Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D9FC96D0038311EE81157F3AC4F9AE02.roa
File: D9FC96D0038311EE81157F3AC4F9AE02.roa (raw, json)
Hash identifier: xuqGa8XChOUbOaYHxRrE5GWzHQ8m8PQ4ado9PI6RoJQ=
Subject key identifier: FA:7D:06:47:43:8E:E4:FA:9D:B0:F3:9C:DE:A9:67:75:06:A4:75:08
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 734F
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D9FC96D0038311EE81157F3AC4F9AE02.roa
Signing time: Mon 05 Jun 2023 09:32:13 +0000
ROA not before: Mon 05 Jun 2023 09:32:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134041
IP address blocks: 45.118.8.0/24 maxlen: 24
45.118.10.0/24 maxlen: 24
45.118.11.0/24 maxlen: 24
103.58.43.0/24 maxlen: 24
103.61.195.0/24 maxlen: 24
103.109.82.0/24 maxlen: 24
103.109.83.0/24 maxlen: 24
103.159.182.0/23 maxlen: 24
103.162.178.0/24 maxlen: 24
103.178.193.0/24 maxlen: 24
103.193.252.0/22 maxlen: 24
103.216.200.0/24 maxlen: 24
2402:ccc0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29519 (0x734f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jun 5 09:32:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=647dab9d-7b30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4f:e0:0b:8e:87:12:28:4b:e3:d8:b9:04:93:
05:bf:66:4e:aa:35:a1:09:e9:ff:c7:6c:04:0a:ea:
85:81:8b:52:de:81:58:56:02:19:88:46:ba:b8:55:
51:f2:33:5e:05:7e:5c:03:61:18:1f:51:87:20:cd:
db:d4:4d:30:42:2e:e3:a4:ed:a3:6c:ff:a2:3a:19:
87:d9:ea:dd:91:bf:90:14:d9:05:40:7f:85:63:f0:
60:59:f2:28:e2:bf:47:ec:4d:99:a9:db:59:6b:71:
fe:42:eb:fd:b7:a7:53:11:59:33:11:2c:83:91:a8:
74:a2:c0:a2:54:1f:d1:23:a3:40:e2:ec:72:8c:c6:
b2:62:d3:80:dc:24:d9:9e:67:d5:5f:cd:2a:4c:a0:
4f:a0:4f:db:1c:d4:1e:0f:dc:26:03:a2:9e:cf:be:
0c:c0:5f:44:16:7e:a2:96:1d:0f:d2:02:8d:77:b7:
c4:86:f8:67:9a:6b:9f:c1:ac:a1:af:ad:21:b0:cf:
f3:c5:41:a4:aa:4c:18:d5:89:55:c9:bd:6e:f5:60:
32:16:0a:06:dc:fd:23:e1:4a:d6:e8:0f:f1:9f:01:
74:79:90:73:00:70:17:25:5e:63:da:6f:c1:c5:7a:
d5:53:48:a2:40:94:e4:0a:a3:94:c7:59:8d:28:fe:
b0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:7D:06:47:43:8E:E4:FA:9D:B0:F3:9C:DE:A9:67:75:06:A4:75:08
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D9FC96D0038311EE81157F3AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.118.8.0/24
45.118.10.0/23
103.58.43.0/24
103.61.195.0/24
103.109.82.0/23
103.159.182.0/23
103.162.178.0/24
103.178.193.0/24
103.193.252.0/22
103.216.200.0/24
IPv6:
2402:ccc0::/32
Signature Algorithm: sha256WithRSAEncryption
3b:83:e4:26:6f:6c:9a:dd:46:0e:81:cb:c7:91:5c:93:b9:5e:
dd:ac:47:43:80:95:80:0e:f6:70:1f:4e:61:ff:9c:14:58:5d:
6d:aa:ba:f2:d0:73:6f:0e:4a:97:8a:aa:ce:6d:5f:1f:d9:77:
32:00:73:c2:a3:88:e5:57:12:f9:0f:cf:7c:c6:f5:49:a4:76:
f4:64:b4:a1:50:9b:fb:48:42:32:42:0f:7c:92:b1:c3:a9:ba:
e8:55:2f:46:89:2a:b0:dc:ec:50:f3:96:49:98:8b:e0:3b:0f:
58:24:a0:1c:92:68:ef:bd:73:01:e9:8c:b9:17:21:4f:bb:f6:
dc:b0:d6:6d:88:65:49:aa:a2:2c:44:4a:d3:16:5c:39:26:b6:
72:eb:7c:b1:b6:75:46:8d:47:f9:f1:ff:e2:12:14:29:dc:73:
97:f3:d7:f0:e6:aa:56:20:48:83:44:f2:fc:44:3f:75:48:aa:
9e:ff:5a:37:69:f2:b6:a1:d3:6a:6d:a4:47:da:b7:ed:4f:98:
ab:04:f8:c3:d8:8c:39:90:3a:ef:bc:29:8f:79:f5:d2:ec:85:
86:7b:f8:b2:8f:d8:36:38:83:32:38:26:27:b8:35:de:22:15:
a9:2a:f2:9f:fe:14:38:96:15:05:d3:01:97:6d:05:1b:b7:2b:
15:18:a9:e1
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICc08wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNjA1MDkzMjEzWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdkYWI5ZC03YjMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuU/gC46HEihL49i5BJMFv2ZOqjWhCen/x2wECuqFgYtS3oFYVgIZiEa6uFVR
8jNeBX5cA2EYH1GHIM3b1E0wQi7jpO2jbP+iOhmH2erdkb+QFNkFQH+FY/BgWfIo
4r9H7E2ZqdtZa3H+Quv9t6dTEVkzESyDkah0osCiVB/RI6NA4uxyjMayYtOA3CTZ
nmfVX80qTKBPoE/bHNQeD9wmA6Kez74MwF9EFn6ilh0P0gKNd7fEhvhnmmufwayh
r60hsM/zxUGkqkwY1YlVyb1u9WAyFgoG3P0j4UrW6A/xnwF0eZBzAHAXJV5j2m/B
xXrVU0iiQJTkCqOUx1mNKP6wZwIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFPp9BkdD
juT6nbDznN6pZ3UGpHUIMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRDlGQzk2RDAw
MzgzMTFFRTgxMTU3RjNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMEIEAgABMDwDBAAtdggDBAEtdgoDBABnOisDBABnPcMDBAFnbVIDBAFnn7YD
BABnorIDBABnssEDBAJnwfwDBABn2MgwDQQCAAIwBwMFACQCzMAwDQYJKoZIhvcN
AQELBQADggEBADuD5CZvbJrdRg6By8eRXJO5Xt2sR0OAlYAO9nAfTmH/nBRYXW2q
uvLQc28OSpeKqs5tXx/ZdzIAc8KjiOVXEvkPz3zG9UmkdvRktKFQm/tIQjJCD3yS
scOpuuhVL0aJKrDc7FDzlkmYi+A7D1gkoBySaO+9cwHpjLkXIU+79tyw1m2IZUmq
oixEStMWXDkmtnLrfLG2dUaNR/nx/+ISFCncc5fz1/DmqlYgSINE8vxEP3VIqp7/
Wjdp8rah02ptpEfat+1PmKsE+MPYjDmQOu+8KY959dLshYZ7+LKP2DY4gzI4Jie4
Nd4iFakq8p/+FDiWFQXTAZdtBRu3KxUYqeE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:58 2023 by rpki-client on console-fra.rpki-client.org