Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1FCC/CDBC5986730911EAA8820030C4F9AE02/9D124578730B11EA911E2833C4F9AE02.roa
File: 9D124578730B11EA911E2833C4F9AE02.roa (raw, json)
Hash identifier: JnUY7TWXeZFyZpM5+m/ffeXUmoWmOlI0v22mWR6XXSI=
Subject key identifier: 57:3C:34:4B:6E:50:FB:D5:8F:25:5C:75:E1:98:1A:C4:D3:43:78:E5
Certificate issuer: /CN=A91C1FCC/serialNumber=08D256D426CA2171FCE817C64523F832A36917BD
Certificate serial: 0735
Authority key identifier: 08:D2:56:D4:26:CA:21:71:FC:E8:17:C6:45:23:F8:32:A3:69:17:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CNJW1CbKIXH86BfGRSP4MqNpF70.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C1FCC/CDBC5986730911EAA8820030C4F9AE02/9D124578730B11EA911E2833C4F9AE02.roa
Signing time: Mon 06 Jun 2022 09:35:49 +0000
ROA not before: Mon 06 Jun 2022 09:35:49 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 58895
IP address blocks: 103.92.20.0/22 maxlen: 22
103.92.20.0/24 maxlen: 24
103.92.21.0/24 maxlen: 24
103.92.22.0/24 maxlen: 24
103.92.23.0/24 maxlen: 24
103.203.44.0/22 maxlen: 22
103.203.44.0/24 maxlen: 24
103.203.45.0/24 maxlen: 24
103.203.46.0/24 maxlen: 24
103.203.47.0/24 maxlen: 24
116.213.32.0/22 maxlen: 22
116.213.32.0/24 maxlen: 24
116.213.33.0/24 maxlen: 24
116.213.34.0/24 maxlen: 24
116.213.35.0/24 maxlen: 24
123.253.92.0/22 maxlen: 22
123.253.92.0/24 maxlen: 24
123.253.93.0/24 maxlen: 24
123.253.94.0/24 maxlen: 24
123.253.95.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1845 (0x735)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C1FCC
Validity
Not Before: Jun 6 09:35:49 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=629dca75-d182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:09:0e:35:c1:45:f6:5a:ee:8e:17:ed:12:03:
12:29:59:0c:f0:b5:df:e8:6a:28:01:96:3b:f5:2b:
65:b1:35:4a:ee:78:de:73:0b:ac:8c:8b:71:c8:62:
66:79:3a:72:b5:c0:c0:3e:f0:e5:5a:c9:d1:cd:0f:
d0:08:64:0a:c4:2d:a7:ec:cc:f7:0a:fb:50:88:59:
48:32:8d:24:ef:62:e8:bc:ec:40:1c:3a:1d:11:90:
19:83:1d:0e:79:11:ef:0e:7b:40:37:98:cb:cb:ed:
f2:b1:2f:01:96:a9:2e:c5:fa:d9:8f:91:24:e1:00:
a6:c5:20:b3:ca:a1:98:13:57:9c:3d:41:d1:51:bc:
11:e7:68:42:33:7f:cc:51:3f:0d:1b:40:dc:17:95:
7e:27:04:50:e1:34:f8:7e:2a:02:76:f4:97:d8:08:
33:d7:3d:23:9c:25:3d:c3:d9:67:9c:d0:34:5a:af:
d2:94:4b:63:b0:18:c3:68:06:8d:31:00:3e:80:93:
56:1b:bc:85:9d:c6:14:42:fd:25:91:8c:91:28:22:
94:c7:75:76:74:3e:88:a1:c3:c2:b4:17:55:ac:39:
3d:2d:3e:60:cf:18:c4:f8:99:5e:8b:5d:07:d7:bb:
5a:4d:b4:83:ef:06:43:13:8f:09:0c:3c:2e:0c:13:
4d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:3C:34:4B:6E:50:FB:D5:8F:25:5C:75:E1:98:1A:C4:D3:43:78:E5
X509v3 Authority Key Identifier:
keyid:08:D2:56:D4:26:CA:21:71:FC:E8:17:C6:45:23:F8:32:A3:69:17:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C1FCC/CDBC5986730911EAA8820030C4F9AE02/CNJW1CbKIXH86BfGRSP4MqNpF70.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CNJW1CbKIXH86BfGRSP4MqNpF70.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1FCC/CDBC5986730911EAA8820030C4F9AE02/9D124578730B11EA911E2833C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.92.20.0/22
103.203.44.0/22
116.213.32.0/22
123.253.92.0/22
Signature Algorithm: sha256WithRSAEncryption
57:6e:05:ed:4d:7e:81:ff:93:07:b3:30:13:13:80:ec:f7:7d:
d1:99:2d:2b:c3:e2:88:ef:10:cc:c9:3f:10:9c:1f:97:cc:e6:
43:8d:01:aa:0a:dc:99:df:93:7a:6e:68:4b:04:bc:4d:07:19:
21:b6:b3:77:53:3e:33:67:35:de:9f:64:a7:33:76:d9:c7:e5:
7e:28:28:80:48:89:76:7f:85:7b:2c:d6:d6:da:84:a9:0e:50:
e4:62:4f:aa:ec:93:1c:3a:ea:be:9c:d4:31:13:67:99:0d:a4:
96:a9:db:bc:dc:48:0c:f4:e3:32:93:b6:37:09:8c:29:01:5b:
80:32:1b:44:b3:23:9f:01:46:61:f8:46:09:25:fe:10:84:4b:
4d:58:0d:c3:93:ea:aa:68:12:fd:1a:47:a5:b2:9b:4b:7c:3f:
23:ed:d1:c6:0b:f0:d9:e9:5b:09:36:58:24:f8:7d:97:7b:1b:
2c:da:60:a5:b9:3b:4a:42:35:6c:3f:cf:af:63:0e:d0:57:77:
ab:d5:88:94:e2:1f:23:0f:04:55:ad:34:75:83:31:12:35:2c:
dc:e5:93:ca:cb:e0:52:4c:d1:c8:4e:ba:08:07:e6:94:94:4f:
fc:66:8d:1c:c6:42:75:6d:67:8d:8d:8a:cf:d6:d7:d8:30:87:
38:fb:2f:08
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBzUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzFGQ0MxMTAvBgNVBAUTKDA4RDI1NkQ0MjZDQTIxNzFGQ0U4MTdDNjQ1MjNGODMy
QTM2OTE3QkQwHhcNMjIwNjA2MDkzNTQ5WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjlkY2E3NS1kMTgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwwkONcFF9lrujhftEgMSKVkM8LXf6GooAZY79StlsTVK7njecwusjItxyGJm
eTpytcDAPvDlWsnRzQ/QCGQKxC2n7Mz3CvtQiFlIMo0k72LovOxAHDodEZAZgx0O
eRHvDntAN5jLy+3ysS8BlqkuxfrZj5Ek4QCmxSCzyqGYE1ecPUHRUbwR52hCM3/M
UT8NG0DcF5V+JwRQ4TT4fioCdvSX2Agz1z0jnCU9w9lnnNA0Wq/SlEtjsBjDaAaN
MQA+gJNWG7yFncYUQv0lkYyRKCKUx3V2dD6IocPCtBdVrDk9LT5gzxjE+Jlei10H
17taTbSD7wZDE48JDDwuDBNNcQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFFc8NEtu
UPvVjyVcdeGYGsTTQ3jlMB8GA1UdIwQYMBaAFAjSVtQmyiFx/OgXxkUj+DKjaRe9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMUZDQy9DREJDNTk4Njcz
MDkxMUVBQTg4MjAwMzBDNEY5QUUwMi9DTkpXMUNiS0lYSDg2QmZHUlNQNE1xTnBG
NzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NOSlcxQ2JLSVhIODZCZkdSU1A0TXFOcEY3MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzFGQ0MvQ0RCQzU5ODY3MzA5MTFFQUE4ODIwMDMwQzRGOUFFMDIvOUQxMjQ1Nzg3
MzBCMTFFQTkxMUUyODMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAJnXBQDBAJnyywDBAJ01SADBAJ7/VwwDQYJKoZIhvcNAQEL
BQADggEBAFduBe1NfoH/kwezMBMTgOz3fdGZLSvD4ojvEMzJPxCcH5fM5kONAaoK
3Jnfk3puaEsEvE0HGSG2s3dTPjNnNd6fZKczdtnH5X4oKIBIiXZ/hXss1tbahKkO
UORiT6rskxw66r6c1DETZ5kNpJap27zcSAz04zKTtjcJjCkBW4AyG0SzI58BRmH4
Rgkl/hCES01YDcOT6qpoEv0aR6Wym0t8PyPt0cYL8NnpWwk2WCT4fZd7GyzaYKW5
O0pCNWw/z69jDtBXd6vViJTiHyMPBFWtNHWDMRI1LNzlk8rL4FJM0chOuggH5pSU
T/xmjRzGQnVtZ42Nis/W19gwhzj7Lwg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:55:48 2025 by rpki-client