Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/640D69343AC911F0ABC07A41C4F9AE02.roa
File: 640D69343AC911F0ABC07A41C4F9AE02.roa (raw, json)
Hash identifier: 6hfvZ7X+y1HlP4OP4wPVfm/+hoKBg/KuYC/84bY3lOk=
Subject key identifier: C4:5B:C8:6D:5E:42:5B:BD:09:ED:C1:FF:47:4C:8D:11:5D:2A:23:DD
Certificate issuer: /CN=A91AA48F/serialNumber=BE0E7A890F7281C654632E8BE80EBBF9FFB56503
Certificate serial: 34CC
Authority key identifier: BE:0E:7A:89:0F:72:81:C6:54:63:2E:8B:E8:0E:BB:F9:FF:B5:65:03
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/640D69343AC911F0ABC07A41C4F9AE02.roa
Signing time: Tue 27 May 2025 07:08:29 +0000
ROA not before: Tue 27 May 2025 07:08:29 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 3758
IP address blocks: 111.65.100.0/24 maxlen: 24
111.65.101.0/24 maxlen: 24
111.65.102.0/23 maxlen: 23
111.65.104.0/21 maxlen: 22
111.65.112.0/20 maxlen: 20
119.234.128.0/19 maxlen: 24
119.234.160.0/19 maxlen: 24
202.78.52.0/22 maxlen: 22
202.78.55.0/24 maxlen: 24
2400:1c00:13::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13516 (0x34cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AA48F, serialNumber=BE0E7A890F7281C654632E8BE80EBBF9FFB56503
Validity
Not Before: May 27 07:08:29 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=683564ed-4fd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8c:16:1b:90:98:ad:9e:a7:0a:76:5d:41:dc:
0d:02:61:0f:33:da:4c:69:52:7f:23:dd:93:09:65:
73:70:2d:9d:32:0c:7f:4e:79:26:54:0b:36:3c:cb:
6f:31:57:bb:d7:bd:a2:94:e3:2a:45:a8:18:3b:d3:
0e:bd:04:2d:a1:21:23:dd:c3:f3:1c:e7:7b:92:dd:
75:62:34:fe:4c:9e:3a:4c:10:95:4e:5b:d2:7d:e3:
1e:fe:32:2a:69:ad:2c:c8:89:f8:9c:88:f3:d7:58:
18:b3:80:86:c3:46:a5:1a:67:ae:d6:c8:6a:b1:72:
ca:95:15:69:eb:0c:fc:67:90:72:34:00:7c:13:47:
0c:af:f5:7b:ee:e5:06:b2:d4:52:d1:53:23:1e:5f:
db:53:18:14:d0:a9:41:3e:0a:1d:7a:5a:bf:3e:2f:
60:a0:28:b0:2e:94:83:2b:6c:d2:ab:62:e2:a5:06:
1c:92:8a:65:14:0d:b4:bc:bc:43:e6:d5:35:f0:80:
27:4e:46:69:3c:82:d3:80:8c:d3:ed:c7:72:ae:a9:
f6:c7:28:3d:7e:6f:ea:c9:d9:18:3a:9d:e0:52:49:
73:15:a0:50:ce:9b:81:60:7b:29:a2:0e:a5:8c:75:
b1:8c:31:cf:87:57:64:ed:a8:d7:31:1b:41:9e:70:
51:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:5B:C8:6D:5E:42:5B:BD:09:ED:C1:FF:47:4C:8D:11:5D:2A:23:DD
X509v3 Authority Key Identifier:
keyid:BE:0E:7A:89:0F:72:81:C6:54:63:2E:8B:E8:0E:BB:F9:FF:B5:65:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/640D69343AC911F0ABC07A41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.65.100.0-111.65.127.255
119.234.128.0/18
202.78.52.0/22
IPv6:
2400:1c00:13::/48
