Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/504A079EFB8011EC9CB08954C4F9AE02.roa
File: 504A079EFB8011EC9CB08954C4F9AE02.roa (raw, json)
Hash identifier: /9qR6ucTd/33IlMVdzPb0/RwqDN3q+jaqJsEqvrwO9A=
Subject key identifier: 40:35:E0:8E:4C:0B:1D:FC:62:5D:E8:30:7D:DE:91:44:45:D2:B3:03
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5A23
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/504A079EFB8011EC9CB08954C4F9AE02.roa
Signing time: Tue 26 Jul 2022 08:01:37 +0000
ROA not before: Tue 26 Jul 2022 08:01:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134041
IP address blocks: 45.118.8.0/24 maxlen: 24
45.118.10.0/24 maxlen: 24
45.118.11.0/24 maxlen: 24
103.58.40.0/24 maxlen: 24
103.58.41.0/24 maxlen: 24
103.58.43.0/24 maxlen: 24
103.61.195.0/24 maxlen: 24
103.159.182.0/23 maxlen: 24
103.162.178.0/24 maxlen: 24
103.178.193.0/24 maxlen: 24
103.193.252.0/22 maxlen: 24
103.216.200.0/24 maxlen: 24
2402:ccc0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23075 (0x5a23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jul 26 08:01:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62df9f60-3ec4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ec:68:ea:b7:06:b2:65:05:c7:b8:c7:03:ac:
23:f8:dd:b7:89:72:59:ae:c1:21:9f:e2:46:f4:f1:
c7:79:24:a1:19:a8:dc:c0:21:04:c4:5b:58:b6:15:
f8:22:1e:26:ba:88:96:03:7c:24:e1:0b:48:a8:be:
77:a7:81:28:84:46:e5:48:59:27:85:9b:88:91:c8:
d5:6e:4f:ea:98:a5:2c:96:6c:ed:bb:51:11:16:d9:
4b:91:df:cf:12:ea:be:0d:85:ba:64:11:03:2e:30:
ab:07:5d:d3:61:0a:b8:85:46:21:6d:dd:08:e8:af:
a3:8e:17:77:7d:79:da:f1:9d:d4:06:19:dc:6a:a5:
dc:0b:4c:84:23:3f:7f:d8:44:fa:85:c7:70:35:92:
3a:5c:78:dd:f1:be:c2:89:83:4c:a7:10:63:ee:1b:
83:c2:dd:14:c3:05:7a:2b:fc:46:72:c2:b0:ac:61:
ac:09:73:b0:6e:09:73:35:c4:f6:4b:3c:3b:86:2d:
e8:23:6b:91:02:9a:72:fc:1b:74:56:09:13:8b:64:
07:4a:59:a0:66:66:a2:df:1a:1e:55:ca:60:4e:fc:
ab:8e:a8:54:dc:5a:8f:b6:f7:c1:24:a0:38:1e:d3:
06:0a:89:5d:70:56:b5:c5:95:77:36:1d:05:32:8c:
70:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:35:E0:8E:4C:0B:1D:FC:62:5D:E8:30:7D:DE:91:44:45:D2:B3:03
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/504A079EFB8011EC9CB08954C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.118.8.0/24
45.118.10.0/23
103.58.40.0/23
103.58.43.0/24
103.61.195.0/24
103.159.182.0/23
103.162.178.0/24
103.178.193.0/24
103.193.252.0/22
103.216.200.0/24
IPv6:
2402:ccc0::/32
Signature Algorithm: sha256WithRSAEncryption
7f:5a:44:a7:e9:33:28:7c:e3:fc:98:e8:67:ba:6c:f1:ca:d6:
19:94:94:39:dc:14:0f:ee:9e:4a:e5:41:10:1f:51:d0:c1:70:
92:ea:c4:0f:51:70:56:ea:a5:25:26:40:a8:c2:b8:2c:0b:4b:
6f:c6:cd:44:68:77:85:77:5d:b3:d3:a6:a7:51:24:7a:b9:d6:
29:87:84:34:1e:9f:3a:e2:d5:4f:e1:6c:99:17:e2:73:d2:75:
71:be:b1:ae:2f:23:2f:ff:69:38:e0:b0:39:8e:bf:97:4d:88:
dc:d8:77:79:c7:5d:92:8a:d1:06:2b:d4:da:56:28:12:74:f4:
be:a3:52:86:c3:cc:fb:5f:71:8d:42:e4:05:9c:86:c3:c5:ea:
51:51:a9:1e:f0:50:3d:5e:0f:6c:c6:fa:84:42:32:4e:68:a3:
af:dc:f2:be:16:3e:a3:ef:c5:52:d6:55:fa:3e:50:8b:4d:ed:
b1:d9:d9:62:4d:77:fa:e9:d8:fd:a8:69:cf:0a:4a:b3:13:42:
94:0c:35:38:b6:b2:19:37:e9:61:33:68:6c:7b:06:37:fc:6a:
d0:ae:74:32:6b:83:3a:34:3e:b1:79:39:7f:b8:77:df:08:57:
c8:5b:7f:cb:21:e4:7e:3d:f1:af:a7:2d:b8:36:44:52:d0:a1:
9e:d7:a5:04
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICWiMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNzI2MDgwMTM3WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmRmOWY2MC0zZWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuexo6rcGsmUFx7jHA6wj+N23iXJZrsEhn+JG9PHHeSShGajcwCEExFtYthX4
Ih4muoiWA3wk4QtIqL53p4EohEblSFknhZuIkcjVbk/qmKUslmztu1ERFtlLkd/P
Euq+DYW6ZBEDLjCrB13TYQq4hUYhbd0I6K+jjhd3fXna8Z3UBhncaqXcC0yEIz9/
2ET6hcdwNZI6XHjd8b7CiYNMpxBj7huDwt0UwwV6K/xGcsKwrGGsCXOwbglzNcT2
Szw7hi3oI2uRAppy/Bt0VgkTi2QHSlmgZmai3xoeVcpgTvyrjqhU3FqPtvfBJKA4
HtMGColdcFa1xZV3Nh0FMoxwKQIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFEA14I5M
Cx38Yl3oMH3ekURF0rMDMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNTA0QTA3OUVG
QjgwMTFFQzlDQjA4OTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMEIEAgABMDwDBAAtdggDBAEtdgoDBAFnOigDBABnOisDBABnPcMDBAFnn7YD
BABnorIDBABnssEDBAJnwfwDBABn2MgwDQQCAAIwBwMFACQCzMAwDQYJKoZIhvcN
AQELBQADggEBAH9aRKfpMyh84/yY6Ge6bPHK1hmUlDncFA/unkrlQRAfUdDBcJLq
xA9RcFbqpSUmQKjCuCwLS2/GzURod4V3XbPTpqdRJHq51imHhDQenzri1U/hbJkX
4nPSdXG+sa4vIy//aTjgsDmOv5dNiNzYd3nHXZKK0QYr1NpWKBJ09L6jUobDzPtf
cY1C5AWchsPF6lFRqR7wUD1eD2zG+oRCMk5oo6/c8r4WPqPvxVLWVfo+UItN7bHZ
2WJNd/rp2P2oac8KSrMTQpQMNTi2shk36WEzaGx7Bjf8atCudDJrgzo0PrF5OX+4
d98IV8hbf8sh5H498a+nLbg2RFLQoZ7XpQQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:52 2023 by rpki-client on console-ams.rpki-client.org