Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F30A1F5CB0D311EC9B122057C4F9AE02.roa
File: F30A1F5CB0D311EC9B122057C4F9AE02.roa (raw, json)
Hash identifier: rgPDjHCusKps9anGL/S2GacJu8/6WfkoarazorLryiM=
Subject key identifier: 44:66:E9:A7:30:30:BD:77:ED:93:EC:FD:93:51:8A:8A:41:B2:D9:0F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 549D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F30A1F5CB0D311EC9B122057C4F9AE02.roa
Signing time: Mon 16 May 2022 04:30:45 +0000
ROA not before: Mon 16 May 2022 04:30:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 149543
IP address blocks: 103.181.52.0/24 maxlen: 24
103.181.53.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21661 (0x549d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 16 04:30:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281d375-2d4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:48:e7:7b:4f:45:47:24:29:54:33:de:f1:f3:
ad:1f:6b:fd:56:9d:dd:ab:56:9e:66:93:55:20:72:
dd:a7:cb:67:99:d8:e4:e1:7c:f9:38:90:e1:c3:47:
22:3b:43:b3:7e:05:83:1b:db:fb:b9:a2:16:79:38:
53:1c:7f:1e:6d:7d:2e:ef:d9:6b:9b:51:a3:8a:74:
1c:90:8c:db:91:d0:ec:14:9b:bc:a5:4d:58:e6:80:
21:c5:a2:83:c1:4b:93:08:67:a4:d3:bc:ec:25:e3:
d2:50:f1:fe:ca:a4:52:cf:fa:bb:ef:48:9f:66:20:
52:5d:ba:ee:2b:52:b5:b3:63:ce:5c:4e:23:cf:9a:
79:bc:0b:01:aa:db:81:b9:83:71:b1:7c:bf:88:b5:
fc:e0:d4:c5:4e:55:48:0c:10:97:f0:26:e7:6f:1b:
ae:5e:06:de:17:bb:b6:aa:b4:e6:81:c6:c7:1a:55:
bd:c8:ff:0d:79:77:35:99:c8:d9:8a:21:d0:51:70:
80:94:83:95:6c:a0:97:23:d2:15:cd:b3:82:ba:1c:
da:64:41:d6:9e:1f:64:94:8a:d0:68:99:8d:b4:4a:
07:12:17:ea:7a:8d:6c:78:b7:59:65:eb:7a:10:ec:
5d:f2:61:37:bf:85:96:be:5c:e2:f2:5b:13:1b:96:
56:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:66:E9:A7:30:30:BD:77:ED:93:EC:FD:93:51:8A:8A:41:B2:D9:0F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F30A1F5CB0D311EC9B122057C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.181.52.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:37:15:90:1b:87:66:e3:29:58:53:ca:a3:4f:f0:ac:62:30:
4f:80:94:57:4a:11:3d:b2:12:60:15:cd:03:f6:dd:1f:b8:bc:
ec:2d:67:a4:e7:36:ce:16:de:48:13:59:cc:3a:6a:d4:31:df:
f2:8d:fc:1c:a5:bc:3d:d2:a0:02:ea:c5:fe:0a:10:60:bd:72:
56:94:bf:89:0d:41:58:f7:c4:e2:3b:4d:52:74:23:f6:b8:31:
9b:28:cb:aa:90:13:ea:aa:16:6d:ac:e7:01:43:c1:87:14:78:
7f:87:17:de:7e:e1:c1:56:4f:5e:a9:3b:de:fe:e4:f8:04:d4:
bd:3e:8d:f1:4f:7f:ea:a1:88:b6:f0:1a:86:91:5a:80:63:52:
68:fa:34:dd:40:01:15:8c:d8:0f:d1:af:43:f8:76:1b:e3:b2:
02:23:cd:47:b8:2d:18:1d:52:f2:59:5a:4a:ab:88:d6:d6:27:
b5:89:16:d1:70:64:9a:82:d4:16:f3:6f:8e:f8:17:4b:10:93:
07:b2:6d:32:f0:1e:ec:38:9d:d3:b8:54:ca:48:f9:df:b6:32:
e4:c5:6f:44:f2:46:f6:0e:99:a5:e5:d6:c5:21:68:39:b3:70:
14:4c:7f:92:a6:27:00:f6:67:4c:ad:34:e8:e6:c9:e6:74:ea:
18:49:2f:77
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICVJ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQzMDQ1WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxZDM3NS0yZDRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA30jne09FRyQpVDPe8fOtH2v9Vp3dq1aeZpNVIHLdp8tnmdjk4Xz5OJDhw0ci
O0OzfgWDG9v7uaIWeThTHH8ebX0u79lrm1GjinQckIzbkdDsFJu8pU1Y5oAhxaKD
wUuTCGek07zsJePSUPH+yqRSz/q770ifZiBSXbruK1K1s2POXE4jz5p5vAsBqtuB
uYNxsXy/iLX84NTFTlVIDBCX8CbnbxuuXgbeF7u2qrTmgcbHGlW9yP8NeXc1mcjZ
iiHQUXCAlIOVbKCXI9IVzbOCuhzaZEHWnh9klIrQaJmNtEoHEhfqeo1seLdZZet6
EOxd8mE3v4WWvlzi8lsTG5ZW/QIDAQABo4IClTCCApEwHQYDVR0OBBYEFERm6acw
ML137ZPs/ZNRiopBstkPMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRjMwQTFGNUNC
MEQzMTFFQzlCMTIyMDU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFntTQwDQYJKoZIhvcNAQELBQADggEBADo3FZAbh2bjKVhT
yqNP8KxiME+AlFdKET2yEmAVzQP23R+4vOwtZ6TnNs4W3kgTWcw6atQx3/KN/Byl
vD3SoALqxf4KEGC9claUv4kNQVj3xOI7TVJ0I/a4MZsoy6qQE+qqFm2s5wFDwYcU
eH+HF95+4cFWT16pO97+5PgE1L0+jfFPf+qhiLbwGoaRWoBjUmj6NN1AARWM2A/R
r0P4dhvjsgIjzUe4LRgdUvJZWkqriNbWJ7WJFtFwZJqC1Bbzb474F0sQkweybTLw
Huw4ndO4VMpI+d+2MuTFb0TyRvYOmaXl1sUhaDmzcBRMf5KmJwD2Z0ytNOjmyeZ0
6hhJL3c=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:30:03 2025 by rpki-client