Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/0599D9E4ADA911EF984B7F0CC4F9AE02.roa
File: 0599D9E4ADA911EF984B7F0CC4F9AE02.roa (raw, json)
Hash identifier: OdYPb6jPXAtrHn3aBQD7ilS2ZlouVmdcpSfi1ZzNpFE=
Subject key identifier: 17:24:2B:81:AF:39:57:B9:D1:73:80:EC:1C:C6:B7:16:99:A1:8D:45
Certificate issuer: /CN=A91AB6EB/serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A
Certificate serial: 0A67
Authority key identifier: FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/0599D9E4ADA911EF984B7F0CC4F9AE02.roa
Signing time: Thu 28 Nov 2024 16:51:33 +0000
ROA not before: Thu 28 Nov 2024 16:51:33 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 55714
IP address blocks: 103.17.200.0/22 maxlen: 22
103.17.200.0/24 maxlen: 24
103.17.201.0/24 maxlen: 24
103.17.202.0/24 maxlen: 24
103.17.203.0/24 maxlen: 24
110.34.32.0/24 maxlen: 24
110.34.33.0/24 maxlen: 24
110.34.34.0/24 maxlen: 24
110.34.35.0/24 maxlen: 24
110.34.36.0/24 maxlen: 24
110.34.37.0/24 maxlen: 24
110.34.38.0/24 maxlen: 24
110.34.39.0/24 maxlen: 24
192.135.90.0/24 maxlen: 24
192.135.91.0/24 maxlen: 24
192.144.78.0/24 maxlen: 24
192.144.79.0/24 maxlen: 24
2406:f500::/32 maxlen: 32
2406:f500::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2663 (0xa67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AB6EB, serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A
Validity
Not Before: Nov 28 16:51:33 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=67489f94-963a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f4:b9:f8:ab:43:33:7d:da:f4:ac:2d:3f:14:
69:26:1c:66:47:24:30:a6:08:7e:dd:31:d3:3a:e6:
99:a8:36:59:13:20:ca:82:dd:b4:76:17:e4:f2:8a:
b1:4c:bf:97:33:36:ae:84:e0:34:4d:35:8a:2f:c4:
43:51:b5:57:54:cc:aa:14:0b:0c:b0:0f:ee:87:ed:
71:22:50:5c:56:7c:6b:a4:66:77:01:ea:90:67:78:
c5:4f:a4:98:d6:a5:c5:9b:06:3f:5e:54:0a:53:a1:
21:ff:ef:df:b1:ea:c9:f1:ad:79:18:94:aa:7c:fa:
ff:91:e0:3a:f8:db:dc:c9:ef:21:e2:18:a1:71:7f:
81:cc:e3:0b:b4:34:0d:2b:d2:01:46:d9:50:60:73:
45:ea:8f:bc:ec:a4:b9:6f:0b:60:cb:1b:a2:07:e9:
09:6a:59:0e:bd:57:ce:b8:cf:c0:33:37:b4:90:02:
6a:9e:53:d6:d5:f3:96:9b:81:3f:32:93:89:ba:0f:
81:58:60:d5:e1:3d:61:d0:aa:23:b4:cb:75:65:57:
c2:ff:59:ae:d5:60:2e:05:d1:37:3d:9a:7c:05:1a:
19:38:7c:81:99:1a:20:25:3d:da:56:10:10:20:d7:
4d:eb:d7:0f:9b:36:d2:ef:ca:ce:7a:39:dd:91:1e:
ec:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:24:2B:81:AF:39:57:B9:D1:73:80:EC:1C:C6:B7:16:99:A1:8D:45
X509v3 Authority Key Identifier:
keyid:FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/_JvUY9Aun9Lfw8Oa5M1asyJljCo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/0599D9E4ADA911EF984B7F0CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.17.200.0/22
