Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/43235FF89DE711EC9E35515BC4F9AE02.roa
File: 43235FF89DE711EC9E35515BC4F9AE02.roa (raw, json)
Hash identifier: SbA3zJ+qCmPA94lvbfvPbqvNUOMwXU4jc/RWaXaWIZQ=
Subject key identifier: 0C:F3:37:9A:40:AA:B4:90:D4:EA:8C:C0:64:97:E7:88:ED:D4:4F:33
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5065
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/43235FF89DE711EC9E35515BC4F9AE02.roa
Signing time: Mon 16 May 2022 04:10:45 +0000
ROA not before: Mon 16 May 2022 04:10:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 135718
IP address blocks: 36.255.156.0/24 maxlen: 24
36.255.157.0/24 maxlen: 24
36.255.158.0/24 maxlen: 24
36.255.159.0/24 maxlen: 24
103.66.112.0/24 maxlen: 24
103.66.114.0/24 maxlen: 24
103.66.115.0/24 maxlen: 24
103.68.44.0/24 maxlen: 24
103.68.46.0/24 maxlen: 24
103.92.120.0/22 maxlen: 24
103.101.56.0/23 maxlen: 24
103.101.58.0/24 maxlen: 24
103.103.132.0/23 maxlen: 24
103.113.35.0/24 maxlen: 24
103.119.245.0/24 maxlen: 24
103.119.246.0/24 maxlen: 24
103.119.247.0/24 maxlen: 24
103.145.8.0/23 maxlen: 24
103.148.164.0/24 maxlen: 24
103.159.201.0/24 maxlen: 24
103.165.87.0/24 maxlen: 24
103.172.10.0/24 maxlen: 24
103.174.144.0/23 maxlen: 24
103.182.110.0/23 maxlen: 24
103.204.188.0/24 maxlen: 24
103.204.189.0/24 maxlen: 24
103.204.190.0/24 maxlen: 24
103.204.191.0/24 maxlen: 24
2001:df5:f680::/48 maxlen: 48
2402:6a40::/48 maxlen: 48
2402:6a40:1::/48 maxlen: 48
2402:6a40:2::/48 maxlen: 48
2402:6a40:3::/48 maxlen: 48
2402:6a40:4::/48 maxlen: 48
2402:6a40:5::/48 maxlen: 48
2402:6a40:6::/48 maxlen: 48
2402:6a40:7::/48 maxlen: 48
2402:6a40:8::/48 maxlen: 48
2402:6a40:9::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20581 (0x5065)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 16 04:10:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281cec5-d41c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:73:38:8f:b0:d4:a3:99:a0:74:ae:8a:a3:56:
f7:e3:0c:51:b7:bf:12:31:fe:03:b2:0a:f4:e7:ef:
fe:0a:de:6a:f5:51:c1:4c:cf:db:bd:c8:0b:b1:ba:
c8:c6:7d:88:24:c5:71:02:c1:78:b1:d7:fe:cf:ab:
93:fc:9c:c5:a8:74:3c:b6:4e:44:de:a7:97:05:64:
92:4b:fe:96:a9:ea:c7:a7:6d:ea:6e:68:c6:17:37:
02:a6:d2:13:01:09:e6:03:c0:3b:ff:75:33:5f:31:
b7:fb:8b:cc:79:ef:59:0a:a2:71:44:51:92:d9:aa:
c4:ed:1d:19:a0:a7:b7:10:c6:0c:2b:c3:ef:1a:46:
aa:9f:20:77:4f:f2:0d:58:eb:ca:35:25:6a:61:af:
92:d2:c0:d5:33:38:44:50:3f:bf:96:23:5e:c0:d3:
b6:23:10:71:41:c3:f7:3d:1e:bc:36:19:bc:96:d5:
e7:cc:b3:e1:5a:e4:63:c6:03:cc:a2:16:47:2d:dd:
37:8d:54:25:42:d9:54:d3:98:0a:ae:05:b0:74:f7:
7c:29:b7:39:69:90:09:6b:ff:06:86:2f:86:66:23:
d6:d4:97:38:cd:24:f3:ab:12:6e:ec:85:65:b3:83:
4b:7a:ad:dd:2e:58:30:b1:41:ad:bb:27:b0:97:a8:
2c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:F3:37:9A:40:AA:B4:90:D4:EA:8C:C0:64:97:E7:88:ED:D4:4F:33
