Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E098AA8888C811ECB5D6F11BC4F9AE02.roa
File: E098AA8888C811ECB5D6F11BC4F9AE02.roa (raw, json)
Hash identifier: 5o7pl11c5MUyOkl8zp4zP6JYvG7lGMEXLFSlvejobag=
Subject key identifier: A2:57:E4:DE:35:46:01:26:90:AE:56:6A:98:87:8C:E7:D1:7B:2C:EF
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8A0C
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E098AA8888C811ECB5D6F11BC4F9AE02.roa
Signing time: Thu 30 May 2024 16:01:24 +0000
ROA not before: Thu 30 May 2024 16:01:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135186
IP address blocks: 103.180.40.0/23 maxlen: 24
2001:df2:dc0::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35340 (0x8a0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:01:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a2d4-a8d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e0:d7:d5:f0:7b:02:bf:a8:fb:3b:7e:71:37:
49:98:cd:e4:db:21:cd:a1:57:85:3d:df:71:b5:77:
ca:bc:c7:87:98:dd:d7:b4:ee:5b:6f:04:80:73:f3:
4c:c1:09:8a:32:bc:92:f3:e7:9b:32:c9:d8:e7:7a:
43:02:26:78:98:8a:07:55:8f:3a:03:4d:da:e1:73:
bb:48:ca:94:3f:11:4c:82:50:5e:97:70:34:52:0a:
3e:d0:97:7c:30:57:93:2c:9c:bb:51:22:0a:c0:28:
0c:ed:b8:b8:c2:0f:13:21:88:bf:ea:45:8b:9b:1c:
5e:71:48:82:11:e4:f3:f7:6d:5d:b4:71:c0:c7:83:
e7:2e:36:04:bf:67:4a:fd:b6:8b:8d:20:47:0a:bc:
c9:d0:ca:16:b2:d3:d6:cd:76:98:13:26:38:70:b8:
9f:ac:8d:eb:65:88:50:2c:17:5c:91:c0:77:54:45:
cb:61:3b:76:86:3a:c3:b6:f0:95:7a:22:d0:dd:f1:
0a:a9:56:2f:a9:b8:a4:73:57:a8:0b:43:08:84:cc:
e6:14:0d:9d:f0:11:12:42:4e:78:de:e1:db:ae:07:
f6:c2:e6:18:76:74:71:51:0a:24:74:ed:cf:10:18:
6f:54:94:cc:0d:a6:ce:f1:13:3e:eb:a1:54:87:66:
87:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:57:E4:DE:35:46:01:26:90:AE:56:6A:98:87:8C:E7:D1:7B:2C:EF
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E098AA8888C811ECB5D6F11BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.180.40.0/23
IPv6:
2001:df2:dc0::/48
Signature Algorithm: sha256WithRSAEncryption
4e:b9:16:98:18:08:d5:35:a8:4b:03:59:f7:5e:84:9b:4c:b2:
41:77:e7:a2:83:17:51:34:25:3f:2c:b8:32:dd:6a:37:6f:3c:
00:f4:84:ad:4a:57:97:7a:12:cd:85:11:0d:0c:68:17:79:3e:
56:d2:e7:df:9b:57:84:ba:1c:f8:6e:c3:35:9d:db:0d:d2:d2:
b7:f0:81:2d:0d:48:eb:9f:22:71:a5:18:9a:ec:02:fd:b9:d5:
06:36:33:25:4e:20:c8:2e:e1:0c:db:0f:57:9c:2a:42:1b:0c:
af:64:95:56:bd:0e:68:cb:f3:e9:75:78:01:6e:76:c5:bd:cb:
1e:1b:68:7a:04:9c:10:f1:97:10:84:5a:53:1e:06:f6:86:00:
39:76:b4:08:18:7f:95:a0:a8:69:be:81:0d:b2:7e:db:56:b5:
94:dd:f2:31:e1:f4:64:3f:05:3a:af:c1:a7:e4:83:61:af:57:
71:64:fb:b5:ed:e2:0d:d7:ac:f8:cb:0d:47:ac:47:fc:f4:ef:
40:95:0f:66:33:5f:b9:35:3b:89:4b:a1:91:14:41:ee:7d:c5:
31:ba:f6:c8:0f:a0:c0:73:17:da:cb:90:b9:02:d5:93:97:96:
02:99:03:f1:49:92:cd:32:48:83:f3:83:dc:59:91:34:6a:be:
db:74:09:71
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIDAIoMMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MDEyNFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGEyZDQtYThkMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3g19XwewK/qPs7fnE3SZjN5NshzaFXhT3fcbV3yrzHh5jd17TuW28EgHPz
TMEJijK8kvPnmzLJ2Od6QwImeJiKB1WPOgNN2uFzu0jKlD8RTIJQXpdwNFIKPtCX
fDBXkyycu1EiCsAoDO24uMIPEyGIv+pFi5scXnFIghHk8/dtXbRxwMeD5y42BL9n
Sv22i40gRwq8ydDKFrLT1s12mBMmOHC4n6yN62WIUCwXXJHAd1RFy2E7doY6w7bw
lXoi0N3xCqlWL6m4pHNXqAtDCITM5hQNnfAREkJOeN7h264H9sLmGHZ0cVEKJHTt
zxAYb1SUzA2mzvETPuuhVIdmhykCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBSiV+Te
NUYBJpCuVmqYh4zn0Xss7zAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0UwOThBQTg4
ODhDODExRUNCNUQ2RjExQkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDAGCCsGAQUFBwEHAQH/
BCEwHzAMBAIAATAGAwQBZ7QoMA8EAgACMAkDBwAgAQ3yDcAwDQYJKoZIhvcNAQEL
BQADggEBAE65FpgYCNU1qEsDWfdehJtMskF356KDF1E0JT8suDLdajdvPAD0hK1K
V5d6Es2FEQ0MaBd5PlbS59+bV4S6HPhuwzWd2w3S0rfwgS0NSOufInGlGJrsAv25
1QY2MyVOIMgu4QzbD1ecKkIbDK9klVa9DmjL8+l1eAFudsW9yx4baHoEnBDxlxCE
WlMeBvaGADl2tAgYf5WgqGm+gQ2yfttWtZTd8jHh9GQ/BTqvwafkg2GvV3Fk+7Xt
4g3XrPjLDUesR/z070CVD2YzX7k1O4lLoZEUQe59xTG69sgPoMBzF9rLkLkC1ZOX
lgKZA/FJks0ySIPzg9xZkTRqvtt0CXE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:27:38 2025 by rpki-client