Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DA06F550940411EEBF0B5C28C4F9AE02.roa
File: DA06F550940411EEBF0B5C28C4F9AE02.roa (raw, json)
Hash identifier: DfkuIJHwf73V+7/LIMQ+3kB7HS4M/+I7a7jdQveivKo=
Subject key identifier: C6:F4:7B:49:85:C7:07:6A:F6:42:30:4F:86:1E:F9:42:93:9A:09:F4
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7F95
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DA06F550940411EEBF0B5C28C4F9AE02.roa
Signing time: Wed 06 Dec 2023 06:58:25 +0000
ROA not before: Wed 06 Dec 2023 06:58:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135820
IP address blocks: 103.77.254.0/23 maxlen: 23
103.77.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32661 (0x7f95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Dec 6 06:58:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65701b91-413d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:3c:d5:5b:b5:35:72:9d:2d:b8:dc:25:58:b1:
8d:82:11:ac:d3:84:94:ff:02:76:77:4d:5f:47:43:
dd:a7:79:22:39:54:0f:e0:36:59:04:15:0f:eb:5a:
b5:92:4a:81:73:f0:75:fc:04:72:cc:bb:89:c8:46:
db:aa:c8:66:14:dc:0a:59:f3:26:d2:1e:bb:7d:24:
6e:33:a8:0d:3a:fa:1b:a0:ce:af:42:70:83:82:43:
36:dd:cc:3b:1a:e1:e4:bf:4e:75:9b:19:d5:33:a6:
f7:5c:57:21:2d:92:15:12:81:62:f9:f1:94:66:3f:
3c:7f:63:6c:00:e7:d7:ee:45:40:79:ea:db:6f:be:
ef:7f:6a:ee:4a:a1:1d:d2:9b:7b:5e:ee:f7:63:4e:
86:3a:71:40:20:32:c6:6a:e0:4e:c9:a6:37:c6:bb:
b0:3a:3b:5a:33:23:ac:78:75:eb:01:75:14:d9:d7:
5a:fd:dd:0c:bd:76:26:18:95:74:a1:f0:e0:79:3c:
5a:34:cf:a3:b2:6d:c8:68:ab:4c:77:98:9f:1d:4e:
8a:12:b6:ba:db:eb:43:00:c7:6b:c0:0c:30:4f:ec:
7a:db:59:64:e2:63:ab:e6:3e:52:d0:56:0b:51:24:
3a:ee:d2:28:0e:fe:73:00:54:f6:7a:4d:ff:11:b1:
83:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:F4:7B:49:85:C7:07:6A:F6:42:30:4F:86:1E:F9:42:93:9A:09:F4
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DA06F550940411EEBF0B5C28C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.77.254.0/23
Signature Algorithm: sha256WithRSAEncryption
26:c0:cc:3d:22:6f:b7:0a:ef:be:7b:8b:58:fc:9d:3a:ee:74:
44:7c:41:5c:f7:a0:b4:7a:e9:eb:0e:84:c4:9b:22:ff:e8:2f:
6b:41:5a:5e:b7:ac:41:8d:ef:ba:2b:8b:d2:cc:2b:ec:a3:74:
00:d8:61:d3:ba:20:8d:9b:b6:cc:b2:23:87:68:86:30:08:cf:
54:ab:d0:2d:20:e0:ad:9c:76:e2:ae:2a:fc:85:d5:2c:43:b8:
49:ce:64:d5:db:95:04:69:20:3c:5e:3f:2a:85:f2:81:f4:5d:
0f:21:78:cc:35:82:64:25:84:05:21:c8:1f:b5:ce:88:d2:0a:
06:51:41:2e:c3:27:14:db:dd:1c:25:49:f2:e1:3d:20:74:bf:
b8:68:5f:f3:fd:99:bf:fc:7e:b6:91:bf:f9:a1:3b:8a:92:96:
6f:52:a7:9e:a4:ec:47:9d:2f:3f:f6:e2:b9:50:ec:e2:fe:a6:
af:24:bd:33:58:2f:41:8f:be:5f:bd:ec:10:77:e7:fc:11:b7:
d6:44:52:cf:e3:81:52:19:2a:32:81:9c:2f:9c:c0:8f:59:30:
57:4f:7f:f5:23:26:54:bc:9f:67:39:b6:cd:1d:3b:72:f6:a9:
61:13:15:b5:71:2e:28:2a:3f:87:8d:0d:36:fa:e6:84:c1:20:
e3:ac:45:bb
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICf5UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMxMjA2MDY1ODI1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTcwMWI5MS00MTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9TzVW7U1cp0tuNwlWLGNghGs04SU/wJ2d01fR0Pdp3kiOVQP4DZZBBUP61q1
kkqBc/B1/ARyzLuJyEbbqshmFNwKWfMm0h67fSRuM6gNOvoboM6vQnCDgkM23cw7
GuHkv051mxnVM6b3XFchLZIVEoFi+fGUZj88f2NsAOfX7kVAeerbb77vf2ruSqEd
0pt7Xu73Y06GOnFAIDLGauBOyaY3xruwOjtaMyOseHXrAXUU2dda/d0MvXYmGJV0
ofDgeTxaNM+jsm3IaKtMd5ifHU6KEra62+tDAMdrwAwwT+x621lk4mOr5j5S0FYL
USQ67tIoDv5zAFT2ek3/EbGDywIDAQABo4IClTCCApEwHQYDVR0OBBYEFMb0e0mF
xwdq9kIwT4Ye+UKTmgn0MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvREEwNkY1NTA5
NDA0MTFFRUJGMEI1QzI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnTf4wDQYJKoZIhvcNAQELBQADggEBACbAzD0ib7cK7757
i1j8nTrudER8QVz3oLR66esOhMSbIv/oL2tBWl63rEGN77ori9LMK+yjdADYYdO6
II2btsyyI4dohjAIz1Sr0C0g4K2cduKuKvyF1SxDuEnOZNXblQRpIDxePyqF8oH0
XQ8heMw1gmQlhAUhyB+1zojSCgZRQS7DJxTb3RwlSfLhPSB0v7hoX/P9mb/8fraR
v/mhO4qSlm9Sp56k7EedLz/24rlQ7OL+pq8kvTNYL0GPvl+97BB35/wRt9ZEUs/j
gVIZKjKBnC+cwI9ZMFdPf/UjJlS8n2c5ts0dO3L2qWETFbVxLigqP4eNDTb65oTB
IOOsRbs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:32:17 2025 by rpki-client