Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/93D86182459C11EF9B647D13C4F9AE02.roa
File: 93D86182459C11EF9B647D13C4F9AE02.roa (raw, json)
Hash identifier: GCjvrwqgOkoCnw6p10ekfiIgm0xKkR0lHyU4bU2/58A=
Subject key identifier: 81:E7:77:66:7C:71:15:24:A9:C4:55:0B:6A:82:AC:C7:55:6C:B9:3D
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 94E6
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/93D86182459C11EF9B647D13C4F9AE02.roa
Signing time: Fri 19 Jul 2024 07:00:27 +0000
ROA not before: Fri 19 Jul 2024 07:00:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9830
IP address blocks: 103.60.198.0/24 maxlen: 24
103.60.199.0/24 maxlen: 24
103.68.184.0/22 maxlen: 22
103.68.184.0/24 maxlen: 24
103.68.185.0/24 maxlen: 24
103.68.186.0/24 maxlen: 24
103.68.187.0/24 maxlen: 24
103.169.167.0/24 maxlen: 24
103.170.20.0/24 maxlen: 24
103.239.64.0/23 maxlen: 24
202.91.64.0/24 maxlen: 24
202.91.65.0/24 maxlen: 24
202.91.66.0/24 maxlen: 24
202.91.67.0/24 maxlen: 24
202.91.68.0/24 maxlen: 24
202.91.69.0/24 maxlen: 24
202.91.70.0/24 maxlen: 24
202.91.71.0/24 maxlen: 24
202.91.72.0/24 maxlen: 24
202.91.73.0/24 maxlen: 24
202.91.74.0/24 maxlen: 24
202.91.75.0/24 maxlen: 24
202.91.76.0/24 maxlen: 24
202.91.77.0/24 maxlen: 24
202.91.78.0/24 maxlen: 24
202.91.79.0/24 maxlen: 24
202.91.80.0/24 maxlen: 24
202.91.81.0/24 maxlen: 24
202.91.82.0/24 maxlen: 24
202.91.83.0/24 maxlen: 24
202.91.84.0/24 maxlen: 24
202.91.85.0/24 maxlen: 24
202.91.86.0/24 maxlen: 24
202.91.87.0/24 maxlen: 24
202.91.88.0/24 maxlen: 24
202.91.89.0/24 maxlen: 24
202.91.90.0/24 maxlen: 24
202.91.91.0/24 maxlen: 24
202.91.92.0/24 maxlen: 24
202.91.93.0/24 maxlen: 24
202.91.94.0/24 maxlen: 24
202.91.95.0/24 maxlen: 24
2001:df0:cf80::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38118 (0x94e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jul 19 07:00:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=669a0f0b-823a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3d:c9:8c:43:b2:b9:d5:63:c2:a2:e8:87:cb:
08:23:e7:1e:fb:6f:51:96:0f:f5:7d:5c:9e:52:09:
a7:ab:d6:22:03:5f:19:23:8a:2b:65:93:94:16:a5:
2e:67:65:62:bb:29:de:5d:c8:80:08:32:66:ee:17:
7e:e0:20:bf:b8:5e:16:ac:47:d5:c3:39:f4:a7:fd:
a9:ce:6a:03:4f:23:69:bb:a2:1c:5e:61:65:fa:0d:
cb:0e:d0:55:b4:f8:b2:96:81:15:5e:be:f0:d5:01:
3d:00:4b:66:9d:ed:5f:da:26:6d:82:ac:91:0a:e1:
ae:d3:a7:35:fa:0e:b1:fb:a5:02:ab:2d:3c:16:c9:
d8:1f:58:81:f9:bd:a2:88:1d:e1:83:ef:ac:66:15:
2d:8f:56:42:4d:90:77:fb:b0:63:b1:9f:e6:ff:6d:
7b:5b:2c:54:9c:ba:5c:27:bb:b8:71:f7:65:60:60:
ab:b9:b4:94:5f:22:c8:df:f1:94:dd:70:0f:37:d5:
ea:db:72:09:9b:c0:f8:f7:71:20:f6:d6:ed:6d:b3:
e8:c3:76:70:c9:ca:1a:73:9b:4d:7a:26:05:06:f7:
