Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/5A60E7ECEA8111E9AF4C3D76C4F9AE02.roa
File: 5A60E7ECEA8111E9AF4C3D76C4F9AE02.roa (raw, json)
Hash identifier: /coUPRuspTAhpxULg0bNPdzbIg5S2lgjPADwRifNxVQ=
Subject key identifier: 1D:83:97:41:58:DF:B1:9C:DE:C2:D9:36:6E:27:85:B8:C9:DF:12:63
Certificate issuer: /CN=A919BEDB/serialNumber=1EDE5C6E008028BCD2AE33651381BDE1FD07C5D4
Certificate serial: 1737
Authority key identifier: 1E:DE:5C:6E:00:80:28:BC:D2:AE:33:65:13:81:BD:E1:FD:07:C5:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/5A60E7ECEA8111E9AF4C3D76C4F9AE02.roa
Signing time: Tue 11 Jan 2022 05:15:11 +0000
ROA not before: Tue 11 Jan 2022 05:15:11 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 47582
IP address blocks: 103.82.128.0/22 maxlen: 24
115.167.32.0/20 maxlen: 24
115.167.80.0/20 maxlen: 24
125.62.64.0/22 maxlen: 24
175.110.112.0/20 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5943 (0x1737)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919BEDB
Validity
Not Before: Jan 11 05:15:11 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=61dd125f-f453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:11:dd:fd:91:a6:23:0a:21:f6:86:d4:c0:a3:
9f:17:0a:96:00:5a:d9:be:5d:df:dd:b3:96:6e:0b:
e9:24:23:e4:25:ba:ef:e6:92:08:67:f5:0e:ce:45:
ad:a8:28:c3:9f:00:ef:79:9c:a3:06:d5:cb:c8:28:
25:33:07:a5:46:82:e6:d5:7c:ca:26:9e:44:58:39:
3d:e8:46:8d:1e:b7:b3:19:bc:15:a7:e2:8a:b5:6f:
2c:a6:b0:d9:9e:6f:fd:e3:06:a2:30:be:86:a0:32:
cc:d0:0b:7e:fa:5f:49:bd:cd:c0:31:7e:ce:83:79:
99:83:b4:2c:0f:5d:af:b5:f4:c6:6b:bd:25:b1:7a:
c8:a9:4f:e0:9b:09:ac:1b:07:3c:ef:56:7f:bd:40:
b6:a5:8f:5c:98:ee:67:ab:f9:ee:19:d2:a7:87:5f:
12:11:12:b6:83:c7:94:16:48:9f:a9:8f:87:0a:97:
17:8d:9c:a7:c2:d2:ce:ea:3a:fa:06:fc:f8:21:d6:
1e:b8:73:22:50:6a:97:4d:fb:c9:cf:13:9e:7b:0d:
ca:b0:14:8a:7c:10:9b:bc:f4:e9:d6:d0:60:59:ce:
60:f2:dc:f2:7e:38:e7:b7:97:3c:d3:1e:d6:50:a5:
fb:a6:4f:0f:53:6e:31:18:9e:19:fa:a3:38:01:ce:
3a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:83:97:41:58:DF:B1:9C:DE:C2:D9:36:6E:27:85:B8:C9:DF:12:63
X509v3 Authority Key Identifier:
keyid:1E:DE:5C:6E:00:80:28:BC:D2:AE:33:65:13:81:BD:E1:FD:07:C5:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/5A60E7ECEA8111E9AF4C3D76C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.82.128.0/22
115.167.32.0/20
115.167.80.0/20
125.62.64.0/22
175.110.112.0/20
Signature Algorithm: sha256WithRSAEncryption
ae:82:63:30:73:6c:13:c5:48:18:98:3d:3f:bf:24:34:4d:9c:
