Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3FF35F6A01B311ED84DA7964C4F9AE02.roa
File: 3FF35F6A01B311ED84DA7964C4F9AE02.roa (raw, json)
Hash identifier: X2JXNk3l3bsTvdUJvkyq1JoyuqpFXb+9ElwtMUX70Zs=
Subject key identifier: 4E:AF:45:4A:2F:B1:24:79:AA:A0:46:2F:42:B8:81:2E:09:B3:41:3C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5910
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3FF35F6A01B311ED84DA7964C4F9AE02.roa
Signing time: Tue 12 Jul 2022 07:21:30 +0000
ROA not before: Tue 12 Jul 2022 07:21:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 103.53.55.0/24 maxlen: 24
103.162.192.0/23 maxlen: 24
103.166.180.0/24 maxlen: 24
103.167.152.0/23 maxlen: 24
103.181.194.0/24 maxlen: 24
103.181.202.0/23 maxlen: 24
103.189.82.0/23 maxlen: 24
103.190.96.0/23 maxlen: 24
2001:df6:9580::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22800 (0x5910)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jul 12 07:21:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62cd20fa-9d8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a5:eb:98:fd:32:81:8b:1f:7c:4d:77:c3:2a:
2e:5e:ff:06:c2:62:da:25:3e:c0:21:dc:d3:a4:15:
62:b4:15:fd:dd:8f:dd:a8:2a:24:63:8c:1a:07:92:
17:8d:f7:65:5a:8e:51:d1:8a:4a:30:da:eb:9f:eb:
f7:d0:bf:18:15:7d:a7:23:f2:51:88:23:04:75:33:
df:9c:2e:89:c9:e3:62:26:39:cd:72:2e:bb:c3:b4:
f0:2e:32:68:ad:bf:92:d9:05:4b:8b:a2:3c:44:ad:
bf:67:25:80:16:00:9a:b0:4f:ac:c5:d4:6f:73:80:
32:eb:56:1d:c9:e8:13:73:8c:b0:5f:84:29:d5:57:
7c:d4:0c:bc:eb:c8:f6:ff:74:1b:c5:32:8b:e8:be:
5e:9a:43:3a:15:67:07:ea:bc:f5:f6:e9:1e:93:53:
48:29:9c:4a:85:0f:08:93:44:03:3c:bf:16:f1:22:
a0:e4:81:df:b1:06:68:38:a4:94:ac:0b:86:8d:44:
1e:ad:15:97:55:67:ee:58:0a:f0:c3:f3:3f:05:8d:
e6:25:e8:ad:1c:9c:aa:f3:44:5a:7a:7c:b9:19:7b:
f7:6c:ff:21:11:d8:52:21:b2:02:ab:96:fb:f8:f0:
50:e0:e5:66:30:ae:ec:cd:11:4c:83:a4:2a:3d:42:
0a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:AF:45:4A:2F:B1:24:79:AA:A0:46:2F:42:B8:81:2E:09:B3:41:3C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3FF35F6A01B311ED84DA7964C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.53.55.0/24
103.162.192.0/23
103.166.180.0/24
103.167.152.0/23
103.181.194.0/24
103.181.202.0/23
103.189.82.0/23
103.190.96.0/23
IPv6:
2001:df6:9580::/48
Signature Algorithm: sha256WithRSAEncryption
49:ff:39:14:e4:21:e7:ca:58:3e:ce:0c:e9:8d:e6:ad:7e:1b:
12:cf:cf:bd:f0:71:25:ff:a1:24:42:08:3f:dc:5d:96:71:ef:
10:a8:b8:73:32:2a:66:92:16:dc:29:c8:f7:b6:55:07:cf:58:
8a:0c:ad:9f:32:f4:7a:a8:73:b4:e5:e9:74:e0:6d:63:9e:e9:
d1:a0:34:90:58:d9:5b:e9:fd:ec:af:98:ad:08:67:02:47:dc:
f9:46:f7:f7:9e:67:a6:0f:5c:6b:60:7f:1e:48:54:98:ae:ed:
ae:70:82:fe:90:8f:0a:72:34:65:4e:9e:3f:d5:07:e4:23:ae:
26:fe:eb:75:8a:23:9b:ad:94:b9:27:ee:9b:9b:49:2f:fd:12:
80:a3:3c:80:5f:b4:ca:3f:49:1c:5a:c9:4a:62:f6:32:c5:8e:
b6:f9:42:4d:52:c3:38:39:34:ab:10:5c:24:05:8a:5a:39:75:
a6:fe:30:62:2b:92:ff:7a:ae:0e:e5:e1:18:ab:89:be:dd:4a:
db:c7:89:a9:0f:27:96:e7:54:d6:87:82:6b:47:cc:c5:6c:6e:
0f:9b:da:c6:07:41:d4:8f:19:de:7a:99:d3:04:49:81:0e:a2:
8c:84:af:36:69:07:6e:68:b3:0f:c0:c6:44:da:63:78:36:04:
25:35:af:d1
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgICWRAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNzEyMDcyMTMwWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmNkMjBmYS05ZDhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwaXrmP0ygYsffE13wyouXv8GwmLaJT7AIdzTpBVitBX93Y/dqCokY4waB5IX
jfdlWo5R0YpKMNrrn+v30L8YFX2nI/JRiCMEdTPfnC6JyeNiJjnNci67w7TwLjJo
rb+S2QVLi6I8RK2/ZyWAFgCasE+sxdRvc4Ay61YdyegTc4ywX4Qp1Vd81Ay868j2
/3QbxTKL6L5emkM6FWcH6rz19ukek1NIKZxKhQ8Ik0QDPL8W8SKg5IHfsQZoOKSU
rAuGjUQerRWXVWfuWArww/M/BY3mJeitHJyq80Raeny5GXv3bP8hEdhSIbICq5b7
+PBQ4OVmMK7szRFMg6QqPUIKfQIDAQABo4IC0DCCAswwHQYDVR0OBBYEFE6vRUov
sSR5qqBGL0K4gS4Js0E8MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvM0ZGMzVGNkEw
MUIzMTFFRDg0REE3OTY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWgYIKwYBBQUHAQcBAf8E
SzBJMDYEAgABMDADBABnNTcDBAFnosADBABnprQDBAFnp5gDBABntcIDBAFntcoD
BAFnvVIDBAFnvmAwDwQCAAIwCQMHACABDfaVgDANBgkqhkiG9w0BAQsFAAOCAQEA
Sf85FOQh58pYPs4M6Y3mrX4bEs/PvfBxJf+hJEIIP9xdlnHvEKi4czIqZpIW3CnI
97ZVB89YigytnzL0eqhztOXpdOBtY57p0aA0kFjZW+n97K+YrQhnAkfc+Ub3955n
pg9ca2B/HkhUmK7trnCC/pCPCnI0ZU6eP9UH5COuJv7rdYojm62UuSfum5tJL/0S
gKM8gF+0yj9JHFrJSmL2MsWOtvlCTVLDODk0qxBcJAWKWjl1pv4wYiuS/3quDuXh
GKuJvt1K28eJqQ8nludU1oeCa0fMxWxuD5vaxgdB1I8Z3nqZ0wRJgQ6ijISvNmkH
bmizD8DGRNpjeDYEJTWv0Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:52 2023 by rpki-client on console-fra.rpki-client.org