83:91:23:8a:1a:d6:9f:8a:5f:86:38:1c:e6:75:21:
c7:7a:61:12:74:31:c2:4b:41:8e:8c:88:5c:fc:59:
c0:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:E7:77:66:7C:71:15:24:A9:C4:55:0B:6A:82:AC:C7:55:6C:B9:3D
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/93D86182459C11EF9B647D13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.60.198.0/23
103.68.184.0/22
103.169.167.0/24
103.170.20.0/24
103.239.64.0/23
202.91.64.0/19
IPv6:
2001:df0:cf80::/48
Signature Algorithm: sha256WithRSAEncryption
a2:36:b1:fa:a5:27:13:8c:2d:31:c8:5d:c9:ff:fd:0e:31:fa:
93:0e:ec:36:47:c6:a2:bc:68:1b:06:e6:47:79:ea:2f:6f:27:
d4:33:39:51:9f:77:6c:39:25:2e:1b:a6:13:e7:cd:38:c2:87:
df:6c:a5:d7:3f:5e:87:56:d6:e6:87:e2:f0:bc:14:90:89:67:
e4:a8:de:d6:b8:ee:35:0b:0e:87:ba:b2:6b:c7:d4:3f:1a:5d:
79:07:47:9a:0b:ba:a5:76:bd:4a:17:09:db:91:87:94:4d:2b:
90:64:dd:34:48:f4:0b:fc:50:be:28:f6:cc:4b:f0:7a:c1:30:
d3:69:c5:b3:fe:2b:28:75:dc:e9:8f:99:e1:5f:5a:ad:08:79:
d9:77:27:0b:cd:13:0c:7d:85:58:80:cd:e4:13:56:70:81:9f:
8e:f0:e4:87:fa:90:87:ab:a3:fd:63:15:d2:9a:34:09:57:e3:
c7:17:40:91:13:1d:24:cb:cd:a7:f9:54:b1:75:37:15:01:89:
b2:87:ff:ad:a9:de:c8:89:ce:43:8f:a1:be:c0:1e:9f:0d:57:
04:cb:eb:2d:96:0a:c6:1d:45:70:cb:a6:5a:9d:05:3f:e3:d3:
d0:45:19:e7:78:3b:d7:bc:67:51:e8:4f:2d:c7:36:30:ec:4b:
d8:52:20:4d
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgIDAJTmMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDcxOTA3MDAyN1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY5YTBmMGItODIzYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM49yYxDsrnVY8Ki6IfLCCPnHvtvUZYP9X1cnlIJp6vWIgNfGSOKK2WTlBal
LmdlYrsp3l3IgAgyZu4XfuAgv7heFqxH1cM59Kf9qc5qA08jabuiHF5hZfoNyw7Q
VbT4spaBFV6+8NUBPQBLZp3tX9ombYKskQrhrtOnNfoOsfulAqstPBbJ2B9Ygfm9
oogd4YPvrGYVLY9WQk2Qd/uwY7Gf5v9te1ssVJy6XCe7uHH3ZWBgq7m0lF8iyN/x
lN1wDzfV6ttyCZvA+PdxIPbW7W2z6MN2cMnKGnObTXomBQb3g5EjihrWn4pfhjgc
5nUhx3phEnQxwktBjoyIXPxZwK0CAwEAAaOCAsQwggLAMB0GA1UdDgQWBBSB53dm
fHEVJKnEVQtqgqzHVWy5PTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzkzRDg2MTgy
NDU5QzExRUY5QjY0N0QxM0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sME4GCCsGAQUFBwEHAQH/
BD8wPTAqBAIAATAkAwQBZzzGAwQCZ0S4AwQAZ6mnAwQAZ6oUAwQBZ+9AAwQFyltA
MA8EAgACMAkDBwAgAQ3wz4AwDQYJKoZIhvcNAQELBQADggEBAKI2sfqlJxOMLTHI
Xcn//Q4x+pMO7DZHxqK8aBsG5kd56i9vJ9QzOVGfd2w5JS4bphPnzTjCh99spdc/
XodW1uaH4vC8FJCJZ+So3ta47jULDoe6smvH1D8aXXkHR5oLuqV2vUoXCduRh5RN
K5Bk3TRI9Av8UL4o9sxL8HrBMNNpxbP+Kyh13OmPmeFfWq0Iedl3JwvNEwx9hViA
zeQTVnCBn47w5If6kIero/1jFdKaNAlX48cXQJETHSTLzaf5VLF1NxUBibKH/62p
3siJzkOPob7AHp8NVwTL6y2WCsYdRXDLplqdBT/j09BFGed4O9e8Z1HoTy3HNjDs
S9hSIE0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:22:08 2025 by rpki-client