Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/074EB2724AF011EE92E2DF4EC4F9AE02.roa
File: 074EB2724AF011EE92E2DF4EC4F9AE02.roa (raw, json)
Hash identifier: kXewx/2VUBVRvEpVWbsjyh4Wc329NVrxNmwCcH6IMw0=
Subject key identifier: 84:66:6F:FE:82:EA:00:F0:56:47:89:FC:CB:A6:C4:C3:BA:67:AD:79
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7965
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/074EB2724AF011EE92E2DF4EC4F9AE02.roa
Signing time: Mon 04 Sep 2023 06:55:27 +0000
ROA not before: Mon 04 Sep 2023 06:55:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135718
IP address blocks: 36.255.156.0/24 maxlen: 24
36.255.157.0/24 maxlen: 24
36.255.158.0/24 maxlen: 24
36.255.159.0/24 maxlen: 24
103.66.112.0/24 maxlen: 24
103.66.113.0/24 maxlen: 24
103.66.114.0/24 maxlen: 24
103.66.115.0/24 maxlen: 24
103.92.120.0/22 maxlen: 24
103.101.56.0/23 maxlen: 24
103.113.35.0/24 maxlen: 24
103.119.245.0/24 maxlen: 24
103.119.246.0/24 maxlen: 24
103.119.247.0/24 maxlen: 24
103.138.105.0/24 maxlen: 24
103.145.8.0/23 maxlen: 24
103.148.164.0/24 maxlen: 24
103.159.201.0/24 maxlen: 24
103.165.87.0/24 maxlen: 24
103.172.10.0/24 maxlen: 24
103.174.144.0/23 maxlen: 24
103.182.110.0/23 maxlen: 24
103.190.238.0/24 maxlen: 24
103.204.188.0/24 maxlen: 24
103.204.189.0/24 maxlen: 24
103.204.190.0/24 maxlen: 24
103.204.191.0/24 maxlen: 24
2001:df5:f680::/48 maxlen: 48
2402:6a40::/48 maxlen: 48
2402:6a40:1::/48 maxlen: 48
2402:6a40:2::/48 maxlen: 48
2402:6a40:3::/48 maxlen: 48
2402:6a40:4::/48 maxlen: 48
2402:6a40:5::/48 maxlen: 48
2402:6a40:6::/48 maxlen: 48
2402:6a40:7::/48 maxlen: 48
2402:6a40:8::/48 maxlen: 48
2402:6a40:9::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31077 (0x7965)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Sep 4 06:55:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64f57f5f-44e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:98:36:51:66:f1:0f:f6:b2:9a:89:9d:46:a1:
29:ae:18:60:e2:c6:51:d6:1d:30:2f:28:b5:26:01:
56:bd:72:16:46:f9:cc:4a:c7:36:c0:44:2f:2b:65:
82:fb:ad:9b:85:bb:58:35:e3:78:20:06:c8:40:b6:
d3:cf:bb:68:18:9d:56:fc:35:52:10:49:d4:32:2c:
34:61:30:41:63:8b:88:57:73:56:53:dc:2f:2b:33:
6d:84:3d:e7:a9:5c:7b:83:69:cc:25:50:fe:c2:1a:
f4:06:d3:1f:f6:f4:5f:32:ec:22:91:3b:dd:b9:28:
1a:a9:b8:d2:e4:a7:68:10:e7:86:81:71:77:80:ad:
b1:f0:95:cf:ba:45:a5:72:db:9a:85:87:55:d3:9c:
3f:ee:a4:aa:7f:74:0f:7b:ec:59:01:24:72:b6:65:
ff:51:16:c6:af:76:32:87:f0:ef:21:fa:f4:d1:ed:
26:31:b8:55:3b:63:60:1a:05:a0:8e:fc:27:c5:fe:
5a:31:e8:2f:5f:25:9b:0b:54:c8:37:0b:2b:1f:08:
e4:32:27:a6:eb:48:c0:cd:7d:09:c0:b6:fc:cb:b7:
9d:e4:ce:4d:b8:10:95:3c:23:a0:68:c2:f0:23:c4:
cf:17:ac:25:85:b5:06:61:a6:8c:a8:79:5a:a2:24:
b0:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:66:6F:FE:82:EA:00:F0:56:47:89:FC:CB:A6:C4:C3:BA:67:AD:79