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/43235FF89DE711EC9E35515BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.156.0/22
103.66.112.0/24
103.66.114.0/23
103.68.44.0/24
103.68.46.0/24
103.92.120.0/22
103.101.56.0-103.101.58.255
103.103.132.0/23
103.113.35.0/24
103.119.245.0-103.119.247.255
103.145.8.0/23
103.148.164.0/24
103.159.201.0/24
103.165.87.0/24
103.172.10.0/24
103.174.144.0/23
103.182.110.0/23
103.204.188.0/22
IPv6:
2001:df5:f680::/48
2402:6a40::-2402:6a40:9:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9c:fa:6f:22:b3:c2:ed:cc:27:f9:35:a0:6b:61:50:4b:21:de:
89:b6:a9:79:19:4d:0d:a2:bc:6c:8b:64:b7:0e:57:94:0a:b2:
0a:3d:c6:95:fb:13:28:91:93:d8:09:1b:1f:e6:e1:13:ad:84:
ae:4b:89:b1:0d:37:32:68:23:24:50:e3:08:a0:9f:08:89:f6:
b4:70:8c:2e:16:08:71:a0:fb:22:d0:aa:24:3d:32:75:9d:cf:
db:80:e4:53:c5:f1:a6:57:d7:f5:af:1e:57:31:9f:1d:65:f3:
4c:b7:9f:72:84:21:3d:81:2a:23:35:0e:a2:cf:20:9b:f8:3b:
1e:93:3a:a8:4c:92:a3:be:9c:07:79:4c:4c:f0:f7:9f:27:0f:
f9:e4:46:4a:9e:bd:dd:bc:f5:f5:a8:f4:9c:e9:69:7e:c3:4f:
b1:db:a5:e7:6b:ab:19:4c:9d:33:95:59:69:27:a7:e1:80:39:
cb:8a:9d:4d:6f:1c:b7:cc:18:47:de:07:0e:4f:50:da:1a:a5:
cf:a7:04:7e:d2:b9:a4:5f:00:28:ba:bd:c4:8f:ce:fa:74:a2:
e4:27:35:10:da:6a:14:c8:52:cb:80:c4:30:ad:9f:62:97:31:
60:62:55:8e:ad:fc:22:d4:6d:39:8b:0b:a1:11:7b:c5:05:25:
c7:f8:27:53
-----BEGIN CERTIFICATE-----
MIIGDjCCBPagAwIBAgICUGUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQxMDQ1WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxY2VjNS1kNDFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvHM4j7DUo5mgdK6Ko1b34wxRt78SMf4Dsgr05+/+Ct5q9VHBTM/bvcgLsbrI
xn2IJMVxAsF4sdf+z6uT/JzFqHQ8tk5E3qeXBWSSS/6WqerHp23qbmjGFzcCptIT
AQnmA8A7/3UzXzG3+4vMee9ZCqJxRFGS2arE7R0ZoKe3EMYMK8PvGkaqnyB3T/IN
WOvKNSVqYa+S0sDVMzhEUD+/liNewNO2IxBxQcP3PR68Nhm8ltXnzLPhWuRjxgPM
ohZHLd03jVQlQtlU05gKrgWwdPd8Kbc5aZAJa/8Ghi+GZiPW1Jc4zSTzqxJu7IVl
s4NLeq3dLlgwsUGtuyewl6gsZwIDAQABo4IDMjCCAy4wHQYDVR0OBBYEFAzzN5pA
qrSQ1OqMwGSX54jt1E8zMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNDMyMzVGRjg5
REU3MTFFQzlFMzU1MTVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbsGCCsGAQUFBwEHAQH/
BIGrMIGoMIGCBAIAATB8AwQCJP+cAwQAZ0JwAwQBZ0JyAwQAZ0QsAwQAZ0QuAwQC
Z1x4MAwDBANnZTgDBABnZToDBAFnZ4QDBABncSMwDAMEAGd39QMEA2d38AMEAWeR
CAMEAGeUpAMEAGefyQMEAGelVwMEAGesCgMEAWeukAMEAWe2bgMEAmfMvDAhBAIA
AjAbAwcAIAEN9faAMBADBQYkAmpAAwcBJAJqQAAIMA0GCSqGSIb3DQEBCwUAA4IB
AQCc+m8is8LtzCf5NaBrYVBLId6Jtql5GU0Norxsi2S3DleUCrIKPcaV+xMokZPY
CRsf5uETrYSuS4mxDTcyaCMkUOMIoJ8Iifa0cIwuFghxoPsi0KokPTJ1nc/bgORT
xfGmV9f1rx5XMZ8dZfNMt59yhCE9gSojNQ6izyCb+DsekzqoTJKjvpwHeUxM8Pef
Jw/55EZKnr3dvPX1qPSc6Wl+w0+x26Xna6sZTJ0zlVlpJ6fhgDnLip1Nbxy3zBhH
3gcOT1DaGqXPpwR+0rmkXwAour3Ej876dKLkJzUQ2moUyFLLgMQwrZ9ilzFgYlWO
rfwi1G05iwuhEXvFBSXH+CdT
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:09:29 2025 by rpki-client