Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/A26EA636F85511EF9E24237FC4F9AE02.roa
File: A26EA636F85511EF9E24237FC4F9AE02.roa (raw, json)
Hash identifier: DoJNRAOL7Gdn6Tf3YLdtd53iwBNgiO3tLZrm79emKFY=
Subject key identifier: 15:A7:DF:73:7B:02:41:EE:72:7F:34:9D:C3:7B:65:60:08:31:10:CA
Certificate issuer: /CN=A917C1DC/serialNumber=A8D576D4AFBB64045BB0295641B99427D7F878F2
Certificate serial: 0711
Authority key identifier: A8:D5:76:D4:AF:BB:64:04:5B:B0:29:56:41:B9:94:27:D7:F8:78:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qNV21K-7ZARbsClWQbmUJ9f4ePI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/A26EA636F85511EF9E24237FC4F9AE02.roa
Signing time: Mon 03 Mar 2025 17:33:35 +0000
ROA not before: Mon 03 Mar 2025 17:33:35 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 48678
IP address blocks: 103.110.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1809 (0x711)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C1DC, serialNumber=A8D576D4AFBB64045BB0295641B99427D7F878F2
Validity
Not Before: Mar 3 17:33:35 2025 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=67c5e7ef-e436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:01:a0:80:98:31:f3:c4:9d:79:8e:6e:e1:0f:
3b:d7:6b:62:0f:ef:fd:1f:07:46:fb:7e:80:84:86:
b5:d6:02:a0:76:47:ab:13:3e:a1:5b:70:c8:f9:4a:
b3:bf:16:fb:9e:68:0c:d1:c4:66:d8:8f:2f:a8:ab:
4e:3d:09:4f:ff:c8:c0:76:15:cd:ca:8b:a7:d3:91:
93:1b:7a:ed:f3:15:f4:be:f1:75:12:d8:81:c3:a7:
1a:06:6c:5f:7d:39:b7:46:c4:7d:a8:67:5d:76:9c:
95:9d:e1:44:36:86:26:8e:9e:f0:5d:61:11:0f:9a:
f7:04:b6:3c:30:df:5f:d8:fb:32:de:65:30:8f:5c:
f6:01:9b:18:2d:03:04:fd:a4:3d:49:85:ad:6e:38:
f9:44:75:a7:c7:75:41:48:99:81:5d:a5:95:f7:e9:
b4:75:d1:61:8b:9c:0b:7d:8b:cb:43:5a:c7:38:84:
00:0c:c0:8e:ef:11:87:c9:29:3b:7a:75:d7:97:e0:
e9:85:d9:e6:1f:6f:7c:82:6f:ae:fe:a2:79:c3:cb:
1a:31:e8:b4:a9:04:8e:40:01:9e:1b:eb:bb:d4:a0:
12:18:bb:fc:41:7a:90:98:d2:5e:11:79:e5:c3:9a:
a2:78:4b:be:77:ee:11:53:b3:50:e6:08:d1:06:c3:
b4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:A7:DF:73:7B:02:41:EE:72:7F:34:9D:C3:7B:65:60:08:31:10:CA
X509v3 Authority Key Identifier:
keyid:A8:D5:76:D4:AF:BB:64:04:5B:B0:29:56:41:B9:94:27:D7:F8:78:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/qNV21K-7ZARbsClWQbmUJ9f4ePI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qNV21K-7ZARbsClWQbmUJ9f4ePI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/A26EA636F85511EF9E24237FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.110.105.0/24
