Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9160EEF/6C4CD690F88811E98FA00A7CC4F9AE02/34AAAC1E271E11EC8C6FDC3CC4F9AE02.roa
File: 34AAAC1E271E11EC8C6FDC3CC4F9AE02.roa (raw, json)
Hash identifier: DcBiB5StsrE1NZLtnWZMjcg5a7/ylmDlDcwXSalYJCk=
Subject key identifier: 72:5A:8B:CD:5F:C6:A8:D2:DF:5E:B3:28:DB:CC:1F:83:E8:5F:12:E3
Certificate issuer: /CN=A9160EEF/serialNumber=958A4ED9D7D64FAC87BD16EC8A36571E1A2F508A
Certificate serial: 0A05
Authority key identifier: 95:8A:4E:D9:D7:D6:4F:AC:87:BD:16:EC:8A:36:57:1E:1A:2F:50:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lYpO2dfWT6yHvRbsijZXHhovUIo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9160EEF/6C4CD690F88811E98FA00A7CC4F9AE02/34AAAC1E271E11EC8C6FDC3CC4F9AE02.roa
Signing time: Thu 14 Jul 2022 05:47:30 +0000
ROA not before: Thu 14 Jul 2022 05:47:30 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 139074
IP address blocks: 103.139.78.0/23 maxlen: 23
103.139.78.0/24 maxlen: 24
2404:ddc0:6000::/36 maxlen: 36
2404:ddc0:aa00::/40 maxlen: 40
2404:ddc0:af00::/40 maxlen: 40
2404:ddc0:fa00::/40 maxlen: 40
2404:ddc0:ff00::/40 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2565 (0xa05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9160EEF, serialNumber=958A4ED9D7D64FAC87BD16EC8A36571E1A2F508A
Validity
Not Before: Jul 14 05:47:30 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62cfadf1-2f7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:26:c9:af:89:31:6e:26:2d:8f:ee:b7:f5:8b:
fb:7b:e1:08:ab:60:2a:5e:d8:d6:48:ef:bc:aa:75:
44:cc:c7:5a:c4:41:b4:f0:00:ef:36:87:e0:86:63:
9d:9f:16:90:e4:60:6b:95:cf:39:71:25:5e:ee:dc:
0b:fb:b1:2f:33:a6:b5:86:82:14:e8:aa:ae:b3:34:
c0:cd:00:9d:d1:32:2c:70:6c:1d:d6:bb:eb:0b:0c:
f6:c1:e2:19:05:26:a8:2b:0e:d4:92:9c:87:0f:49:
ac:9f:29:93:46:7a:82:83:29:7e:b3:76:20:ac:92:
a7:a9:b4:a0:f9:5f:26:6a:64:8d:11:4d:ef:75:63:
0c:0d:f2:bb:5c:62:66:80:b7:f9:43:36:d3:46:3b:
7e:e2:bf:8e:f9:2b:7d:e1:85:79:3c:92:fc:a1:3c:
12:b2:e5:e8:dd:ff:04:13:c2:c4:8d:9b:04:6f:fb:
92:b8:ae:e2:d2:25:72:ac:81:ab:27:16:06:57:d9:
3c:16:48:0a:15:ed:11:22:26:ba:da:d3:35:9b:6d:
b8:08:a1:40:e7:3d:83:e9:e8:79:79:9a:ea:d9:38:
e1:4c:11:45:00:58:fc:34:d9:61:bc:cd:03:fa:a5:
08:ee:aa:76:01:a3:ce:eb:d5:f4:3e:a2:b2:af:a5:
18:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:5A:8B:CD:5F:C6:A8:D2:DF:5E:B3:28:DB:CC:1F:83:E8:5F:12:E3
X509v3 Authority Key Identifier:
keyid:95:8A:4E:D9:D7:D6:4F:AC:87:BD:16:EC:8A:36:57:1E:1A:2F:50:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9160EEF/6C4CD690F88811E98FA00A7CC4F9AE02/lYpO2dfWT6yHvRbsijZXHhovUIo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lYpO2dfWT6yHvRbsijZXHhovUIo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9160EEF/6C4CD690F88811E98FA00A7CC4F9AE02/34AAAC1E271E11EC8C6FDC3CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.139.78.0/23
