Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/15E1953EE32711ECB94ADB38C4F9AE02.roa
File: 15E1953EE32711ECB94ADB38C4F9AE02.roa (raw, json)
Hash identifier: N4Bf3ssq8YtxEmNy6oBeHqxN2wzdaPgexBp0CCpgXsU=
Subject key identifier: 0A:EC:6E:67:BC:EB:DA:AD:2F:E2:61:0C:63:8D:27:A0:16:26:39:6F
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 077A
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/15E1953EE32711ECB94ADB38C4F9AE02.roa
Signing time: Fri 03 Jun 2022 10:22:35 +0000
ROA not before: Fri 03 Jun 2022 10:22:35 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 210654
IP address blocks: 113.203.220.0/24 maxlen: 24
113.203.222.0/24 maxlen: 24
113.203.223.0/24 maxlen: 24
113.203.224.0/22 maxlen: 24
180.178.148.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.156.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1914 (0x77a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7
Validity
Not Before: Jun 3 10:22:35 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=6299e0eb-8000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:da:65:1c:68:15:83:bc:ae:ca:31:b0:d7:b4:
17:48:62:89:d1:19:ee:2c:3f:ca:63:ec:2b:9f:07:
e7:f8:de:88:bd:a7:ff:93:61:12:28:c5:9b:94:f5:
3f:74:34:2f:c8:94:2b:f2:9d:bd:83:8b:f8:8d:cd:
89:d9:f9:6c:7b:7a:d8:7b:14:14:ba:13:9d:03:fa:
17:06:7b:31:f0:8f:2e:ee:6d:76:1d:0a:12:5e:0f:
43:0e:b1:6d:4e:dd:af:9f:dd:b5:38:23:4e:3b:e9:
68:fa:bb:75:81:09:9c:a2:8e:01:c7:33:da:a6:6c:
d8:80:69:75:36:5e:89:8c:eb:e3:dd:53:29:2a:07:
af:85:79:17:3e:aa:fe:96:8e:d5:29:da:db:13:7c:
d2:48:b5:dd:ed:79:25:aa:f0:bc:04:f4:99:ed:a2:
d3:3d:b7:f2:73:e9:1d:9a:1d:a2:7f:ad:82:eb:d7:
e9:4b:85:c9:c3:31:bb:b7:2f:8a:3b:b3:05:db:a0:
75:8d:01:c8:01:38:4a:e2:86:56:89:29:7e:00:36:
4a:82:5a:1f:4d:9b:08:67:1f:b6:aa:55:d3:39:15:
9b:d5:45:92:72:30:43:52:df:35:29:29:1d:bb:86:
b2:35:d3:58:19:56:23:c4:74:49:87:83:09:45:6a:
8a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:EC:6E:67:BC:EB:DA:AD:2F:E2:61:0C:63:8D:27:A0:16:26:39:6F
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/15E1953EE32711ECB94ADB38C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.220.0/24
113.203.222.0-113.203.227.255
180.178.148.0/23
180.178.156.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:d3:7a:89:55:ed:0c:a3:e8:5b:a0:6f:80:68:2f:13:52:12:
55:23:5b:6b:8a:43:b2:3b:d8:92:4d:ec:87:85:3f:d8:9a:84:
12:91:09:0c:19:29:97:4d:35:7b:33:79:b9:47:1e:a4:f3:8f:
1d:36:57:25:2d:c6:61:bb:1d:1f:d9:80:ff:c0:1b:2b:cb:f7:
47:b9:7c:37:3c:34:0c:26:fb:a3:b0:da:81:ff:4c:e4:b7:7d:
65:f5:cf:76:37:57:96:33:96:53:d3:ff:fb:7b:b5:a8:ca:fb:
06:89:e1:80:bd:3f:10:60:f8:3b:79:4f:82:a9:09:85:36:df:
d4:8d:80:56:5e:11:0c:86:87:8b:69:33:ac:13:cb:22:18:81:
ba:1c:b7:de:e7:66:10:a8:99:bf:96:7c:84:78:e6:c1:3c:97:
b8:f3:d9:e2:7e:16:24:ec:aa:ae:b5:c2:e5:c9:db:aa:26:43:
0a:7c:87:8e:37:f9:4d:c4:7e:12:fb:00:65:2f:29:ef:d8:ae:
6c:d5:14:95:c7:6d:f4:02:fe:b4:13:8d:cb:b6:21:0a:0c:b0:
b8:a0:28:88:78:74:79:9b:dd:7f:3c:bb:2b:dc:a5:0e:89:6c:
8f:5d:71:b2:d7:25:cb:3a:fc:1b:d9:80:85:6c:41:07:1b:4c:
e9:b1:52:6a
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICB3owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjIwNjAzMTAyMjM1WhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk5ZTBlYi04MDAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAudplHGgVg7yuyjGw17QXSGKJ0RnuLD/KY+wrnwfn+N6Ivaf/k2ESKMWblPU/
dDQvyJQr8p29g4v4jc2J2flse3rYexQUuhOdA/oXBnsx8I8u7m12HQoSXg9DDrFt
Tt2vn921OCNOO+lo+rt1gQmcoo4BxzPapmzYgGl1Nl6JjOvj3VMpKgevhXkXPqr+
lo7VKdrbE3zSSLXd7XklqvC8BPSZ7aLTPbfyc+kdmh2if62C69fpS4XJwzG7ty+K
O7MF26B1jQHIAThK4oZWiSl+ADZKglofTZsIZx+2qlXTORWb1UWScjBDUt81KSkd
u4ayNdNYGVYjxHRJh4MJRWqKGQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFArsbme8
69qtL+JhDGONJ6AWJjlvMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvMTVFMTk1M0VF
MzI3MTFFQ0I5NEFEQjM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBABxy9wwDAMEAXHL3gMEAnHL4AMEAbSylAMEArSynDANBgkq
hkiG9w0BAQsFAAOCAQEACtN6iVXtDKPoW6BvgGgvE1ISVSNba4pDsjvYkk3sh4U/
2JqEEpEJDBkpl001ezN5uUcepPOPHTZXJS3GYbsdH9mA/8AbK8v3R7l8Nzw0DCb7
o7Dagf9M5Ld9ZfXPdjdXljOWU9P/+3u1qMr7BonhgL0/EGD4O3lPgqkJhTbf1I2A
Vl4RDIaHi2kzrBPLIhiBuhy33udmEKiZv5Z8hHjmwTyXuPPZ4n4WJOyqrrXC5cnb
qiZDCnyHjjf5TcR+EvsAZS8p79iubNUUlcdt9AL+tBONy7YhCgywuKAoiHh0eZvd
fzy7K9ylDolsj11xstclyzr8G9mAhWxBBxtM6bFSag==
-----END CERTIFICATE-----
Generated at Sat Apr 12 06:07:28 2025 by rpki-client