Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B90615548D7411EC88D5811BC4F9AE02.roa
File: B90615548D7411EC88D5811BC4F9AE02.roa (raw, json)
Hash identifier: t5Cuw9SwLErsLAUG/5thyGOnMrbl/4p5yysDHEscX9c=
Subject key identifier: C1:37:C9:A3:2F:BF:59:46:32:DD:23:47:38:47:A2:D9:62:83:28:AF
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4846
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B90615548D7411EC88D5811BC4F9AE02.roa
Signing time: Mon 14 Feb 2022 09:01:41 +0000
ROA not before: Mon 14 Feb 2022 09:01:41 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 135772
IP address blocks: 14.192.52.0/22 maxlen: 24
43.225.0.0/22 maxlen: 24
45.127.232.0/22 maxlen: 24
103.68.216.0/22 maxlen: 24
103.126.32.0/22 maxlen: 24
103.139.60.0/23 maxlen: 24
103.157.150.0/23 maxlen: 24
103.176.126.0/23 maxlen: 24
103.177.178.0/23 maxlen: 24
103.196.220.0/22 maxlen: 24
103.220.158.0/23 maxlen: 24
2001:df6:6b00::/48 maxlen: 48
2403:67c0::/32 maxlen: 36
2407:a8c0::/32 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18502 (0x4846)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 14 09:01:41 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=620a1a74-b651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:16:29:07:02:f2:76:33:c5:d1:26:4a:a0:51:
1f:2e:84:14:52:87:6b:b5:15:5d:dd:2f:76:d4:40:
98:bf:71:5a:35:df:a5:ec:40:de:b0:1d:dc:41:6c:
bc:cd:77:91:24:cd:c7:a7:64:f3:22:64:77:24:de:
4b:14:a8:1f:a2:57:f2:d7:34:0e:74:77:64:38:f5:
3e:09:89:06:1a:5c:f5:c5:fb:e1:b2:6b:b1:5e:5c:
53:33:10:5d:cf:73:8f:4c:fb:a4:30:04:1a:8f:fe:
d4:eb:de:15:01:88:9e:b0:0a:75:d8:e0:60:88:13:
26:50:45:87:72:34:28:46:e2:4a:6b:fd:49:95:ac:
52:52:91:cd:9f:cd:79:df:6f:d1:58:34:cd:34:2b:
8c:cb:ce:b1:fc:40:1b:8c:c5:54:e5:fe:1d:d7:4f:
49:84:60:83:a4:e6:55:04:56:0f:62:6a:18:c0:d2:
fb:e6:e1:5d:76:73:93:66:f5:42:93:97:fd:5e:c0:
04:8a:d7:1a:f9:02:95:5a:c8:c3:92:ad:4f:25:55:
ad:b1:3d:83:16:7c:04:6f:f1:a7:47:91:cd:dc:44:
fc:78:bd:83:ec:51:ac:0f:49:b9:02:86:c7:d0:9b:
bd:29:04:d9:e9:00:62:87:e9:96:54:8a:3b:81:a6:
8c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:37:C9:A3:2F:BF:59:46:32:DD:23:47:38:47:A2:D9:62:83:28:AF
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B90615548D7411EC88D5811BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.52.0/22
43.225.0.0/22
45.127.232.0/22
103.68.216.0/22
103.126.32.0/22
103.139.60.0/23
103.157.150.0/23