IPv6:
2404:ddc0:6000::/36
2404:ddc0:aa00::/40
2404:ddc0:af00::/40
2404:ddc0:fa00::/40
2404:ddc0:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
82:09:28:5d:0a:53:b1:7b:f6:a3:c9:dc:bd:62:29:e0:3d:a7:
f3:8b:d0:08:c8:b8:29:4c:18:23:80:e2:93:6b:40:54:e6:03:
69:3b:26:49:be:a5:b3:f9:21:20:50:d1:2c:d2:1b:67:84:87:
42:c1:43:67:88:fe:ea:07:c7:15:98:fe:18:39:4d:cf:db:f5:
1b:27:60:bb:7f:1f:62:33:29:d1:6d:87:ab:50:6d:90:f6:6a:
a3:9a:70:2a:0f:36:47:67:43:02:ad:a8:58:47:0c:49:eb:5b:
03:7f:0b:c5:5e:86:de:c1:31:e2:60:c2:0b:30:d1:ea:08:28:
34:20:84:be:4a:57:cd:25:5c:26:32:d1:ea:e1:6c:2d:5d:0d:
af:5e:b7:83:a7:ef:52:c1:b1:b5:b3:f9:93:22:08:e3:4f:a5:
10:4e:d4:35:ab:9a:03:57:02:54:0e:26:df:a6:77:ad:a1:fe:
71:6b:4a:8a:7e:bf:12:74:a2:99:2c:2e:f7:e8:6e:05:78:58:
a2:5c:f5:99:72:ff:da:88:f9:3a:5e:6d:2e:f6:1d:c7:0b:81:
76:a9:68:3d:0c:f2:39:58:ec:fe:4f:e9:c1:2a:bc:32:44:7f:
2b:2a:bc:b6:3e:99:db:94:32:28:e4:50:94:a8:7f:49:ce:f1:
e6:1c:d2:a3
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgICCgUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjBFRUYxMTAvBgNVBAUTKDk1OEE0RUQ5RDdENjRGQUM4N0JEMTZFQzhBMzY1NzFF
MUEyRjUwOEEwHhcNMjIwNzE0MDU0NzMwWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmNmYWRmMS0yZjdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyibJr4kxbiYtj+639Yv7e+EIq2AqXtjWSO+8qnVEzMdaxEG08ADvNofghmOd
nxaQ5GBrlc85cSVe7twL+7EvM6a1hoIU6KquszTAzQCd0TIscGwd1rvrCwz2weIZ
BSaoKw7UkpyHD0msnymTRnqCgyl+s3YgrJKnqbSg+V8mamSNEU3vdWMMDfK7XGJm
gLf5QzbTRjt+4r+O+St94YV5PJL8oTwSsuXo3f8EE8LEjZsEb/uSuK7i0iVyrIGr
JxYGV9k8FkgKFe0RIia62tM1m224CKFA5z2D6eh5eZrq2TjhTBFFAFj8NNlhvM0D
+qUI7qp2AaPO69X0PqKyr6UYSQIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFHJai81f
xqjS316zKNvMH4PoXxLjMB8GA1UdIwQYMBaAFJWKTtnX1k+sh70W7Io2Vx4aL1CK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MEVFRi82QzRDRDY5MEY4
ODgxMUU5OEZBMDBBN0NDNEY5QUUwMi9sWXBPMmRmV1Q2eUh2UmJzaWpaWEhob3ZV
SW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xZcE8yZGZXVDZ5SHZSYnNpalpYSGhvdlVJby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjBFRUYvNkM0Q0Q2OTBGODg4MTFFOThGQTAwQTdDQzRGOUFFMDIvMzRBQUFDMUUy
NzFFMTFFQzhDNkZEQzNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E
QDA+MAwEAgABMAYDBAFni04wLgQCAAIwKAMGBCQE3cBgAwYAJATdwKoDBgAkBN3A
rwMGACQE3cD6AwYAJATdwP8wDQYJKoZIhvcNAQELBQADggEBAIIJKF0KU7F79qPJ
3L1iKeA9p/OL0AjIuClMGCOA4pNrQFTmA2k7Jkm+pbP5ISBQ0SzSG2eEh0LBQ2eI
/uoHxxWY/hg5Tc/b9RsnYLt/H2IzKdFth6tQbZD2aqOacCoPNkdnQwKtqFhHDEnr
WwN/C8Veht7BMeJgwgsw0eoIKDQghL5KV80lXCYy0erhbC1dDa9et4On71LBsbWz
+ZMiCONPpRBO1DWrmgNXAlQOJt+md62h/nFrSop+vxJ0opksLvfobgV4WKJc9Zly
/9qI+TpebS72HccLgXapaD0M8jlY7P5P6cEqvDJEfysqvLY+mduUMijkUJSof0nO
8eYc0qM=
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:18:29 2025 by rpki-client