Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7F8D4D1A92EC11ECAB132139C4F9AE02.roa
File: 7F8D4D1A92EC11ECAB132139C4F9AE02.roa (raw, json)
Hash identifier: cvLAuiVFZkZohO0HiTGkQT6Jlii8z39ZFqet5LYbE40=
Subject key identifier: 14:4F:2C:1A:9F:41:DF:3A:B3:F6:A9:43:F0:F1:14:FE:30:50:40:03
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6A94
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7F8D4D1A92EC11ECAB132139C4F9AE02.roa
Signing time: Wed 10 May 2023 16:15:27 +0000
ROA not before: Wed 10 May 2023 16:15:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133651
IP address blocks: 103.43.40.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27284 (0x6a94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 10 16:15:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc31f-1402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:1d:ea:39:4c:9f:96:f4:61:79:9f:c0:8d:ee:
cc:26:d6:0d:d0:df:02:b1:c2:10:2d:28:d9:2d:9c:
9c:b8:93:66:80:4b:4d:d1:99:11:b0:b2:a0:2e:a9:
65:bd:ac:c4:82:e4:aa:a5:14:8f:4e:21:33:e0:02:
5f:f7:11:62:bd:ff:b4:c5:85:9e:8d:41:ee:a8:6b:
73:65:ee:c4:b2:14:40:94:7a:24:e5:97:29:21:f5:
c7:70:a7:bf:92:9a:dc:6f:30:05:f9:bf:7b:08:91:
26:31:30:8d:6a:8a:24:19:14:75:17:6c:e1:71:75:
f4:92:ff:8a:26:e1:9c:04:1c:a8:ad:b4:1b:4d:98:
44:5f:5b:c9:82:39:82:ba:11:d7:d5:07:e3:cb:9c:
4f:a8:a0:cd:a2:b2:e7:8e:87:e0:03:26:1c:4c:c4:
0b:d7:ff:a5:8e:ff:28:84:e8:e3:f0:7e:01:03:f1:
03:98:f4:2b:cb:7f:c9:e6:5d:e6:a4:ed:29:99:6d:
ec:ed:fe:8b:d8:96:5f:c1:c2:88:88:99:f4:72:4d:
5f:97:ad:88:10:b5:4b:2d:25:b5:58:84:50:18:31:
6e:4f:50:9e:6e:b2:fd:d9:c9:4b:4e:46:c7:1d:fb:
34:01:3d:69:69:fc:07:09:14:be:b7:e1:fe:92:40:
27:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:4F:2C:1A:9F:41:DF:3A:B3:F6:A9:43:F0:F1:14:FE:30:50:40:03
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7F8D4D1A92EC11ECAB132139C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.43.40.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:82:39:d7:a5:bc:f4:5a:e0:40:04:76:db:63:47:ff:d0:b9:
df:a3:22:aa:7a:18:0e:ba:8e:04:4b:c7:1f:3d:8c:99:6f:78:
bd:f1:d2:74:07:68:9b:a3:a2:b6:77:b4:cc:24:f6:91:ea:36:
91:69:1f:6d:a6:70:13:f5:a9:c7:40:60:24:4f:68:06:6d:be:
2b:94:0a:97:93:3b:86:d5:e3:d6:6a:4b:22:83:d2:ca:d7:4f:
9a:cf:c8:f6:c5:70:10:b0:b3:a7:98:57:59:7c:d7:19:dd:69:
6f:b7:7d:22:41:21:e0:bb:eb:49:bc:42:f8:c9:50:e4:f2:ac:
b1:38:78:86:45:49:9c:cc:a1:e5:d3:e9:e8:30:c4:85:50:11:
bc:11:f5:71:33:ac:71:a9:f2:d9:d7:ba:02:d5:a9:1b:2f:e2:
eb:30:0c:4c:65:7b:f4:65:9a:49:36:31:19:e6:7f:b7:6a:9b:
45:d6:15:c4:73:81:da:a8:15:2c:f4:56:d8:85:23:e9:46:14:
69:25:7c:11:8a:8a:d0:27:35:81:6e:08:e0:ac:95:68:08:a7:
9a:f0:88:e8:c1:87:d2:82:76:e9:e3:25:64:c3:9d:b8:18:e3:
84:18:26:c9:32:e9:53:5b:2c:df:23:63:2f:ba:2c:f8:ab:a9:
08:74:92:71
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICapQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYxNTI3WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzMxZi0xNDAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1B3qOUyflvRheZ/Aje7MJtYN0N8CscIQLSjZLZycuJNmgEtN0ZkRsLKgLqll
vazEguSqpRSPTiEz4AJf9xFivf+0xYWejUHuqGtzZe7EshRAlHok5ZcpIfXHcKe/
kprcbzAF+b97CJEmMTCNaookGRR1F2zhcXX0kv+KJuGcBByorbQbTZhEX1vJgjmC
uhHX1Qfjy5xPqKDNorLnjofgAyYcTMQL1/+ljv8ohOjj8H4BA/EDmPQry3/J5l3m
pO0pmW3s7f6L2JZfwcKIiJn0ck1fl62IELVLLSW1WIRQGDFuT1CebrL92clLTkbH
Hfs0AT1pafwHCRS+t+H+kkAnXwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBRPLBqf
Qd86s/apQ/DxFP4wUEADMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvN0Y4RDREMUE5
MkVDMTFFQ0FCMTMyMTM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnKygwDQYJKoZIhvcNAQELBQADggEBAF6COdelvPRa4EAE
dttjR//Qud+jIqp6GA66jgRLxx89jJlveL3x0nQHaJujorZ3tMwk9pHqNpFpH22m
cBP1qcdAYCRPaAZtviuUCpeTO4bV49ZqSyKD0srXT5rPyPbFcBCws6eYV1l81xnd
aW+3fSJBIeC760m8QvjJUOTyrLE4eIZFSZzMoeXT6egwxIVQEbwR9XEzrHGp8tnX
ugLVqRsv4uswDExle/Rlmkk2MRnmf7dqm0XWFcRzgdqoFSz0VtiFI+lGFGklfBGK
itAnNYFuCOCslWgIp5rwiOjBh9KCdunjJWTDnbgY44QYJsky6VNbLN8jYy+6LPir
qQh0knE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:51:49 2025 by rpki-client