Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/3300A8B0FBB911EE8D1F0F3AC4F9AE02.roa
File: 3300A8B0FBB911EE8D1F0F3AC4F9AE02.roa (raw, json)
Hash identifier: Z2E4QQns79q0RcDU++1mn6MfDqa9ifAJWjrRzEj1NnM=
Subject key identifier: 16:E1:30:08:AB:08:7F:19:42:BD:EF:58:62:01:ED:A7:D0:72:55:3D
Certificate issuer: /CN=A91B59E5/serialNumber=E47BF70254532697D20D0D3110F625370D65FA83
Certificate serial: F4
Authority key identifier: E4:7B:F7:02:54:53:26:97:D2:0D:0D:31:10:F6:25:37:0D:65:FA:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/3300A8B0FBB911EE8D1F0F3AC4F9AE02.roa
Signing time: Fri 02 Aug 2024 05:01:41 +0000
ROA not before: Fri 02 Aug 2024 05:01:41 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 133320
IP address blocks: 45.118.9.0/24 maxlen: 24
103.58.41.0/24 maxlen: 24
103.237.113.0/24 maxlen: 24
2001:df6:a900::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 244 (0xf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B59E5
Validity
Not Before: Aug 2 05:01:41 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=66ac6835-5af8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ff:8b:74:ef:62:c9:4c:a0:73:34:27:b8:0d:
7f:50:c1:a3:16:d0:f0:5d:21:2e:f5:eb:31:ed:30:
11:db:02:a6:d8:80:af:ac:0e:75:5e:55:0b:f8:89:
58:3c:0e:e2:57:bd:4d:3a:67:ed:a0:ac:cb:d0:0d:
a5:d7:c3:72:36:06:30:52:3b:ce:c0:b6:9b:d2:9e:
87:26:99:08:59:ea:70:58:a1:89:85:d7:62:12:5c:
4b:52:ff:bc:b0:73:bc:49:cc:10:cc:10:34:dd:4b:
08:d5:d8:ba:99:da:43:41:de:35:f0:f9:ea:e2:06:
39:2a:31:72:7c:8d:cf:f1:cd:e1:b1:ea:c6:f8:80:
a6:94:e3:55:3a:e0:0d:07:e9:65:04:8f:41:3f:a3:
80:94:72:58:d3:c0:e9:62:f4:5a:7f:ff:bc:44:f0:
c4:a3:b3:a3:f4:10:8e:1e:9a:67:7b:70:89:4a:3e:
8c:18:7a:c3:86:84:26:f8:80:89:f7:81:f7:d7:fc:
fa:24:57:d9:02:c3:bf:15:3c:98:aa:0d:e8:a3:03:
6b:16:88:fa:c3:91:32:fc:59:c3:01:6d:7d:e5:e2:
c6:14:a6:fa:90:43:b4:c8:71:fa:73:c6:9b:a5:44:
a4:f7:77:e7:7e:de:cc:5e:c0:91:ab:ec:44:49:fd:
a0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:E1:30:08:AB:08:7F:19:42:BD:EF:58:62:01:ED:A7:D0:72:55:3D
X509v3 Authority Key Identifier:
keyid:E4:7B:F7:02:54:53:26:97:D2:0D:0D:31:10:F6:25:37:0D:65:FA:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/3300A8B0FBB911EE8D1F0F3AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.118.9.0/24
103.58.41.0/24
103.237.113.0/24
IPv6:
2001:df6:a900::/48
Signature Algorithm: sha256WithRSAEncryption
5b:04:69:c7:09:08:1c:f0:c8:ae:44:0c:a4:9c:0b:4a:b8:3d:
ae:d9:83:49:c4:fc:ae:29:1a:c3:25:11:04:35:8a:6b:94:9a:
