Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/65D48D94021911EBA5F5AB42C4F9AE02.roa
File: 65D48D94021911EBA5F5AB42C4F9AE02.roa (raw, json)
Hash identifier: 4Ww/VICwLketDd/w6G7wvLHdXIYcPgkc6Bs/QOmGhKo=
Subject key identifier: C7:53:D6:41:0F:B4:C3:8F:88:29:4D:72:A2:CE:00:10:10:35:51:05
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6A4B
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/65D48D94021911EBA5F5AB42C4F9AE02.roa
Signing time: Wed 10 May 2023 16:14:04 +0000
ROA not before: Wed 10 May 2023 16:14:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133007
IP address blocks: 103.115.182.0/23 maxlen: 24
103.155.210.0/23 maxlen: 24
103.159.239.0/24 maxlen: 24
103.183.90.0/23 maxlen: 24
103.187.248.0/23 maxlen: 24
103.190.12.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27211 (0x6a4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 10 16:14:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc2cb-851c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ea:4e:da:8e:01:28:af:c5:11:7a:47:90:30:
1f:98:6b:26:84:2a:97:0b:b0:d1:cb:00:d7:32:42:
b5:da:07:6d:1a:11:2f:13:36:ca:39:55:ec:f0:65:
fc:4a:bb:47:d1:d6:36:51:17:56:19:9d:b1:9c:28:
ec:f4:8a:c6:00:75:f9:7e:9b:69:0b:ad:da:2a:bc:
a2:c6:15:95:55:fa:ba:cb:c1:38:51:8a:bf:49:e6:
94:7a:a5:21:ca:61:88:f4:72:e1:b5:21:47:4a:e3:
c5:e0:d5:af:3a:1e:ca:70:88:e7:76:1b:fa:37:a3:
41:20:be:10:75:8d:08:38:81:5f:62:5a:82:aa:3f:
5a:71:6b:8d:e1:50:75:f0:e9:6b:38:63:e6:83:b3:
da:12:88:9e:d1:28:4f:74:4e:5e:08:53:e1:66:b1:
47:fd:ca:1c:2a:4a:6d:d2:98:45:67:04:bd:5f:d6:
45:58:77:78:98:e3:5e:21:4e:19:95:97:b0:3a:8a:
da:f8:14:8d:aa:6e:9e:a1:30:ed:27:6e:16:5c:91:
54:64:82:c6:f3:69:b0:97:a3:fd:a2:2a:29:04:e2:
b2:5c:cc:9c:3c:75:0b:56:f1:ee:5e:0c:c9:c6:9d:
18:a3:19:2a:c1:e3:15:03:b6:2b:e5:04:56:2a:96:
db:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:53:D6:41:0F:B4:C3:8F:88:29:4D:72:A2:CE:00:10:10:35:51:05
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/65D48D94021911EBA5F5AB42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.115.182.0/23
103.155.210.0/23
103.159.239.0/24
103.183.90.0/23
103.187.248.0/23
103.190.12.0/23
Signature Algorithm: sha256WithRSAEncryption
15:54:61:5f:78:88:85:0a:f2:31:47:c5:6e:a2:64:9a:f5:eb:
34:e4:eb:61:54:a4:91:fb:14:25:4c:33:4e:03:37:f5:05:48:
fe:c2:fd:a7:a9:db:6b:b5:fb:11:25:3c:9d:99:13:f4:2d:7d:
0e:21:db:54:b0:42:56:ca:af:a2:c6:43:94:f8:54:12:6e:f5:
73:2b:a2:1f:98:0b:f6:f9:18:ab:29:f5:d5:ef:76:f7:49:22:
0f:5b:1b:78:5d:2a:54:d3:e1:40:ee:24:46:8d:c0:6e:5c:4d:
c5:6d:24:de:70:d8:93:7d:da:b4:5f:28:56:37:2a:ab:f4:73:
d1:96:74:91:1b:3e:6f:1a:50:a2:e6:d3:37:8c:7a:2d:38:12:
19:85:fc:af:e1:f0:43:9c:8d:cf:b4:d0:52:90:b7:e6:f4:a4:
8e:4d:55:fd:66:e3:87:77:6c:3b:82:55:63:aa:63:c7:d1:1d:
02:22:12:51:63:07:91:1e:83:5f:2e:25:ca:3c:90:55:2b:ec:
79:16:ba:03:9f:1d:ff:a9:95:43:f5:7f:50:57:d7:2a:1f:9f:
51:6d:c8:ad:83:2b:7c:ca:1f:97:95:4e:ad:3b:ad:18:f3:88:
44:ee:a3:91:41:ee:7a:2a:cf:ae:30:fe:35:e4:90:62:16:fa:
9e:c7:9b:75
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICakswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYxNDA0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzJjYi04NTFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwupO2o4BKK/FEXpHkDAfmGsmhCqXC7DRywDXMkK12gdtGhEvEzbKOVXs8GX8
SrtH0dY2URdWGZ2xnCjs9IrGAHX5fptpC63aKryixhWVVfq6y8E4UYq/SeaUeqUh
ymGI9HLhtSFHSuPF4NWvOh7KcIjndhv6N6NBIL4QdY0IOIFfYlqCqj9acWuN4VB1
8OlrOGPmg7PaEoie0ShPdE5eCFPhZrFH/cocKkpt0phFZwS9X9ZFWHd4mONeIU4Z
lZewOora+BSNqm6eoTDtJ24WXJFUZILG82mwl6P9oiopBOKyXMycPHULVvHuXgzJ
xp0YoxkqweMVA7Yr5QRWKpbbSQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFMdT1kEP
tMOPiClNcqLOABAQNVEFMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNjVENDhEOTQw
MjE5MTFFQkE1RjVBQjQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAFnc7YDBAFnm9IDBABnn+8DBAFnt1oDBAFnu/gDBAFnvgww
DQYJKoZIhvcNAQELBQADggEBABVUYV94iIUK8jFHxW6iZJr16zTk62FUpJH7FCVM
M04DN/UFSP7C/aep22u1+xElPJ2ZE/QtfQ4h21SwQlbKr6LGQ5T4VBJu9XMroh+Y
C/b5GKsp9dXvdvdJIg9bG3hdKlTT4UDuJEaNwG5cTcVtJN5w2JN92rRfKFY3Kqv0
c9GWdJEbPm8aUKLm0zeMei04EhmF/K/h8EOcjc+00FKQt+b0pI5NVf1m44d3bDuC
VWOqY8fRHQIiElFjB5Eeg18uJco8kFUr7HkWugOfHf+plUP1f1BX1yofn1FtyK2D
K3zKH5eVTq07rRjziETuo5FB7noqz64w/jXkkGIW+p7Hm3U=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:19:55 2025 by rpki-client