Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/03F6A462A73E11EFA33AA051C4F9AE02.roa
File: 03F6A462A73E11EFA33AA051C4F9AE02.roa (raw, json)
Hash identifier: NP4o3D+x2yP6OAuGvLE8EOfb6xvFLJlnKMlGID6tdaU=
Subject key identifier: DC:CF:CE:2F:EA:61:4F:65:78:F2:D4:93:E8:F1:7C:A9:C4:CA:46:21
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9D83
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/03F6A462A73E11EFA33AA051C4F9AE02.roa
Signing time: Wed 20 Nov 2024 12:50:27 +0000
ROA not before: Wed 20 Nov 2024 12:50:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133309
IP address blocks: 203.202.232.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40323 (0x9d83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Nov 20 12:50:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=673ddb13-6fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b0:7d:6c:5e:43:c6:72:1f:85:9e:4e:3c:9c:
c6:de:5c:f7:f6:d5:b0:71:ad:89:ee:b9:12:c7:26:
b3:14:4f:25:b8:84:ce:91:9c:2c:8a:26:98:cc:3e:
b6:12:ad:ba:65:53:ca:43:53:37:28:e4:e1:4b:7c:
6a:06:d8:3b:35:86:fe:3f:b3:58:9e:39:a9:52:40:
ad:e0:52:e8:2d:14:c6:1b:78:ea:3a:d7:be:b4:6a:
f9:5e:46:f2:24:32:2d:c7:e8:14:57:dd:f3:3d:2f:
74:e6:6e:48:29:69:4a:33:61:1e:3d:34:6b:77:61:
32:9f:e0:16:09:53:06:42:5d:0a:ca:6a:95:d3:97:
47:72:a7:c6:b6:3e:69:e3:d6:69:24:ea:d6:f5:ae:
2a:5a:c7:9a:e8:41:03:b1:ae:09:29:3a:2f:08:8b:
e3:c6:ae:51:1f:27:e1:c0:d5:09:c2:ce:96:54:6f:
9b:32:8d:58:07:21:17:4a:8d:ce:55:03:04:7c:bf:
32:d9:9e:0f:7e:44:7a:e5:98:ae:33:5a:9a:41:77:
14:2f:b7:38:72:60:78:e4:bd:69:ef:90:f8:64:a6:
6c:23:84:64:83:5c:9b:0d:c1:d1:5a:ce:46:2d:bd:
85:18:04:ba:ed:87:3b:68:ca:16:b1:df:42:5d:19:
8b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:CF:CE:2F:EA:61:4F:65:78:F2:D4:93:E8:F1:7C:A9:C4:CA:46:21
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/03F6A462A73E11EFA33AA051C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.202.232.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:02:1f:4a:82:49:3d:61:db:c6:51:cc:5e:23:2e:d7:7b:81:
bc:e0:0d:76:d2:fd:86:97:29:d4:6d:1a:48:58:7d:ed:d1:4c:
c3:d8:36:9e:9e:31:44:b6:2b:fb:91:7a:12:0b:2c:e1:48:da:
41:2a:4f:63:18:0a:aa:da:c6:21:01:ac:7a:ba:91:ca:17:6c:
f8:05:ce:75:54:6e:26:b3:38:16:27:62:58:a9:0c:47:99:a4:
b2:c8:79:c1:eb:f8:64:51:74:98:33:67:1b:29:19:67:1a:bf:
31:c7:60:3c:05:cb:49:db:a3:b7:07:26:9f:20:e5:26:eb:4b:
dd:6d:bd:30:f6:b9:99:fe:bc:55:cf:a4:8b:c9:79:50:18:9f:
09:10:13:59:d5:2d:b1:67:07:9b:67:a1:13:e6:45:8e:96:34:
95:e3:82:ba:3e:cc:2f:72:c1:e9:a0:92:10:1b:b7:5f:5b:f4:
0d:c8:2f:29:d8:26:dd:1b:90:5e:f2:78:d5:a9:e1:b8:be:f9:
a5:52:25:e3:f5:41:0e:67:1c:c9:49:19:87:e4:41:98:0a:bc:
be:16:d7:c9:fa:21:88:14:a8:06:dd:05:1e:bd:ee:ab:89:b2:
ac:c5:8a:70:f3:44:cc:c0:2c:cf:1f:7e:10:50:c5:57:0e:eb:
85:e7:a5:c2
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDAJ2DMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTEyMDEyNTAyN1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjczZGRiMTMtNmZhODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJawfWxeQ8ZyH4WeTjycxt5c9/bVsHGtie65EscmsxRPJbiEzpGcLIommMw+
thKtumVTykNTNyjk4Ut8agbYOzWG/j+zWJ45qVJAreBS6C0Uxht46jrXvrRq+V5G
8iQyLcfoFFfd8z0vdOZuSClpSjNhHj00a3dhMp/gFglTBkJdCspqldOXR3KnxrY+
aePWaSTq1vWuKlrHmuhBA7GuCSk6LwiL48auUR8n4cDVCcLOllRvmzKNWAchF0qN
zlUDBHy/MtmeD35EeuWYrjNamkF3FC+3OHJgeOS9ae+Q+GSmbCOEZINcmw3B0VrO
Ri29hRgEuu2HO2jKFrHfQl0ZixsCAwEAAaOCApUwggKRMB0GA1UdDgQWBBTcz84v
6mFPZXjy1JPo8XypxMpGITAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzAzRjZBNDYy
QTczRTExRUZBMzNBQTA1MUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQBy8roMA0GCSqGSIb3DQEBCwUAA4IBAQALAh9Kgkk9YdvG
UcxeIy7Xe4G84A120v2GlynUbRpIWH3t0UzD2DaenjFEtiv7kXoSCyzhSNpBKk9j
GAqq2sYhAax6upHKF2z4Bc51VG4mszgWJ2JYqQxHmaSyyHnB6/hkUXSYM2cbKRln
Gr8xx2A8BctJ26O3ByafIOUm60vdbb0w9rmZ/rxVz6SLyXlQGJ8JEBNZ1S2xZweb
Z6ET5kWOljSV44K6PswvcsHpoJIQG7dfW/QNyC8p2CbdG5Be8njVqeG4vvmlUiXj
9UEOZxzJSRmH5EGYCry+FtfJ+iGIFKgG3QUeve6ribKsxYpw80TMwCzPH34QUMVX
DuuF56XC
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:22:30 2025 by rpki-client