Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D246A/69C2D350057111EC94A2EC2CC4F9AE02/149FB86C057511EC988EF77BC4F9AE02.roa
File: 149FB86C057511EC988EF77BC4F9AE02.roa (raw, json)
Hash identifier: 2y6EdbJFgqetmPjYthHDa3TVZxTu2LqUqDuOsltywXk=
Subject key identifier: 06:58:81:2C:D5:52:06:78:1D:34:3F:F0:C6:D5:3E:E9:08:01:85:23
Certificate issuer: /CN=A91D246A/serialNumber=1C2E99FE61A4FB6FA286735F8E06919836A40FF8
Certificate serial: 0483
Authority key identifier: 1C:2E:99:FE:61:A4:FB:6F:A2:86:73:5F:8E:06:91:98:36:A4:0F:F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HC6Z_mGk-2-ihnNfjgaRmDakD_g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D246A/69C2D350057111EC94A2EC2CC4F9AE02/149FB86C057511EC988EF77BC4F9AE02.roa
Signing time: Wed 31 Jul 2024 01:03:04 +0000
ROA not before: Wed 31 Jul 2024 01:03:04 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 139265
IP address blocks: 103.140.150.0/23 maxlen: 23
103.140.150.0/24 maxlen: 24
103.140.151.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1155 (0x483)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D246A
Validity
Not Before: Jul 31 01:03:04 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66a98d47-95ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ad:39:79:39:28:18:82:16:c6:69:b9:04:0d:
62:a5:71:0e:c0:81:f1:2f:ce:c2:cc:33:c4:e9:21:
4d:be:b4:cf:e7:42:2b:73:d5:80:48:6e:57:c9:bb:
40:39:90:10:50:ff:c0:3a:85:0c:f7:83:b8:36:a2:
9b:cb:3b:c1:48:71:5c:04:86:b3:31:e8:78:6f:a3:
71:26:aa:b2:71:bf:7e:05:34:4d:b5:de:0b:81:e1:
81:35:22:9e:b9:6e:03:bc:86:7b:bc:9a:b3:75:9d:
9f:4b:6e:eb:49:57:91:f3:da:a9:66:b6:b2:bb:9b:
16:c0:3e:05:24:85:3f:33:da:8e:73:7c:61:81:d7:
3a:8f:4b:a8:40:45:f6:f2:f1:c0:9e:a9:b6:94:aa:
6b:5a:30:76:d6:51:72:46:96:b7:5d:9a:24:61:07:
a4:df:c9:f6:ea:6f:e1:f8:fc:a2:ca:93:9f:92:7a:
86:8c:c3:f1:92:bb:53:3c:d1:93:ef:28:14:86:57:
38:c0:f3:b6:02:33:b7:a5:95:fe:d3:8a:33:9c:d5:
29:63:3d:84:85:8f:99:b7:0d:fa:1c:c3:db:c3:32:
de:86:0a:f7:70:4f:ca:7c:aa:bb:ed:41:78:ff:f0:
74:cd:39:3c:ec:dd:59:40:4f:45:6d:16:9b:64:1e:
26:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:58:81:2C:D5:52:06:78:1D:34:3F:F0:C6:D5:3E:E9:08:01:85:23
X509v3 Authority Key Identifier:
keyid:1C:2E:99:FE:61:A4:FB:6F:A2:86:73:5F:8E:06:91:98:36:A4:0F:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D246A/69C2D350057111EC94A2EC2CC4F9AE02/HC6Z_mGk-2-ihnNfjgaRmDakD_g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HC6Z_mGk-2-ihnNfjgaRmDakD_g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D246A/69C2D350057111EC94A2EC2CC4F9AE02/149FB86C057511EC988EF77BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.140.150.0/23
