Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9159032/45FCF5E04FEA11E79710DE3EC4F9AE02/1AC672D6DDFC11EAAC91EB6BC4F9AE02.roa
File: 1AC672D6DDFC11EAAC91EB6BC4F9AE02.roa (raw, json)
Hash identifier: wGhBoKsYJGnKqlIsDE7fA3lFsblZ+80VM5EqgDeApfU=
Subject key identifier: E2:16:42:1B:81:E7:8E:4E:0B:13:EE:7F:EE:44:CD:E2:F1:32:4E:F8
Certificate issuer: /CN=A9159032/serialNumber=82887AB91D2B0F6ADBFC70B24619F187B1A53D59
Certificate serial: 1881
Authority key identifier: 82:88:7A:B9:1D:2B:0F:6A:DB:FC:70:B2:46:19:F1:87:B1:A5:3D:59
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/goh6uR0rD2rb_HCyRhnxh7GlPVk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9159032/45FCF5E04FEA11E79710DE3EC4F9AE02/1AC672D6DDFC11EAAC91EB6BC4F9AE02.roa
Signing time: Mon 10 Apr 2023 17:13:54 +0000
ROA not before: Mon 10 Apr 2023 17:13:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133453
IP address blocks: 103.229.176.0/22 maxlen: 22
103.229.176.0/24 maxlen: 24
103.229.177.0/24 maxlen: 24
103.229.178.0/24 maxlen: 24
103.229.179.0/24 maxlen: 24
2001:df4:e800::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6273 (0x1881)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9159032
Validity
Not Before: Apr 10 17:13:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=643443d2-34e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d3:29:75:8c:b5:85:6e:d8:6e:07:bd:a1:3f:
f4:de:01:b1:2a:21:d9:50:da:e2:10:90:75:95:1c:
f7:b0:c9:74:ec:21:ae:2c:60:16:9f:61:63:7e:65:
4a:8d:4f:2a:f0:c5:ae:58:af:23:80:ef:58:06:8b:
d9:d7:94:3f:11:2f:8e:03:8d:0f:71:9d:65:8c:59:
1f:75:cf:2b:8e:40:0b:a2:ab:77:bb:41:26:b7:c8:
b5:9a:97:ac:66:83:4a:03:09:ec:1a:ce:90:ef:03:
34:bc:62:b6:dc:fe:a0:b5:8b:e2:95:8d:bf:57:df:
f4:0b:70:36:d6:92:11:ff:04:22:51:a6:24:09:11:
34:77:15:bb:3c:53:59:ff:64:1c:fc:92:6e:f4:1c:
19:63:28:0b:82:5f:d2:36:47:8a:d1:27:f3:ce:a6:
5b:75:6c:48:e6:de:07:9a:fd:46:63:6c:4f:0e:74:
ba:4f:c0:fe:9a:d7:51:96:55:f7:9e:b3:24:c5:c8:
13:f2:28:5c:17:eb:e2:71:21:78:79:0f:50:8e:b9:
71:c8:15:0e:83:fa:81:f7:73:e5:16:c8:9b:97:cd:
58:72:8b:f9:54:9e:a5:f5:40:73:19:74:cb:16:f8:
10:e7:63:20:59:16:47:5a:70:dc:95:35:26:3a:8f:
46:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:16:42:1B:81:E7:8E:4E:0B:13:EE:7F:EE:44:CD:E2:F1:32:4E:F8
X509v3 Authority Key Identifier:
keyid:82:88:7A:B9:1D:2B:0F:6A:DB:FC:70:B2:46:19:F1:87:B1:A5:3D:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9159032/45FCF5E04FEA11E79710DE3EC4F9AE02/goh6uR0rD2rb_HCyRhnxh7GlPVk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/goh6uR0rD2rb_HCyRhnxh7GlPVk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9159032/45FCF5E04FEA11E79710DE3EC4F9AE02/1AC672D6DDFC11EAAC91EB6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.229.176.0/22
