Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F049E4FC09D611EEBA18A082C4F9AE02.roa
File: F049E4FC09D611EEBA18A082C4F9AE02.roa (raw, json)
Hash identifier: sZkqRbj2tQWDoD6p3MEwh0sbg0l7xBoSvlaztAFHhBs=
Subject key identifier: BA:1D:79:F7:89:AE:B2:54:2C:20:A0:41:45:59:40:2C:61:71:20:07
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 89EA
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F049E4FC09D611EEBA18A082C4F9AE02.roa
Signing time: Thu 30 May 2024 16:00:50 +0000
ROA not before: Thu 30 May 2024 16:00:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134916
IP address blocks: 103.113.29.0/24 maxlen: 24
103.211.152.0/22 maxlen: 24
2402:e5c0::/32 maxlen: 32
2402:e5c0::/36 maxlen: 36
2402:e5c0:1000::/36 maxlen: 36
2402:e5c0:2000::/36 maxlen: 36
2402:e5c0:3000::/36 maxlen: 36
2402:e5c0:4000::/36 maxlen: 36
2402:e5c0:5000::/36 maxlen: 36
2402:e5c0:6000::/36 maxlen: 36
2402:e5c0:7000::/36 maxlen: 36
2402:e5c0:8000::/36 maxlen: 36
2402:e5c0:9000::/36 maxlen: 36
2402:e5c0:a000::/36 maxlen: 36
2402:e5c0:b000::/36 maxlen: 36
2402:e5c0:c000::/36 maxlen: 36
2402:e5c0:d000::/36 maxlen: 36
2402:e5c0:e000::/36 maxlen: 36
2402:e5c0:f000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35306 (0x89ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:00:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a2b2-2519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:90:37:6e:b8:ff:65:55:5a:fe:25:96:84:16:
40:6d:86:99:7d:c9:8c:d8:99:dc:2e:39:45:28:48:
7d:f6:b8:e2:90:4b:d3:7a:3d:9e:29:ed:79:83:c8:
79:64:72:b6:3d:1a:82:15:1a:f7:62:46:07:fa:0c:
3c:3f:84:db:6a:2e:c6:98:87:d6:a1:87:84:74:3d:
55:fc:84:df:bd:3b:2f:66:63:35:56:b1:e3:71:b0:
b0:70:86:bb:e7:ea:d9:0d:58:c6:36:f6:b2:56:60:
cf:71:a9:ee:1c:a7:08:72:95:cf:08:42:fe:fe:c6:
5f:6a:14:d7:37:a1:8d:ea:fa:1d:c9:72:2e:f7:70:
25:0c:ab:af:ed:f9:f3:0f:43:29:3f:a4:79:f1:fb:
cf:02:47:23:a1:86:0d:7b:1d:0e:b1:7d:0f:b4:c4:
04:03:12:13:39:f9:30:a1:98:d3:a4:d3:77:1e:62:
6b:f2:6e:fe:48:5d:a5:48:8c:4d:97:f8:8e:2c:4a:
ea:4f:74:4d:b4:f6:f2:25:50:9e:cd:63:c5:d4:71:
d8:ef:c4:d5:16:48:6c:25:bd:a3:0c:7a:c0:ba:51:
18:bf:81:a0:1e:73:03:ba:6a:74:04:1e:d5:11:9e:
f6:a1:80:15:ff:65:96:ee:10:b3:05:7c:da:fc:85:
3a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:1D:79:F7:89:AE:B2:54:2C:20:A0:41:45:59:40:2C:61:71:20:07
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F049E4FC09D611EEBA18A082C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.113.29.0/24
103.211.152.0/22
IPv6:
2402:e5c0::/32
Signature Algorithm: sha256WithRSAEncryption
aa:30:c2:8e:f0:01:b3:ae:bc:df:ec:ea:49:e2:59:6f:53:43:
bb:e7:3e:86:6c:68:77:38:6d:9d:cb:74:be:90:01:99:a2:4f:
76:4f:7a:45:7f:d8:18:50:c0:6f:5b:2d:0f:64:ee:02:1f:29:
9b:fe:31:06:01:d1:f1:c7:6d:3d:3c:92:2a:3e:b3:d3:98:ea:
14:91:b8:0a:d5:50:e7:25:31:80:b3:8d:ea:6d:e0:98:66:9b:
55:a7:02:48:86:63:6c:bc:5a:aa:21:72:fa:a0:91:87:21:45:
95:6e:20:06:2e:f7:d1:50:95:1e:92:91:25:04:3f:49:c7:75:
c9:d2:11:52:87:a6:42:3c:d4:08:b8:c3:7e:7e:f8:8a:96:40:
77:5d:55:00:46:ab:ae:80:f7:6c:be:65:af:e2:b1:c6:fd:c4:
47:bb:07:77:46:79:04:24:a7:d2:ec:f5:7d:fa:3c:2c:18:a1:
36:93:49:b3:49:27:81:34:b3:ae:6a:32:1b:ec:0b:dc:a8:1d:
1d:b7:b9:03:b4:a2:8a:aa:a8:ca:db:35:fc:a7:8f:9c:44:91:
3b:da:cc:bc:4d:40:20:10:c9:59:a7:a8:8d:03:a2:c1:51:db:
c6:20:0f:10:2d:47:73:ba:8d:6b:bd:4b:d4:ac:7f:9c:75:54:
0f:fc:72:68
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAInqMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MDA1MFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGEyYjItMjUxOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2QN264/2VVWv4lloQWQG2GmX3JjNiZ3C45RShIffa44pBL03o9ninteYPI
eWRytj0aghUa92JGB/oMPD+E22ouxpiH1qGHhHQ9VfyE3707L2ZjNVax43GwsHCG
u+fq2Q1Yxjb2slZgz3Gp7hynCHKVzwhC/v7GX2oU1zehjer6HclyLvdwJQyrr+35
8w9DKT+kefH7zwJHI6GGDXsdDrF9D7TEBAMSEzn5MKGY06TTdx5ia/Ju/khdpUiM
TZf4jixK6k90TbT28iVQns1jxdRx2O/E1RZIbCW9owx6wLpRGL+BoB5zA7pqdAQe
1RGe9qGAFf9llu4QswV82vyFOrkCAwEAAaOCAqowggKmMB0GA1UdDgQWBBS6HXn3
ia6yVCwgoEFFWUAsYXEgBzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0YwNDlFNEZD
MDlENjExRUVCQTE4QTA4MkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDQGCCsGAQUFBwEHAQH/
BCUwIzASBAIAATAMAwQAZ3EdAwQCZ9OYMA0EAgACMAcDBQAkAuXAMA0GCSqGSIb3
DQEBCwUAA4IBAQCqMMKO8AGzrrzf7OpJ4llvU0O75z6GbGh3OG2dy3S+kAGZok92
T3pFf9gYUMBvWy0PZO4CHymb/jEGAdHxx209PJIqPrPTmOoUkbgK1VDnJTGAs43q
beCYZptVpwJIhmNsvFqqIXL6oJGHIUWVbiAGLvfRUJUekpElBD9Jx3XJ0hFSh6ZC
PNQIuMN+fviKlkB3XVUARquugPdsvmWv4rHG/cRHuwd3RnkEJKfS7PV9+jwsGKE2
k0mzSSeBNLOuajIb7AvcqB0dt7kDtKKKqqjK2zX8p4+cRJE72sy8TUAgEMlZp6iN
A6LBUdvGIA8QLUdzuo1rvUvUrH+cdVQP/HJo
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:04:26 2025 by rpki-client