Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9FC0/0E45807C826C11ECBD398B58C4F9AE02/563C52F8827011ECB06A7E29C4F9AE02.roa
File: 563C52F8827011ECB06A7E29C4F9AE02.roa (raw, json)
Hash identifier: x/cf4sYRLQ2j9Yf/UYJIoN7cj+sIgUVHQyGy6+lDz3k=
Subject key identifier: F9:8C:05:3E:C1:B4:07:81:62:40:78:72:03:DE:D0:E9:91:BF:74:ED
Certificate issuer: /CN=A91E9FC0/serialNumber=666AEE20C9A8CB1F4312418F1E2057AA8A6BC4FB
Certificate serial: 02F0
Authority key identifier: 66:6A:EE:20:C9:A8:CB:1F:43:12:41:8F:1E:20:57:AA:8A:6B:C4:FB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZmruIMmoyx9DEkGPHiBXqoprxPs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E9FC0/0E45807C826C11ECBD398B58C4F9AE02/563C52F8827011ECB06A7E29C4F9AE02.roa
Signing time: Wed 21 Feb 2024 02:45:22 +0000
ROA not before: Wed 21 Feb 2024 02:45:22 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 138352
IP address blocks: 103.180.10.0/24 maxlen: 24
103.180.11.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 752 (0x2f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E9FC0
Validity
Not Before: Feb 21 02:45:22 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65d563c2-73a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ea:c7:52:7d:a2:99:f3:f6:29:31:aa:57:48:
4e:c6:cb:66:d3:5c:d4:31:c5:af:e8:ff:0c:e2:a7:
79:b9:2e:62:82:3f:5c:dd:ef:61:ae:d5:18:29:3a:
37:9a:a4:5e:1e:94:34:ed:1b:59:46:97:27:6d:ca:
d8:0b:75:9b:54:34:66:1a:52:bd:d0:ec:b0:03:9d:
35:b3:91:0a:be:76:6e:7c:b2:f7:f1:d9:d5:ba:8e:
b7:f3:06:94:39:0e:ae:1e:d0:b8:2c:93:5a:fb:03:
7b:31:5a:82:88:28:78:50:47:13:47:ab:5c:ae:98:
b1:b5:b2:72:83:85:7a:9c:71:09:93:0b:10:c4:28:
16:7a:bf:19:cb:cc:e2:22:0b:3a:27:18:88:74:c1:
30:9c:c6:2c:16:24:eb:e6:8d:1b:eb:17:f0:fb:67:
d1:a7:f2:48:c0:90:4f:70:ec:30:e3:f6:c4:a4:8f:
e9:49:e7:6b:8b:d7:77:66:e0:e1:f7:4a:22:2a:f6:
74:70:20:98:f0:ca:47:99:88:b0:48:bc:61:1e:d0:
2f:b4:be:d1:c9:73:5e:83:69:13:7a:be:bc:b6:b3:
89:7e:8c:44:a7:23:49:d6:22:50:ec:46:36:93:71:
81:31:1a:46:10:36:cd:b4:ee:4c:b4:a7:45:d6:fe:
8f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:8C:05:3E:C1:B4:07:81:62:40:78:72:03:DE:D0:E9:91:BF:74:ED
X509v3 Authority Key Identifier:
keyid:66:6A:EE:20:C9:A8:CB:1F:43:12:41:8F:1E:20:57:AA:8A:6B:C4:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E9FC0/0E45807C826C11ECBD398B58C4F9AE02/ZmruIMmoyx9DEkGPHiBXqoprxPs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZmruIMmoyx9DEkGPHiBXqoprxPs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9FC0/0E45807C826C11ECBD398B58C4F9AE02/563C52F8827011ECB06A7E29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.180.10.0/23
