Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/490594ACEB6111EFA593CF1FC4F9AE02.roa
File: 490594ACEB6111EFA593CF1FC4F9AE02.roa (raw, json)
Hash identifier: kJBqHvZu4Nf9j9gIecA1L93yWq4gShpwOOL9KaQzrX4=
Subject key identifier: E2:5D:71:36:71:CE:33:86:23:95:F1:6F:32:52:0E:56:2C:BC:00:16
Certificate issuer: /CN=A91DD4A6/serialNumber=17004AA33105B0A0E6D3EB4E47C513063D92CEC2
Certificate serial: 03D9
Authority key identifier: 17:00:4A:A3:31:05:B0:A0:E6:D3:EB:4E:47:C5:13:06:3D:92:CE:C2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FwBKozEFsKDm0-tOR8UTBj2SzsI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/490594ACEB6111EFA593CF1FC4F9AE02.roa
Signing time: Sat 15 Feb 2025 05:54:14 +0000
ROA not before: Sat 15 Feb 2025 05:54:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56209
IP address blocks: 103.17.80.0/22 maxlen: 22
103.17.80.0/24 maxlen: 24
103.17.81.0/24 maxlen: 24
103.17.82.0/24 maxlen: 24
103.17.83.0/24 maxlen: 24
150.129.172.0/23 maxlen: 23
150.129.172.0/24 maxlen: 24
150.129.173.0/24 maxlen: 24
202.47.112.0/21 maxlen: 21
202.47.112.0/24 maxlen: 24
202.47.113.0/24 maxlen: 24
202.47.114.0/24 maxlen: 24
202.47.115.0/24 maxlen: 24
202.47.116.0/24 maxlen: 24
202.47.117.0/24 maxlen: 24
202.47.118.0/24 maxlen: 24
202.47.119.0/24 maxlen: 24
202.71.0.0/23 maxlen: 23
202.71.0.0/24 maxlen: 24
202.71.1.0/24 maxlen: 24
202.71.2.0/23 maxlen: 23
202.71.2.0/24 maxlen: 24
202.71.3.0/24 maxlen: 24
202.71.24.0/24 maxlen: 24
202.71.25.0/24 maxlen: 24
202.71.26.0/24 maxlen: 24
202.71.27.0/24 maxlen: 24
202.71.28.0/24 maxlen: 24
202.71.29.0/24 maxlen: 24
202.71.30.0/23 maxlen: 23
202.71.30.0/24 maxlen: 24
202.71.31.0/24 maxlen: 24
2406:2100::/32 maxlen: 32
2406:2100::/48 maxlen: 48
2406:2100:1::/48 maxlen: 48
2406:2100:2::/48 maxlen: 48
2406:2100:3::/48 maxlen: 48
2406:2100:4::/48 maxlen: 48
2406:2100:5::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 985 (0x3d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DD4A6, serialNumber=17004AA33105B0A0E6D3EB4E47C513063D92CEC2
Validity
Not Before: Feb 15 05:54:14 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67b02c06-3745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f5:e3:39:a1:69:c8:7f:89:f6:3d:20:3d:c3:
5b:0e:2f:34:0a:58:cc:03:a9:1f:7d:97:95:cd:09:
d2:5b:07:95:33:bc:d9:34:cc:a7:66:3f:b1:a2:ae:
f3:5f:64:ed:85:3d:8b:a8:6c:6d:e3:38:ca:f2:1d:
c3:5c:43:9c:2f:0c:b6:4e:6c:21:97:7b:4c:4f:04:
70:1c:b4:90:a6:e7:39:76:b3:3b:ac:0f:5f:d8:4f:
27:61:a6:c5:3d:81:f2:c9:fc:bc:39:14:a2:15:c1:
a3:3d:ab:5f:e2:91:b5:14:26:b2:53:97:43:05:2f:
34:f2:95:78:81:6c:3e:0c:da:90:f4:d6:e6:ee:ae:
b5:2b:96:bb:58:8d:1f:8a:cf:93:75:75:77:29:92:
0b:3e:f5:7f:5f:96:76:f6:54:5b:e6:62:d5:1c:89:
f4:8c:b6:7c:4f:8a:7e:1d:56:25:6e:b1:68:e5:89:
43:19:9f:54:15:5f:0e:e5:b0:98:bf:17:47:41:fb:
55:f7:c5:71:54:0a:bc:7b:c2:4b:c7:11:7f:cc:8d:
1e:27:44:e6:fa:e6:bf:0c:b7:9d:dd:a0:9c:3c:81:
98:79:53:5c:cc:3f:85:d4:de:14:92:0f:06:f3:7a:
47:91:a1:ce:dc:58:40:7f:b8:82:76:cb:3b:39:6c:
0a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:5D:71:36:71:CE:33:86:23:95:F1:6F:32:52:0E:56:2C:BC:00:16
