Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/A755B9E4CBB811ED8583D849C4F9AE02.roa
File: A755B9E4CBB811ED8583D849C4F9AE02.roa (raw, json)
Hash identifier: dyKKk0pKP63oaBL2M9cGpFCgDRAZ1rzjkEgPDPqWlnM=
Subject key identifier: 0B:A8:A4:2D:B3:BB:DD:57:FA:17:CD:DA:19:F5:99:2C:FA:0E:0E:F8
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 09D6
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/A755B9E4CBB811ED8583D849C4F9AE02.roa
Signing time: Sun 26 Mar 2023 09:29:06 +0000
ROA not before: Sun 26 Mar 2023 09:29:06 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 996
IP address blocks: 113.203.223.0/24 maxlen: 24
113.203.224.0/24 maxlen: 24
113.203.225.0/24 maxlen: 24
113.203.228.0/22 maxlen: 24
180.178.176.0/23 maxlen: 24
223.29.235.0/24 maxlen: 24
223.29.236.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2518 (0x9d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7
Validity
Not Before: Mar 26 09:29:06 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64201062-23e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0e:74:a8:04:11:b1:47:0b:92:19:9e:40:83:
da:0a:4c:df:bd:1e:67:6d:4c:f0:bc:b1:e5:a1:c4:
c4:87:c3:3f:17:a9:00:c0:42:65:c2:40:2b:ac:5f:
91:ea:5d:20:6e:fa:36:14:ab:48:e3:8a:24:d2:49:
37:a4:95:f6:51:0f:75:57:fe:00:06:ff:d9:17:40:
68:8a:8b:f2:d7:40:47:f9:50:b5:23:9e:9c:7d:14:
73:0e:cc:02:4e:48:df:d6:97:8d:66:fb:fc:78:01:
88:f7:db:0d:b3:e4:7e:ad:73:35:01:2f:5b:06:b6:
a2:e3:bc:9a:8d:f1:07:42:19:3a:bc:6e:04:0d:a9:
f5:9b:95:a4:59:af:5d:55:73:a2:e1:cd:02:30:f6:
ef:b6:d9:4e:4e:47:b8:0a:b0:58:86:e2:ca:87:1a:
25:e4:75:f0:89:55:d5:6c:c7:70:c5:12:1d:d1:9e:
9e:59:39:d9:07:ea:57:62:f2:26:5d:43:ac:1c:23:
37:81:4d:87:fe:8f:f0:36:f5:ad:1f:65:ca:22:53:
f7:32:f6:3b:b7:ee:ac:cd:7e:c1:7c:c6:e6:d6:65:
99:0d:f0:38:a6:41:a5:66:fe:91:fc:ef:59:d8:a0:
64:ce:b8:e4:d4:9f:6b:07:f2:33:b9:d1:40:28:fa:
a5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:A8:A4:2D:B3:BB:DD:57:FA:17:CD:DA:19:F5:99:2C:FA:0E:0E:F8
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/A755B9E4CBB811ED8583D849C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.223.0-113.203.225.255
113.203.228.0/22
180.178.176.0/23
223.29.235.0-223.29.238.255
Signature Algorithm: sha256WithRSAEncryption
11:b6:27:cf:d2:49:48:91:19:d4:bf:3a:35:72:5e:f8:fa:3a:
e4:f4:a0:ce:8a:60:e4:ae:eb:e2:c3:28:01:9e:c0:f4:44:4c:
29:33:cd:e0:49:a5:bc:61:3b:fb:0d:6f:23:45:f9:f1:31:6b:
f1:f9:f7:b1:40:96:a7:4d:6d:7e:e5:58:e2:e4:b1:de:89:2c:
a6:22:f7:49:2b:b7:94:e2:af:49:6b:92:11:d6:77:79:14:5c:
7b:6b:68:58:67:3d:12:42:1e:d0:55:5d:a4:b8:2d:7a:87:a4:
d7:29:86:5c:d3:7e:d8:09:c0:6d:24:9d:1e:ed:31:5b:6f:5d:
d2:23:f6:c7:af:65:25:6d:50:d9:b0:00:d7:b7:e2:a3:85:fb:
20:d2:3e:2c:8b:d9:ef:bb:fe:89:58:1f:07:c0:a5:b6:1e:1f:
4a:a0:af:46:d5:28:5b:cc:a2:ab:9e:6c:47:7d:92:ce:7c:3a:
b3:39:09:42:a6:99:60:62:ec:36:13:8f:10:43:e6:e9:9c:77:
0c:ff:95:34:2b:3d:e7:a9:ef:1d:28:ba:ca:b1:ae:99:d1:3f:
83:e2:c8:9a:b0:63:b8:be:9d:f1:57:bd:59:43:03:4e:c4:8e:
86:b1:01:28:19:cf:b2:a8:c2:de:db:e7:7e:45:32:b7:e1:6c:
88:f1:01:f6
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICCdYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwMzI2MDkyOTA2WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDIwMTA2Mi0yM2U1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAug50qAQRsUcLkhmeQIPaCkzfvR5nbUzwvLHlocTEh8M/F6kAwEJlwkArrF+R
6l0gbvo2FKtI44ok0kk3pJX2UQ91V/4ABv/ZF0Boiovy10BH+VC1I56cfRRzDswC
Tkjf1peNZvv8eAGI99sNs+R+rXM1AS9bBrai47yajfEHQhk6vG4EDan1m5WkWa9d
VXOi4c0CMPbvttlOTke4CrBYhuLKhxol5HXwiVXVbMdwxRId0Z6eWTnZB+pXYvIm
XUOsHCM3gU2H/o/wNvWtH2XKIlP3MvY7t+6szX7BfMbm1mWZDfA4pkGlZv6R/O9Z
2KBkzrjk1J9rB/IzudFAKPql7QIDAQABo4ICtzCCArMwHQYDVR0OBBYEFAuopC2z
u91X+hfN2hn1mSz6Dg74MB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvQTc1NUI5RTRD
QkI4MTFFRDg1ODNEODQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMC4EAgABMCgwDAMEAHHL3wMEAXHL4AMEAnHL5AMEAbSysDAMAwQA3x3rAwQA
3x3uMA0GCSqGSIb3DQEBCwUAA4IBAQARtifP0klIkRnUvzo1cl74+jrk9KDOimDk
ruviwygBnsD0REwpM83gSaW8YTv7DW8jRfnxMWvx+fexQJanTW1+5Vji5LHeiSym
IvdJK7eU4q9Ja5IR1nd5FFx7a2hYZz0SQh7QVV2kuC16h6TXKYZc037YCcBtJJ0e
7TFbb13SI/bHr2UlbVDZsADXt+Kjhfsg0j4si9nvu/6JWB8HwKW2Hh9KoK9G1Shb
zKKrnmxHfZLOfDqzOQlCpplgYuw2E48QQ+bpnHcM/5U0Kz3nqe8dKLrKsa6Z0T+D
4siasGO4vp3xV71ZQwNOxI6GsQEoGc+yqMLe2+d+RTK34WyI8QH2
-----END CERTIFICATE-----
Generated at Sat Apr 12 06:07:41 2025 by rpki-client