cf:5a:e6:da:8f:7a:d5:3c:b9:9a:de:f1:db:e4:ea:51:ba:68:
ac:f1:61:02:81:44:9b:bb:65:32:3b:da:c3:46:64:3d:b4:9b:
d5:73:1b:74:78:64:c3:df:99:38:51:d3:b4:ce:b5:99:33:8c:
af:8b:58:49:a3:24:3c:20:0f:d8:55:e0:68:fb:e0:30:87:bc:
89:a2:ab:be:9a:0a:7a:20:19:fd:dd:4a:4d:6e:6f:0b:c1:c5:
3d:fa:7d:89:ea:db:80:20:2c:ec:0c:af:64:37:94:b5:c9:ab:
bf:59:ff:d5:6e:72:8e:f4:d5:b9:eb:2a:51:ee:88:f4:00:6c:
d3:85:94:e0:6a:54:9a:45:d2:54:7b:9d:2b:6b:39:c8:06:07:
ea:4f:ef:2a:1b:d3:e2:b3:ae:c1:9c:9a:52:e2:cb:4f:80:14:
cc:08:a6:c3:19:50:07:71:5e:56:52:74:fa:1e:54:0f:22:6c:
c5:b7:ce:a7:f6:d7:86:c7:08:6c:54:dc:42:56:4a:2b:96:c0:
c5:70:27:7d:e2:14:6b:75:8b:ee:ad:02:52:2f:78:3d:8f:29:
c6:4d:5d:10:4e:f1:03:8f:65:94:b4:08:18:21:d0:c1:5c:0f:
99:9d:f5:80
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICFzcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUJFREIxMTAvBgNVBAUTKDFFREU1QzZFMDA4MDI4QkNEMkFFMzM2NTEzODFCREUx
RkQwN0M1RDQwHhcNMjIwMTExMDUxNTExWhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWRkMTI1Zi1mNDUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3RHd/ZGmIwoh9obUwKOfFwqWAFrZvl3f3bOWbgvpJCPkJbrv5pIIZ/UOzkWt
qCjDnwDveZyjBtXLyCglMwelRoLm1XzKJp5EWDk96EaNHrezGbwVp+KKtW8sprDZ
nm/94waiML6GoDLM0At++l9Jvc3AMX7Og3mZg7QsD12vtfTGa70lsXrIqU/gmwms
Gwc871Z/vUC2pY9cmO5nq/nuGdKnh18SERK2g8eUFkifqY+HCpcXjZynwtLO6jr6
Bvz4IdYeuHMiUGqXTfvJzxOeew3KsBSKfBCbvPTp1tBgWc5g8tzyfjjnt5c80x7W
UKX7pk8PU24xGJ4Z+qM4Ac46VwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFB2Dl0FY
37Gc3sLZNm4nhbjJ3xJjMB8GA1UdIwQYMBaAFB7eXG4AgCi80q4zZROBveH9B8XU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QkVEQi81RDg2N0VCQzFG
ODMxMUU3QjU3RTYwNTNDNEY5QUUwMi9IdDVjYmdDQUtMelNyak5sRTRHOTRmMEh4
ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0h0NWNiZ0NBS0x6U3JqTmxFNEc5NGYwSHhkUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUJFREIvNUQ4NjdFQkMxRjgzMTFFN0I1N0U2MDUzQzRGOUFFMDIvNUE2MEU3RUNF
QTgxMTFFOUFGNEMzRDc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAJnUoADBARzpyADBARzp1ADBAJ9PkADBASvbnAwDQYJKoZI
hvcNAQELBQADggEBAK6CYzBzbBPFSBiYPT+/JDRNnM9a5tqPetU8uZre8dvk6lG6
aKzxYQKBRJu7ZTI72sNGZD20m9VzG3R4ZMPfmThR07TOtZkzjK+LWEmjJDwgD9hV
4Gj74DCHvImiq76aCnogGf3dSk1ubwvBxT36fYnq24AgLOwMr2Q3lLXJq79Z/9Vu
co701bnrKlHuiPQAbNOFlOBqVJpF0lR7nStrOcgGB+pP7yob0+KzrsGcmlLiy0+A
FMwIpsMZUAdxXlZSdPoeVA8ibMW3zqf214bHCGxU3EJWSiuWwMVwJ33iFGt1i+6t
AlIveD2PKcZNXRBO8QOPZZS0CBgh0MFcD5md9YA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:50:05 2025 by rpki-client