Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0874095A5A0711EF87269177C4F9AE02.roa
File: 0874095A5A0711EF87269177C4F9AE02.roa (raw, json)
Hash identifier: SYS54myjQatqi8CPAD0VOghEQ/6ZIHS1PXAg9j9877A=
Subject key identifier: 9A:F3:4D:CE:40:CA:EF:60:D0:FA:23:C0:E0:CC:8A:AC:90:E0:77:CF
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 96C3
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0874095A5A0711EF87269177C4F9AE02.roa
Signing time: Wed 14 Aug 2024 06:32:52 +0000
ROA not before: Wed 14 Aug 2024 06:32:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133661
IP address blocks: 101.0.32.0/22 maxlen: 24
101.0.37.0/24 maxlen: 24
103.73.148.0/24 maxlen: 24
103.73.149.0/24 maxlen: 24
103.73.150.0/24 maxlen: 24
103.110.248.0/22 maxlen: 24
103.114.64.0/22 maxlen: 24
103.118.8.0/22 maxlen: 24
103.142.198.0/24 maxlen: 24
103.163.14.0/24 maxlen: 24
103.165.72.0/23 maxlen: 24
103.165.76.0/23 maxlen: 24
103.165.88.0/23 maxlen: 24
103.166.214.0/23 maxlen: 24
103.167.154.0/23 maxlen: 24
103.167.182.0/23 maxlen: 24
103.167.212.0/23 maxlen: 24
103.167.224.0/23 maxlen: 24
103.167.238.0/23 maxlen: 24
103.168.0.0/23 maxlen: 24
103.168.22.0/24 maxlen: 24
103.168.32.0/23 maxlen: 24
103.168.60.0/23 maxlen: 24
103.169.242.0/23 maxlen: 24
103.170.36.0/23 maxlen: 24
103.170.38.0/23 maxlen: 24
103.170.84.0/23 maxlen: 24
103.171.108.0/24 maxlen: 24
103.171.110.0/23 maxlen: 24
103.171.174.0/23 maxlen: 24
103.173.98.0/23 maxlen: 24
103.174.92.0/23 maxlen: 24
103.177.226.0/23 maxlen: 24
103.178.64.0/23 maxlen: 24
103.178.160.0/23 maxlen: 24
103.178.166.0/23 maxlen: 24
103.178.202.0/23 maxlen: 24
103.179.10.0/23 maxlen: 24
103.179.94.0/23 maxlen: 24
103.179.96.0/23 maxlen: 24
103.179.100.0/23 maxlen: 24
103.179.102.0/23 maxlen: 24
103.179.118.0/23 maxlen: 24
103.179.120.0/23 maxlen: 24
103.179.224.0/23 maxlen: 24
103.179.226.0/23 maxlen: 24
103.180.110.0/23 maxlen: 24
103.180.168.0/23 maxlen: 24
103.180.172.0/23 maxlen: 24
103.180.174.0/23 maxlen: 24
103.180.176.0/23 maxlen: 24
103.180.212.0/23 maxlen: 24
103.180.214.0/23 maxlen: 24
103.180.236.0/23 maxlen: 24
103.180.238.0/23 maxlen: 24
103.181.4.0/23 maxlen: 24
103.181.56.0/23 maxlen: 24
103.181.64.0/23 maxlen: 24
103.181.84.0/23 maxlen: 24
103.181.86.0/23 maxlen: 24
103.181.110.0/23 maxlen: 24
103.181.114.0/23 maxlen: 24
103.181.150.0/23 maxlen: 24
103.181.152.0/23 maxlen: 24
103.181.154.0/23 maxlen: 24
103.181.174.0/23 maxlen: 24
103.181.198.0/23 maxlen: 24
103.181.212.0/24 maxlen: 24
103.183.30.0/23 maxlen: 24
103.183.32.0/23 maxlen: 24
103.183.34.0/23 maxlen: 24
103.183.216.0/23 maxlen: 24
103.187.84.0/23 maxlen: 24
103.187.92.0/23 maxlen: 24
103.187.96.0/23 maxlen: 24
103.187.102.0/23 maxlen: 24
103.187.130.0/23 maxlen: 24
103.187.158.0/23 maxlen: 24
103.187.170.0/23 maxlen: 24
103.189.82.0/23 maxlen: 24
103.199.184.0/22 maxlen: 24
103.212.132.0/22 maxlen: 24
203.76.178.0/24 maxlen: 24
203.76.180.0/24 maxlen: 24
203.76.181.0/24 maxlen: 24