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/074EB2724AF011EE92E2DF4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.156.0/22
103.66.112.0/22
103.92.120.0/22
103.101.56.0/23
103.113.35.0/24
103.119.245.0-103.119.247.255
103.138.105.0/24
103.145.8.0/23
103.148.164.0/24
103.159.201.0/24
103.165.87.0/24
103.172.10.0/24
103.174.144.0/23
103.182.110.0/23
103.190.238.0/24
103.204.188.0/22
IPv6:
2001:df5:f680::/48
2402:6a40::-2402:6a40:9:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
76:2a:5b:14:67:cc:df:92:42:76:bf:f8:56:45:a4:75:b2:8c:
6a:03:97:2e:a5:34:8f:2f:ec:59:ea:dc:b9:16:21:d5:ca:ee:
df:3d:8d:c8:3c:0e:45:da:98:85:16:70:96:c1:9c:0e:43:ae:
34:da:4b:57:a1:8a:3f:b9:e0:69:f3:7f:c2:fd:c1:ce:3f:cc:
95:9a:ae:68:14:88:f2:67:5a:51:67:2e:da:44:8e:83:81:b9:
a5:d6:ca:67:ed:92:3d:00:93:62:3b:b0:cc:d7:fd:d6:c0:f8:
d4:75:6e:c2:70:53:fe:c0:73:0f:4e:ba:eb:61:82:69:db:b1:
ff:7a:10:d2:a4:3a:cd:58:5d:f8:b4:c5:5e:01:bf:a8:bc:fc:
11:8c:e1:df:73:36:c4:33:93:e7:99:07:9b:29:4f:f9:ea:bb:
6f:80:cb:62:37:58:83:cf:88:ca:bd:87:73:de:a7:3c:e3:b7:
4b:18:32:a9:f3:9b:ae:60:ca:e8:22:b3:92:08:77:3f:57:e5:
7d:36:bc:d4:03:e8:a9:93:95:fa:52:7c:e1:a8:47:e9:57:10:
60:83:38:9c:b0:56:f3:76:a5:6e:9a:45:99:f3:64:18:14:b4:
d4:01:de:a0:53:b1:cc:91:ea:93:b8:c9:fa:b7:5e:ff:8a:e7:
66:1b:5a:7e
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgICeWUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwOTA0MDY1NTI3WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY1N2Y1Zi00NGU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzJg2UWbxD/aymomdRqEprhhg4sZR1h0wLyi1JgFWvXIWRvnMSsc2wEQvK2WC
+62bhbtYNeN4IAbIQLbTz7toGJ1W/DVSEEnUMiw0YTBBY4uIV3NWU9wvKzNthD3n
qVx7g2nMJVD+whr0BtMf9vRfMuwikTvduSgaqbjS5KdoEOeGgXF3gK2x8JXPukWl
ctuahYdV05w/7qSqf3QPe+xZASRytmX/URbGr3Yyh/DvIfr00e0mMbhVO2NgGgWg
jvwnxf5aMegvXyWbC1TINwsrHwjkMiem60jAzX0JwLb8y7ed5M5NuBCVPCOgaMLw
I8TPF6wlhbUGYaaMqHlaoiSwUwIDAQABo4IDHTCCAxkwHQYDVR0OBBYEFIRmb/6C
6gDwVkeJ/MumxMO6Z615MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMDc0RUIyNzI0
QUYwMTFFRTkyRTJERjRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaYGCCsGAQUFBwEHAQH/
BIGWMIGTMG4EAgABMGgDBAIk/5wDBAJnQnADBAJnXHgDBAFnZTgDBABncSMwDAME
AGd39QMEA2d38AMEAGeKaQMEAWeRCAMEAGeUpAMEAGefyQMEAGelVwMEAGesCgME
AWeukAMEAWe2bgMEAGe+7gMEAmfMvDAhBAIAAjAbAwcAIAEN9faAMBADBQYkAmpA
AwcBJAJqQAAIMA0GCSqGSIb3DQEBCwUAA4IBAQB2KlsUZ8zfkkJ2v/hWRaR1soxq
A5cupTSPL+xZ6ty5FiHVyu7fPY3IPA5F2piFFnCWwZwOQ6402ktXoYo/ueBp83/C
/cHOP8yVmq5oFIjyZ1pRZy7aRI6Dgbml1spn7ZI9AJNiO7DM1/3WwPjUdW7CcFP+
wHMPTrrrYYJp27H/ehDSpDrNWF34tMVeAb+ovPwRjOHfczbEM5PnmQebKU/56rtv
gMtiN1iDz4jKvYdz3qc847dLGDKp85uuYMroIrOSCHc/V+V9NrzUA+ipk5X6Unzh
qEfpVxBggzicsFbzdqVumkWZ82QYFLTUAd6gU7HMkeqTuMn6t17/iudmG1p+
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:10:43 2025 by rpki-client