Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/0B1EDAEA844711EEBA826650C4F9AE02.roa
File: 0B1EDAEA844711EEBA826650C4F9AE02.roa (raw, json)
Hash identifier: eiHZCajR87yaP6gDT951jbo5wfb2+DbOcRQ9SHYqEF8=
Subject key identifier: 5D:67:D6:9D:88:52:A9:5C:FA:6A:1E:8D:F2:89:7A:B4:64:1C:BC:65
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 34C0
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/0B1EDAEA844711EEBA826650C4F9AE02.roa
Signing time: Thu 16 Nov 2023 06:11:56 +0000
ROA not before: Thu 16 Nov 2023 06:11:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38616
IP address blocks: 111.88.79.0/24 maxlen: 24
111.88.139.0/24 maxlen: 24
111.88.144.0/20 maxlen: 23
111.88.144.0/23 maxlen: 24
111.88.146.0/24 maxlen: 24
111.88.150.0/23 maxlen: 24
111.88.152.0/23 maxlen: 24
111.88.156.0/22 maxlen: 24
111.88.164.0/22 maxlen: 23
111.88.166.0/23 maxlen: 24
111.88.168.0/22 maxlen: 24
111.88.184.0/22 maxlen: 23
115.186.0.0/24 maxlen: 24
115.186.19.0/24 maxlen: 24
115.186.48.0/21 maxlen: 24
115.186.64.0/19 maxlen: 21
115.186.64.0/21 maxlen: 24
115.186.76.0/22 maxlen: 24
115.186.80.0/20 maxlen: 24
115.186.97.0/24 maxlen: 24
115.186.99.0/24 maxlen: 24
115.186.100.0/22 maxlen: 22
115.186.100.0/24 maxlen: 24
115.186.104.0/24 maxlen: 24
115.186.105.0/24 maxlen: 24
115.186.114.0/24 maxlen: 24
115.186.116.0/22 maxlen: 22
115.186.116.0/24 maxlen: 24
115.186.122.0/23 maxlen: 23
115.186.126.0/23 maxlen: 23
115.186.127.0/24 maxlen: 24
117.102.12.0/22 maxlen: 24
117.102.29.0/24 maxlen: 24
117.102.30.0/24 maxlen: 24
117.102.31.0/24 maxlen: 24
203.81.216.0/24 maxlen: 24
203.81.219.0/24 maxlen: 24
203.81.220.0/22 maxlen: 22
203.81.220.0/24 maxlen: 24
203.81.221.0/24 maxlen: 24
203.81.222.0/24 maxlen: 24
203.81.223.0/24 maxlen: 24
203.81.224.0/22 maxlen: 22
203.81.224.0/24 maxlen: 24
203.81.225.0/24 maxlen: 24
203.81.226.0/24 maxlen: 24
203.81.227.0/24 maxlen: 24
203.81.228.0/23 maxlen: 24
203.81.231.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13504 (0x34c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B, serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: Nov 16 06:11:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6555b2ac-4eaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c3:c2:60:df:31:9e:a0:dc:7a:21:45:6c:20:
cc:3b:73:fb:14:23:c2:40:42:66:e5:60:a1:89:27:
64:89:8d:2a:8c:90:ae:c9:a3:9a:07:f9:fd:a9:d4:
06:7e:fa:98:99:15:e0:dc:56:bd:bb:f7:62:1d:78:
72:42:ac:13:a0:db:58:5f:d3:fb:47:44:b0:eb:e6:
23:a8:d2:e1:02:64:b8:4b:d2:31:e4:66:c1:09:33:
d2:bd:d9:15:91:72:62:72:90:e4:f3:81:6e:9d:59:
a6:4f:1e:53:26:b8:f6:68:4b:b8:96:cb:39:ba:fa:
a5:c4:2e:8d:f5:45:96:83:d5:07:af:99:84:6a:d2:
68:c5:07:6e:98:f0:9d:2c:3c:34:76:e4:75:d5:ad:
5e:ea:3c:6c:62:26:5f:c3:b6:ff:ae:d7:13:4f:c6:
f4:e6:13:39:ae:db:64:d2:ea:89:88:fb:6f:fd:a5:
f2:9f:5f:90:75:27:e7:0d:05:92:c1:a5:69:b9:94:
c5:58:b1:74:fb:e3:1e:26:72:dc:5a:e0:bf:16:35:
45:0b:48:2c:6a:0c:71:9f:cd:e8:94:59:bd:9d:f5:
98:8d:bb:0f:7c:36:8f:d0:ba:bb:5d:9d:80:42:3d:
