Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4C3EB69297D211ED801D7E41C4F9AE02.roa
File: 4C3EB69297D211ED801D7E41C4F9AE02.roa (raw, json)
Hash identifier: cvvUS1I3v12xz3yRbuO57CidjF9w5K0O3th4SsiTOVI=
Subject key identifier: 6D:30:D1:BE:AF:72:D8:E1:62:53:23:E8:53:40:61:A0:57:74:2B:65
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6379
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4C3EB69297D211ED801D7E41C4F9AE02.roa
Signing time: Thu 19 Jan 2023 08:21:40 +0000
ROA not before: Thu 19 Jan 2023 08:21:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 133311
IP address blocks: 103.98.79.0/24 maxlen: 24
103.100.80.0/22 maxlen: 24
103.127.60.0/23 maxlen: 24
103.127.76.0/24 maxlen: 24
103.127.77.0/24 maxlen: 24
103.141.52.0/23 maxlen: 24
103.156.206.0/23 maxlen: 24
103.158.178.0/24 maxlen: 24
103.158.179.0/24 maxlen: 24
103.159.200.0/24 maxlen: 24
103.160.28.0/23 maxlen: 24
103.163.54.0/23 maxlen: 23
103.174.126.0/23 maxlen: 24
103.174.240.0/23 maxlen: 24
103.181.22.0/23 maxlen: 23
103.181.23.0/24 maxlen: 24
103.199.98.0/24 maxlen: 24
103.199.99.0/24 maxlen: 24
103.199.116.0/24 maxlen: 24
103.201.136.0/24 maxlen: 24
103.201.137.0/24 maxlen: 24
103.201.138.0/24 maxlen: 24
103.208.72.0/22 maxlen: 24
103.225.174.0/24 maxlen: 24
160.202.156.0/24 maxlen: 24
160.202.157.0/24 maxlen: 24
160.202.158.0/24 maxlen: 24
160.202.159.0/24 maxlen: 24
2001:df1:95c0::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25465 (0x6379)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 19 08:21:40 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63c8fd93-10ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:08:58:c7:72:e4:33:b7:8c:46:49:52:59:04:
21:a9:42:df:90:32:7d:fa:05:f5:96:f7:30:50:34:
63:fc:f1:6e:dd:a2:2f:55:fd:cd:93:a2:0e:d6:cc:
27:5e:51:ac:20:50:bd:a1:8f:03:b9:89:99:09:f0:
92:76:97:65:b6:0c:c2:c3:b7:ae:28:cb:9d:e9:75:
b9:e2:42:fc:1b:ed:e0:39:e4:45:46:52:c5:3f:27:
f8:a3:49:7c:d3:e4:42:b3:a9:5d:73:30:d3:19:67:
ef:89:7a:71:18:14:f2:92:08:ab:3c:1d:43:da:81:
a1:89:d0:5e:14:1a:68:50:66:f2:10:f1:43:de:03:
c6:45:e7:c7:e8:99:dd:81:b4:38:63:22:a1:38:2c:
2d:14:bb:b7:2e:59:2a:9e:2b:36:92:16:56:b1:b6:
fb:d8:4f:99:b2:8e:2e:c1:d2:02:e1:25:cb:2e:7c:
c6:1b:ef:97:f3:ce:08:2e:51:e8:0e:e0:49:c5:eb:
24:6e:a5:3f:de:79:01:61:ef:8e:c3:fc:e2:e7:29:
ad:87:eb:82:75:83:30:be:6b:09:55:11:97:78:85:
b8:be:95:de:ac:3d:c4:2c:b9:1b:40:41:8a:16:d4:
14:e5:31:fb:a6:b2:6b:51:6a:96:da:a5:13:a4:14:
f9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:30:D1:BE:AF:72:D8:E1:62:53:23:E8:53:40:61:A0:57:74:2B:65
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4C3EB69297D211ED801D7E41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.98.79.0/24