Signature Algorithm: sha256WithRSAEncryption
a3:84:4d:e7:a7:6a:a9:79:08:23:33:5b:ac:99:3c:96:af:e3:
3b:5f:43:60:d8:f0:03:38:ac:9d:71:a9:1a:3c:fc:1e:c0:9e:
da:6e:80:4f:7e:bf:27:8a:19:17:55:c8:f4:55:6c:01:60:e8:
8e:10:8b:67:74:97:16:d2:b1:77:5a:73:51:19:a6:b3:55:94:
df:b5:93:a7:a3:4d:ce:56:f1:34:34:1d:64:b6:8f:17:99:23:
81:d8:3a:9d:54:3c:87:ca:04:9e:4c:b6:6a:05:8f:72:a2:a5:
d7:f0:ab:3f:94:de:0e:f7:b7:fd:a3:03:03:11:43:e7:a4:8a:
9e:db:ab:c6:2c:88:05:4b:25:27:27:46:f5:ef:1b:07:ea:8b:
4c:40:7f:90:8b:86:4f:6c:17:65:91:a7:db:48:ec:d6:e1:01:
14:bf:7a:41:74:22:ab:40:f9:31:79:11:93:7e:43:a2:32:7d:
5f:25:60:f7:a3:d5:15:8e:ce:b6:45:63:73:52:7f:9e:4e:ee:
7a:33:ca:59:50:be:33:60:42:98:af:1a:da:dc:22:0f:e3:fe:
f8:5e:71:7a:0d:6e:39:e8:23:e5:cf:a7:1e:f2:67:98:d7:1d:
20:fa:8d:1d:2b:75:9d:1d:1f:bb:ab:b9:39:5e:66:ce:42:0e:
81:f0:c3:21
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgICNMwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUE0OEYxMTAvBgNVBAUTKEJFMEU3QTg5MEY3MjgxQzY1NDYzMkU4QkU4MEVCQkY5
RkZCNTY1MDMwHhcNMjUwNTI3MDcwODI5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODM1NjRlZC00ZmQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp4wWG5CYrZ6nCnZdQdwNAmEPM9pMaVJ/I92TCWVzcC2dMgx/TnkmVAs2PMtv
MVe7172ilOMqRagYO9MOvQQtoSEj3cPzHOd7kt11YjT+TJ46TBCVTlvSfeMe/jIq
aa0syIn4nIjz11gYs4CGw0alGmeu1shqsXLKlRVp6wz8Z5ByNAB8E0cMr/V77uUG
stRS0VMjHl/bUxgU0KlBPgodelq/Pi9goCiwLpSDK2zSq2LipQYckoplFA20vLxD
5tU18IAnTkZpPILTgIzT7cdyrqn2xyg9fm/qydkYOp3gUklzFaBQzpuBYHspog6l
jHWxjDHPh1dk7ajXMRtBnnBRCwIDAQABo4ICujCCArYwHQYDVR0OBBYEFMRbyG1e
Qlu9Ce3B/0dMjRFdKiPdMB8GA1UdIwQYMBaAFL4OeokPcoHGVGMui+gOu/n/tWUD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTQ4Ri84QzgxQTg1NjFE
OEQxMUUyODY2QzUwRUIwOEIwMkNEMi92ZzU2aVE5eWdjWlVZeTZMNkE2Ny1mLTFa
UU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZnNTZpUTl5Z2NaVVl5Nkw2QTY3LWYtMVpRTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUE0OEYvOEM4MUE4NTYxRDhEMTFFMjg2NkM1MEVCMDhCMDJDRDIvNjQwRDY5MzQz
QUM5MTFGMEFCQzA3QTQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E
NTAzMCAEAgABMBowDAMEAm9BZAMEB29BAAMEBnfqgAMEAspONDAPBAIAAjAJAwcA
JAAcAAATMA0GCSqGSIb3DQEBCwUAA4IBAQCjhE3np2qpeQgjM1usmTyWr+M7X0Ng
2PADOKydcakaPPwewJ7aboBPfr8nihkXVcj0VWwBYOiOEItndJcW0rF3WnNRGaaz
VZTftZOno03OVvE0NB1kto8XmSOB2DqdVDyHygSeTLZqBY9yoqXX8Ks/lN4O97f9
owMDEUPnpIqe26vGLIgFSyUnJ0b17xsH6otMQH+Qi4ZPbBdlkafbSOzW4QEUv3pB
dCKrQPkxeRGTfkOiMn1fJWD3o9UVjs62RWNzUn+eTu56M8pZUL4zYEKYrxra3CIP
4/74XnF6DW456CPlz6ce8meY1x0g+o0dK3WdHR+7q7k5XmbOQg6B8MMh
-----END CERTIFICATE-----
Generated at Mon Jun 2 06:29:24 2025 by rpki-client