Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F50780F2F14B11EC8B517410C4F9AE02.roa
File: F50780F2F14B11EC8B517410C4F9AE02.roa (raw, json)
Hash identifier: +7jzb7i9A3pk/EcnC64Nhc7M1umYaAtJaQ3CnsHqU4w=
Subject key identifier: 2F:BD:FD:2C:63:53:78:15:4E:D9:5D:66:58:65:FE:F1:EC:7F:DC:A8
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 589E
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F50780F2F14B11EC8B517410C4F9AE02.roa
Signing time: Wed 06 Jul 2022 08:01:42 +0000
ROA not before: Wed 06 Jul 2022 08:01:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 103.53.55.0/24 maxlen: 24
103.162.192.0/23 maxlen: 24
103.166.180.0/24 maxlen: 24
103.167.152.0/23 maxlen: 24
103.167.238.0/23 maxlen: 24
103.168.60.0/23 maxlen: 24
103.173.15.0/24 maxlen: 24
103.181.194.0/24 maxlen: 24
103.181.202.0/23 maxlen: 24
103.189.82.0/23 maxlen: 24
103.190.96.0/23 maxlen: 24
2001:df6:9580::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22686 (0x589e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jul 6 08:01:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62c54165-4d5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:50:ed:2b:68:b2:5a:10:8e:d7:af:05:16:63:
f9:f1:6d:b4:85:9b:5d:67:73:d5:6b:15:6b:29:43:
00:7d:a4:5b:98:85:13:12:b4:30:38:95:fc:fc:41:
fe:86:e1:b9:aa:0c:a0:ce:f9:9e:80:dc:74:36:fc:
6d:c3:22:1f:fc:d5:b5:4f:f1:d4:d6:8a:8c:0d:a0:
48:f0:c4:bb:3a:91:83:53:4b:f2:69:4e:e7:e3:5b:
20:df:10:d1:c5:d7:35:81:52:e3:36:18:d1:f3:14:
04:22:b6:dc:8b:e6:be:93:53:ee:ff:de:23:ca:32:
7f:27:e2:5d:e0:eb:d0:1f:f0:43:b2:88:20:f6:98:
ce:14:a7:fa:8a:17:27:dc:66:91:cd:85:d1:6c:3c:
bc:ef:98:33:93:d5:64:54:dd:e8:67:68:2f:9e:ff:
00:43:4c:c8:04:83:ab:f4:cb:00:d3:e3:4a:92:61:
2e:31:f1:7b:b7:00:14:dc:a5:d3:0d:84:41:d2:13:
1b:22:60:c1:5a:89:ed:f7:4c:4e:8d:43:c5:dc:b5:
dd:14:99:6d:3d:d0:7a:bc:77:57:68:42:f0:44:35:
f7:9d:7e:73:24:f8:b6:74:f2:f3:da:e7:99:fb:8d:
a7:3a:d5:45:14:d9:50:ca:bb:c4:82:56:2d:d9:3d:
73:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:BD:FD:2C:63:53:78:15:4E:D9:5D:66:58:65:FE:F1:EC:7F:DC:A8
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F50780F2F14B11EC8B517410C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.53.55.0/24
103.162.192.0/23
103.166.180.0/24
103.167.152.0/23
103.167.238.0/23
103.168.60.0/23
103.173.15.0/24
103.181.194.0/24
103.181.202.0/23
103.189.82.0/23
103.190.96.0/23
IPv6:
2001:df6:9580::/48
Signature Algorithm: sha256WithRSAEncryption
a2:7e:94:c4:a9:e1:e3:e3:9a:b2:59:df:e3:fc:d7:64:3f:11:
7d:4b:b8:28:67:3e:d2:23:dd:59:6e:20:43:2b:bf:2e:d3:c1:
0d:43:ce:9c:df:14:02:02:76:18:10:1c:1b:2d:e6:18:5c:9b:
32:28:f8:99:f8:d2:03:bd:a6:f6:e0:81:2a:01:7e:09:4f:6c:
dc:91:c6:ce:80:18:8c:a5:14:57:74:f3:e9:54:0b:e2:c4:8b:
0e:c7:a8:9b:e8:5e:64:46:55:88:cc:20:f7:f7:32:60:07:58:
fa:41:8b:de:ef:2b:3b:de:e0:eb:d8:c7:25:44:46:7a:e7:1b:
e8:6d:b6:b2:cb:64:cc:77:d9:36:40:24:51:32:82:a8:7d:94:
28:72:31:3a:91:84:92:e3:38:a1:32:83:37:d1:c2:5f:09:d0:
ca:de:ca:e0:72:bb:12:e8:75:81:8d:5d:e5:f8:48:35:c8:6f:
33:e8:89:07:9f:f3:9f:37:fc:a9:bb:ab:6d:74:fb:42:3b:19:
72:85:d4:53:9a:8f:e0:d2:49:0f:ea:1e:06:80:00:45:a7:a8:
31:f5:43:a2:df:ac:6c:a1:0e:d4:e0:7e:d8:55:9b:d2:3d:57:
10:5a:3b:1b:44:68:ad:6f:c2:09:65:bf:69:32:61:7a:d5:de:
70:3f:85:de
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgICWJ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNzA2MDgwMTQxWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmM1NDE2NS00ZDViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3lDtK2iyWhCO168FFmP58W20hZtdZ3PVaxVrKUMAfaRbmIUTErQwOJX8/EH+
huG5qgygzvmegNx0NvxtwyIf/NW1T/HU1oqMDaBI8MS7OpGDU0vyaU7n41sg3xDR
xdc1gVLjNhjR8xQEIrbci+a+k1Pu/94jyjJ/J+Jd4OvQH/BDsogg9pjOFKf6ihcn
3GaRzYXRbDy875gzk9VkVN3oZ2gvnv8AQ0zIBIOr9MsA0+NKkmEuMfF7twAU3KXT
DYRB0hMbImDBWont90xOjUPF3LXdFJltPdB6vHdXaELwRDX3nX5zJPi2dPLz2ueZ
+42nOtVFFNlQyrvEglYt2T1zuQIDAQABo4IC4jCCAt4wHQYDVR0OBBYEFC+9/Sxj
U3gVTtldZlhl/vHsf9yoMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRjUwNzgwRjJG
MTRCMTFFQzhCNTE3NDEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbAYIKwYBBQUHAQcBAf8E
XTBbMEgEAgABMEIDBABnNTcDBAFnosADBABnprQDBAFnp5gDBAFnp+4DBAFnqDwD
BABnrQ8DBABntcIDBAFntcoDBAFnvVIDBAFnvmAwDwQCAAIwCQMHACABDfaVgDAN
BgkqhkiG9w0BAQsFAAOCAQEAon6UxKnh4+Oaslnf4/zXZD8RfUu4KGc+0iPdWW4g
Qyu/LtPBDUPOnN8UAgJ2GBAcGy3mGFybMij4mfjSA72m9uCBKgF+CU9s3JHGzoAY
jKUUV3Tz6VQL4sSLDseom+heZEZViMwg9/cyYAdY+kGL3u8rO97g69jHJURGeucb
6G22sstkzHfZNkAkUTKCqH2UKHIxOpGEkuM4oTKDN9HCXwnQyt7K4HK7Euh1gY1d
5fhINchvM+iJB5/znzf8qburbXT7QjsZcoXUU5qP4NJJD+oeBoAARaeoMfVDot+s
bKEO1OB+2FWb0j1XEFo7G0RorW/CCWW/aTJhetXecD+F3g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-ams.rpki-client.org