f4:24:71:fa:bb:11:97:8b:df:d6:a5:26:b4:53:ba:04:26:62:
18:bc:b5:fd:1a:16:35:1f:da:cd:d2:3e:94:c8:76:02:13:12:
6b:73:5b:c2:53:b0:00:15:d2:da:cf:35:d2:c5:2a:8c:43:40:
6e:87:5f:0d:21:0d:02:ee:8e:c4:62:25:97:f8:bd:61:02:d6:
06:3e:64:68:5c:fb:c8:a1:35:e5:58:db:88:35:18:54:7a:2a:
98:a3:58:de:6f:9a:5d:00:2c:db:6a:1d:19:bb:0f:47:16:73:
1b:38:3e:34:b7:f2:a8:ca:b5:e9:c6:7f:5f:2b:6b:0f:f7:d8:
fd:37:79:7a:4b:97:84:33:20:66:38:f3:d5:2c:19:16:f2:39:
7e:4d:57:15:7a:d6:44:b5:17:d9:c2:9d:1b:e1:50:8e:f2:e8:
0a:d0:c3:fb:40:9b:da:77:c5:3f:36:52:89:10:3d:37:11:ec:
55:95:b3:8c:4e:b1:86:e4:f0:b1:39:2b:97:fc:da:81:1c:75:
54:75:ac:93:ae:fd:01:c8:6b:e1:11:1c:70:dd:32:b6:a8:ae:
7c:83:3c:22
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgICAPQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjU5RTUxMTAvBgNVBAUTKEU0N0JGNzAyNTQ1MzI2OTdEMjBEMEQzMTEwRjYyNTM3
MEQ2NUZBODMwHhcNMjQwODAyMDUwMTQxWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFjNjgzNS01YWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxv+LdO9iyUygczQnuA1/UMGjFtDwXSEu9esx7TAR2wKm2ICvrA51XlUL+IlY
PA7iV71NOmftoKzL0A2l18NyNgYwUjvOwLab0p6HJpkIWepwWKGJhddiElxLUv+8
sHO8ScwQzBA03UsI1di6mdpDQd418Pnq4gY5KjFyfI3P8c3hserG+ICmlONVOuAN
B+llBI9BP6OAlHJY08DpYvRaf/+8RPDEo7Oj9BCOHppne3CJSj6MGHrDhoQm+ICJ
94H31/z6JFfZAsO/FTyYqg3oowNrFoj6w5Ey/FnDAW195eLGFKb6kEO0yHH6c8ab
pUSk93fnft7MXsCRq+xESf2gMwIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFBbhMAir
CH8ZQr3vWGIB7afQclU9MB8GA1UdIwQYMBaAFOR79wJUUyaX0g0NMRD2JTcNZfqD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTlFNS9ERDlGMUY3QzND
MDExMUVFOTFDQkUxNTdDNEY5QUUwMi81SHYzQWxSVEpwZlNEUTB4RVBZbE53MWwt
b00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVIdjNBbFJUSnBmU0RRMHhFUFlsTncxbC1vTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjU5RTUvREQ5RjFGN0MzQzAxMTFFRTkxQ0JFMTU3QzRGOUFFMDIvMzMwMEE4QjBG
QkI5MTFFRThEMUYwRjNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E
LTArMBgEAgABMBIDBAAtdgkDBABnOikDBABn7XEwDwQCAAIwCQMHACABDfapADAN
BgkqhkiG9w0BAQsFAAOCAQEAWwRpxwkIHPDIrkQMpJwLSrg9rtmDScT8rikawyUR
BDWKa5Sa9CRx+rsRl4vf1qUmtFO6BCZiGLy1/RoWNR/azdI+lMh2AhMSa3NbwlOw
ABXS2s810sUqjENAbodfDSENAu6OxGIll/i9YQLWBj5kaFz7yKE15VjbiDUYVHoq
mKNY3m+aXQAs22odGbsPRxZzGzg+NLfyqMq16cZ/XytrD/fY/Td5ekuXhDMgZjjz
1SwZFvI5fk1XFXrWRLUX2cKdG+FQjvLoCtDD+0Cb2nfFPzZSiRA9NxHsVZWzjE6x
huTwsTkrl/zagRx1VHWsk679Achr4REccN0ytqiufIM8Ig==
-----END CERTIFICATE-----
Generated at Thu Apr 10 05:05:20 2025 by rpki-client