Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4674FDBC120411EB9DC15B15C4F9AE02.roa
File: 4674FDBC120411EB9DC15B15C4F9AE02.roa (raw, json)
Hash identifier: lmkzP4+khkTnI24WtXWJLXa77Wgl9ZldXdRIZmljXWE=
Subject key identifier: 83:31:22:31:25:DD:0F:C5:AF:88:04:C8:2F:AC:D0:84:1B:A0:BA:4A
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4F96
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4674FDBC120411EB9DC15B15C4F9AE02.roa
Signing time: Mon 16 May 2022 04:06:49 +0000
ROA not before: Mon 16 May 2022 04:06:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134041
IP address blocks: 45.118.8.0/24 maxlen: 24
45.118.10.0/24 maxlen: 24
45.118.11.0/24 maxlen: 24
103.58.40.0/24 maxlen: 24
103.58.41.0/24 maxlen: 24
103.58.43.0/24 maxlen: 24
103.61.195.0/24 maxlen: 24
103.79.156.0/23 maxlen: 24
103.159.182.0/23 maxlen: 24
103.162.178.0/24 maxlen: 24
103.193.252.0/22 maxlen: 24
103.216.200.0/24 maxlen: 24
2402:ccc0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20374 (0x4f96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:06:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281cdd9-f01c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:32:e4:8c:17:e0:86:d6:e3:f5:0f:29:b7:8f:
92:8e:82:00:35:1a:6a:83:bd:9a:b7:46:26:a2:51:
d1:99:91:9c:95:67:5e:d7:49:73:26:59:c3:1e:a7:
fe:df:c7:8e:ae:ea:ae:54:14:04:7b:a7:21:19:4b:
b2:d6:b8:c3:66:bf:a2:c6:07:c8:aa:0a:20:54:f7:
9b:a9:63:e2:9e:c0:d7:3f:e3:1f:bf:d3:06:36:4c:
92:dd:e4:5f:62:62:0a:68:af:e5:5a:f4:99:a6:73:
5d:5b:8d:9d:5d:c8:aa:ea:bf:5b:16:78:6b:7c:41:
e2:dc:1e:1d:b8:07:5d:c0:bf:7a:e0:2d:13:66:6c:
5a:97:a4:75:06:f3:54:a2:7a:65:f4:bf:75:cf:1e:
71:8f:9a:de:39:86:24:cd:18:c4:29:e6:f3:9f:2e:
a2:4e:86:8f:0c:2e:d0:e0:cc:61:2a:d8:45:4b:3a:
68:aa:8b:a4:73:4b:67:03:14:cb:46:14:ff:8d:3c:
34:5d:d2:3f:bf:c8:c8:7a:77:a3:1c:59:bc:19:08:
4c:03:c5:aa:3d:86:ea:15:db:87:b8:2a:9a:d8:80:
83:e5:ae:92:15:dc:c3:1f:5e:92:47:6b:81:f5:71:
23:7a:06:e8:62:8a:01:a0:c8:76:fa:22:0b:c5:9e:
ab:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:31:22:31:25:DD:0F:C5:AF:88:04:C8:2F:AC:D0:84:1B:A0:BA:4A
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4674FDBC120411EB9DC15B15C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.118.8.0/24
45.118.10.0/23
103.58.40.0/23
103.58.43.0/24
103.61.195.0/24
103.79.156.0/23
103.159.182.0/23
103.162.178.0/24
103.193.252.0/22
103.216.200.0/24
IPv6:
2402:ccc0::/32
Signature Algorithm: sha256WithRSAEncryption
1c:c8:97:51:25:91:fa:62:26:60:48:40:23:1f:10:e6:81:f1:
fa:9b:fb:90:95:e3:0c:70:eb:84:61:b6:2e:b4:51:c0:6b:1f:
eb:58:70:49:a2:2d:89:93:6a:77:b8:5a:2c:11:56:a9:b8:11:
77:49:34:0b:92:86:dc:49:bb:fc:eb:70:9d:4b:75:1a:3a:c4:
89:b5:76:96:69:26:47:be:0a:2d:26:42:58:19:bc:4c:53:a2:
8c:82:fb:ab:cc:44:73:c1:ef:bd:1b:79:84:d6:ec:f8:1b:5d:
50:d5:86:17:6e:b2:22:91:f0:40:57:53:0b:04:93:33:13:81:
8f:43:5c:06:3e:48:84:75:0a:54:56:b8:6a:f5:92:3d:94:cb:
e2:94:24:8e:47:20:3e:74:bb:a6:20:7e:8f:16:da:a3:23:e7:
78:25:0b:54:16:44:89:63:64:58:ee:9c:45:04:18:f2:1c:e5:
3c:69:73:4b:36:d7:e2:17:6d:8c:47:9f:46:01:26:8d:ac:76:
08:5a:49:3a:bc:ff:66:bd:ed:a7:2a:ef:02:7b:87:2c:40:2f:
37:7c:45:6c:69:0b:66:6d:38:06:22:37:5f:ab:39:0a:25:3d:
d6:be:c4:42:1a:48:ee:b5:08:c5:47:b6:b4:32:2e:6d:5c:ae:
c9:c5:b8:69
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICT5YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQwNjQ5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxY2RkOS1mMDFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArTLkjBfghtbj9Q8pt4+SjoIANRpqg72at0YmolHRmZGclWde10lzJlnDHqf+
38eOruquVBQEe6chGUuy1rjDZr+ixgfIqgogVPebqWPinsDXP+Mfv9MGNkyS3eRf
YmIKaK/lWvSZpnNdW42dXciq6r9bFnhrfEHi3B4duAddwL964C0TZmxal6R1BvNU
onpl9L91zx5xj5reOYYkzRjEKebzny6iToaPDC7Q4MxhKthFSzpoqoukc0tnAxTL
RhT/jTw0XdI/v8jIenejHFm8GQhMA8WqPYbqFduHuCqa2ICD5a6SFdzDH16SR2uB
9XEjegboYooBoMh2+iILxZ6rtwIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFIMxIjEl
3Q/Fr4gEyC+s0IQboLpKMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNDY3NEZEQkMx
MjA0MTFFQjlEQzE1QjE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMEIEAgABMDwDBAAtdggDBAEtdgoDBAFnOigDBABnOisDBABnPcMDBAFnT5wD
BAFnn7YDBABnorIDBAJnwfwDBABn2MgwDQQCAAIwBwMFACQCzMAwDQYJKoZIhvcN
AQELBQADggEBABzIl1ElkfpiJmBIQCMfEOaB8fqb+5CV4wxw64Rhti60UcBrH+tY
cEmiLYmTane4WiwRVqm4EXdJNAuShtxJu/zrcJ1LdRo6xIm1dpZpJke+Ci0mQlgZ
vExTooyC+6vMRHPB770beYTW7PgbXVDVhhdusiKR8EBXUwsEkzMTgY9DXAY+SIR1
ClRWuGr1kj2Uy+KUJI5HID50u6Ygfo8W2qMj53glC1QWRIljZFjunEUEGPIc5Txp
c0s21+IXbYxHn0YBJo2sdghaSTq8/2a97acq7wJ7hyxALzd8RWxpC2ZtOAYiN1+r
OQolPda+xEIaSO61CMVHtrQyLm1crsnFuGk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:51 2023 by rpki-client on console-ams.rpki-client.org