IPv6:
2001:df4:e800::/48
Signature Algorithm: sha256WithRSAEncryption
7b:80:dd:71:82:22:a7:4b:30:ff:9a:46:ac:76:4a:f8:a4:19:
30:b8:ab:93:3b:ed:c9:db:60:74:c9:04:d9:45:78:26:4e:74:
e3:ba:95:0b:f9:49:b7:78:43:50:39:b9:72:dd:12:56:fe:f4:
11:7d:29:3e:45:5b:d6:35:8d:57:ff:cd:44:1d:80:88:57:2e:
6f:2a:d4:38:8b:0d:b9:af:37:4a:54:43:b5:39:b2:42:9e:a8:
9c:ca:e7:1c:a7:56:ae:08:bc:61:ee:82:38:d2:f0:2a:4c:ac:
f4:23:a4:89:76:f4:d4:d3:44:03:1e:89:fc:09:d1:3d:db:05:
60:33:ee:90:e0:35:82:6e:a7:ea:6a:d1:e6:26:3e:64:82:72:
31:67:a9:d9:88:f1:cd:f7:a2:33:5d:de:bb:3d:48:8c:d2:84:
1d:dc:31:10:cc:b5:f1:72:da:f6:43:28:57:00:24:0e:b5:17:
e8:eb:c7:2e:39:84:10:49:0d:bd:1a:62:51:66:eb:8f:6b:7a:
e7:85:4b:5e:64:f1:af:b7:5c:ef:7e:94:d4:ee:54:08:e6:ea:
92:de:f7:17:4e:8c:9a:9a:3f:b5:bd:e6:30:ca:97:31:ec:90:
27:85:8b:6f:61:1f:1a:0f:fe:c9:fd:ab:ba:92:df:ba:93:71:
96:22:16:48
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICGIEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTkwMzIxMTAvBgNVBAUTKDgyODg3QUI5MUQyQjBGNkFEQkZDNzBCMjQ2MTlGMTg3
QjFBNTNENTkwHhcNMjMwNDEwMTcxMzU0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM0NDNkMi0zNGUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1dMpdYy1hW7Ybge9oT/03gGxKiHZUNriEJB1lRz3sMl07CGuLGAWn2FjfmVK
jU8q8MWuWK8jgO9YBovZ15Q/ES+OA40PcZ1ljFkfdc8rjkALoqt3u0Emt8i1mpes
ZoNKAwnsGs6Q7wM0vGK23P6gtYvilY2/V9/0C3A21pIR/wQiUaYkCRE0dxW7PFNZ
/2Qc/JJu9BwZYygLgl/SNkeK0SfzzqZbdWxI5t4Hmv1GY2xPDnS6T8D+mtdRllX3
nrMkxcgT8ihcF+vicSF4eQ9QjrlxyBUOg/qB93PlFsibl81Ycov5VJ6l9UBzGXTL
FvgQ52MgWRZHWnDclTUmOo9GfwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFOIWQhuB
545OCxPuf+5EzeLxMk74MB8GA1UdIwQYMBaAFIKIerkdKw9q2/xwskYZ8YexpT1Z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTAzMi80NUZDRjVFMDRG
RUExMUU3OTcxMERFM0VDNEY5QUUwMi9nb2g2dVIwckQycmJfSEN5UmhueGg3R2xQ
VmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dvaDZ1UjByRDJyYl9IQ3lSaG54aDdHbFBWay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTkwMzIvNDVGQ0Y1RTA0RkVBMTFFNzk3MTBERTNFQzRGOUFFMDIvMUFDNjcyRDZE
REZDMTFFQUFDOTFFQjZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAJn5bAwDwQCAAIwCQMHACABDfToADANBgkqhkiG9w0BAQsF
AAOCAQEAe4DdcYIip0sw/5pGrHZK+KQZMLirkzvtydtgdMkE2UV4Jk5047qVC/lJ
t3hDUDm5ct0SVv70EX0pPkVb1jWNV//NRB2AiFcubyrUOIsNua83SlRDtTmyQp6o
nMrnHKdWrgi8Ye6CONLwKkys9COkiXb01NNEAx6J/AnRPdsFYDPukOA1gm6n6mrR
5iY+ZIJyMWep2YjxzfeiM13euz1IjNKEHdwxEMy18XLa9kMoVwAkDrUX6OvHLjmE
EEkNvRpiUWbrj2t654VLXmTxr7dc736U1O5UCObqkt73F06Mmpo/tb3mMMqXMeyQ
J4WLb2EfGg/+yf2rupLfupNxliIWSA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:05 2025 by rpki-client