Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/292D376E153D11ECA9C0A458C4F9AE02.roa
File: 292D376E153D11ECA9C0A458C4F9AE02.roa (raw, json)
Hash identifier: WmKRUJn6xOlj4eatf5fbiqd0V/VJsWT5wuF7D1c4+70=
Subject key identifier: FC:8E:37:3C:0B:E4:93:F3:B9:8E:12:B9:40:13:16:CC:B0:AE:B2:34
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6510
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/292D376E153D11ECA9C0A458C4F9AE02.roa
Signing time: Fri 17 Feb 2023 09:11:42 +0000
ROA not before: Fri 17 Feb 2023 09:11:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137174
IP address blocks: 103.112.84.0/23 maxlen: 24
103.112.86.0/23 maxlen: 24
2001:df1:f8c0::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25872 (0x6510)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 17 09:11:42 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63ef44ce-8bc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:33:69:a3:24:05:0f:c4:22:67:32:ba:75:f0:
81:6a:10:73:32:7a:f5:a7:0b:c6:a1:de:f6:ce:e3:
87:3d:22:6d:d7:be:0c:73:a8:46:37:a1:8f:6c:9d:
d5:51:94:b6:c0:7f:0a:61:b4:b6:97:3f:a6:b0:c2:
4a:96:c5:0f:93:b4:55:8a:2b:92:6a:44:86:9d:04:
3d:41:48:84:99:3c:4b:10:ad:bd:90:39:3f:12:ed:
ea:a3:de:c1:f6:a5:ff:d9:06:40:10:66:72:66:9b:
d1:61:7d:f7:8e:20:03:0a:78:b9:af:c7:3c:57:97:
4b:c8:79:38:58:43:cc:1b:e6:74:27:70:bb:14:c1:
b7:ff:26:ce:01:80:38:08:68:9e:21:50:bd:d3:84:
ce:f8:bb:59:79:84:cd:da:fc:3f:7d:ec:cb:55:2c:
85:2d:14:e3:d8:7d:55:e4:2e:24:1a:f7:12:af:56:
50:2a:eb:90:61:f1:fe:d9:3b:9e:9d:3c:3a:b3:e2:
35:a6:4a:89:05:13:58:15:44:18:a5:38:2c:ff:3a:
58:0f:e1:e3:ad:de:f8:4a:a9:c7:d9:a3:c6:62:75:
02:6b:30:e6:8c:1e:5b:af:dd:ab:1b:d4:cc:ae:02:
36:4f:15:df:33:3e:23:de:e3:e0:eb:0b:fb:98:d8:
de:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:8E:37:3C:0B:E4:93:F3:B9:8E:12:B9:40:13:16:CC:B0:AE:B2:34
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/292D376E153D11ECA9C0A458C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.112.84.0/22
IPv6:
2001:df1:f8c0::/48
Signature Algorithm: sha256WithRSAEncryption
4e:5b:8e:2f:fa:ec:55:e0:1a:0b:52:42:3e:23:a1:87:0f:c8:
70:d7:45:89:97:fe:93:6c:76:a5:1a:69:5b:dd:bd:ab:f0:0b:
e8:63:c3:fb:06:1c:99:c0:dc:d5:52:f9:46:11:90:4b:24:fd:
e8:b3:9b:a5:75:85:3f:3c:fc:cd:45:56:07:6c:5a:0d:e5:eb:
a7:60:f7:af:38:bc:f2:36:b8:ab:0a:c4:85:67:ef:69:e4:b0:
49:76:f6:81:48:57:06:83:85:e7:f1:3d:55:d1:3f:86:dc:35:
73:87:18:4d:4a:ae:ea:60:9b:51:55:fc:3b:59:f7:b0:20:e7:
be:df:a7:aa:3b:04:04:2c:26:96:f6:e3:21:38:11:4d:d7:f5:
a1:ef:ac:c5:a1:72:8e:a5:56:60:2f:7b:fc:05:0a:6f:19:c9:
7b:94:9c:e0:69:65:fa:e3:b4:e7:cd:e3:f0:83:0d:97:d3:fb:
79:0d:fb:b3:5a:cf:03:47:d8:9d:46:82:4a:2c:91:60:74:f0:
60:c5:a6:13:1a:2c:61:b1:d6:b2:59:bc:61:0e:f2:13:98:0f:
77:dd:9b:a2:25:a4:c0:d5:ea:dd:bb:c5:39:4c:25:8c:c5:d1:
96:87:e1:f9:1d:0c:52:0e:e0:76:c7:2e:00:9c:47:44:ef:91:
61:ca:99:90
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICZRAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMjE3MDkxMTQyWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2VmNDRjZS04YmMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtTNpoyQFD8QiZzK6dfCBahBzMnr1pwvGod72zuOHPSJt174Mc6hGN6GPbJ3V
UZS2wH8KYbS2lz+msMJKlsUPk7RViiuSakSGnQQ9QUiEmTxLEK29kDk/Eu3qo97B
9qX/2QZAEGZyZpvRYX33jiADCni5r8c8V5dLyHk4WEPMG+Z0J3C7FMG3/ybOAYA4
CGieIVC904TO+LtZeYTN2vw/fezLVSyFLRTj2H1V5C4kGvcSr1ZQKuuQYfH+2Tue
nTw6s+I1pkqJBRNYFUQYpTgs/zpYD+Hjrd74SqnH2aPGYnUCazDmjB5br92rG9TM
rgI2TxXfMz4j3uPg6wv7mNjelQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFPyONzwL
5JPzuY4SuUATFsywrrI0MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMjkyRDM3NkUx
NTNEMTFFQ0E5QzBBNDU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAJncFQwDwQCAAIwCQMHACABDfH4wDANBgkqhkiG9w0BAQsF
AAOCAQEATluOL/rsVeAaC1JCPiOhhw/IcNdFiZf+k2x2pRppW929q/AL6GPD+wYc
mcDc1VL5RhGQSyT96LObpXWFPzz8zUVWB2xaDeXrp2D3rzi88ja4qwrEhWfvaeSw
SXb2gUhXBoOF5/E9VdE/htw1c4cYTUqu6mCbUVX8O1n3sCDnvt+nqjsEBCwmlvbj
ITgRTdf1oe+sxaFyjqVWYC97/AUKbxnJe5Sc4Gll+uO0583j8IMNl9P7eQ37s1rP
A0fYnUaCSiyRYHTwYMWmExosYbHWslm8YQ7yE5gPd92boiWkwNXq3bvFOUwljMXR
lofh+R0MUg7gdscuAJxHRO+RYcqZkA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:58:09 2025 by rpki-client