Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C0B50662F78111ECB11B2715C4F9AE02.roa
File: C0B50662F78111ECB11B2715C4F9AE02.roa (raw, json)
Hash identifier: vmRFPTSIgprN6VMVWuUd1h0TUV91gP72lJ50G6ZRQ/E=
Subject key identifier: 2E:3B:AD:03:17:C3:F1:EF:C4:5D:FF:11:8D:F6:7A:1C:08:9A:8F:FC
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5831
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C0B50662F78111ECB11B2715C4F9AE02.roa
Signing time: Wed 29 Jun 2022 08:02:00 +0000
ROA not before: Wed 29 Jun 2022 08:02:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 139195
IP address blocks: 103.42.72.0/22 maxlen: 24
103.104.223.0/24 maxlen: 24
103.105.224.0/22 maxlen: 24
103.171.58.0/23 maxlen: 24
103.173.160.0/23 maxlen: 24
103.189.216.0/24 maxlen: 24
103.189.217.0/24 maxlen: 24
119.161.96.0/22 maxlen: 24
2001:df6:4900::/48 maxlen: 48
2407:c040::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22577 (0x5831)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jun 29 08:02:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62bc06f8-00d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:95:68:fd:cc:c3:94:c1:db:22:06:cd:41:98:
c9:d2:ac:12:9e:ad:94:63:3a:c7:b5:fb:d1:25:27:
d2:67:94:82:27:1d:4b:1a:01:cb:2b:a1:a8:d4:1a:
3d:fa:93:b9:81:25:10:11:7e:45:7b:5d:04:e4:cc:
1d:98:f1:c2:0c:03:de:2a:7f:af:38:19:91:e7:bf:
99:10:5d:42:0d:26:70:ad:e6:dd:eb:26:51:5c:4e:
63:c6:f4:8a:13:aa:4a:40:f3:4f:14:68:8f:36:4d:
26:3d:7f:8c:0f:b7:07:0f:02:21:df:8f:e7:23:38:
f1:88:db:47:e7:4f:75:c1:8a:dd:05:39:fc:71:ed:
65:49:5e:ea:77:69:5d:27:92:c9:bb:77:bd:73:48:
da:8b:48:0f:13:2c:cb:97:8c:7d:46:84:d5:4e:98:
7b:5f:e1:27:11:cd:0c:28:ec:d2:56:83:08:56:ca:
e2:51:eb:af:b4:ac:b8:11:04:0a:29:99:8e:22:b5:
91:a1:47:a0:d9:0f:69:4b:35:31:2a:8a:10:7f:e1:
4f:68:16:9c:c4:be:7d:12:b3:5e:1c:3f:18:64:8e:
fe:0d:34:ee:55:83:af:04:17:3b:0f:a4:a6:8a:81:
61:5b:d0:1b:70:e4:c9:ab:37:f2:18:f2:43:65:d1:
12:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:3B:AD:03:17:C3:F1:EF:C4:5D:FF:11:8D:F6:7A:1C:08:9A:8F:FC
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C0B50662F78111ECB11B2715C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.42.72.0/22
103.104.223.0/24
103.105.224.0/22
103.171.58.0/23
103.173.160.0/23
103.189.216.0/23
119.161.96.0/22
IPv6:
2001:df6:4900::/48
2407:c040::/32
Signature Algorithm: sha256WithRSAEncryption
89:f2:14:5f:a4:f4:c7:dd:7a:77:12:7f:1a:03:d7:fb:4e:79:
20:d4:64:03:f6:61:16:71:e4:0f:79:e5:be:c2:af:0b:f0:a7:
29:d3:7a:a9:aa:00:b3:72:51:79:00:4e:25:e4:b4:21:7a:f0:
bc:05:86:d2:85:98:a2:9b:95:e0:f5:40:78:a8:e2:5a:a2:11:
40:3c:2f:c0:da:87:d2:76:eb:80:da:87:38:c4:08:ab:b7:fb:
e1:40:73:26:a4:75:c4:8c:19:47:05:42:c5:99:40:93:e4:c7:
ba:38:5d:34:3f:23:25:b6:17:1a:52:34:4d:91:68:c8:a8:39:
53:b6:f5:68:40:6a:fb:ce:7e:ef:64:19:f1:14:ca:9d:a5:35:
46:cb:3b:69:b7:25:f6:4f:92:ff:22:a6:98:7e:df:54:60:cd:
53:17:d0:1f:77:e7:27:67:84:f4:34:51:bb:66:c9:bf:e0:54:
a5:cc:9b:f3:84:3a:a9:4f:77:6d:04:54:29:d7:bf:d4:10:ad:
80:5d:e0:31:d9:04:fb:26:59:5e:e1:86:fe:6e:f6:31:6e:83:
d6:7a:6e:0c:4e:10:3b:9a:3a:bd:4b:a6:16:16:1e:6c:ec:da:
24:9b:39:bf:dc:fe:28:3c:60:df:5a:74:60:63:16:9c:d7:dd:
a1:f3:e7:85
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgICWDEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNjI5MDgwMjAwWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmJjMDZmOC0wMGQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp5Vo/czDlMHbIgbNQZjJ0qwSnq2UYzrHtfvRJSfSZ5SCJx1LGgHLK6Go1Bo9
+pO5gSUQEX5Fe10E5MwdmPHCDAPeKn+vOBmR57+ZEF1CDSZwrebd6yZRXE5jxvSK
E6pKQPNPFGiPNk0mPX+MD7cHDwIh34/nIzjxiNtH5091wYrdBTn8ce1lSV7qd2ld
J5LJu3e9c0jai0gPEyzLl4x9RoTVTph7X+EnEc0MKOzSVoMIVsriUeuvtKy4EQQK
KZmOIrWRoUeg2Q9pSzUxKooQf+FPaBacxL59ErNeHD8YZI7+DTTuVYOvBBc7D6Sm
ioFhW9AbcOTJqzfyGPJDZdESQwIDAQABo4IC0TCCAs0wHQYDVR0OBBYEFC47rQMX
w/HvxF3/EY32ehwImo/8MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQzBCNTA2NjJG
NzgxMTFFQ0IxMUIyNzE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWwYIKwYBBQUHAQcBAf8E
TDBKMDAEAgABMCoDBAJnKkgDBABnaN8DBAJnaeADBAFnqzoDBAFnraADBAFnvdgD
BAJ3oWAwFgQCAAIwEAMHACABDfZJAAMFACQHwEAwDQYJKoZIhvcNAQELBQADggEB
AInyFF+k9MfdencSfxoD1/tOeSDUZAP2YRZx5A955b7CrwvwpynTeqmqALNyUXkA
TiXktCF68LwFhtKFmKKbleD1QHio4lqiEUA8L8Dah9J264DahzjECKu3++FAcyak
dcSMGUcFQsWZQJPkx7o4XTQ/IyW2FxpSNE2RaMioOVO29WhAavvOfu9kGfEUyp2l
NUbLO2m3JfZPkv8ipph+31RgzVMX0B935ydnhPQ0Ubtmyb/gVKXMm/OEOqlPd20E
VCnXv9QQrYBd4DHZBPsmWV7hhv5u9jFug9Z6bgxOEDuaOr1LphYWHmzs2iSbOb/c
/ig8YN9adGBjFpzX3aHz54U=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:57 2023 by rpki-client on console-fra.rpki-client.org