Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6DF5402EE42911ECB166E076C4F9AE02.roa
File: 6DF5402EE42911ECB166E076C4F9AE02.roa (raw, json)
Hash identifier: lTwJ6uOOq156st1vmzCiL/lHVBTs7cYx/2wi5Hpg438=
Subject key identifier: 34:75:B3:25:C0:29:60:BB:15:50:01:CE:7B:D6:63:95:C4:7D:0B:F3
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 56D7
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6DF5402EE42911ECB166E076C4F9AE02.roa
Signing time: Tue 07 Jun 2022 06:51:47 +0000
ROA not before: Tue 07 Jun 2022 06:51:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 103.18.158.0/24 maxlen: 24
103.18.159.0/24 maxlen: 24
103.110.248.0/22 maxlen: 24
103.114.64.0/23 maxlen: 24
103.114.66.0/24 maxlen: 24
103.162.192.0/23 maxlen: 24
103.163.14.0/23 maxlen: 24
103.165.72.0/23 maxlen: 24
103.165.76.0/23 maxlen: 24
103.165.88.0/23 maxlen: 24
103.166.180.0/24 maxlen: 24
103.167.152.0/23 maxlen: 24
103.167.238.0/23 maxlen: 24
103.170.38.0/23 maxlen: 24
103.180.176.0/23 maxlen: 24
103.181.4.0/23 maxlen: 24
103.181.84.0/23 maxlen: 24
103.181.86.0/23 maxlen: 24
103.181.194.0/24 maxlen: 24
103.194.117.0/24 maxlen: 24
103.217.82.0/24 maxlen: 24
103.217.83.0/24 maxlen: 24
103.225.180.0/23 maxlen: 24
103.225.182.0/24 maxlen: 24
103.225.183.0/24 maxlen: 24
103.229.210.0/24 maxlen: 24
103.229.211.0/24 maxlen: 24
103.241.135.0/24 maxlen: 24
2001:df6:9580::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22231 (0x56d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jun 7 06:51:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=629ef582-b6b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:68:9c:11:0d:f6:97:50:74:84:f9:d7:ba:84:
fa:6f:d6:a9:cf:bf:ae:b9:e6:28:03:f0:4e:e0:9d:
f0:dc:ca:df:f3:15:d1:d6:21:a5:0c:ba:61:dc:ed:
90:4d:79:b5:b8:5a:53:d1:e3:88:6f:39:6c:44:e8:
b9:9e:17:7f:ab:7f:b4:25:8f:e0:92:25:84:30:52:
6a:3c:b1:e6:d5:c6:ec:42:aa:5a:21:87:c7:54:25:
b8:68:8e:4e:58:ce:c0:54:3c:69:11:6a:54:74:6f:
34:e5:81:1f:5d:a0:b4:74:05:62:0d:74:dd:66:8e:
60:f5:9d:c6:14:2f:54:9a:74:d1:35:02:f3:43:5f:
92:31:15:a8:08:12:6e:b7:37:04:a6:30:7b:d9:38:
65:d6:e5:0b:51:38:61:14:4b:c4:de:46:77:76:89:
d3:18:c8:7f:cb:8e:ff:74:d4:27:0d:b6:5a:8d:ce:
08:42:19:e5:7c:f1:9a:3a:4a:74:5b:6a:8d:c8:96:
15:33:ab:cd:0c:56:4d:4a:3e:c6:87:d7:4f:97:80:
16:eb:af:c1:70:b3:76:9d:0e:23:c5:45:82:ca:9b:
6d:cd:26:5a:48:f5:1d:8b:41:a1:df:d7:8b:34:52:
3e:5e:ae:c6:61:34:3f:da:ee:5f:2b:b8:9a:ad:c5:
0c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:75:B3:25:C0:29:60:BB:15:50:01:CE:7B:D6:63:95:C4:7D:0B:F3
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6DF5402EE42911ECB166E076C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.18.158.0/23
103.110.248.0/22
103.114.64.0-103.114.66.255
