Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91743EF/E6ABB010BA4011E7A08D266FC4F9AE02/E74E9A827A0611EEABDB745AC4F9AE02.roa
File: E74E9A827A0611EEABDB745AC4F9AE02.roa (raw, json)
Hash identifier: IE3fvZt6hGIwRHLXX37m2t1J85SHvfKHR3Vf3cbqUBI=
Subject key identifier: 25:E2:9E:02:6D:57:7F:81:AE:AB:66:7D:BD:FB:4B:71:D0:E7:88:D6
Certificate issuer: /CN=A91743EF/serialNumber=D1D65C8A4324E287F6EA915B39F5D3602D1E37A6
Certificate serial: 16E0
Authority key identifier: D1:D6:5C:8A:43:24:E2:87:F6:EA:91:5B:39:F5:D3:60:2D:1E:37:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0dZcikMk4of26pFbOfXTYC0eN6Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91743EF/E6ABB010BA4011E7A08D266FC4F9AE02/E74E9A827A0611EEABDB745AC4F9AE02.roa
Signing time: Fri 03 Nov 2023 05:07:36 +0000
ROA not before: Fri 03 Nov 2023 05:07:36 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 17747
IP address blocks: 103.199.224.0/24 maxlen: 24
103.199.225.0/24 maxlen: 24
103.199.226.0/24 maxlen: 24
103.199.227.0/24 maxlen: 24
150.107.8.0/23 maxlen: 24
202.142.64.0/24 maxlen: 24
202.142.65.0/24 maxlen: 24
202.142.66.0/24 maxlen: 24
202.142.67.0/24 maxlen: 24
202.142.68.0/24 maxlen: 24
202.142.69.0/24 maxlen: 24
202.142.70.0/24 maxlen: 24
202.142.71.0/24 maxlen: 24
202.142.72.0/24 maxlen: 24
202.142.73.0/24 maxlen: 24
202.142.74.0/24 maxlen: 24
202.142.75.0/24 maxlen: 24
202.142.76.0/24 maxlen: 24
202.142.77.0/24 maxlen: 24
202.142.78.0/24 maxlen: 24
202.142.79.0/24 maxlen: 24
202.142.80.0/24 maxlen: 24
202.142.81.0/24 maxlen: 24
202.142.82.0/24 maxlen: 24
202.142.83.0/24 maxlen: 24
202.142.84.0/24 maxlen: 24
202.142.85.0/24 maxlen: 24
202.142.86.0/24 maxlen: 24
202.142.87.0/24 maxlen: 24
202.142.88.0/24 maxlen: 24
202.142.89.0/24 maxlen: 24
202.142.90.0/24 maxlen: 24
202.142.91.0/24 maxlen: 24
202.142.92.0/24 maxlen: 24
202.142.93.0/24 maxlen: 24
202.142.94.0/24 maxlen: 24
202.142.95.0/24 maxlen: 24
202.142.96.0/24 maxlen: 24
202.142.97.0/24 maxlen: 24
202.142.98.0/24 maxlen: 24
202.142.99.0/24 maxlen: 24
202.142.100.0/24 maxlen: 24
202.142.101.0/24 maxlen: 24
202.142.102.0/24 maxlen: 24
202.142.103.0/24 maxlen: 24
202.142.104.0/24 maxlen: 24
202.142.105.0/24 maxlen: 24
202.142.106.0/24 maxlen: 24
202.142.107.0/24 maxlen: 24
202.142.108.0/23 maxlen: 23
202.142.109.0/24 maxlen: 24
202.142.110.0/24 maxlen: 24
202.142.111.0/24 maxlen: 24
202.142.112.0/24 maxlen: 24
202.142.113.0/24 maxlen: 24