Signature Algorithm: sha256WithRSAEncryption
e7:f5:2c:f3:bc:bb:2b:07:b5:05:95:0b:00:9f:11:2b:a4:c8:
04:df:53:ce:bd:d5:8a:67:e7:88:00:b3:0e:2f:cb:cf:06:fd:
f5:e8:a9:54:05:a1:cd:5a:d7:bc:09:d4:84:7a:aa:76:e9:e9:
b9:25:bf:f9:3f:38:92:28:60:a4:d3:82:32:9a:62:bb:2b:77:
90:ee:d1:34:29:38:81:f7:3f:7c:c0:0d:57:8d:89:61:b7:a1:
63:d8:12:35:e8:ea:b4:7c:db:8b:ae:ea:30:1d:08:57:18:15:
a1:88:c0:ec:65:9c:dc:f7:7a:a4:f2:bd:73:d2:97:57:19:d6:
c4:c8:e2:6d:1c:b5:fd:4f:a3:56:3b:1c:8d:3e:94:8c:4a:aa:
39:11:12:7e:e6:50:4b:06:e9:4c:a6:80:48:f3:b8:80:25:9c:
36:6a:8b:25:3f:26:d1:71:be:86:fd:7e:65:10:5e:ff:dc:69:
f9:b3:3f:99:6a:41:5d:7a:56:e2:05:ac:98:f5:7a:d5:69:3b:
30:02:40:0c:03:23:c8:ea:27:0b:12:84:3a:a6:54:b8:5b:f8:
02:e0:45:21:d3:e3:27:e3:08:ad:9b:35:2e:1c:45:a2:2b:aa:
62:1d:2b:60:d4:46:8b:e3:bc:4b:ad:dc:aa:51:1a:ce:38:82:
8a:e9:d6:f8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBxEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0MxREMxMTAvBgNVBAUTKEE4RDU3NkQ0QUZCQjY0MDQ1QkIwMjk1NjQxQjk5NDI3
RDdGODc4RjIwHhcNMjUwMzAzMTczMzM1WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M1ZTdlZi1lNDM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvAGggJgx88SdeY5u4Q8712tiD+/9HwdG+36AhIa11gKgdkerEz6hW3DI+Uqz
vxb7nmgM0cRm2I8vqKtOPQlP/8jAdhXNyoun05GTG3rt8xX0vvF1EtiBw6caBmxf
fTm3RsR9qGdddpyVneFENoYmjp7wXWERD5r3BLY8MN9f2Psy3mUwj1z2AZsYLQME
/aQ9SYWtbjj5RHWnx3VBSJmBXaWV9+m0ddFhi5wLfYvLQ1rHOIQADMCO7xGHySk7
enXXl+DphdnmH298gm+u/qJ5w8saMei0qQSOQAGeG+u71KASGLv8QXqQmNJeEXnl
w5qieEu+d+4RU7NQ5gjRBsO0nwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBWn33N7
AkHucn80ncN7ZWAIMRDKMB8GA1UdIwQYMBaAFKjVdtSvu2QEW7ApVkG5lCfX+Hjy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzFEQy9CMkQxREUyMDU5
NEYxMUVCODhGN0E3M0VDNEY5QUUwMi9xTlYyMUstN1pBUmJzQ2xXUWJtVUo5ZjRl
UEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FOVjIxSy03WkFSYnNDbFdRYm1VSjlmNGVQSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0MxREMvQjJEMURFMjA1OTRGMTFFQjg4RjdBNzNFQzRGOUFFMDIvQTI2RUE2MzZG
ODU1MTFFRjlFMjQyMzdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnbmkwDQYJKoZIhvcNAQELBQADggEBAOf1LPO8uysHtQWV
CwCfESukyATfU8691Ypn54gAsw4vy88G/fXoqVQFoc1a17wJ1IR6qnbp6bklv/k/
OJIoYKTTgjKaYrsrd5Du0TQpOIH3P3zADVeNiWG3oWPYEjXo6rR824uu6jAdCFcY
FaGIwOxlnNz3eqTyvXPSl1cZ1sTI4m0ctf1Po1Y7HI0+lIxKqjkREn7mUEsG6Uym
gEjzuIAlnDZqiyU/JtFxvob9fmUQXv/cafmzP5lqQV16VuIFrJj1etVpOzACQAwD
I8jqJwsShDqmVLhb+ALgRSHT4yfjCK2bNS4cRaIrqmIdK2DURovjvEut3KpRGs44
gorp1vg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:46:56 2025 by rpki-client