f2:0c:03:6a:49:02:a0:67:2d:a0:68:34:2e:3e:d7:
22:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:67:D6:9D:88:52:A9:5C:FA:6A:1E:8D:F2:89:7A:B4:64:1C:BC:65
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/0B1EDAEA844711EEBA826650C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.88.79.0/24
111.88.139.0/24
111.88.144.0/20
111.88.164.0-111.88.171.255
111.88.184.0/22
115.186.0.0/24
115.186.19.0/24
115.186.48.0/21
115.186.64.0/19
115.186.97.0/24
115.186.99.0-115.186.105.255
115.186.114.0/24
115.186.116.0/22
115.186.122.0/23
115.186.126.0/23
117.102.12.0/22
117.102.29.0-117.102.31.255
203.81.216.0/24
203.81.219.0-203.81.229.255
203.81.231.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:81:47:75:a6:1f:3c:a3:9d:f1:3e:ce:fa:45:ca:d1:1f:5d:
fe:73:70:26:c3:3d:2e:9e:86:42:7f:f1:ba:43:38:81:33:8e:
10:1e:ae:de:ea:b4:0e:b3:f9:57:24:4e:c4:24:a6:6d:d0:3e:
71:71:9b:c3:3b:36:0a:b1:af:79:5e:eb:aa:a4:2d:a4:14:78:
a1:fa:73:c5:40:1c:4b:14:75:88:06:86:52:f3:f0:30:0b:28:
50:78:51:2e:7c:15:51:ae:5d:9f:17:20:49:0b:77:dc:39:ed:
cb:6b:15:93:77:6d:3b:0e:82:5c:8f:e8:d8:61:f5:66:a2:3b:
bd:6e:2a:14:cf:59:44:9f:af:59:5a:c9:82:82:12:da:01:05:
84:b9:19:bc:63:a9:6e:a1:17:3e:05:65:4d:4e:d4:ae:7b:f9:
eb:41:c3:44:67:b3:b2:d9:e2:c5:4d:ce:77:0e:36:15:f8:9e:
a1:a9:2c:3c:e8:19:2b:74:15:ee:1a:5b:fb:30:82:36:df:76:
0a:09:ec:ad:35:5a:76:bf:e2:c8:83:4c:07:8f:4e:8f:c7:2f:
b8:28:0a:f8:30:cf:27:75:8a:a6:28:75:2b:a7:1f:5f:b8:93:
f9:87:d8:b2:25:43:e6:59:96:6c:e2:c6:9f:3c:1f:b2:65:1c:
47:d4:4d:bc
-----BEGIN CERTIFICATE-----
MIIGCDCCBPCgAwIBAgICNMAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjMxMTE2MDYxMTU2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTU1YjJhYy00ZWFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4MPCYN8xnqDceiFFbCDMO3P7FCPCQEJm5WChiSdkiY0qjJCuyaOaB/n9qdQG
fvqYmRXg3Fa9u/diHXhyQqwToNtYX9P7R0Sw6+YjqNLhAmS4S9Ix5GbBCTPSvdkV
kXJicpDk84FunVmmTx5TJrj2aEu4lss5uvqlxC6N9UWWg9UHr5mEatJoxQdumPCd
LDw0duR11a1e6jxsYiZfw7b/rtcTT8b05hM5rttk0uqJiPtv/aXyn1+QdSfnDQWS
waVpuZTFWLF0++MeJnLcWuC/FjVFC0gsagxxn83olFm9nfWYjbsPfDaP0Lq7XZ2A
Qj3yDANqSQKgZy2gaDQuPtci2QIDAQABo4IDLDCCAygwHQYDVR0OBBYEFF1n1p2I
Uqlc+moejfKJerRkHLxlMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvMEIxRURBRUE4
NDQ3MTFFRUJBODI2NjUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbUGCCsGAQUFBwEHAQH/
BIGlMIGiMIGfBAIAATCBmAMEAG9YTwMEAG9YiwMEBG9YkDAMAwQCb1ikAwQCb1io
AwQCb1i4AwQAc7oAAwQAc7oTAwQDc7owAwQFc7pAAwQAc7phMAwDBABzumMDBAFz
umgDBABzunIDBAJzunQDBAFzunoDBAFzun4DBAJ1ZgwwDAMEAHVmHQMEBXVmAAME
AMtR2DAMAwQAy1HbAwQBy1HkAwQAy1HnMA0GCSqGSIb3DQEBCwUAA4IBAQCqgUd1
ph88o53xPs76RcrRH13+c3Amwz0unoZCf/G6QziBM44QHq7e6rQOs/lXJE7EJKZt
0D5xcZvDOzYKsa95XuuqpC2kFHih+nPFQBxLFHWIBoZS8/AwCyhQeFEufBVRrl2f
FyBJC3fcOe3LaxWTd207DoJcj+jYYfVmoju9bioUz1lEn69ZWsmCghLaAQWEuRm8
Y6luoRc+BWVNTtSue/nrQcNEZ7Oy2eLFTc53DjYV+J6hqSw86BkrdBXuGlv7MII2
33YKCeytNVp2v+LIg0wHj06Pxy+4KAr4MM8ndYqmKHUrpx9fuJP5h9iyJUPmWZZs
4safPB+yZRxH1E28
-----END CERTIFICATE-----
Generated at Mon Jul 21 06:53:30 2025 by rpki-client