Signature Algorithm: sha256WithRSAEncryption
54:39:a6:7f:41:8d:65:22:e7:df:89:80:a3:06:30:69:39:8b:
5b:83:f1:29:cf:21:9a:a0:95:28:88:b8:57:13:86:5a:6c:69:
3e:de:ac:b7:49:84:16:11:64:52:26:e9:f8:06:ba:23:1b:f1:
ba:d3:1a:a1:9e:05:c6:3d:15:00:33:7b:8f:67:18:fa:98:3e:
3e:4f:5c:47:61:c3:95:db:6e:fd:20:4f:87:23:fa:e2:94:09:
8d:09:70:f3:81:10:48:e3:69:53:9c:49:f4:65:4a:3f:e7:f1:
aa:6c:8a:76:34:06:da:61:fb:f5:7d:83:8c:c6:67:39:9b:cc:
7e:84:d9:89:35:35:57:97:8a:46:c1:07:d3:a6:03:b9:e7:24:
43:d1:4f:ed:e6:ae:72:33:93:98:ec:73:17:b2:96:a9:83:d3:
a9:cf:9f:0a:d7:54:43:b5:81:19:58:51:7b:7f:bb:ca:0e:01:
33:4b:74:04:7a:64:6e:96:69:b6:2f:7f:02:23:2a:90:c1:42:
b7:94:ba:e6:02:fa:04:af:39:aa:07:73:cf:4f:88:99:f6:a0:
c4:a3:d3:3a:a2:01:65:33:fe:45:72:0d:2c:e3:65:7d:e5:a6:
ce:62:11:03:a9:47:90:b7:23:bf:db:62:f8:2e:21:46:d8:8a:
c2:7f:32:ad
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBIMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDI0NkExMTAvBgNVBAUTKDFDMkU5OUZFNjFBNEZCNkZBMjg2NzM1RjhFMDY5MTk4
MzZBNDBGRjgwHhcNMjQwNzMxMDEwMzA0WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmE5OGQ0Ny05NWFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmq05eTkoGIIWxmm5BA1ipXEOwIHxL87CzDPE6SFNvrTP50Irc9WASG5XybtA
OZAQUP/AOoUM94O4NqKbyzvBSHFcBIazMeh4b6NxJqqycb9+BTRNtd4LgeGBNSKe
uW4DvIZ7vJqzdZ2fS27rSVeR89qpZrayu5sWwD4FJIU/M9qOc3xhgdc6j0uoQEX2
8vHAnqm2lKprWjB21lFyRpa3XZokYQek38n26m/h+PyiypOfknqGjMPxkrtTPNGT
7ygUhlc4wPO2AjO3pZX+04oznNUpYz2EhY+Ztw36HMPbwzLehgr3cE/KfKq77UF4
//B0zTk87N1ZQE9FbRabZB4meQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAZYgSzV
UgZ4HTQ/8MbVPukIAYUjMB8GA1UdIwQYMBaAFBwumf5hpPtvooZzX44GkZg2pA/4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjQ2QS82OUMyRDM1MDA1
NzExMUVDOTRBMkVDMkNDNEY5QUUwMi9IQzZaX21Hay0yLWlobk5mamdhUm1EYWtE
X2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hDNlpfbUdrLTItaWhuTmZqZ2FSbURha0RfZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDI0NkEvNjlDMkQzNTAwNTcxMTFFQzk0QTJFQzJDQzRGOUFFMDIvMTQ5RkI4NkMw
NTc1MTFFQzk4OEVGNzdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnjJYwDQYJKoZIhvcNAQELBQADggEBAFQ5pn9BjWUi59+J
gKMGMGk5i1uD8SnPIZqglSiIuFcThlpsaT7erLdJhBYRZFIm6fgGuiMb8brTGqGe
BcY9FQAze49nGPqYPj5PXEdhw5Xbbv0gT4cj+uKUCY0JcPOBEEjjaVOcSfRlSj/n
8apsinY0Btph+/V9g4zGZzmbzH6E2Yk1NVeXikbBB9OmA7nnJEPRT+3mrnIzk5js
cxeylqmD06nPnwrXVEO1gRlYUXt/u8oOATNLdAR6ZG6WabYvfwIjKpDBQreUuuYC
+gSvOaoHc89PiJn2oMSj0zqiAWUz/kVyDSzjZX3lps5iEQOpR5C3I7/bYvguIUbY
isJ/Mq0=
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:29:58 2025 by rpki-client