Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B3A42296D53511EC9A928417C4F9AE02.roa
File: B3A42296D53511EC9A928417C4F9AE02.roa (raw, json)
Hash identifier: 0QZ0ri3LatCCvYyDtKjBkYnS2obAeKllJitiLvrueJ8=
Subject key identifier: 17:FD:68:CF:90:14:15:44:4F:BC:96:F7:2A:65:F0:39:D3:57:85:49
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5682
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B3A42296D53511EC9A928417C4F9AE02.roa
Signing time: Thu 02 Jun 2022 08:41:53 +0000
ROA not before: Thu 02 Jun 2022 08:41:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 103.18.158.0/24 maxlen: 24
103.18.159.0/24 maxlen: 24
103.110.248.0/22 maxlen: 24
103.114.64.0/23 maxlen: 24
103.114.66.0/24 maxlen: 24
103.162.192.0/23 maxlen: 24
103.163.14.0/23 maxlen: 24
103.165.72.0/23 maxlen: 24
103.165.76.0/23 maxlen: 24
103.166.180.0/24 maxlen: 24
103.167.152.0/23 maxlen: 24
103.167.238.0/23 maxlen: 24
103.170.38.0/23 maxlen: 24
103.180.176.0/23 maxlen: 24
103.181.4.0/23 maxlen: 24
103.181.84.0/23 maxlen: 24
103.181.86.0/23 maxlen: 24
103.181.194.0/24 maxlen: 24
103.217.82.0/24 maxlen: 24
103.217.83.0/24 maxlen: 24
103.225.180.0/23 maxlen: 24
103.225.182.0/24 maxlen: 24
103.225.183.0/24 maxlen: 24
103.229.210.0/24 maxlen: 24
103.229.211.0/24 maxlen: 24
103.241.133.0/24 maxlen: 24
103.241.134.0/24 maxlen: 24
103.241.135.0/24 maxlen: 24
2001:df6:9580::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22146 (0x5682)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jun 2 08:41:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=629877d1-d134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:70:69:46:fa:4f:8c:a5:b6:1d:d5:18:a7:5e:
50:97:1e:ad:7f:3d:5f:e4:d8:cc:ca:18:12:8e:5b:
05:c2:e3:9e:c9:75:b6:9e:ec:d7:ba:ce:c8:4e:c6:
81:ac:db:93:ed:5f:74:89:43:1f:0a:d2:32:7c:b0:
f2:41:d4:a4:6f:15:92:6b:99:5b:8f:8e:f9:8d:7f:
0c:d2:ed:8c:24:97:51:ec:8d:ef:42:c6:78:79:d2:
23:78:ab:ab:bb:61:87:31:b8:a2:d7:3a:eb:7a:cf:
14:2b:76:01:6b:b9:f5:8a:71:36:e5:a2:1e:23:dc:
64:56:9c:21:10:f4:10:c7:8f:63:d0:b5:4d:18:7b:
ec:54:a2:15:ea:11:19:cd:c9:c1:99:e5:34:81:7d:
34:1e:84:d6:27:78:b3:db:14:b5:ed:be:ff:9e:78:
9c:8d:1c:a1:df:98:50:3b:55:11:f1:6e:38:bb:a4:
82:a0:9b:01:93:f3:94:c6:16:b0:1f:9b:9c:25:21:
35:8c:61:d7:77:41:dc:ef:3c:34:bc:c8:93:ee:21:
0c:2d:4e:3e:cf:64:7f:5c:47:e2:8c:1c:0a:14:7e:
cb:ba:6a:8d:12:55:23:13:8b:61:2d:26:7d:f2:61:
2b:68:eb:47:43:60:0d:37:ec:00:dd:bd:cd:d2:04:
78:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:FD:68:CF:90:14:15:44:4F:BC:96:F7:2A:65:F0:39:D3:57:85:49
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B3A42296D53511EC9A928417C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.18.158.0/23
103.110.248.0/22
