Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/4553F920D90211ED8A324E57C4F9AE02.roa
File: 4553F920D90211ED8A324E57C4F9AE02.roa (raw, json)
Hash identifier: l/otOkyyP2etUXLXTLr7EHpPuRIr4ws8Tv5fpCRoVpo=
Subject key identifier: 10:3A:7D:4A:68:34:9B:13:A3:32:9C:F6:2B:DB:CC:E1:AD:50:92:17
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0A00
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/4553F920D90211ED8A324E57C4F9AE02.roa
Signing time: Wed 12 Apr 2023 07:18:50 +0000
ROA not before: Wed 12 Apr 2023 07:18:50 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 7018
IP address blocks: 103.11.61.0/24 maxlen: 24
113.203.208.0/24 maxlen: 24
113.203.210.0/24 maxlen: 24
113.203.218.0/24 maxlen: 24
113.203.220.0/24 maxlen: 24
113.203.222.0/24 maxlen: 24
113.203.223.0/24 maxlen: 24
113.203.224.0/24 maxlen: 24
113.203.225.0/24 maxlen: 24
113.203.227.0/24 maxlen: 24
113.203.233.0/24 maxlen: 24
113.203.245.0/24 maxlen: 24
113.203.252.0/22 maxlen: 24
180.178.148.0/24 maxlen: 24
180.178.151.0/24 maxlen: 24
180.178.162.0/24 maxlen: 24
180.178.173.0/24 maxlen: 24
180.178.179.0/24 maxlen: 24
223.29.226.0/24 maxlen: 24
223.29.235.0/24 maxlen: 24
223.29.236.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2560 (0xa00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7
Validity
Not Before: Apr 12 07:18:50 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64365b59-d525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:17:f0:df:f9:3d:8b:fe:42:9a:1f:cb:56:38:
fc:6b:c9:97:6b:7c:c8:8e:66:7d:05:b8:1c:56:c8:
6d:7a:85:a1:b0:fc:38:68:20:fd:fb:82:e0:41:f6:
cd:21:fc:14:91:97:79:d9:d4:79:a6:08:84:b2:09:
4b:c2:d1:06:ec:01:ab:9e:ac:3f:2f:d3:23:c5:b0:
9f:1c:22:b6:0f:3b:c3:18:2f:c3:ae:0a:b2:c1:a9:
1e:85:b8:ce:ef:34:ab:5f:b6:0f:5d:ab:12:c6:33:
00:87:b7:59:d4:b4:d8:e9:86:43:cd:63:d2:3f:d8:
48:be:73:91:35:65:3b:5f:07:12:eb:43:c6:b4:f7:
04:62:06:e0:04:75:be:03:7d:f6:c2:93:3e:8f:d3:
cc:e0:f3:8f:2b:cd:e6:ee:e2:f4:c7:51:a4:0e:f6:
28:e6:52:56:ed:b5:60:9a:4c:7c:27:ae:ab:5c:f3:
f1:a7:09:88:09:8d:da:c1:fc:65:bc:ad:9a:a1:d7:
df:66:fb:92:9a:7b:bb:fe:ad:4c:25:ab:dd:ef:de:
52:16:d5:86:b6:75:aa:66:be:0a:ed:30:10:4e:51:
02:d7:00:1a:22:c2:99:d0:c5:28:fc:06:af:d2:2d:
81:a7:01:df:7c:e6:20:56:70:6f:a8:4e:e7:66:18:
56:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:3A:7D:4A:68:34:9B:13:A3:32:9C:F6:2B:DB:CC:E1:AD:50:92:17
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/4553F920D90211ED8A324E57C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.61.0/24
113.203.208.0/24
113.203.210.0/24
