Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9180161/78309E24FF2011EBA06F520DC4F9AE02/7EE8D4EAFF2311EB9FF89E53C4F9AE02.roa
File: 7EE8D4EAFF2311EB9FF89E53C4F9AE02.roa (raw, json)
Hash identifier: L+scxlYzOpTwbCM9dQpNYvYaOG4Q0FLFLF1z2LVtI7Y=
Subject key identifier: AC:F9:24:BA:DF:85:0C:D9:E5:9B:F8:9E:15:F9:B1:9C:5C:A7:14:CA
Certificate issuer: /CN=A9180161/serialNumber=C9522C38B95E1981D83DAF3A7635B3190940FC5B
Certificate serial: 050B
Authority key identifier: C9:52:2C:38:B9:5E:19:81:D8:3D:AF:3A:76:35:B3:19:09:40:FC:5B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yVIsOLleGYHYPa86djWzGQlA_Fs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9180161/78309E24FF2011EBA06F520DC4F9AE02/7EE8D4EAFF2311EB9FF89E53C4F9AE02.roa
Signing time: Thu 20 Mar 2025 23:34:48 +0000
ROA not before: Thu 20 Mar 2025 23:34:48 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 136248
IP address blocks: 103.84.252.0/22 maxlen: 22
103.84.252.0/23 maxlen: 23
103.84.252.0/24 maxlen: 24
103.84.253.0/24 maxlen: 24
103.84.254.0/23 maxlen: 23
103.84.254.0/24 maxlen: 24
103.84.255.0/24 maxlen: 24
2400:a540::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1291 (0x50b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9180161, serialNumber=C9522C38B95E1981D83DAF3A7635B3190940FC5B
Validity
Not Before: Mar 20 23:34:48 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67dca618-932c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:15:eb:2c:d3:dd:4d:b3:a9:0b:4f:c9:eb:9e:
06:7e:a6:a5:5c:c0:d2:6d:84:07:ae:43:05:b3:91:
b8:14:10:af:d2:b7:a9:a2:20:1a:f6:fe:fe:63:8a:
f2:69:f5:8f:bb:8b:49:03:8e:61:af:fe:21:5f:49:
d1:b6:7a:9d:12:9d:5a:bd:26:4c:e2:b0:ff:41:c6:
fa:37:b6:12:12:05:62:ee:eb:2c:9b:77:8a:3d:70:
46:10:e9:b3:f8:56:8e:43:4c:07:a8:45:16:d0:9e:
c0:10:a2:7b:b9:0f:7e:64:ef:12:54:01:4a:60:8e:
ec:2e:88:51:1b:4d:00:64:4c:31:ff:21:d1:42:ef:
e7:34:e4:87:85:15:55:0a:2d:64:d2:04:54:ca:28:
ba:f4:79:3f:e1:18:9d:ed:5d:e2:f8:72:e2:52:c2:
2c:36:16:2c:4c:09:94:5e:2a:ac:aa:00:c0:f1:76:
47:a3:23:07:48:16:c7:4a:5b:ac:be:c7:14:df:6e:
57:63:4f:a0:48:b3:38:0e:90:57:c3:21:75:93:7e:
28:5b:fb:d7:f9:f4:02:3f:35:e2:37:93:4d:b9:88:
e0:b1:84:e9:92:bc:b1:31:04:74:bf:ca:17:e9:12:
03:56:c8:1f:47:b6:8c:35:e9:c2:97:16:b9:30:0f:
c3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:F9:24:BA:DF:85:0C:D9:E5:9B:F8:9E:15:F9:B1:9C:5C:A7:14:CA
X509v3 Authority Key Identifier:
keyid:C9:52:2C:38:B9:5E:19:81:D8:3D:AF:3A:76:35:B3:19:09:40:FC:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9180161/78309E24FF2011EBA06F520DC4F9AE02/yVIsOLleGYHYPa86djWzGQlA_Fs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yVIsOLleGYHYPa86djWzGQlA_Fs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9180161/78309E24FF2011EBA06F520DC4F9AE02/7EE8D4EAFF2311EB9FF89E53C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.84.252.0/22
