Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F472CA0EFE8D11EB815E6260C4F9AE02.roa
File: F472CA0EFE8D11EB815E6260C4F9AE02.roa (raw, json)
Hash identifier: 3avrf1ic4CcQwUSEJDZX0KEyx4ABN31f3oPNyAWFqO8=
Subject key identifier: 57:86:65:9F:2F:B4:3C:18:8A:32:92:53:B5:37:BB:FC:7F:E3:8F:5D
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6BDA
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F472CA0EFE8D11EB815E6260C4F9AE02.roa
Signing time: Wed 10 May 2023 16:21:42 +0000
ROA not before: Wed 10 May 2023 16:21:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135717
IP address blocks: 103.69.184.0/22 maxlen: 24
2407:be40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27610 (0x6bda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 10 16:21:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc495-3439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a4:7d:7c:ac:67:d1:0f:29:c7:d6:0e:11:85:
95:b5:5c:56:e5:c4:dc:48:94:de:39:17:81:55:8c:
6b:3f:a4:82:bf:17:94:61:d2:6b:13:19:d2:8c:c0:
d0:9a:df:77:a1:b2:a2:c5:ea:2d:85:9c:3a:e0:ae:
34:8e:c7:f5:1b:e9:65:20:fd:38:ae:88:93:2c:a7:
98:d0:97:d9:d4:b5:9c:b8:a3:ab:d2:13:2f:f5:81:
2a:99:16:1c:27:f6:30:e0:86:8d:64:b0:99:34:12:
3f:1a:6d:a1:8d:77:df:ee:66:57:bf:3f:1c:07:2a:
d0:ac:f3:18:f7:95:b0:3d:66:9a:63:18:78:69:dd:
9b:af:1b:c9:06:3f:9f:a0:f5:6b:be:55:2e:25:36:
52:bd:d8:bc:2c:32:48:b6:90:4e:cc:f3:69:0f:de:
03:69:57:66:01:0a:1b:4d:3a:73:a4:0c:26:77:8b:
a5:9e:5d:b7:30:c3:92:56:96:03:ad:60:f2:fc:39:
50:a6:17:41:eb:fc:6a:b8:f2:63:15:28:93:80:48:
56:93:0b:c8:21:31:e6:01:4a:2e:f7:4f:24:96:85:
41:08:07:37:fb:e5:4c:33:f4:e3:ad:f7:a9:cb:ed:
20:6f:96:8b:08:76:8e:de:95:50:45:db:88:24:a4:
c1:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:86:65:9F:2F:B4:3C:18:8A:32:92:53:B5:37:BB:FC:7F:E3:8F:5D
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F472CA0EFE8D11EB815E6260C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.69.184.0/22
IPv6:
2407:be40::/32
Signature Algorithm: sha256WithRSAEncryption
95:09:3a:dd:63:b9:44:cb:49:a2:94:47:a3:f4:e1:57:66:3c:
24:d2:75:57:1e:06:b8:71:15:fd:a0:59:53:86:e1:be:1b:d5:
7f:61:cf:73:32:81:a0:c6:7e:f3:e8:af:93:22:fc:27:2d:4a:
76:6d:a0:42:da:11:19:b6:fc:49:9f:99:2f:e5:1b:60:df:78:
74:4a:44:70:0e:60:6d:20:74:0d:af:e3:a9:5f:11:64:73:6b:
2f:7b:ef:ff:e6:b8:06:e7:88:ef:34:8a:4a:cb:51:46:6e:94:
fa:c3:84:09:5c:c6:96:64:30:67:30:24:ed:4d:70:3b:6d:5c:
d9:c2:3b:4e:cf:ea:d9:b1:bd:b2:d8:9f:d9:20:e6:34:b0:3b:
b0:dd:97:d3:29:12:aa:37:72:c3:cb:d4:cb:2a:eb:d6:15:46:
58:8a:80:85:38:50:75:05:b6:86:75:b4:ff:61:29:ca:5d:e6:
a3:1a:db:87:58:44:c2:35:fd:6a:03:9e:08:5b:df:6a:98:3b:
52:28:fc:1a:fe:21:8a:67:1c:fb:0b:e8:44:78:be:42:cb:63:
e5:7c:12:12:cc:57:a1:52:50:62:c0:23:f9:83:d7:4f:01:6d:
a0:a9:64:5a:b7:75:1c:14:6a:ce:69:cb:56:1b:88:db:6f:4b:
13:27:b2:bf
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICa9owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYyMTQyWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzQ5NS0zNDM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0aR9fKxn0Q8px9YOEYWVtVxW5cTcSJTeOReBVYxrP6SCvxeUYdJrExnSjMDQ
mt93obKixeothZw64K40jsf1G+llIP04roiTLKeY0JfZ1LWcuKOr0hMv9YEqmRYc
J/Yw4IaNZLCZNBI/Gm2hjXff7mZXvz8cByrQrPMY95WwPWaaYxh4ad2brxvJBj+f
oPVrvlUuJTZSvdi8LDJItpBOzPNpD94DaVdmAQobTTpzpAwmd4ulnl23MMOSVpYD
rWDy/DlQphdB6/xquPJjFSiTgEhWkwvIITHmAUou908kloVBCAc3++VMM/Tjrfep
y+0gb5aLCHaO3pVQRduIJKTBpQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFFeGZZ8v
tDwYijKSU7U3u/x/449dMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRjQ3MkNBMEVG
RThEMTFFQjgxNUU2MjYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnRbgwDQQCAAIwBwMFACQHvkAwDQYJKoZIhvcNAQELBQAD
ggEBAJUJOt1juUTLSaKUR6P04VdmPCTSdVceBrhxFf2gWVOG4b4b1X9hz3MygaDG
fvPor5Mi/CctSnZtoELaERm2/EmfmS/lG2DfeHRKRHAOYG0gdA2v46lfEWRzay97
7//muAbniO80ikrLUUZulPrDhAlcxpZkMGcwJO1NcDttXNnCO07P6tmxvbLYn9kg
5jSwO7Ddl9MpEqo3csPL1Msq69YVRliKgIU4UHUFtoZ1tP9hKcpd5qMa24dYRMI1
/WoDnghb32qYO1Io/Br+IYpnHPsL6ER4vkLLY+V8EhLMV6FSUGLAI/mD108BbaCp
ZFq3dRwUas5py1YbiNtvSxMnsr8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:04:32 2025 by rpki-client