103.114.64.0-103.114.66.255
103.162.192.0/23
103.163.14.0/23
103.165.72.0/23
103.165.76.0/23
103.166.180.0/24
103.167.152.0/23
103.167.238.0/23
103.170.38.0/23
103.180.176.0/23
103.181.4.0/23
103.181.84.0/22
103.181.194.0/24
103.217.82.0/23
103.225.180.0/22
103.229.210.0/23
103.241.133.0-103.241.135.255
IPv6:
2001:df6:9580::/48
Signature Algorithm: sha256WithRSAEncryption
aa:99:75:e1:12:75:50:e1:c4:54:b2:05:f6:78:d6:be:9c:46:
de:77:a9:90:71:2a:b6:88:b9:53:f0:f6:3d:0a:e9:72:12:47:
dc:03:f6:2a:7f:ee:15:b1:ef:a4:7c:39:77:59:c5:f7:5f:73:
53:50:e9:d2:12:c3:cf:4f:2c:f0:67:e7:8d:5b:d5:0e:05:b9:
85:eb:b9:85:b9:ed:25:10:21:a3:13:e3:97:f4:45:fc:12:be:
c0:5c:72:64:60:2c:c6:4d:d5:f5:21:9d:f5:da:1a:11:b4:4c:
16:58:8e:e9:cf:bc:60:a3:fe:fc:1e:59:c9:e2:57:9e:2d:e3:
84:61:68:d5:2c:a9:ca:22:64:a2:80:17:7e:06:e0:17:d7:6a:
35:91:ed:4b:93:98:53:e4:7c:ae:4c:fa:83:34:4c:32:22:2d:
15:ac:d3:cf:27:2a:89:b4:6e:96:8a:46:32:9f:00:d3:85:2b:
f7:4e:16:41:f5:74:13:5f:df:ae:62:58:1d:6f:f3:81:a2:ee:
e6:be:4d:5c:93:96:ee:7c:47:48:92:fc:4e:dc:d1:60:3d:cd:
05:93:a2:9a:2d:68:2d:7e:bd:b3:3c:50:ad:d8:b7:c1:66:b0:
02:42:72:09:4e:e4:5f:b5:e9:46:45:02:76:9a:31:2f:44:54:
2b:14:db:91
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgICVoIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNjAyMDg0MTUzWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk4NzdkMS1kMTM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuXBpRvpPjKW2HdUYp15Qlx6tfz1f5NjMyhgSjlsFwuOeyXW2nuzXus7ITsaB
rNuT7V90iUMfCtIyfLDyQdSkbxWSa5lbj475jX8M0u2MJJdR7I3vQsZ4edIjeKur
u2GHMbii1zrres8UK3YBa7n1inE25aIeI9xkVpwhEPQQx49j0LVNGHvsVKIV6hEZ
zcnBmeU0gX00HoTWJ3iz2xS17b7/nnicjRyh35hQO1UR8W44u6SCoJsBk/OUxhaw
H5ucJSE1jGHXd0Hc7zw0vMiT7iEMLU4+z2R/XEfijBwKFH7LumqNElUjE4thLSZ9
8mEraOtHQ2ANN+wA3b3N0gR4CQIDAQABo4IDJzCCAyMwHQYDVR0OBBYEFBf9aM+Q
FBVET7yW9ypl8DnTV4VJMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQjNBNDIyOTZE
NTM1MTFFQzlBOTI4NDE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbAGCCsGAQUFBwEHAQH/
BIGgMIGdMIGJBAIAATCBggMEAWcSngMEAmdu+DAMAwQGZ3JAAwQAZ3JCAwQBZ6LA
AwQBZ6MOAwQBZ6VIAwQBZ6VMAwQAZ6a0AwQBZ6eYAwQBZ6fuAwQBZ6omAwQBZ7Sw
AwQBZ7UEAwQCZ7VUAwQAZ7XCAwQBZ9lSAwQCZ+G0AwQBZ+XSMAwDBABn8YUDBANn
8YAwDwQCAAIwCQMHACABDfaVgDANBgkqhkiG9w0BAQsFAAOCAQEAqpl14RJ1UOHE
VLIF9njWvpxG3nepkHEqtoi5U/D2PQrpchJH3AP2Kn/uFbHvpHw5d1nF919zU1Dp
0hLDz08s8GfnjVvVDgW5heu5hbntJRAhoxPjl/RF/BK+wFxyZGAsxk3V9SGd9doa
EbRMFliO6c+8YKP+/B5ZyeJXni3jhGFo1SypyiJkooAXfgbgF9dqNZHtS5OYU+R8
rkz6gzRMMiItFazTzycqibRulopGMp8A04Ur904WQfV0E1/frmJYHW/zgaLu5r5N
XJOW7nxHSJL8TtzRYD3NBZOimi1oLX69szxQrdi3wWawAkJyCU7kX7XpRkUCdpox
L0RUKxTbkQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:54 2023 by rpki-client on console-ams.rpki-client.org