202.142.114.0/24 maxlen: 24
202.142.115.0/24 maxlen: 24
202.142.116.0/24 maxlen: 24
202.142.117.0/24 maxlen: 24
202.142.118.0/24 maxlen: 24
202.142.119.0/24 maxlen: 24
202.142.120.0/24 maxlen: 24
202.142.121.0/24 maxlen: 24
202.142.122.0/24 maxlen: 24
202.142.123.0/24 maxlen: 24
202.142.124.0/24 maxlen: 24
202.142.125.0/24 maxlen: 24
202.142.126.0/24 maxlen: 24
202.142.127.0/24 maxlen: 24
203.81.240.0/24 maxlen: 24
203.81.241.0/24 maxlen: 24
203.81.242.0/24 maxlen: 24
203.81.243.0/24 maxlen: 24
2402:ea80::/32 maxlen: 32
2402:ea80::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5856 (0x16e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91743EF
Validity
Not Before: Nov 3 05:07:36 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=65448018-ec71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1e:d0:fe:06:8f:f2:23:6d:73:f7:b5:b9:fe:
99:34:e3:57:55:3f:f8:e7:d7:30:ad:7e:11:2c:37:
65:91:8f:b3:8a:8f:e4:cc:f7:82:9a:b6:d8:61:63:
c6:84:87:ed:83:0e:57:88:32:50:a2:0f:59:8e:06:
2a:54:8d:eb:06:c8:23:22:dd:2b:91:54:37:7e:af:
4a:0a:a0:4d:a0:5f:b0:cc:90:10:b2:6a:cd:48:09:
08:cf:dc:e2:89:f2:44:19:13:8a:60:00:b2:ef:7a:
ce:d2:bf:9b:26:77:86:c7:66:75:e2:2b:52:c3:04:
42:f1:dd:a1:cc:c4:60:e7:7f:18:c8:58:5b:2e:3a:
73:00:be:21:1b:1d:20:06:e6:88:51:bd:92:67:f6:
32:78:e8:df:f7:52:b2:72:72:96:c7:61:b2:6f:23:
11:fc:7d:46:a6:48:5d:29:f3:a3:7d:0b:d4:7c:0b:
9a:03:7a:83:d7:bf:37:5e:80:5e:7d:1c:9f:06:ee:
79:fd:f4:7e:83:94:a6:0e:95:40:1a:39:c0:7d:df:
0e:b3:4f:c2:b9:46:fc:b5:41:82:45:e8:9c:9b:71:
ef:2f:6f:87:37:e6:12:b0:a0:e4:d5:70:2b:8c:9e:
22:6e:83:d4:84:21:ea:e9:45:1b:84:fa:9b:e8:03:
66:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:E2:9E:02:6D:57:7F:81:AE:AB:66:7D:BD:FB:4B:71:D0:E7:88:D6
X509v3 Authority Key Identifier:
keyid:D1:D6:5C:8A:43:24:E2:87:F6:EA:91:5B:39:F5:D3:60:2D:1E:37:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91743EF/E6ABB010BA4011E7A08D266FC4F9AE02/0dZcikMk4of26pFbOfXTYC0eN6Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0dZcikMk4of26pFbOfXTYC0eN6Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91743EF/E6ABB010BA4011E7A08D266FC4F9AE02/E74E9A827A0611EEABDB745AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.199.224.0/22
150.107.8.0/23
202.142.64.0/18
203.81.240.0/22
IPv6:
2402:ea80::/32
Signature Algorithm: sha256WithRSAEncryption
41:fd:9a:9a:64:8e:66:1c:4c:c8:09:cf:20:87:8a:da:60:3a:
59:12:0d:a0:e3:10:88:d2:ca:33:5a:b8:7f:09:ba:f0:bb:0d:
da:93:90:ab:5d:e5:73:32:f6:4d:16:4c:26:00:d6:7b:27:af:
0e:d5:3c:8b:e4:e7:a7:3e:dd:63:58:e1:9b:12:33:e8:3d:e3:
34:41:f5:f8:a6:eb:f8:2e:c9:5c:b9:36:54:3c:12:b5:db:4b:
15:ee:80:5c:04:21:1d:d3:e4:8d:51:3e:d4:16:35:99:ef:d0:
1f:79:16:18:40:0c:2c:2c:a5:92:10:b2:81:8c:4f:34:a7:6a:
35:24:3c:df:08:95:74:e5:6c:ca:e3:0a:ca:93:3d:23:df:da:
89:b4:11:eb:d5:71:ba:d5:19:59:64:62:ea:32:6b:6a:bb:30:
71:93:7a:ce:f6:4d:3f:25:65:7c:bd:d2:87:3d:06:76:f4:78:
9f:89:fd:f6:f8:0f:2c:c6:bc:24:2f:d9:20:b9:92:dd:dc:2f:
91:df:99:46:94:7f:16:44:fb:e4:af:4b:15:90:af:6b:70:d9:
5a:41:af:f0:2f:0e:06:d1:a6:58:cb:36:bd:37:a5:ac:9e:fa:
c7:80:1f:04:92:62:12:2e:e6:85:b3:00:dd:ab:bc:a7:d0:71:
d4:cd:15:96
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICFuAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzQzRUYxMTAvBgNVBAUTKEQxRDY1QzhBNDMyNEUyODdGNkVBOTE1QjM5RjVEMzYw
MkQxRTM3QTYwHhcNMjMxMTAzMDUwNzM2WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ0ODAxOC1lYzcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwx7Q/gaP8iNtc/e1uf6ZNONXVT/459cwrX4RLDdlkY+zio/kzPeCmrbYYWPG
hIftgw5XiDJQog9ZjgYqVI3rBsgjIt0rkVQ3fq9KCqBNoF+wzJAQsmrNSAkIz9zi
ifJEGROKYACy73rO0r+bJneGx2Z14itSwwRC8d2hzMRg538YyFhbLjpzAL4hGx0g
BuaIUb2SZ/YyeOjf91KycnKWx2GybyMR/H1GpkhdKfOjfQvUfAuaA3qD1783XoBe
fRyfBu55/fR+g5SmDpVAGjnAfd8Os0/CuUb8tUGCReicm3HvL2+HN+YSsKDk1XAr
jJ4iboPUhCHq6UUbhPqb6ANmQwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFCXingJt
V3+Brqtmfb37S3HQ54jWMB8GA1UdIwQYMBaAFNHWXIpDJOKH9uqRWzn102AtHjem
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDNFRi9FNkFCQjAxMEJB
NDAxMUU3QTA4RDI2NkZDNEY5QUUwMi8wZFpjaWtNazRvZjI2cEZiT2ZYVFlDMGVO
NlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBkWmNpa01rNG9mMjZwRmJPZlhUWUMwZU42WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzQzRUYvRTZBQkIwMTBCQTQwMTFFN0EwOEQyNjZGQzRGOUFFMDIvRTc0RTlBODI3
QTA2MTFFRUFCREI3NDVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAJnx+ADBAGWawgDBAbKjkADBALLUfAwDQQCAAIwBwMFACQC
6oAwDQYJKoZIhvcNAQELBQADggEBAEH9mppkjmYcTMgJzyCHitpgOlkSDaDjEIjS
yjNauH8JuvC7DdqTkKtd5XMy9k0WTCYA1nsnrw7VPIvk56c+3WNY4ZsSM+g94zRB
9fim6/guyVy5NlQ8ErXbSxXugFwEIR3T5I1RPtQWNZnv0B95FhhADCwspZIQsoGM
TzSnajUkPN8IlXTlbMrjCsqTPSPf2om0EevVcbrVGVlkYuoya2q7MHGTes72TT8l
ZXy90oc9Bnb0eJ+J/fb4DyzGvCQv2SC5kt3cL5HfmUaUfxZE++SvSxWQr2tw2VpB
r/AvDgbRpljLNr03paye+seAHwSSYhIu5oWzAN2rvKfQcdTNFZY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:33:10 2025 by rpki-client