This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/E7084A18E1FF11ED8291C918C4F9AE02.roa
File:                     E7084A18E1FF11ED8291C918C4F9AE02.roa (raw, json)
Hash identifier:          825LdLpPgTmUB6Z/jlNKQqUyb06kFuccOU7CVvrtwj4=
Subject key identifier:   E2:A0:DE:75:55:9C:37:F2:FD:77:28:4A:B4:D1:49:5F:D9:02:8A:00
Certificate issuer:       /CN=A91F59FC/serialNumber=12EA82AE0A943109B1F4F34984E9C36D4C6D571F
Certificate serial:       153A
Authority key identifier: 12:EA:82:AE:0A:94:31:09:B1:F4:F3:49:84:E9:C3:6D:4C:6D:57:1F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EuqCrgqUMQmx9PNJhOnDbUxtVx8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/E7084A18E1FF11ED8291C918C4F9AE02.roa
Signing time:             Wed 04 Jun 2025 17:17:55 +0000
ROA not before:           Wed 04 Jun 2025 17:17:55 +0000
ROA not after:            Thu 30 Jul 2026 00:00:00 +0000
asID:                     397702
IP address blocks:        103.114.190.0/24 maxlen: 24
                          103.114.191.0/24 maxlen: 24
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5434 (0x153a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F59FC, serialNumber=12EA82AE0A943109B1F4F34984E9C36D4C6D571F
        Validity
            Not Before: Jun  4 17:17:55 2025 GMT
            Not After : Jul 30 00:00:00 2026 GMT
        Subject: CN=68407fc3-94ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:9d:af:d6:ca:2d:cb:6f:a2:d3:18:40:98:4f:
                    b3:34:15:a1:74:d9:a5:cb:38:fc:c4:79:66:9c:5a:
                    0d:d0:19:df:05:e8:20:2d:dd:ba:0b:7e:7a:b5:94:
                    f2:b7:5b:a4:71:8e:83:d0:6e:15:79:9b:8b:db:ec:
                    c3:4d:53:44:64:8e:68:dd:bf:53:3e:9e:87:6a:7c:
                    62:2c:24:16:83:f4:c5:ee:ae:92:31:b7:95:17:28:
                    a9:a5:a1:d2:b8:e5:ce:74:6f:c6:24:c7:fa:03:48:
                    6f:9b:f6:94:fa:ac:01:71:1d:62:c9:59:fc:22:34:
                    fd:9b:fd:49:4f:a8:65:d4:d2:be:22:74:38:df:a0:
                    3b:8d:40:cc:ba:d6:c6:41:5c:69:2f:d4:14:73:b3:
                    54:78:96:6d:ff:56:02:70:ee:b5:4b:37:9f:46:5e:
                    0d:60:37:a6:b3:55:d5:f8:34:a7:69:5f:d2:0e:79:
                    a9:90:aa:13:4c:22:56:b0:57:cc:a6:ab:a9:b6:85:
                    27:7c:21:71:01:b9:30:2f:20:59:f3:06:05:4e:be:
                    5a:5b:e5:5a:3c:ba:e6:37:44:dc:45:76:d0:46:8c:
                    e6:2c:b9:7b:2f:33:43:dd:c8:52:36:c4:87:79:05:
                    c4:33:d0:ce:7e:db:12:90:46:9f:71:22:4c:07:2f:
                    ee:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:A0:DE:75:55:9C:37:F2:FD:77:28:4A:B4:D1:49:5F:D9:02:8A:00
            X509v3 Authority Key Identifier:
                keyid:12:EA:82:AE:0A:94:31:09:B1:F4:F3:49:84:E9:C3:6D:4C:6D:57:1F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/EuqCrgqUMQmx9PNJhOnDbUxtVx8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EuqCrgqUMQmx9PNJhOnDbUxtVx8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/E7084A18E1FF11ED8291C918C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.114.190.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7d:2a:67:cf:9e:fa:b6:31:0a:1f:86:f2:8c:32:ea:c8:96:03:
         3d:82:b8:e2:26:96:78:b6:ce:7c:3e:a7:12:49:4b:e9:17:d8:
         3f:51:fd:1e:a4:87:bc:b6:bb:b4:1d:dd:1a:f0:20:a2:7b:8b:
         a6:c1:a8:4b:05:90:66:f7:26:f0:39:a1:75:4f:45:4b:00:1a:
         df:8f:8b:45:ab:53:6c:54:64:8a:98:a9:b0:e0:af:5b:ae:01:
         65:50:3b:3d:43:5b:ba:fb:02:b3:6d:24:69:78:8e:8e:b2:1f:
         87:41:09:1e:b9:f4:23:b4:88:e8:2c:bb:e6:72:dc:da:7c:32:
         c2:e1:ed:ab:9d:fe:79:da:3f:c8:3f:5e:fe:7d:17:99:fe:b5:
         b3:3b:af:d9:99:d2:b9:af:26:ea:d7:0c:25:4c:6d:f8:14:0b:
         b5:19:a5:50:d5:9e:39:7c:ae:0a:9a:7a:8f:07:05:e6:3f:13:
         8c:d9:1d:ef:68:63:b4:e0:0a:53:6a:4b:df:10:04:ce:45:11:
         15:75:ef:9d:20:69:07:97:27:95:79:6e:fd:21:13:b6:cd:4c:
         e8:31:bf:42:9d:f0:45:60:48:22:66:03:36:30:52:d0:bc:65:
         ca:c9:38:f6:9d:53:1d:21:05:11:53:b0:06:fb:ec:a1:e8:33:
         b9:08:9d:ca
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICFTowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjU5RkMxMTAvBgNVBAUTKDEyRUE4MkFFMEE5NDMxMDlCMUY0RjM0OTg0RTlDMzZE
NEM2RDU3MUYwHhcNMjUwNjA0MTcxNzU1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODQwN2ZjMy05NGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvZ2v1soty2+i0xhAmE+zNBWhdNmlyzj8xHlmnFoN0BnfBeggLd26C356tZTy
t1ukcY6D0G4VeZuL2+zDTVNEZI5o3b9TPp6HanxiLCQWg/TF7q6SMbeVFyippaHS
uOXOdG/GJMf6A0hvm/aU+qwBcR1iyVn8IjT9m/1JT6hl1NK+InQ436A7jUDMutbG
QVxpL9QUc7NUeJZt/1YCcO61SzefRl4NYDems1XV+DSnaV/SDnmpkKoTTCJWsFfM
pquptoUnfCFxAbkwLyBZ8wYFTr5aW+VaPLrmN0TcRXbQRozmLLl7LzND3chSNsSH
eQXEM9DOftsSkEafcSJMBy/uXQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOKg3nVV
nDfy/XcoSrTRSV/ZAooAMB8GA1UdIwQYMBaAFBLqgq4KlDEJsfTzSYTpw21MbVcf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTlGQy84MTA0NUUzQTU2
NjAxMUU4QkYzRkQ1MjdDNEY5QUUwMi9FdXFDcmdxVU1RbXg5UE5KaE9uRGJVeHRW
eDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0V1cUNyZ3FVTVFteDlQTkpoT25EYlV4dFZ4OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjU5RkMvODEwNDVFM0E1NjYwMTFFOEJGM0ZENTI3QzRGOUFFMDIvRTcwODRBMThF
MUZGMTFFRDgyOTFDOTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFncr4wDQYJKoZIhvcNAQELBQADggEBAH0qZ8+e+rYxCh+G
8owy6siWAz2CuOImlni2znw+pxJJS+kX2D9R/R6kh7y2u7Qd3RrwIKJ7i6bBqEsF
kGb3JvA5oXVPRUsAGt+Pi0WrU2xUZIqYqbDgr1uuAWVQOz1DW7r7ArNtJGl4jo6y
H4dBCR659CO0iOgsu+Zy3Np8MsLh7aud/nnaP8g/Xv59F5n+tbM7r9mZ0rmvJurX
DCVMbfgUC7UZpVDVnjl8rgqaeo8HBeY/E4zZHe9oY7TgClNqS98QBM5FERV1750g
aQeXJ5V5bv0hE7bNTOgxv0Kd8EVgSCJmAzYwUtC8ZcrJOPadUx0hBRFTsAb77KHo
M7kInco=
-----END CERTIFICATE-----