Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/300D176A960311EC9F376173C4F9AE02.roa
File: 300D176A960311EC9F376173C4F9AE02.roa (raw, json)
Hash identifier: 2EwxJu0E9FkVAI/i+5AjN05wZEThuLH4rVVujzJEdwY=
Subject key identifier: 4F:1B:8A:70:7E:C0:B4:DB:B8:F7:A9:2E:1F:A1:4F:11:55:E5:28:FA
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 546D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/300D176A960311EC9F376173C4F9AE02.roa
Signing time: Mon 16 May 2022 04:29:55 +0000
ROA not before: Mon 16 May 2022 04:29:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 149226
IP address blocks: 103.180.68.0/23 maxlen: 23
103.184.110.0/23 maxlen: 23
103.184.132.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21613 (0x546d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:29:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281d342-9c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ef:1d:b0:96:85:e9:c7:ac:32:fc:8e:f5:73:
cc:18:92:15:b3:02:27:64:6a:26:2c:33:66:72:fd:
1f:f3:1d:a1:5e:28:30:71:dc:9c:f1:d0:66:fd:37:
35:55:49:95:75:04:e3:87:de:f1:18:21:c9:6f:d6:
28:91:ba:16:f2:82:c8:1e:a9:63:31:8d:f5:b1:d6:
13:4f:87:e9:b9:e1:ee:5a:28:31:5e:c0:0c:41:bc:
dd:f4:db:e2:35:b2:87:4e:0a:16:49:a5:33:fa:7a:
4f:fb:80:b3:86:c3:73:d1:f0:f8:68:20:0a:d3:1c:
f0:cb:d7:0c:dd:98:16:dd:6e:4c:90:59:4a:47:6e:
c7:7d:5e:e1:1d:d1:3d:98:43:ea:28:eb:75:bd:f8:
c5:eb:c3:10:9a:be:eb:af:2e:39:37:8c:62:e6:be:
c2:be:e2:3a:42:e2:65:4f:0c:02:ee:b2:8d:f0:b4:
44:18:c3:bb:1b:21:f6:e6:b4:09:2b:a9:5c:f0:3e:
ad:35:5a:d3:e7:bf:b4:38:91:c4:64:4b:59:65:72:
ad:20:a0:2a:84:64:eb:dd:a7:7a:5c:fd:37:44:51:
d3:bd:3a:31:8d:83:dc:5d:ec:f0:28:5a:6b:5c:7c:
15:7d:b6:f0:58:c6:79:0b:bf:ca:fb:91:d1:e7:81:
f2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:1B:8A:70:7E:C0:B4:DB:B8:F7:A9:2E:1F:A1:4F:11:55:E5:28:FA
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/300D176A960311EC9F376173C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.180.68.0/23
103.184.110.0/23
103.184.132.0/23
Signature Algorithm: sha256WithRSAEncryption
92:47:ad:ea:31:e6:40:75:33:6b:a2:48:c5:78:4c:f1:86:eb:
56:2b:29:e6:f3:af:56:45:85:f8:88:e1:41:26:b5:2e:5f:e1:
b2:70:98:a3:51:39:c9:ea:9e:93:43:55:db:67:50:a1:1f:43:
8b:0b:1a:99:66:cc:88:60:60:55:8e:0e:30:9d:4b:d2:bc:04:
db:5a:a6:bf:e2:1c:ff:30:17:e1:cb:08:25:d2:2f:d9:41:1e:
2a:6b:2e:36:b1:0d:36:24:ec:da:27:cb:92:c8:79:dc:4b:96:
2b:c3:44:db:39:2b:d2:87:83:1d:70:9c:6c:15:f0:f2:68:f5:
ca:3d:f7:fd:e7:b8:1f:4c:41:df:4d:f5:9c:eb:32:01:48:e0:
16:be:db:41:b2:9e:f2:12:49:54:76:a7:59:fc:de:c4:60:38:
a3:e4:d1:09:5a:7b:62:8a:16:23:56:7d:32:8c:2b:f6:fe:ef:
b2:9c:63:60:08:4d:b7:bc:0b:fb:b8:99:b6:5d:6d:32:b2:26:
2a:87:74:12:ab:40:7a:44:2b:42:75:1b:8c:5c:66:fb:62:3f:
12:90:07:ea:ef:a8:73:69:2e:64:aa:a2:1e:27:59:96:50:17:
3d:48:86:70:18:ae:c3:3a:37:69:27:ca:33:a0:51:b5:05:95:
77:fa:74:8e
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICVG0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQyOTU1WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxZDM0Mi05YzdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAue8dsJaF6cesMvyO9XPMGJIVswInZGomLDNmcv0f8x2hXigwcdyc8dBm/Tc1
VUmVdQTjh97xGCHJb9YokboW8oLIHqljMY31sdYTT4fpueHuWigxXsAMQbzd9Nvi
NbKHTgoWSaUz+npP+4CzhsNz0fD4aCAK0xzwy9cM3ZgW3W5MkFlKR27HfV7hHdE9
mEPqKOt1vfjF68MQmr7rry45N4xi5r7CvuI6QuJlTwwC7rKN8LREGMO7GyH25rQJ
K6lc8D6tNVrT57+0OJHEZEtZZXKtIKAqhGTr3ad6XP03RFHTvToxjYPcXezwKFpr
XHwVfbbwWMZ5C7/K+5HR54HyYQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFE8binB+
wLTbuPepLh+hTxFV5Sj6MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMzAwRDE3NkE5
NjAzMTFFQzlGMzc2MTczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAFntEQDBAFnuG4DBAFnuIQwDQYJKoZIhvcNAQELBQADggEB
AJJHreox5kB1M2uiSMV4TPGG61YrKebzr1ZFhfiI4UEmtS5f4bJwmKNROcnqnpND
VdtnUKEfQ4sLGplmzIhgYFWODjCdS9K8BNtapr/iHP8wF+HLCCXSL9lBHiprLjax
DTYk7Nony5LIedxLlivDRNs5K9KHgx1wnGwV8PJo9co99/3nuB9MQd9N9ZzrMgFI
4Ba+20GynvISSVR2p1n83sRgOKPk0Qlae2KKFiNWfTKMK/b+77KcY2AITbe8C/u4
mbZdbTKyJiqHdBKrQHpEK0J1G4xcZvtiPxKQB+rvqHNpLmSqoh4nWZZQFz1IhnAY
rsM6N2knyjOgUbUFlXf6dI4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:48 2023 by rpki-client on console-ams.rpki-client.org