRa84mi1X7AmxY9FOP5ZcOFNLbbYZ+r6
xyyjWMxpgo9+++uqOXEbXA9ooRDKxEjGUUB5dSJift3/DYkzQ8wNrJMySe5uEs+l
NuB0z94YMasDIvYNeQvzMgIzmGgFB0YemvfaylhhEz1pIcRkO9R1mYsXQ1ZE4zGK
+B4KzlSoH4QkGmVXY6tf0UglOUje7zEtXz3ROXt6A8NZSAFD8vARdYUtifqo9PXD
LIxwzndFpzQuzrknrwouj+v0NCeU
-----END CERTIFICATE-----
Generated at Fri Apr 18 08:23:00 2025 by rpki-client