IPv6:
2400:a540::/32
Signature Algorithm: sha256WithRSAEncryption
ad:09:f6:ec:08:e2:02:53:dc:47:b2:39:8f:59:7a:72:64:e8:
bc:9d:60:44:13:0e:c1:aa:e4:90:0a:a4:cc:73:9f:a1:28:f8:
15:5f:ef:55:b4:00:b3:6c:91:da:d8:76:64:5b:04:3b:d0:16:
24:dd:f1:39:29:a4:b7:15:e1:d9:df:9d:1f:22:ef:9d:de:9f:
2c:00:21:09:69:89:ce:a2:72:29:6b:e9:9d:08:9d:5f:c5:a8:
a9:a5:ba:3a:a3:97:35:67:4e:ad:4f:7f:f6:b2:13:7d:89:6d:
93:f0:c1:69:62:b2:84:17:16:d7:2c:56:49:83:29:4f:08:f2:
44:c8:af:06:fd:40:b7:fc:a6:28:85:9c:e7:1d:e2:68:0d:e5:
c5:a0:cf:f7:58:65:01:d5:a2:84:cb:d5:b2:93:46:2a:db:72:
9b:39:07:81:61:5e:ab:8c:ae:1c:eb:71:92:4c:80:90:3f:ef:
0b:7d:ac:c1:96:92:da:7b:d1:b6:22:ee:bc:8b:94:9e:14:a6:
67:56:ec:8b:48:02:ae:39:c8:7a:63:97:7b:e3:9d:f4:ea:70:
51:d4:95:56:4d:0a:b3:30:39:d0:74:4a:d2:49:2d:b0:8b:79:
c6:ab:62:b3:7f:75:d9:15:0d:71:cf:c2:1e:86:fd:01:a6:b1:
30:28:5c:ca
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBQswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODAxNjExMTAvBgNVBAUTKEM5NTIyQzM4Qjk1RTE5ODFEODNEQUYzQTc2MzVCMzE5
MDk0MEZDNUIwHhcNMjUwMzIwMjMzNDQ4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjYTYxOC05MzJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsxXrLNPdTbOpC0/J654GfqalXMDSbYQHrkMFs5G4FBCv0repoiAa9v7+Y4ry
afWPu4tJA45hr/4hX0nRtnqdEp1avSZM4rD/Qcb6N7YSEgVi7ussm3eKPXBGEOmz
+FaOQ0wHqEUW0J7AEKJ7uQ9+ZO8SVAFKYI7sLohRG00AZEwx/yHRQu/nNOSHhRVV
Ci1k0gRUyii69Hk/4Rid7V3i+HLiUsIsNhYsTAmUXiqsqgDA8XZHoyMHSBbHSlus
vscU325XY0+gSLM4DpBXwyF1k34oW/vX+fQCPzXiN5NNuYjgsYTpkryxMQR0v8oX
6RIDVsgfR7aMNenClxa5MA/DbQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFKz5JLrf
hQzZ5Zv4nhX5sZxcpxTKMB8GA1UdIwQYMBaAFMlSLDi5XhmB2D2vOnY1sxkJQPxb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDE2MS83ODMwOUUyNEZG
MjAxMUVCQTA2RjUyMERDNEY5QUUwMi95VklzT0xsZUdZSFlQYTg2ZGpXekdRbEFf
RnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lWSXNPTGxlR1lIWVBhODZkald6R1FsQV9Gcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODAxNjEvNzgzMDlFMjRGRjIwMTFFQkEwNkY1MjBEQzRGOUFFMDIvN0VFOEQ0RUFG
RjIzMTFFQjlGRjg5RTUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnVPwwDQQCAAIwBwMFACQApUAwDQYJKoZIhvcNAQELBQAD
ggEBAK0J9uwI4gJT3EeyOY9ZenJk6LydYEQTDsGq5JAKpMxzn6Eo+BVf71W0ALNs
kdrYdmRbBDvQFiTd8TkppLcV4dnfnR8i753enywAIQlpic6icilr6Z0InV/FqKml
ujqjlzVnTq1Pf/ayE32JbZPwwWlisoQXFtcsVkmDKU8I8kTIrwb9QLf8piiFnOcd
4mgN5cWgz/dYZQHVooTL1bKTRirbcps5B4FhXquMrhzrcZJMgJA/7wt9rMGWktp7
0bYi7ryLlJ4UpmdW7ItIAq45yHpjl3vjnfTqcFHUlVZNCrMwOdB0StJJLbCLecar
YrN/ddkVDXHPwh6G/QGmsTAoXMo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:01:24 2025 by rpki-client