Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/E4F793820D0F11EFA952D612C4F9AE02.roa
File: E4F793820D0F11EFA952D612C4F9AE02.roa (raw, json)
Hash identifier: ybfrFZ4U3BeisghJoYcISYMZlv63fgZIslQuAPlgbM4=
Subject key identifier: 6F:CF:C1:2A:83:AC:B2:03:A6:10:07:76:72:05:67:0E:13:4F:F7:ED
Certificate issuer: /CN=A91B59E5/serialNumber=E47BF70254532697D20D0D3110F625370D65FA83
Certificate serial: FA
Authority key identifier: E4:7B:F7:02:54:53:26:97:D2:0D:0D:31:10:F6:25:37:0D:65:FA:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/E4F793820D0F11EFA952D612C4F9AE02.roa
Signing time: Tue 06 Aug 2024 05:47:53 +0000
ROA not before: Tue 06 Aug 2024 05:47:53 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 134475
IP address blocks: 103.58.41.0/24 maxlen: 24
103.237.112.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 250 (0xfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B59E5
Validity
Not Before: Aug 6 05:47:53 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=66b1b909-3768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2f:c5:4e:2f:46:b3:29:cf:92:af:0e:56:7e:
06:18:00:87:bb:cc:14:b6:e6:04:4b:fd:ec:c9:25:
40:89:1c:87:ae:62:45:ec:bb:f2:c3:c8:13:4a:5a:
77:f4:37:b2:4f:a4:18:bc:1c:30:2b:51:5e:87:bf:
07:e7:3e:b4:4c:34:1a:37:be:27:cb:b7:6d:cd:49:
5c:06:14:4d:74:8b:d6:bc:98:dd:58:5a:97:25:0d:
ce:f8:74:b3:f2:99:48:b7:f2:0b:2a:54:ad:19:ab:
00:81:21:c5:c5:14:f3:3a:d6:98:f2:a6:4b:54:06:
9c:88:5c:fd:26:99:f3:27:54:ba:e1:9b:1a:d4:18:
f1:54:28:1b:36:2a:e2:e8:cc:f6:dc:6b:76:b4:63:
c7:33:1e:87:cb:83:9a:f5:eb:1e:6c:51:39:d1:14:
87:87:3d:36:a1:98:26:b4:ee:2c:f5:39:c5:82:b9:
90:bb:2b:01:f8:51:ea:6b:ef:11:09:66:5f:45:b0:
06:5e:1c:c1:7d:16:c5:73:c7:32:a5:b2:03:79:1a:
3c:5b:88:2a:7d:3d:15:ae:59:dd:1b:66:6f:5f:31:
dd:7c:c4:c9:44:0b:45:fc:07:ff:5a:be:35:37:81:
9a:bf:a9:f9:ba:7c:79:cb:89:a9:87:57:90:65:97:
02:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:CF:C1:2A:83:AC:B2:03:A6:10:07:76:72:05:67:0E:13:4F:F7:ED
X509v3 Authority Key Identifier:
keyid:E4:7B:F7:02:54:53:26:97:D2:0D:0D:31:10:F6:25:37:0D:65:FA:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/E4F793820D0F11EFA952D612C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.58.41.0/24
103.237.112.0/24
Signature Algorithm: sha256WithRSAEncryption
af:bf:68:ea:13:5b:53:5f:f5:89:4e:56:10:65:f2:28:97:b3:
79:2b:a9:63:21:38:b2:58:62:5e:23:77:93:86:10:1e:92:84:
30:9c:70:ae:4d:c0:33:da:b5:a5:7d:9b:c3:65:cf:24:b8:bd:
b2:cd:f4:16:75:66:66:39:23:f0:88:cb:c5:10:32:10:0e:60:
ac:75:e3:70:74:c1:8e:78:1b:fb:61:07:0a:88:ff:95:78:9a:
5d:bf:7b:fc:a2:59:ef:9d:9c:57:74:89:cb:00:d5:14:fa:1c:
79:8d:71:c8:c7:24:ef:fa:0a:4b:a9:27:b3:ea:2c:64:2e:50:
8f:2a:fb:e3:7b:b3:13:28:43:35:34:89:3f:38:9b:0b:77:6f:
0c:64:e2:3c:63:e0:a3:de:c5:ab:a7:96:34:5c:15:76:13:6d:
79:b7:24:45:44:4a:de:d8:25:dc:0c:0d:28:86:20:73:19:58:
d6:da:8d:e2:b6:8a:c0:b3:51:53:7e:62:bc:bb:b3:20:3d:b1:
6d:5f:9b:09:63:3d:b3:09:cc:eb:c9:f4:90:50:59:cd:f1:08:
36:af:d7:f8:b3:fa:50:e6:ed:ea:1d:27:f1:b4:3b:9a:2a:ad:
ed:25:91:82:42:f1:be:b1:a1:ae:1e:a6:c1:fe:99:bd:c8:72:
d3:ae:8e:41
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjU5RTUxMTAvBgNVBAUTKEU0N0JGNzAyNTQ1MzI2OTdEMjBEMEQzMTEwRjYyNTM3
MEQ2NUZBODMwHhcNMjQwODA2MDU0NzUzWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmIxYjkwOS0zNzY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAri/FTi9GsynPkq8OVn4GGACHu8wUtuYES/3sySVAiRyHrmJF7Lvyw8gTSlp3
9DeyT6QYvBwwK1Feh78H5z60TDQaN74ny7dtzUlcBhRNdIvWvJjdWFqXJQ3O+HSz
8plIt/ILKlStGasAgSHFxRTzOtaY8qZLVAaciFz9JpnzJ1S64Zsa1BjxVCgbNiri
6Mz23Gt2tGPHMx6Hy4Oa9esebFE50RSHhz02oZgmtO4s9TnFgrmQuysB+FHqa+8R
CWZfRbAGXhzBfRbFc8cypbIDeRo8W4gqfT0VrlndG2ZvXzHdfMTJRAtF/Af/Wr41
N4Gav6n5unx5y4mph1eQZZcCzwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFG/PwSqD
rLIDphAHdnIFZw4TT/ftMB8GA1UdIwQYMBaAFOR79wJUUyaX0g0NMRD2JTcNZfqD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTlFNS9ERDlGMUY3QzND
MDExMUVFOTFDQkUxNTdDNEY5QUUwMi81SHYzQWxSVEpwZlNEUTB4RVBZbE53MWwt
b00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVIdjNBbFJUSnBmU0RRMHhFUFlsTncxbC1vTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjU5RTUvREQ5RjFGN0MzQzAxMTFFRTkxQ0JFMTU3QzRGOUFFMDIvRTRGNzkzODIw
RDBGMTFFRkE5NTJENjEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnOikDBABn7XAwDQYJKoZIhvcNAQELBQADggEBAK+/aOoT
W1Nf9YlOVhBl8iiXs3krqWMhOLJYYl4jd5OGEB6ShDCccK5NwDPataV9m8NlzyS4
vbLN9BZ1ZmY5I/CIy8UQMhAOYKx143B0wY54G/thBwqI/5V4ml2/e/yiWe+dnFd0
icsA1RT6HHmNccjHJO/6CkupJ7PqLGQuUI8q++N7sxMoQzU0iT84mwt3bwxk4jxj
4KPexaunljRcFXYTbXm3JEVESt7YJdwMDSiGIHMZWNbajeK2isCzUVN+Yry7syA9
sW1fmwljPbMJzOvJ9JBQWc3xCDav1/iz+lDm7eodJ/G0O5oqre0lkYJC8b6xoa4e
psH+mb3IctOujkE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:19:57 2025 by rpki-client