X509v3 Authority Key Identifier:
keyid:17:00:4A:A3:31:05:B0:A0:E6:D3:EB:4E:47:C5:13:06:3D:92:CE:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/FwBKozEFsKDm0-tOR8UTBj2SzsI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FwBKozEFsKDm0-tOR8UTBj2SzsI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/490594ACEB6111EFA593CF1FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.17.80.0/22
150.129.172.0/23
202.47.112.0/21
202.71.0.0/22
202.71.24.0/21
IPv6:
2406:2100::/32
Signature Algorithm: sha256WithRSAEncryption
b6:8f:19:6c:e1:be:c4:8d:87:6f:84:d9:c2:a4:6a:06:40:12:
3a:9a:67:c9:fc:70:91:15:ed:91:e7:11:5a:63:5d:4c:0d:7e:
11:5a:57:2f:eb:b5:44:30:ee:25:27:e8:b0:d2:0f:14:4d:82:
db:e3:a3:6c:94:97:7c:50:83:1f:22:e4:ea:16:ed:da:82:fe:
bc:7e:df:05:41:16:3a:d0:41:97:65:cc:9c:6b:cd:44:1b:84:
9d:7a:c7:bf:de:92:79:98:40:87:21:95:3f:7e:8c:04:a3:9e:
4a:29:d4:2a:84:c1:8e:28:55:61:35:ab:97:46:36:28:87:ba:
90:e9:d8:77:58:26:79:ae:25:18:4b:c8:7f:e3:5f:15:36:f2:
c0:93:56:01:18:de:3e:5c:61:45:30:c4:3f:ea:a6:0e:cc:de:
6d:d4:5c:91:0c:df:13:29:a9:90:59:3c:80:b7:73:e5:5b:31:
aa:c8:da:2d:31:e3:6e:f6:7c:a1:f1:d2:53:73:42:80:07:bb:
79:85:d8:76:73:48:79:97:a9:28:49:f4:13:bd:71:c7:b6:fb:
65:fc:66:ff:9c:58:e4:88:62:1d:9f:b4:e8:30:80:a7:9e:1b:
8e:fb:02:c2:21:5c:13:4e:26:d8:3e:76:ba:1f:09:bf:a7:e7:
ed:9d:b2:9a
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICA9kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REQ0QTYxMTAvBgNVBAUTKDE3MDA0QUEzMzEwNUIwQTBFNkQzRUI0RTQ3QzUxMzA2
M0Q5MkNFQzIwHhcNMjUwMjE1MDU1NDE0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2IwMmMwNi0zNzQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsvXjOaFpyH+J9j0gPcNbDi80CljMA6kffZeVzQnSWweVM7zZNMynZj+xoq7z
X2TthT2LqGxt4zjK8h3DXEOcLwy2Tmwhl3tMTwRwHLSQpuc5drM7rA9f2E8nYabF
PYHyyfy8ORSiFcGjPatf4pG1FCayU5dDBS808pV4gWw+DNqQ9Nbm7q61K5a7WI0f
is+TdXV3KZILPvV/X5Z29lRb5mLVHIn0jLZ8T4p+HVYlbrFo5YlDGZ9UFV8O5bCY
vxdHQftV98VxVAq8e8JLxxF/zI0eJ0Tm+ua/DLed3aCcPIGYeVNczD+F1N4Ukg8G
83pHkaHO3FhAf7iCdss7OWwKbwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFOJdcTZx
zjOGI5XxbzJSDlYsvAAWMB8GA1UdIwQYMBaAFBcASqMxBbCg5tPrTkfFEwY9ks7C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDRBNi82QTU5NjlBODdF
OTUxMUVDODJFRTUyMEFDNEY5QUUwMi9Gd0JLb3pFRnNLRG0wLXRPUjhVVEJqMlN6
c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0Z3QktvekVGc0tEbTAtdE9SOFVUQmoyU3pzSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REQ0QTYvNkE1OTY5QTg3RTk1MTFFQzgyRUU1MjBBQzRGOUFFMDIvNDkwNTk0QUNF
QjYxMTFFRkE1OTNDRjFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAJnEVADBAGWgawDBAPKL3ADBALKRwADBAPKRxgwDQQCAAIw
BwMFACQGIQAwDQYJKoZIhvcNAQELBQADggEBALaPGWzhvsSNh2+E2cKkagZAEjqa
Z8n8cJEV7ZHnEVpjXUwNfhFaVy/rtUQw7iUn6LDSDxRNgtvjo2yUl3xQgx8i5OoW
7dqC/rx+3wVBFjrQQZdlzJxrzUQbhJ16x7/eknmYQIchlT9+jASjnkop1CqEwY4o
VWE1q5dGNiiHupDp2HdYJnmuJRhLyH/jXxU28sCTVgEY3j5cYUUwxD/qpg7M3m3U
XJEM3xMpqZBZPIC3c+VbMarI2i0x4272fKHx0lNzQoAHu3mF2HZzSHmXqShJ9BO9
cce2+2X8Zv+cWOSIYh2ftOgwgKeeG477AsIhXBNOJtg+drofCb+n5+2dspo=
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:35:12 2025 by rpki-client