Signature Algorithm: sha256WithRSAEncryption
ba:a1:fa:3f:d0:cf:aa:bd:b6:5b:8f:9c:6c:fd:fa:23:23:ab:
61:51:0a:08:59:dc:b8:38:ad:c4:a1:7b:f1:94:a0:bc:7b:ca:
37:47:cc:a2:29:0d:10:da:48:4e:92:26:a4:3e:da:1e:c7:36:
1a:26:05:62:d8:fa:59:5c:16:a6:5d:65:4d:50:85:02:c3:91:
ea:ee:1f:4e:0d:8c:cf:d0:df:6e:fc:aa:18:86:a2:ea:a1:27:
2b:13:d0:95:d4:19:d1:d2:9c:42:82:a5:a5:02:b2:ff:2c:53:
c9:59:fe:63:24:b9:55:93:55:9b:b8:1a:26:2d:c6:fb:0e:a6:
a1:1a:8f:cd:88:53:93:2d:79:bd:31:25:23:76:43:89:7b:33:
72:91:83:ca:3e:e1:fe:a3:6b:3a:ea:e6:f3:f2:1a:13:7b:76:
4e:fc:01:b1:19:9e:25:f0:5f:59:b8:76:10:ef:48:e7:73:37:
92:8a:24:dd:6a:e5:cd:ee:e7:d8:30:da:22:c3:3b:c2:a9:37:
83:cf:7b:de:c1:c4:4a:35:07:3d:f3:18:90:e6:82:04:a6:70:
53:29:18:5a:e5:00:f6:6e:21:aa:84:78:2b:09:e7:18:ad:b4:
0b:fb:26:2a:a3:69:81:8a:a1:af:da:89:f6:28:1b:3d:91:b6:
28:03:b6:af
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAvAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTlGQzAxMTAvBgNVBAUTKDY2NkFFRTIwQzlBOENCMUY0MzEyNDE4RjFFMjA1N0FB
OEE2QkM0RkIwHhcNMjQwMjIxMDI0NTIyWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQ1NjNjMi03M2E3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuerHUn2imfP2KTGqV0hOxstm01zUMcWv6P8M4qd5uS5igj9c3e9hrtUYKTo3
mqReHpQ07RtZRpcnbcrYC3WbVDRmGlK90OywA501s5EKvnZufLL38dnVuo638waU
OQ6uHtC4LJNa+wN7MVqCiCh4UEcTR6tcrpixtbJyg4V6nHEJkwsQxCgWer8Zy8zi
Igs6JxiIdMEwnMYsFiTr5o0b6xfw+2fRp/JIwJBPcOww4/bEpI/pSedri9d3ZuDh
90oiKvZ0cCCY8MpHmYiwSLxhHtAvtL7RyXNeg2kTer68trOJfoxEpyNJ1iJQ7EY2
k3GBMRpGEDbNtO5MtKdF1v6PdwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPmMBT7B
tAeBYkB4cgPe0OmRv3TtMB8GA1UdIwQYMBaAFGZq7iDJqMsfQxJBjx4gV6qKa8T7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOUZDMC8wRTQ1ODA3Qzgy
NkMxMUVDQkQzOThCNThDNEY5QUUwMi9abXJ1SU1tb3l4OURFa0dQSGlCWHFvcHJ4
UHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ptcnVJTW1veXg5REVrR1BIaUJYcW9wcnhQcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTlGQzAvMEU0NTgwN0M4MjZDMTFFQ0JEMzk4QjU4QzRGOUFFMDIvNTYzQzUyRjg4
MjcwMTFFQ0IwNkE3RTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFntAowDQYJKoZIhvcNAQELBQADggEBALqh+j/Qz6q9tluP
nGz9+iMjq2FRCghZ3Lg4rcShe/GUoLx7yjdHzKIpDRDaSE6SJqQ+2h7HNhomBWLY
+llcFqZdZU1QhQLDkeruH04NjM/Q3278qhiGouqhJysT0JXUGdHSnEKCpaUCsv8s
U8lZ/mMkuVWTVZu4GiYtxvsOpqEaj82IU5Mteb0xJSN2Q4l7M3KRg8o+4f6jazrq
5vPyGhN7dk78AbEZniXwX1m4dhDvSOdzN5KKJN1q5c3u59gw2iLDO8KpN4PPe97B
xEo1Bz3zGJDmggSmcFMpGFrlAPZuIaqEeCsJ5xittAv7JiqjaYGKoa/aifYoGz2R
tigDtq8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:07:52 2025 by rpki-client