103.162.192.0/23
103.163.14.0/23
103.165.72.0/23
103.165.76.0/23
103.165.88.0/23
103.166.180.0/24
103.167.152.0/23
103.167.238.0/23
103.170.38.0/23
103.180.176.0/23
103.181.4.0/23
103.181.84.0/22
103.181.194.0/24
103.194.117.0/24
103.217.82.0/23
103.225.180.0/22
103.229.210.0/23
103.241.135.0/24
IPv6:
2001:df6:9580::/48
Signature Algorithm: sha256WithRSAEncryption
48:61:96:e1:d1:98:1d:6a:af:e2:38:06:25:96:39:22:5d:1d:
75:9b:2e:91:9e:06:4b:97:21:32:6c:59:78:35:90:8e:6a:f2:
cc:ca:3a:39:a3:d7:47:b0:53:fc:dc:64:75:85:be:75:fb:80:
81:1d:4c:b1:62:d5:8b:eb:cb:88:e8:c6:b3:5f:c2:e1:10:89:
60:bb:6e:72:be:44:40:d5:7d:10:5a:2b:08:e1:12:b4:a6:de:
18:27:2d:8c:87:1c:5b:30:fa:0e:93:26:07:a9:c9:c2:e8:9a:
55:2f:67:02:00:86:43:15:d1:38:a3:e1:43:b6:ad:c8:1d:f0:
68:c4:be:b2:af:21:cd:0b:eb:05:2b:d7:04:37:29:93:80:7d:
ea:84:f5:63:9e:2c:05:1d:ad:a2:76:84:2c:07:ec:33:9e:f8:
00:88:12:0d:41:9c:df:f1:f6:b1:41:a3:b7:84:23:ba:78:02:
93:44:88:b0:5c:58:c6:36:4e:60:42:e0:04:ac:b1:61:95:49:
12:34:55:db:a6:0f:d6:e1:3a:93:a0:db:50:3f:c9:a3:bc:e5:
0d:97:95:22:c2:c8:ed:24:78:b3:01:05:50:d8:ac:9f:50:47:
26:52:4e:c4:87:4d:dc:ae:01:f4:10:74:55:ba:48:12:fb:11:
ca:83:09:9e
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgICVtcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNjA3MDY1MTQ3WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjllZjU4Mi1iNmI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA92icEQ32l1B0hPnXuoT6b9apz7+uueYoA/BO4J3w3Mrf8xXR1iGlDLph3O2Q
TXm1uFpT0eOIbzlsROi5nhd/q3+0JY/gkiWEMFJqPLHm1cbsQqpaIYfHVCW4aI5O
WM7AVDxpEWpUdG805YEfXaC0dAViDXTdZo5g9Z3GFC9UmnTRNQLzQ1+SMRWoCBJu
tzcEpjB72Thl1uULUThhFEvE3kZ3donTGMh/y47/dNQnDbZajc4IQhnlfPGaOkp0
W2qNyJYVM6vNDFZNSj7Gh9dPl4AW66/BcLN2nQ4jxUWCypttzSZaSPUdi0Gh39eL
NFI+Xq7GYTQ/2u5fK7iarcUM/QIDAQABo4IDKzCCAycwHQYDVR0OBBYEFDR1syXA
KWC7FVABznvWY5XEfQvzMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNkRGNTQwMkVF
NDI5MTFFQ0IxNjZFMDc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbQGCCsGAQUFBwEHAQH/
BIGkMIGhMIGNBAIAATCBhgMEAWcSngMEAmdu+DAMAwQGZ3JAAwQAZ3JCAwQBZ6LA
AwQBZ6MOAwQBZ6VIAwQBZ6VMAwQBZ6VYAwQAZ6a0AwQBZ6eYAwQBZ6fuAwQBZ6om
AwQBZ7SwAwQBZ7UEAwQCZ7VUAwQAZ7XCAwQAZ8J1AwQBZ9lSAwQCZ+G0AwQBZ+XS
AwQAZ/GHMA8EAgACMAkDBwAgAQ32lYAwDQYJKoZIhvcNAQELBQADggEBAEhhluHR
mB1qr+I4BiWWOSJdHXWbLpGeBkuXITJsWXg1kI5q8szKOjmj10ewU/zcZHWFvnX7
gIEdTLFi1Yvry4joxrNfwuEQiWC7bnK+REDVfRBaKwjhErSm3hgnLYyHHFsw+g6T
JgepycLomlUvZwIAhkMV0Tij4UO2rcgd8GjEvrKvIc0L6wUr1wQ3KZOAfeqE9WOe
LAUdraJ2hCwH7DOe+ACIEg1BnN/x9rFBo7eEI7p4ApNEiLBcWMY2TmBC4ASssWGV
SRI0VdumD9bhOpOg21A/yaO85Q2XlSLCyO0keLMBBVDYrJ9QRyZSTsSHTdyuAfQQ
dFW6SBL7EcqDCZ4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:56 2023 by rpki-client on console-fra.rpki-client.org