103.100.80.0/22
103.127.60.0/23
103.127.76.0/23
103.141.52.0/23
103.156.206.0/23
103.158.178.0/23
103.159.200.0/24
103.160.28.0/23
103.163.54.0/23
103.174.126.0/23
103.174.240.0/23
103.181.22.0/23
103.199.98.0/23
103.199.116.0/24
103.201.136.0-103.201.138.255
103.208.72.0/22
103.225.174.0/24
160.202.156.0/22
IPv6:
2001:df1:95c0::/48
Signature Algorithm: sha256WithRSAEncryption
81:62:75:ec:6e:0f:41:8d:cb:cd:a1:9c:03:af:cf:fa:65:83:
06:da:e6:b7:82:08:8e:ab:b4:a7:8a:47:fa:3b:ee:04:8c:9e:
28:17:2d:2e:3f:aa:38:4c:3a:a8:28:91:f1:8b:50:bc:a0:6f:
8a:48:88:b8:5e:4e:30:63:cf:7c:4a:50:e5:c7:2f:1b:05:e1:
68:2f:3c:08:94:cc:bb:03:4f:aa:66:13:71:b6:ac:1f:2e:3a:
40:92:1f:2c:4f:cc:7b:33:62:6f:71:4f:96:cd:4d:41:d5:53:
50:8f:82:17:df:2e:7b:2b:d0:b4:19:30:34:1b:cc:d2:f7:fc:
3f:af:39:5d:6f:97:c2:77:78:73:13:3d:fc:57:12:10:4c:18:
0b:21:8b:72:12:53:e5:99:8f:fc:72:6d:32:87:ef:9e:17:de:
ac:3b:b4:fd:a9:e9:35:8d:80:91:11:e6:c7:de:8c:38:a1:9b:
04:6e:b2:c7:f8:bd:e2:09:77:71:f8:b3:24:2b:4f:5e:85:da:
1b:d2:13:c7:aa:94:9f:7d:6d:08:e2:da:87:5c:b1:9b:f6:0d:
c1:e1:91:ea:45:04:80:40:0b:78:cd:cf:c9:39:65:64:c4:07:
59:46:15:3e:05:64:2d:00:a9:bb:6d:6b:01:64:b9:f4:b4:a4:
d7:f7:37:05
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgICY3kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMTE5MDgyMTQwWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2M4ZmQ5My0xMGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxQhYx3LkM7eMRklSWQQhqULfkDJ9+gX1lvcwUDRj/PFu3aIvVf3Nk6IO1swn
XlGsIFC9oY8DuYmZCfCSdpdltgzCw7euKMud6XW54kL8G+3gOeRFRlLFPyf4o0l8
0+RCs6ldczDTGWfviXpxGBTykgirPB1D2oGhidBeFBpoUGbyEPFD3gPGRefH6Jnd
gbQ4YyKhOCwtFLu3Llkqnis2khZWsbb72E+Zso4uwdIC4SXLLnzGG++X884ILlHo
DuBJxeskbqU/3nkBYe+Ow/zi5ymth+uCdYMwvmsJVRGXeIW4vpXerD3ELLkbQEGK
FtQU5TH7prJrUWqW2qUTpBT5ywIDAQABo4IDHjCCAxowHQYDVR0OBBYEFG0w0b6v
ctjhYlMj6FNAYaBXdCtlMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNEMzRUI2OTI5
N0QyMTFFRDgwMUQ3RTQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgacGCCsGAQUFBwEHAQH/
BIGXMIGUMIGABAIAATB6AwQAZ2JPAwQCZ2RQAwQBZ388AwQBZ39MAwQBZ400AwQB
Z5zOAwQBZ56yAwQAZ5/IAwQBZ6AcAwQBZ6M2AwQBZ65+AwQBZ67wAwQBZ7UWAwQB
Z8diAwQAZ8d0MAwDBANnyYgDBABnyYoDBAJn0EgDBABn4a4DBAKgypwwDwQCAAIw
CQMHACABDfGVwDANBgkqhkiG9w0BAQsFAAOCAQEAgWJ17G4PQY3LzaGcA6/P+mWD
Btrmt4IIjqu0p4pH+jvuBIyeKBctLj+qOEw6qCiR8YtQvKBvikiIuF5OMGPPfEpQ
5ccvGwXhaC88CJTMuwNPqmYTcbasHy46QJIfLE/MezNib3FPls1NQdVTUI+CF98u
eyvQtBkwNBvM0vf8P685XW+Xwnd4cxM9/FcSEEwYCyGLchJT5ZmP/HJtMofvnhfe
rDu0/anpNY2AkRHmx96MOKGbBG6yx/i94gl3cfizJCtPXoXaG9ITx6qUn31tCOLa
h1yxm/YNweGR6kUEgEALeM3PyTllZMQHWUYVPgVkLQCpu21rAWS59LSk1/c3BQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:06:47 2025 by rpki-client