Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9D53F5E02E0A11EF9732A036C4F9AE02.roa
File: 9D53F5E02E0A11EF9732A036C4F9AE02.roa (raw, json)
Hash identifier: M2OBzKzjEJTR+v4SKk4TLuZBtDEwluWg9+7RzeHk98s=
Subject key identifier: 91:B2:A5:16:10:AA:48:7A:50:16:46:7F:74:D0:13:5D:C9:92:97:BB
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 92D7
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9D53F5E02E0A11EF9732A036C4F9AE02.roa
Signing time: Wed 19 Jun 2024 07:07:39 +0000
ROA not before: Wed 19 Jun 2024 07:07:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137093
IP address blocks: 103.107.112.0/22 maxlen: 24
103.192.204.0/24 maxlen: 24
103.192.207.0/24 maxlen: 24
202.53.134.0/23 maxlen: 24
202.155.187.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37591 (0x92d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jun 19 07:07:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=667283bb-e4f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8e:67:4a:61:3e:fd:0f:df:6d:08:6d:0a:99:
38:21:f4:9a:27:aa:38:86:85:f8:b7:c4:77:44:e0:
90:c6:26:14:ce:3c:f1:8d:47:60:45:16:7a:3c:6f:
db:8f:5a:d3:57:54:75:c3:d7:07:2a:61:a9:2b:49:
bc:31:fd:78:8a:ac:b5:09:90:a3:8c:ed:e4:90:72:
4e:e3:4d:9c:91:39:8b:29:97:5c:01:c6:42:b2:6a:
e1:21:fc:81:a1:40:17:b0:3a:74:09:79:61:0c:19:
60:fc:8d:d5:f9:6e:ea:84:fb:43:80:f0:fa:9d:94:
c8:d1:68:45:24:d6:2d:38:e6:31:a6:ee:76:b3:d9:
87:a5:30:9c:6c:d1:1c:8d:65:58:eb:27:15:6b:fc:
f9:aa:7a:36:10:57:4c:51:30:ab:a0:09:88:ab:13:
2c:8c:2f:e5:31:f8:4a:54:2e:c3:90:a6:ad:2a:4c:
5f:7a:11:78:a1:1c:cf:bf:17:dd:f8:eb:b5:2c:f6:
f2:3c:62:ff:55:ec:58:12:9e:df:c1:ce:cc:9c:cd:
c0:33:f9:94:de:43:b9:f0:ab:fe:82:77:b8:e8:20:
fb:a3:2e:e4:fa:56:41:8c:12:cd:d0:5d:d7:c0:86:
db:a5:36:08:4f:ab:a5:8b:d4:9b:0d:2f:47:ee:72:
96:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:B2:A5:16:10:AA:48:7A:50:16:46:7F:74:D0:13:5D:C9:92:97:BB
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9D53F5E02E0A11EF9732A036C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.107.112.0/22
103.192.204.0/24
103.192.207.0/24
202.53.134.0/23
202.155.187.0/24
Signature Algorithm: sha256WithRSAEncryption
00:74:85:67:b9:84:e1:13:80:f7:83:0e:94:0c:de:05:5b:3e:
c1:e1:75:d9:09:44:99:43:be:73:bf:3f:4a:a4:b7:ad:e1:f9:
f0:3c:26:fe:db:51:2c:f1:eb:4f:55:f9:f4:41:a8:79:49:c4:
c4:90:4e:78:b6:e9:1c:13:4b:f9:a7:36:df:56:e9:a1:1a:44:
3e:80:53:32:2b:74:f4:66:a8:3b:63:4a:a0:e2:f1:75:4d:2b:
e1:4a:42:6d:14:c8:0e:eb:a0:99:e2:71:88:9b:cd:63:74:6a:
07:3b:e0:be:e5:9a:d4:26:99:c0:de:4a:1e:85:19:5e:2a:03:
95:df:3c:19:dd:81:38:8c:51:52:b6:17:e4:45:77:45:f6:49:
33:18:e9:55:19:af:35:07:a3:1f:81:93:cf:3f:95:f3:3a:52:
4a:00:09:69:f2:0d:66:9c:ef:2d:fb:ca:ab:60:50:22:34:8b:
19:a5:10:68:f6:14:e7:7d:97:c6:d3:4b:93:95:e5:bd:ad:b1:
da:68:86:ad:d4:d7:d4:c7:80:10:22:88:59:82:c7:4b:49:2d:
57:a1:2e:5d:e6:95:75:4b:dd:f4:72:fa:18:66:97:38:20:8a:
8e:89:7c:f6:6d:80:8b:b8:92:a9:2d:4e:30:2f:ff:28:9e:20:
76:fe:3d:1e
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAJLXMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDYxOTA3MDczOVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY3MjgzYmItZTRmOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyOZ0phPv0P320IbQqZOCH0mieqOIaF+LfEd0TgkMYmFM488Y1HYEUWejxv
249a01dUdcPXByphqStJvDH9eIqstQmQo4zt5JByTuNNnJE5iymXXAHGQrJq4SH8
gaFAF7A6dAl5YQwZYPyN1flu6oT7Q4Dw+p2UyNFoRSTWLTjmMabudrPZh6UwnGzR
HI1lWOsnFWv8+ap6NhBXTFEwq6AJiKsTLIwv5TH4SlQuw5CmrSpMX3oReKEcz78X
3fjrtSz28jxi/1XsWBKe38HOzJzNwDP5lN5DufCr/oJ3uOgg+6Mu5PpWQYwSzdBd
18CG26U2CE+rpYvUmw0vR+5ylqMCAwEAAaOCAq0wggKpMB0GA1UdDgQWBBSRsqUW
EKpIelAWRn900BNdyZKXuzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzlENTNGNUUw
MkUwQTExRUY5NzMyQTAzNkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDcGCCsGAQUFBwEHAQH/
BCgwJjAkBAIAATAeAwQCZ2twAwQAZ8DMAwQAZ8DPAwQByjWGAwQAypu7MA0GCSqG
SIb3DQEBCwUAA4IBAQAAdIVnuYThE4D3gw6UDN4FWz7B4XXZCUSZQ75zvz9KpLet
4fnwPCb+21Es8etPVfn0Qah5ScTEkE54tukcE0v5pzbfVumhGkQ+gFMyK3T0Zqg7
Y0qg4vF1TSvhSkJtFMgO66CZ4nGIm81jdGoHO+C+5ZrUJpnA3koehRleKgOV3zwZ
3YE4jFFSthfkRXdF9kkzGOlVGa81B6MfgZPPP5XzOlJKAAlp8g1mnO8t+8qrYFAi
NIsZpRBo9hTnfZfG00uTleW9rbHaaIat1NfUx4AQIohZgsdLSS1XoS5d5pV1S930
cvoYZpc4IIqOiXz2bYCLuJKpLU4wL/8oniB2/j0e
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:22:16 2025 by rpki-client