110.34.32.0/21
192.135.90.0/23
192.144.78.0/23
IPv6:
2406:f500::/32
Signature Algorithm: sha256WithRSAEncryption
1e:d6:61:4d:37:79:c4:23:10:e7:19:9e:b9:f8:c0:2a:54:ec:
25:f9:4b:d7:ee:04:4d:2d:50:51:c1:f1:0a:9e:c9:aa:62:88:
87:7e:7f:d1:e3:8c:6f:e5:90:24:a6:3a:56:d8:5d:80:19:0c:
80:01:36:bd:d4:ef:5a:fb:11:09:96:35:17:60:d6:c4:69:9f:
34:b7:36:46:c5:fd:09:2d:e5:67:a9:57:44:f5:17:00:32:4c:
fb:a8:f2:b8:8e:35:87:63:e2:2f:4c:9b:93:e6:70:52:7d:2f:
d6:c8:5f:ff:87:ea:4b:c4:0b:c4:2b:8b:21:5e:4b:bd:d3:43:
36:86:e6:19:ab:01:09:cc:9a:03:10:3e:fa:40:fe:e4:f7:c1:
b1:b6:3a:ef:b7:35:bb:51:cb:8d:ef:3a:cc:ab:47:ff:57:1b:
08:a7:9f:bf:02:b2:d4:0b:88:93:33:97:62:2a:3f:b9:a9:6d:
f8:05:e2:75:38:ca:3f:be:ea:87:c4:bd:17:05:ed:29:b5:f9:
e1:5f:7b:21:99:85:84:fc:32:5d:cc:56:00:46:05:72:f1:91:
21:7c:00:9c:b5:50:13:ad:61:98:94:d4:d2:e2:4c:b0:36:da:
4b:1f:79:57:d0:65:73:b3:a7:10:e3:0e:21:8a:1c:2d:27:4d:
95:89:c3:6e
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICCmcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUI2RUIxMTAvBgNVBAUTKEZDOUJENDYzRDAyRTlGRDJERkMzQzM5QUU0Q0Q1QUIz
MjI2NThDMkEwHhcNMjQxMTI4MTY1MTMzWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ4OWY5NC05NjNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3vS5+KtDM33a9KwtPxRpJhxmRyQwpgh+3THTOuaZqDZZEyDKgt20dhfk8oqx
TL+XMzauhOA0TTWKL8RDUbVXVMyqFAsMsA/uh+1xIlBcVnxrpGZ3AeqQZ3jFT6SY
1qXFmwY/XlQKU6Eh/+/fserJ8a15GJSqfPr/keA6+Nvcye8h4hihcX+BzOMLtDQN
K9IBRtlQYHNF6o+87KS5bwtgyxuiB+kJalkOvVfOuM/AMze0kAJqnlPW1fOWm4E/
MpOJug+BWGDV4T1h0KojtMt1ZVfC/1mu1WAuBdE3PZp8BRoZOHyBmRogJT3aVhAQ
INdN69cPmzbS78rOejndkR7s8QIDAQABo4ICtjCCArIwHQYDVR0OBBYEFBckK4Gv
OVe50XOA7BzGtxaZoY1FMB8GA1UdIwQYMBaAFPyb1GPQLp/S38PDmuTNWrMiZYwq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjZFQi8wMTM5MUIwMDhF
MkIxMUVBQkY4NkRBNENDNEY5QUUwMi9fSnZVWTlBdW45TGZ3OE9hNU0xYXN5Smxq
Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19KdlVZOUF1bjlMZnc4T2E1TTFhc3lKbGpDby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUI2RUIvMDEzOTFCMDA4RTJCMTFFQUJGODZEQTRDQzRGOUFFMDIvMDU5OUQ5RTRB
REE5MTFFRjk4NEI3RjBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAJnEcgDBANuIiADBAHAh1oDBAHAkE4wDQQCAAIwBwMFACQG
9QAwDQYJKoZIhvcNAQELBQADggEBAB7WYU03ecQjEOcZnrn4wCpU7CX5S9fuBE0t
UFHB8QqeyapiiId+f9HjjG/lkCSmOlbYXYAZDIABNr3U71r7EQmWNRdg1sRpnzS3
NkbF/Qkt5WepV0T1FwAyTPuo8riONYdj4i9Mm5PmcFJ9L9bIX/+H6kvEC8QriyFe
S73TQzaG5hmrAQnMmgMQPvpA/uT3wbG2Ou+3NbtRy43vOsyrR/9XGwinn78CstQL
iJMzl2IqP7mpbfgF4nU4yj++6ofEvRcF7Sm1+eFfeyGZhYT8Ml3MVgBGBXLxkSF8
AJy1UBOtYZiU1NLiTLA22ksfeVfQZXOzpxDjDiGKHC0nTZWJw24=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:19:29 2025 by rpki-client