113.203.218.0/24
113.203.220.0/24
113.203.222.0-113.203.225.255
113.203.227.0/24
113.203.233.0/24
113.203.245.0/24
113.203.252.0/22
180.178.148.0/24
180.178.151.0/24
180.178.162.0/24
180.178.173.0/24
180.178.179.0/24
223.29.226.0/24
223.29.235.0-223.29.238.255
Signature Algorithm: sha256WithRSAEncryption
5a:3a:d1:71:4e:29:f3:c3:70:95:c2:78:9e:96:6d:16:21:10:
b7:65:ce:d1:1d:31:28:9c:bc:7c:08:cc:de:fd:38:b2:11:87:
b3:08:a7:64:62:0e:f5:5a:94:e5:b7:58:d1:94:0c:c8:a0:a2:
0a:e8:25:08:99:65:06:34:f2:d4:bf:8f:03:69:25:56:71:75:
c7:55:d4:7b:d3:17:93:94:9c:d2:ef:2c:3d:50:08:eb:3e:e7:
69:48:fb:74:62:cb:dd:08:c9:d9:43:4b:3e:d4:38:16:61:98:
e2:40:4d:21:94:44:ce:3f:17:41:aa:c5:43:d7:cc:77:07:58:
11:2b:41:92:2b:40:79:9c:f0:4f:c7:74:8e:9c:a1:9a:99:7d:
7d:56:34:f9:78:4c:18:dd:47:81:f8:ca:e0:67:31:a6:2a:32:
f8:d9:e4:2e:00:65:d7:ab:51:75:91:e6:bd:0a:22:b3:0c:ad:
02:f4:0c:1a:41:d9:d9:a9:4f:97:44:fb:fa:f6:1f:de:c5:35:
78:df:87:0c:c7:a1:e5:18:45:36:fb:c3:be:26:5c:f3:d7:91:
82:4c:a1:aa:cb:90:9a:f4:9a:0a:03:2a:86:10:92:b0:9e:61:
af:7f:99:ca:ec:77:1d:a7:e9:3d:7c:3e:89:88:8e:1f:c8:61:
00:26:47:59
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgICCgAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwNDEyMDcxODUwWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM2NWI1OS1kNTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvBfw3/k9i/5Cmh/LVjj8a8mXa3zIjmZ9BbgcVshteoWhsPw4aCD9+4LgQfbN
IfwUkZd52dR5pgiEsglLwtEG7AGrnqw/L9MjxbCfHCK2DzvDGC/DrgqywakehbjO
7zSrX7YPXasSxjMAh7dZ1LTY6YZDzWPSP9hIvnORNWU7XwcS60PGtPcEYgbgBHW+
A332wpM+j9PM4POPK83m7uL0x1GkDvYo5lJW7bVgmkx8J66rXPPxpwmICY3awfxl
vK2aodffZvuSmnu7/q1MJavd795SFtWGtnWqZr4K7TAQTlEC1wAaIsKZ0MUo/Aav
0i2BpwHffOYgVnBvqE7nZhhW6QIDAQABo4IDBzCCAwMwHQYDVR0OBBYEFBA6fUpo
NJsTozKc9ivbzOGtUJIXMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvNDU1M0Y5MjBE
OTAyMTFFRDhBMzI0RTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZAGCCsGAQUFBwEHAQH/
BIGAMH4wfAQCAAEwdgMEAGcLPQMEAHHL0AMEAHHL0gMEAHHL2gMEAHHL3DAMAwQB
ccveAwQBccvgAwQAccvjAwQAccvpAwQAccv1AwQCccv8AwQAtLKUAwQAtLKXAwQA
tLKiAwQAtLKtAwQAtLKzAwQA3x3iMAwDBADfHesDBADfHe4wDQYJKoZIhvcNAQEL
BQADggEBAFo60XFOKfPDcJXCeJ6WbRYhELdlztEdMSicvHwIzN79OLIRh7MIp2Ri
DvValOW3WNGUDMigogroJQiZZQY08tS/jwNpJVZxdcdV1HvTF5OUnNLvLD1QCOs+
52lI+3Riy90IydlDSz7UOBZhmOJATSGURM4/F0GqxUPXzHcHWBErQZIrQHmc8E/H
dI6coZqZfX1WNPl4TBjdR4H4yuBnMaYqMvjZ5C4AZderUXWR5r0KIrMMrQL0DBpB
2dmpT5dE+/r2H97FNXjfhwzHoeUYRTb7w74mXPPXkYJMoarLkJr0mgoDKoYQkrCe
Ya9/mcrsdx2n6T18PomIjh/IYQAmR1k=
-----END CERTIFICATE-----
Generated at Sat Apr 12 06:05:21 2025 by rpki-client