Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3C26BEB4408311ECB4B97F0EC4F9AE02.roa
File: 3C26BEB4408311ECB4B97F0EC4F9AE02.roa (raw, json)
Hash identifier: kSOzRGwGmvf5TrYp+mJBYwGAH8NIiHt1rsTj4E3ZFdY=
Subject key identifier: 8A:CF:07:61:17:55:27:9C:FD:C4:1D:8F:C2:6D:B5:17:3B:46:B4:EA
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6758
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3C26BEB4408311ECB4B97F0EC4F9AE02.roa
Signing time: Mon 27 Mar 2023 13:21:45 +0000
ROA not before: Mon 27 Mar 2023 13:21:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 132752
IP address blocks: 103.77.20.0/24 maxlen: 24
103.77.21.0/24 maxlen: 24
103.77.22.0/24 maxlen: 24
103.77.23.0/24 maxlen: 24
103.163.14.0/23 maxlen: 24
103.165.72.0/24 maxlen: 24
103.165.73.0/24 maxlen: 24
103.165.88.0/23 maxlen: 24
103.170.38.0/24 maxlen: 24
103.170.39.0/24 maxlen: 24
2400:3ce0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26456 (0x6758)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 27 13:21:45 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=64219869-c1cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:fe:5c:fb:dc:8e:1f:ee:a0:c2:fe:83:a5:5b:
04:f6:c7:d9:94:f0:56:c2:09:45:f9:d4:39:1f:84:
51:b9:d1:7f:a1:e2:2e:05:23:3a:e8:84:ae:1b:be:
b4:d8:f2:de:5f:3f:b3:02:3a:bf:f7:c3:6c:e3:ba:
89:ae:aa:e9:e8:ec:ae:fe:54:ec:01:ea:4f:2e:d1:
06:b1:8b:01:a6:63:bb:c3:00:91:ab:21:87:70:78:
74:67:e3:f0:82:8a:86:eb:7e:e0:37:95:d0:0f:df:
14:59:dc:3c:ce:ba:9d:1d:b9:cc:3d:9f:02:f4:d7:
e5:b2:51:a1:f8:be:78:55:45:0c:b0:63:9c:b1:2f:
5c:a4:2e:ce:9b:2d:d4:dc:f2:30:c9:21:24:0b:80:
b5:1e:a9:6d:49:8c:69:ca:35:ea:54:c2:f6:40:74:
52:22:24:90:a6:bb:ce:86:d4:e9:66:50:74:b2:a5:
8c:15:ae:8a:b5:75:3f:c3:55:8f:a7:93:b3:d6:a1:
81:9d:8c:a6:b9:59:e7:7c:f4:14:1e:2b:db:ae:e1:
bf:73:e9:85:f0:2a:6d:a0:90:2a:77:2f:51:eb:23:
84:9a:88:85:b1:50:fe:8c:4f:4d:e2:06:13:2c:30:
11:16:4f:f8:7b:a3:15:a8:02:01:7e:6d:31:48:3a:
72:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:CF:07:61:17:55:27:9C:FD:C4:1D:8F:C2:6D:B5:17:3B:46:B4:EA
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3C26BEB4408311ECB4B97F0EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.77.20.0/22
103.163.14.0/23
103.165.72.0/23
103.165.88.0/23
103.170.38.0/23
IPv6:
2400:3ce0::/32
Signature Algorithm: sha256WithRSAEncryption
30:94:8d:f4:4c:e0:65:92:1e:21:d7:65:8c:cd:0a:0b:30:e7:
11:ad:01:eb:10:8c:03:61:ee:ef:9f:9d:fd:39:65:6e:4d:7a:
c9:e6:3e:2a:4a:9e:6f:c9:df:2b:f8:d6:42:1e:2f:9e:df:63:
3c:96:71:34:0c:f3:58:61:47:d2:be:09:54:bb:6f:51:50:ae:
74:45:a5:54:69:66:00:72:2e:f0:82:7b:bf:e8:4c:46:a7:25:
3f:91:d5:b0:73:dc:a9:39:23:a9:06:a4:83:e8:20:08:f7:b9:
c4:bb:91:dc:74:4a:f6:6e:66:70:51:97:e1:d1:bb:69:c9:6d:
df:72:63:b5:7e:2d:31:c7:d4:97:df:fe:c1:66:18:55:33:22:
93:4b:aa:58:fc:55:9a:b1:b4:9f:5a:48:e6:08:04:76:f9:38:
d6:9a:9b:18:cf:34:8c:13:34:3e:8e:17:c7:49:40:a0:fe:2f:
cd:64:f2:ff:8c:6e:57:35:36:b5:c6:d6:26:de:78:28:5e:2e:
e1:de:c2:53:27:86:20:3f:32:55:da:27:5b:f8:e6:ce:21:2e:
e6:49:0d:f8:8c:d8:09:1a:99:05:83:72:bb:ff:c4:f8:37:2a:
d9:2c:22:79:45:8b:71:0e:e0:43:80:97:07:5b:ad:bc:98:e5:
35:a5:c3:5c
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICZ1gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMzI3MTMyMTQ1WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDIxOTg2OS1jMWNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4/5c+9yOH+6gwv6DpVsE9sfZlPBWwglF+dQ5H4RRudF/oeIuBSM66ISuG760
2PLeXz+zAjq/98Ns47qJrqrp6Oyu/lTsAepPLtEGsYsBpmO7wwCRqyGHcHh0Z+Pw
goqG637gN5XQD98UWdw8zrqdHbnMPZ8C9NflslGh+L54VUUMsGOcsS9cpC7Omy3U
3PIwySEkC4C1HqltSYxpyjXqVML2QHRSIiSQprvOhtTpZlB0sqWMFa6KtXU/w1WP
p5Oz1qGBnYymuVnnfPQUHivbruG/c+mF8CptoJAqdy9R6yOEmoiFsVD+jE9N4gYT
LDARFk/4e6MVqAIBfm0xSDpynwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFIrPB2EX
VSec/cQdj8JttRc7RrTqMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvM0MyNkJFQjQ0
MDgzMTFFQ0I0Qjk3RjBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAJnTRQDBAFnow4DBAFnpUgDBAFnpVgDBAFnqiYwDQQCAAIw
BwMFACQAPOAwDQYJKoZIhvcNAQELBQADggEBADCUjfRM4GWSHiHXZYzNCgsw5xGt
AesQjANh7u+fnf05ZW5NesnmPipKnm/J3yv41kIeL57fYzyWcTQM81hhR9K+CVS7
b1FQrnRFpVRpZgByLvCCe7/oTEanJT+R1bBz3Kk5I6kGpIPoIAj3ucS7kdx0SvZu
ZnBRl+HRu2nJbd9yY7V+LTHH1Jff/sFmGFUzIpNLqlj8VZqxtJ9aSOYIBHb5ONaa
mxjPNIwTND6OF8dJQKD+L81k8v+Mblc1NrXG1ibeeCheLuHewlMnhiA/MlXaJ1v4
5s4hLuZJDfiM2AkamQWDcrv/xPg3KtksInlFi3EO4EOAlwdbrbyY5TWlw1w=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:52 2023 by rpki-client on console-fra.rpki-client.org