Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/E1D17486C01611EC99CBE679C4F9AE02.roa
File: E1D17486C01611EC99CBE679C4F9AE02.roa (raw, json)
Hash identifier: pHmLJpOuhaSSpEY2rD/+FafvqJDxx5Fv7Eh0rd1ZzPk=
Subject key identifier: D6:7D:B1:C1:3F:17:F2:05:6E:24:DE:6E:46:AA:C9:C4:F4:4B:BF:3D
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 077E
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/E1D17486C01611EC99CBE679C4F9AE02.roa
Signing time: Fri 03 Jun 2022 14:26:46 +0000
ROA not before: Fri 03 Jun 2022 14:26:46 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 208485
IP address blocks: 113.203.229.0/24 maxlen: 24
113.203.230.0/24 maxlen: 24
113.203.247.0/24 maxlen: 24
180.178.145.0/24 maxlen: 24
180.178.160.0/24 maxlen: 24
223.29.225.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1918 (0x77e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7
Validity
Not Before: Jun 3 14:26:46 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=629a1a25-68d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:13:08:03:a1:ad:31:e0:2a:c4:8f:4a:97:d8:
a2:5d:6c:e9:90:ee:cb:bf:26:f9:64:2c:dd:fa:09:
69:17:05:18:e3:bd:12:0c:c2:e7:02:e7:a4:8c:1d:
7e:c1:06:bf:4e:b8:7d:ef:b1:62:66:77:d5:43:1a:
01:0f:d8:eb:cc:3c:39:4c:63:45:6c:96:71:d7:87:
1c:1a:51:9c:6c:e7:df:f3:0a:c7:5f:e7:58:26:17:
2f:c5:7c:1e:aa:a4:b7:31:8f:e1:c7:6e:bb:52:02:
1b:5c:11:ac:8d:ec:36:7b:1f:67:af:d2:f7:f9:e5:
9b:2c:17:24:8e:96:0f:22:36:b6:2b:55:da:2e:61:
9c:34:e1:ff:5c:48:ff:97:01:b3:97:6e:4e:7a:8a:
38:74:97:3f:69:c6:ed:1a:0b:17:ac:dd:33:75:c5:
4c:3d:19:df:82:fc:48:70:3c:09:c8:41:85:5f:c7:
5c:3c:d5:da:d8:22:22:a9:8c:9d:3e:6c:dd:d1:08:
57:ab:36:f1:7c:b4:16:e5:51:18:b5:4b:c0:7a:db:
77:40:2f:20:73:1c:77:16:29:ec:de:85:30:2e:ea:
59:bf:e4:36:e3:88:f9:89:21:1f:96:76:c2:ef:12:
24:88:0d:f2:af:fd:ac:2f:6a:cc:81:c7:9d:2d:0e:
d8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:7D:B1:C1:3F:17:F2:05:6E:24:DE:6E:46:AA:C9:C4:F4:4B:BF:3D
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/E1D17486C01611EC99CBE679C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.229.0-113.203.230.255
113.203.247.0/24
180.178.145.0/24
180.178.160.0/24
223.29.225.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:a9:b4:ff:c0:c0:24:ae:e3:2c:c5:29:e2:58:0e:f7:2c:9f:
0f:07:89:e9:3f:ad:ab:17:75:ac:7b:50:28:c4:28:4e:3b:08:
58:f4:8f:98:a8:16:38:a7:1a:be:0f:a2:ba:ff:df:78:41:e1:
62:99:0f:9e:be:b7:05:b1:c8:41:09:95:b9:3a:69:f4:2e:64:
e1:48:eb:44:7c:01:c8:7b:1a:ad:24:3c:02:9f:a8:18:c9:64:
6f:b3:62:62:e8:d1:be:2d:43:c1:a5:54:28:c4:8d:9d:5c:92:
f1:bb:8e:a1:09:ad:11:df:a7:b4:cb:7e:38:45:ad:e6:c7:5e:
12:2c:1f:f0:b7:02:b4:33:cb:69:d9:2f:19:dd:2c:57:18:a1:
ba:b9:e3:cb:b6:8a:a7:e3:50:99:ac:17:e7:e5:1f:47:35:ac:
43:60:54:b5:57:95:06:f5:69:87:4d:bb:b4:ba:f2:3a:a6:76:
76:29:16:ff:8a:ac:ed:f0:51:d0:cc:e0:66:86:be:49:c4:f7:
bd:4a:30:ff:2d:23:ba:67:ea:a5:72:00:d6:b3:4f:ed:de:bc:
a2:16:5b:62:b4:49:63:5a:12:30:97:d4:36:5b:03:75:2b:0a:
f0:67:62:79:88:0e:9b:76:5c:9c:55:29:cb:39:2f:83:c7:1d:
ad:e6:3f:3e
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICB34wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjIwNjAzMTQyNjQ2WhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjlhMWEyNS02OGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyxMIA6GtMeAqxI9Kl9iiXWzpkO7Lvyb5ZCzd+glpFwUY470SDMLnAuekjB1+
wQa/Trh977FiZnfVQxoBD9jrzDw5TGNFbJZx14ccGlGcbOff8wrHX+dYJhcvxXwe
qqS3MY/hx267UgIbXBGsjew2ex9nr9L3+eWbLBckjpYPIja2K1XaLmGcNOH/XEj/
lwGzl25Oeoo4dJc/acbtGgsXrN0zdcVMPRnfgvxIcDwJyEGFX8dcPNXa2CIiqYyd
Pmzd0QhXqzbxfLQW5VEYtUvAett3QC8gcxx3Fins3oUwLupZv+Q244j5iSEflnbC
7xIkiA3yr/2sL2rMgcedLQ7YfQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFNZ9scE/
F/IFbiTebkaqycT0S789MB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvRTFEMTc0ODZD
MDE2MTFFQzk5Q0JFNjc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYwDAMEAHHL5QMEAHHL5gMEAHHL9wMEALSykQMEALSyoAMEAN8d
4TANBgkqhkiG9w0BAQsFAAOCAQEACqm0/8DAJK7jLMUp4lgO9yyfDweJ6T+tqxd1
rHtQKMQoTjsIWPSPmKgWOKcavg+iuv/feEHhYpkPnr63BbHIQQmVuTpp9C5k4Ujr
RHwByHsarSQ8Ap+oGMlkb7NiYujRvi1DwaVUKMSNnVyS8buOoQmtEd+ntMt+OEWt
5sdeEiwf8LcCtDPLadkvGd0sVxihurnjy7aKp+NQmawX5+UfRzWsQ2BUtVeVBvVp
h027tLryOqZ2dikW/4qs7fBR0MzgZoa+ScT3vUow/y0jumfqpXIA1rNP7d68ohZb
YrRJY1oSMJfUNlsDdSsK8GdieYgOm3ZcnFUpyzkvg8cdreY/Pg==
-----END CERTIFICATE-----
Generated at Sat Apr 12 06:07:34 2025 by rpki-client