103.176.126.0/23
103.177.178.0/23
103.196.220.0/22
103.220.158.0/23
IPv6:
2001:df6:6b00::/48
2403:67c0::/32
2407:a8c0::/32
Signature Algorithm: sha256WithRSAEncryption
51:04:b4:0b:71:ce:83:76:c8:6d:08:24:1a:dc:21:83:cf:e6:
d6:90:86:25:b1:bc:22:d2:1d:24:ca:ad:e7:13:17:f1:9f:f7:
68:68:3c:65:f5:4b:c7:8d:9b:b0:c3:5e:eb:5e:ee:8a:c6:2c:
c7:8b:66:15:24:d5:f5:1a:b7:9c:e2:d6:f5:78:23:c1:b3:d0:
de:d5:96:f5:32:1b:62:4c:29:0b:05:57:98:f1:59:ee:f6:48:
4f:93:34:13:c6:dd:fb:75:f7:09:b1:48:38:78:8f:0f:64:fb:
2a:bd:53:ac:15:4d:5b:a9:5b:14:3f:6d:6c:c2:b7:fb:71:dd:
7f:5f:04:25:65:b1:41:a4:9b:32:16:ab:a7:e6:40:ff:38:1f:
10:89:aa:b4:c9:b1:c7:5f:1d:3b:c0:7d:90:9d:38:e5:35:cb:
f8:7d:d9:47:df:9a:1c:6b:9e:24:e9:d6:3c:4e:20:3a:97:ee:
19:cb:15:10:46:24:1c:3b:c5:f4:06:0b:af:ee:3d:bd:73:99:
4c:52:18:bb:a6:28:89:3d:12:0a:2d:88:c1:6e:45:dd:8e:0d:
18:a0:e2:e8:f2:ce:da:5d:6f:10:88:b3:1d:9c:cc:85:66:46:
d3:97:8a:4a:44:d8:fc:c4:14:4e:d1:ba:29:53:da:c8:37:b3:
02:31:33:a3
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgICSEYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwMjE0MDkwMTQxWhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjBhMWE3NC1iNjUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5BYpBwLydjPF0SZKoFEfLoQUUodrtRVd3S921ECYv3FaNd+l7EDesB3cQWy8
zXeRJM3Hp2TzImR3JN5LFKgfolfy1zQOdHdkOPU+CYkGGlz1xfvhsmuxXlxTMxBd
z3OPTPukMAQaj/7U694VAYiesAp12OBgiBMmUEWHcjQoRuJKa/1JlaxSUpHNn815
32/RWDTNNCuMy86x/EAbjMVU5f4d109JhGCDpOZVBFYPYmoYwNL75uFddnOTZvVC
k5f9XsAEitca+QKVWsjDkq1PJVWtsT2DFnwEb/GnR5HN3ET8eL2D7FGsD0m5AobH
0Ju9KQTZ6QBih+mWVIo7gaaMmwIDAQABo4IC8DCCAuwwHQYDVR0OBBYEFME3yaMv
v1lGMt0jRzhHotligyivMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQjkwNjE1NTQ4
RDc0MTFFQzg4RDU4MTFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwegYIKwYBBQUHAQcBAf8E
azBpMEgEAgABMEIDBAIOwDQDBAIr4QADBAItf+gDBAJnRNgDBAJnfiADBAFnizwD
BAFnnZYDBAFnsH4DBAFnsbIDBAJnxNwDBAFn3J4wHQQCAAIwFwMHACABDfZrAAMF
ACQDZ8ADBQAkB6jAMA0GCSqGSIb3DQEBCwUAA4IBAQBRBLQLcc6DdshtCCQa3CGD
z+bWkIYlsbwi0h0kyq3nExfxn/doaDxl9UvHjZuww17rXu6KxizHi2YVJNX1Grec
4tb1eCPBs9De1Zb1MhtiTCkLBVeY8Vnu9khPkzQTxt37dfcJsUg4eI8PZPsqvVOs
FU1bqVsUP21swrf7cd1/XwQlZbFBpJsyFqun5kD/OB8Qiaq0ybHHXx07wH2QnTjl
Ncv4fdlH35oca54k6dY8TiA6l+4ZyxUQRiQcO8X0Bguv7j29c5lMUhi7piiJPRIK
LYjBbkXdjg0YoOLo8s7aXW8QiLMdnMyFZkbTl4pKRNj8xBRO0bopU9rIN7MCMTOj
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:53:46 2025 by rpki-client