Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/42612DB0892311EE9B21D43DC4F9AE02.roa
File: 42612DB0892311EE9B21D43DC4F9AE02.roa (raw, json)
Hash identifier: HHRnqbWZnprmx+3jtAO7RJ3SE9i2B8YDLxlkSk9jSLg=
Subject key identifier: BE:48:2B:7C:FD:83:48:C4:43:58:7C:BB:4B:15:F7:D2:C0:B3:2C:D4
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9DCC
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/42612DB0892311EE9B21D43DC4F9AE02.roa
Signing time: Tue 26 Nov 2024 06:33:16 +0000
ROA not before: Tue 26 Nov 2024 06:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135269
IP address blocks: 103.111.70.0/24 maxlen: 24
103.173.42.0/23 maxlen: 24
103.204.120.0/24 maxlen: 24
103.204.123.0/24 maxlen: 24
103.216.68.0/23 maxlen: 24
103.216.70.0/23 maxlen: 24
157.119.200.0/23 maxlen: 24
157.119.202.0/24 maxlen: 24
157.119.203.0/24 maxlen: 24
2400:c7a0::/32 maxlen: 36
2401:d8a0::/32 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40396 (0x9dcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Nov 26 06:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67456bac-4b44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1d:b0:42:5d:18:77:b7:01:99:0a:e4:06:e2:
2a:5c:7c:ec:ee:eb:90:d0:88:e2:ce:c0:2d:98:22:
8d:a3:f7:82:dd:c5:c7:bd:e3:a8:76:79:f2:93:79:
7b:e1:2c:bb:32:ff:eb:e9:8f:6b:f0:f6:1a:13:ac:
de:09:16:cc:3d:d9:f2:20:fd:8c:53:50:43:61:b3:
49:80:b5:e9:ea:f8:56:15:60:8d:c8:65:c1:12:a3:
b0:05:08:30:6b:dd:6c:fe:ab:20:10:54:6e:ff:77:
c0:18:2a:1b:8d:c9:d3:b9:75:78:bb:5a:c7:0b:34:
5f:3c:7e:69:58:5e:e4:cb:14:a8:08:5e:55:1d:a4:
9a:36:d6:06:cc:07:4c:1a:25:b5:d7:b1:50:cf:7c:
fe:bf:e5:84:98:a5:4e:58:e7:61:2a:b2:36:a6:e3:
32:60:b6:16:8b:85:00:b5:c2:7d:7e:94:df:9c:8d:
e1:ca:e8:9a:45:97:3d:b2:f8:d0:62:3e:75:f1:42:
b2:42:55:51:14:b0:1e:f3:f2:f5:4d:1a:b3:7b:c4:
75:51:c7:91:54:64:d6:6f:18:ed:03:29:e5:f3:0d:
71:c9:60:92:93:78:f2:65:2f:ff:2e:62:63:bb:41:
a2:66:01:77:e9:e6:25:2e:73:c0:3d:05:3a:f9:39:
40:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:48:2B:7C:FD:83:48:C4:43:58:7C:BB:4B:15:F7:D2:C0:B3:2C:D4
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/42612DB0892311EE9B21D43DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.111.70.0/24
103.173.42.0/23
103.204.120.0/24
103.204.123.0/24
103.216.68.0/22
157.119.200.0/22
IPv6:
2400:c7a0::/32
2401:d8a0::/32
Signature Algorithm: sha256WithRSAEncryption
1f:39:8a:f9:f1:a1:95:66:3b:2e:9a:ea:28:8b:bd:9e:6f:7c:
b4:f2:a5:a9:48:98:70:b9:a7:38:95:86:49:60:0f:37:e1:d4:
99:97:67:e2:20:60:7e:cd:43:36:17:1a:55:38:ff:e1:a9:e2:
df:19:8e:10:f5:b3:68:20:9a:ac:0b:c0:d7:76:e2:c7:39:25:
83:72:cd:00:14:0c:52:4d:f7:5a:85:03:b4:e3:e9:35:9c:37:
6e:fe:c6:c1:91:a7:8e:b4:e5:b4:ed:78:54:fa:0f:9e:1b:f0:
35:1a:f1:af:17:66:d6:0d:7c:f3:fc:53:99:1c:99:87:c2:6a:
f4:fc:9c:90:d8:ba:25:eb:6a:1d:c3:10:cb:55:a9:5f:23:ca:
08:f6:53:77:34:5b:73:df:91:8d:3a:84:6d:10:08:89:76:39:
6e:39:c7:98:94:b3:91:a4:6e:d4:1f:d6:75:12:2e:ed:96:b3:
cf:e5:b8:f1:42:3c:f5:04:49:42:2d:bc:c9:9e:6c:ee:18:77:
ec:cf:50:50:09:3c:e6:d4:69:17:86:ec:13:82:7f:a7:bf:06:
05:0f:ab:c0:0c:c5:e4:01:fc:29:b7:b5:3a:09:85:4f:f8:ee:
b7:6c:4a:04:37:80:e5:a0:6e:69:32:34:f5:bd:89:92:0f:a4:
b5:52:88:cf
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDAJ3MMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTEyNjA2MzMxNloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc0NTZiYWMtNGI0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKEdsEJdGHe3AZkK5AbiKlx87O7rkNCI4s7ALZgijaP3gt3Fx73jqHZ58pN5
e+EsuzL/6+mPa/D2GhOs3gkWzD3Z8iD9jFNQQ2GzSYC16er4VhVgjchlwRKjsAUI
MGvdbP6rIBBUbv93wBgqG43J07l1eLtaxws0Xzx+aVhe5MsUqAheVR2kmjbWBswH
TBoltdexUM98/r/lhJilTljnYSqyNqbjMmC2FouFALXCfX6U35yN4cromkWXPbL4
0GI+dfFCskJVURSwHvPy9U0as3vEdVHHkVRk1m8Y7QMp5fMNcclgkpN48mUv/y5i
Y7tBomYBd+nmJS5zwD0FOvk5QI0CAwEAAaOCAskwggLFMB0GA1UdDgQWBBS+SCt8
/YNIxENYfLtLFffSwLMs1DAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzQyNjEyREIw
ODkyMzExRUU5QjIxRDQzREM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMFMGCCsGAQUFBwEHAQH/
BEQwQjAqBAIAATAkAwQAZ29GAwQBZ60qAwQAZ8x4AwQAZ8x7AwQCZ9hEAwQCnXfI
MBQEAgACMA4DBQAkAMegAwUAJAHYoDANBgkqhkiG9w0BAQsFAAOCAQEAHzmK+fGh
lWY7LprqKIu9nm98tPKlqUiYcLmnOJWGSWAPN+HUmZdn4iBgfs1DNhcaVTj/4ani
3xmOEPWzaCCarAvA13bixzklg3LNABQMUk33WoUDtOPpNZw3bv7GwZGnjrTltO14
VPoPnhvwNRrxrxdm1g188/xTmRyZh8Jq9PyckNi6JetqHcMQy1WpXyPKCPZTdzRb
c9+RjTqEbRAIiXY5bjnHmJSzkaRu1B/WdRIu7Zazz+W48UI89QRJQi28yZ5s7hh3
7M9QUAk85tRpF4bsE4J/p78GBQ+rwAzF5AH8Kbe1OgmFT/jut2xKBDeA5aBuaTI0
9b2Jkg+ktVKIzw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:13:33 2025 by rpki-client