Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3B714576C19111EDBF6F046DC4F9AE02.roa
File: 3B714576C19111EDBF6F046DC4F9AE02.roa (raw, json)
Hash identifier: btHwsB+X27x6fjlFUslRYCTrqH2H4NuzKi5W6232gRc=
Subject key identifier: 8E:F7:82:F0:9D:ED:9B:CA:96:5C:29:F3:48:FF:73:1D:AF:12:E0:79
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6693
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3B714576C19111EDBF6F046DC4F9AE02.roa
Signing time: Tue 14 Mar 2023 07:41:39 +0000
ROA not before: Tue 14 Mar 2023 07:41:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137678
IP address blocks: 103.112.21.0/24 maxlen: 24
103.112.22.0/24 maxlen: 24
103.112.23.0/24 maxlen: 24
103.117.202.0/23 maxlen: 24
103.136.82.0/23 maxlen: 24
103.146.222.0/24 maxlen: 24
103.195.253.0/24 maxlen: 24
192.140.230.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26259 (0x6693)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 14 07:41:39 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=64102532-4c6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:88:23:e5:c0:29:f4:3a:51:a8:98:f4:1f:d9:
e9:7d:9c:7d:67:bf:7b:73:f7:44:82:fe:4d:24:45:
32:e9:97:c1:83:68:b4:f0:98:49:53:8e:68:6e:45:
ae:64:ec:a9:11:33:b9:d8:de:d9:4c:13:e6:9c:71:
30:3a:9d:27:9a:6a:74:d5:08:3b:23:e0:7a:21:42:
26:91:ac:cc:11:90:8d:6b:96:cb:79:b5:a4:62:6e:
3d:d7:23:3c:bf:c2:c9:9d:92:c1:12:3c:97:f0:00:
a6:92:c7:63:32:b4:c1:0b:34:8a:b6:84:62:2e:f3:
35:bd:ae:39:6d:d8:24:af:f9:0e:0d:57:58:fc:df:
3b:5d:94:2f:4c:0a:23:8b:9e:f6:7b:53:43:55:6b:
da:47:7c:14:a7:7d:34:c8:94:22:a9:82:5f:2d:36:
a6:0d:01:0a:23:57:ac:c8:86:45:06:72:b2:5b:51:
a1:a0:1b:12:2f:4b:1d:f7:0d:a9:b1:fe:d3:4b:af:
7e:e9:49:8a:c5:80:a0:2c:ab:e9:61:54:25:f8:bb:
88:f2:58:a0:8f:02:a0:22:d4:32:cb:49:e5:fc:71:
48:38:31:15:4b:bd:fb:8d:50:f6:5a:76:95:c9:86:
7c:ad:70:be:48:d4:bc:6a:66:4d:04:54:c2:80:9b:
53:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:F7:82:F0:9D:ED:9B:CA:96:5C:29:F3:48:FF:73:1D:AF:12:E0:79
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3B714576C19111EDBF6F046DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.112.21.0-103.112.23.255
103.117.202.0/23
103.136.82.0/23
103.146.222.0/24
103.195.253.0/24
192.140.230.0/24
Signature Algorithm: sha256WithRSAEncryption
87:37:b0:00:c0:e4:5f:1e:24:5d:8f:2d:1b:7d:1a:00:4a:c1:
8b:f6:e3:b4:91:8f:64:3a:ed:1f:c6:b5:73:6c:30:f2:e2:75:
4f:f8:67:ad:dd:cf:09:c2:ba:a7:fd:12:15:64:63:38:7f:1f:
6d:bd:61:d0:05:94:37:17:ed:93:b1:86:e4:3a:4e:9c:ed:5f:
fa:67:60:f9:41:96:a4:ab:2f:05:1b:22:61:09:44:31:25:0d:
c3:fc:00:52:62:21:a1:e1:e1:61:9b:2c:08:ab:b7:bb:2f:f7:
fd:bd:3f:e3:60:37:1a:e2:34:13:b8:28:dd:7b:8c:85:4c:47:
92:0e:57:59:cd:38:b1:df:ec:31:f7:fa:6d:2a:b6:54:59:94:
9e:d0:60:87:49:67:cd:ea:e8:77:b8:b3:03:66:67:3e:0f:2f:
4a:78:4b:c8:7d:b8:c2:96:d0:91:14:8d:2e:83:db:97:55:c9:
c9:17:ba:25:7f:50:5a:7b:e8:d2:95:ed:c0:a8:18:ee:5b:36:
57:75:89:4f:d0:b8:ea:33:3d:b8:60:2e:a3:8b:f3:fc:92:25:
56:e4:70:d8:c3:35:4f:64:4e:44:de:f4:72:57:2c:c3:85:14:
a6:93:b1:42:f8:8d:e6:0e:0f:57:b7:87:a0:54:aa:6b:7e:d0:
75:3c:61:95
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgICZpMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMzE0MDc0MTM5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDEwMjUzMi00YzZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1Igj5cAp9DpRqJj0H9npfZx9Z797c/dEgv5NJEUy6ZfBg2i08JhJU45obkWu
ZOypETO52N7ZTBPmnHEwOp0nmmp01Qg7I+B6IUImkazMEZCNa5bLebWkYm491yM8
v8LJnZLBEjyX8ACmksdjMrTBCzSKtoRiLvM1va45bdgkr/kODVdY/N87XZQvTAoj
i572e1NDVWvaR3wUp300yJQiqYJfLTamDQEKI1esyIZFBnKyW1GhoBsSL0sd9w2p
sf7TS69+6UmKxYCgLKvpYVQl+LuI8ligjwKgItQyy0nl/HFIODEVS737jVD2WnaV
yYZ8rXC+SNS8amZNBFTCgJtTAQIDAQABo4ICuzCCArcwHQYDVR0OBBYEFI73gvCd
7ZvKllwp80j/cx2vEuB5MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvM0I3MTQ1NzZD
MTkxMTFFREJGNkYwNDZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRQYIKwYBBQUHAQcBAf8E
NjA0MDIEAgABMCwwDAMEAGdwFQMEA2dwEAMEAWd1ygMEAWeIUgMEAGeS3gMEAGfD
/QMEAMCM5jANBgkqhkiG9w0BAQsFAAOCAQEAhzewAMDkXx4kXY8tG30aAErBi/bj
tJGPZDrtH8a1c2ww8uJ1T/hnrd3PCcK6p/0SFWRjOH8fbb1h0AWUNxftk7GG5DpO
nO1f+mdg+UGWpKsvBRsiYQlEMSUNw/wAUmIhoeHhYZssCKu3uy/3/b0/42A3GuI0
E7go3XuMhUxHkg5XWc04sd/sMff6bSq2VFmUntBgh0lnzerod7izA2ZnPg8vSnhL
yH24wpbQkRSNLoPbl1XJyRe6JX9QWnvo0pXtwKgY7ls2V3WJT9C46jM9uGAuo4vz
/JIlVuRw2MM1T2RORN70clcsw4UUppOxQviN5g4PV7eHoFSqa37QdTxhlQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:06:38 2025 by rpki-client