Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/45740C72C55011EC8DA02E31C4F9AE02.roa
File: 45740C72C55011EC8DA02E31C4F9AE02.roa (raw, json)
Hash identifier: BtnNJP6j32EnSUa4CYkCwX/gzsKl7/CVtRuqL9uqESw=
Subject key identifier: 8D:61:D4:F8:92:BB:D3:2C:F3:F6:5B:C0:22:1E:92:E1:13:A7:14:35
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4D9D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/45740C72C55011EC8DA02E31C4F9AE02.roa
Signing time: Thu 05 May 2022 07:21:33 +0000
ROA not before: Thu 05 May 2022 07:21:33 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 141875
IP address blocks: 45.125.252.0/22 maxlen: 22
45.125.252.0/24 maxlen: 24
45.125.253.0/24 maxlen: 24
45.125.254.0/24 maxlen: 24
45.125.255.0/24 maxlen: 24
103.162.192.0/23 maxlen: 24
103.165.72.0/23 maxlen: 24
103.165.76.0/23 maxlen: 24
103.165.88.0/23 maxlen: 24
103.169.242.0/23 maxlen: 24
103.217.82.0/24 maxlen: 24
103.217.83.0/24 maxlen: 24
103.241.132.0/24 maxlen: 24
103.241.133.0/24 maxlen: 24
103.241.134.0/24 maxlen: 24
103.241.135.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19869 (0x4d9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 5 07:21:33 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=62737afd-5863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:31:e0:c3:37:a2:21:69:35:84:0b:1a:30:b9:
c0:5c:32:5c:50:e4:21:e1:f0:d2:1f:e1:ad:ef:3f:
34:ee:e3:56:f6:91:ae:4c:af:aa:7f:89:1b:6e:58:
1d:b9:2d:58:49:af:71:d0:43:30:76:d0:1c:7d:74:
0c:4c:57:c0:a6:98:73:02:de:94:92:8c:8d:80:6b:
66:9c:de:16:36:53:a6:79:d2:e7:a7:38:2c:53:0e:
8d:86:85:e5:2b:b4:fb:24:52:fe:34:09:41:ba:c2:
d7:73:71:a9:ed:45:75:be:00:5a:e2:05:08:52:96:
ef:a0:70:bd:d2:af:fb:06:0b:69:43:58:cb:c6:0b:
7b:43:b3:ef:1f:6a:08:44:e4:1d:92:63:0c:ad:a8:
de:d3:62:8f:d5:a1:db:3b:87:86:e4:bd:c3:c6:a5:
89:80:4b:f6:ba:2b:20:02:2d:19:8c:17:03:de:61:
44:a1:ea:c4:9c:a9:b7:fa:da:62:86:26:de:ac:9c:
0d:2b:a5:9b:4b:5f:07:13:bb:76:44:f0:d2:8e:a5:
6e:66:ce:25:c3:75:8b:4a:06:fb:46:19:4f:f4:8f:
00:8b:3a:6e:e9:37:29:7d:47:c0:53:51:2b:92:9b:
9c:8a:83:39:9e:82:ac:05:63:29:a5:d0:de:75:e2:
92:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:61:D4:F8:92:BB:D3:2C:F3:F6:5B:C0:22:1E:92:E1:13:A7:14:35
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/45740C72C55011EC8DA02E31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.125.252.0/22
103.162.192.0/23
103.165.72.0/23
103.165.76.0/23
103.165.88.0/23
103.169.242.0/23
103.217.82.0/23
103.241.132.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:fe:ce:b9:3c:bb:25:be:29:ca:d8:87:48:fd:61:f1:c9:b9:
db:30:cd:63:f4:68:15:21:0e:9f:72:92:15:cd:45:19:cc:bf:
78:68:12:3c:4a:b7:e6:4e:45:e2:48:4b:5e:99:3f:73:e3:ec:
de:8c:ba:44:4c:db:b4:ec:d1:59:05:a9:2d:bc:fe:b4:6e:bc:
8b:c4:93:0c:dc:a5:07:c7:69:a7:35:28:2c:c9:cc:dd:a5:64:
65:ae:e8:df:4a:3e:73:66:9b:fb:0e:24:d3:9d:ae:9c:f3:22:
67:49:4c:8b:95:8a:f9:b2:77:95:e9:f0:c0:a7:ee:bb:54:14:
15:a7:7f:41:23:a6:07:59:4d:d5:e9:63:80:dc:95:18:08:b0:
a2:85:2c:22:4e:63:bd:cd:7e:e2:d0:06:7d:ec:9b:65:8b:04:
2b:7f:6f:bf:91:f7:e1:be:76:6f:20:96:38:c8:0b:1b:74:6f:
17:ee:47:94:e8:8e:b5:cd:38:e6:59:be:eb:7d:be:5b:82:03:
05:e4:90:15:a3:50:00:66:72:89:3d:da:65:a1:d7:ec:1f:5c:
8e:3e:08:b0:7e:2c:51:b6:ae:fe:0d:9d:3d:41:3f:d8:2b:e1:
cc:3b:6b:fb:dd:d9:ec:c1:70:27:b9:a0:a5:60:b3:ef:86:2d:
2b:96:e6:51
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICTZ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTA1MDcyMTMzWhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjczN2FmZC01ODYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2zHgwzeiIWk1hAsaMLnAXDJcUOQh4fDSH+Gt7z807uNW9pGuTK+qf4kbblgd
uS1YSa9x0EMwdtAcfXQMTFfApphzAt6UkoyNgGtmnN4WNlOmedLnpzgsUw6NhoXl
K7T7JFL+NAlBusLXc3Gp7UV1vgBa4gUIUpbvoHC90q/7BgtpQ1jLxgt7Q7PvH2oI
ROQdkmMMraje02KP1aHbO4eG5L3DxqWJgEv2uisgAi0ZjBcD3mFEoerEnKm3+tpi
hiberJwNK6WbS18HE7t2RPDSjqVuZs4lw3WLSgb7RhlP9I8Aizpu6TcpfUfAU1Er
kpucioM5noKsBWMppdDedeKSyQIDAQABo4ICvzCCArswHQYDVR0OBBYEFI1h1PiS
u9Ms8/ZbwCIekuETpxQ1MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNDU3NDBDNzJD
NTUwMTFFQzhEQTAyRTMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MDYEAgABMDADBAItffwDBAFnosADBAFnpUgDBAFnpUwDBAFnpVgDBAFnqfID
BAFn2VIDBAJn8YQwDQYJKoZIhvcNAQELBQADggEBALP+zrk8uyW+KcrYh0j9YfHJ
udswzWP0aBUhDp9ykhXNRRnMv3hoEjxKt+ZOReJIS16ZP3Pj7N6MukRM27Ts0VkF
qS28/rRuvIvEkwzcpQfHaac1KCzJzN2lZGWu6N9KPnNmm/sOJNOdrpzzImdJTIuV
ivmyd5Xp8MCn7rtUFBWnf0EjpgdZTdXpY4DclRgIsKKFLCJOY73NfuLQBn3sm2WL
BCt/b7+R9+G+dm8gljjICxt0bxfuR5TojrXNOOZZvut9vluCAwXkkBWjUABmcok9
2mWh1+wfXI4+CLB+LFG2rv4NnT1BP9gr4cw7a/vd2ezBcCe5oKVgs++GLSuW5lE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:51 2023 by rpki-client on console-ams.rpki-client.org