203.76.188.0/24 maxlen: 24
203.76.190.0/24 maxlen: 24
203.76.191.0/24 maxlen: 24
2001:df0:e400::/48 maxlen: 48
2001:df2:e200::/48 maxlen: 48
2001:df2:e600::/48 maxlen: 48
2400:7b20::/32 maxlen: 32
2404:7c80::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38595 (0x96c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Aug 14 06:32:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66bc4f94-ee1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:78:66:fe:49:70:0c:c6:19:3c:53:36:7f:53:
eb:6a:ec:05:db:49:68:4c:7c:e7:88:6f:b0:5d:34:
ae:64:30:6c:16:fe:09:88:4a:50:4e:6c:f7:51:81:
5d:a2:e0:91:82:6e:f3:12:6e:d2:4a:ec:5f:a0:bb:
30:3d:be:68:ed:e2:d8:cf:d8:61:53:07:6a:49:13:
14:c0:9a:5d:18:07:cc:d8:99:ef:d8:97:13:7e:d0:
b3:69:59:bc:4a:36:4c:4f:3f:cd:a9:76:9a:53:7f:
79:4a:15:13:d1:ce:fd:0e:db:72:6d:69:76:1b:cf:
a5:84:c1:3b:65:a4:ca:4f:59:6d:9e:da:c6:28:b1:
8c:63:f2:a5:77:e7:50:bb:3a:0c:c0:df:95:d9:d0:
64:fe:79:9e:33:8e:0c:bc:04:69:5a:ff:8b:bb:e9:
a1:81:81:96:a3:84:d6:99:8b:3b:58:1b:b0:50:b2:
15:d3:4f:22:69:51:2b:97:b1:21:40:38:22:a0:db:
c3:97:95:f7:19:bd:74:c5:87:73:f6:c3:9d:15:61:
68:58:7b:58:e0:cc:f3:03:1a:73:53:d5:8c:f9:5c:
84:3a:84:ca:e7:e1:e4:37:84:c8:4b:02:be:f6:62:
21:29:45:65:36:8b:75:3e:01:1e:24:41:ec:e7:9e:
6c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F3:4D:CE:40:CA:EF:60:D0:FA:23:C0:E0:CC:8A:AC:90:E0:77:CF
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0874095A5A0711EF87269177C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.0.32.0/22
101.0.37.0/24
103.73.148.0-103.73.150.255
103.110.248.0/22
103.114.64.0/22
103.118.8.0/22
103.142.198.0/24
103.163.14.0/24
103.165.72.0/23
103.165.76.0/23
103.165.88.0/23
103.166.214.0/23
103.167.154.0/23
103.167.182.0/23
103.167.212.0/23
103.167.224.0/23
103.167.238.0/23
103.168.0.0/23
103.168.22.0/24
103.168.32.0/23
103.168.60.0/23
103.169.242.0/23
103.170.36.0/22
103.170.84.0/23
103.171.108.0/24
103.171.110.0/23
103.171.174.0/23
103.173.98.0/23
103.174.92.0/23
103.177.226.0/23
103.178.64.0/23
103.178.160.0/23
103.178.166.0/23
103.178.202.0/23
103.179.10.0/23
103.179.94.0-103.179.97.255
103.179.100.0/22
103.179.118.0-103.179.121.255
103.179.224.0/22
103.180.110.0/23
103.180.168.0/23
103.180.172.0-103.180.177.255
103.180.212.0/22
103.180.236.0/22
103.181.4.0/23
103.181.56.0/23
103.181.64.0/23
103.181.84.0/22
103.181.110.0/23
103.181.114.0/23
103.181.150.0-103.181.155.255
103.181.174.0/23
103.181.198.0/23
103.181.212.0/24
103.183.30.0-103.183.35.255
103.183.216.0/23
103.187.84.0/23
103.187.92.0/23
103.187.96.0/23
103.187.102.0/23
103.187.130.0/23
103.187.158.0/23
103.187.170.0/23
103.189.82.0/23
103.199.184.0/22
103.212.132.0/22
203.76.178.0/24
203.76.180.0/23
203.76.188.0/24
203.76.190.0/23
IPv6:
2001:df0:e400::/48
2001:df2:e200::/48
2001:df2:e600::/48
2400:7b20::/32
2404:7c80::/32
Signature Algorithm: sha256WithRSAEncryption
3c:f8:bc:e2:a2:65:17:f9:51:7e:63:eb:06:0d:78:d0:5f:5b:
0d:94:b1:b0:3f:07:8e:aa:f8:09:31:7d:54:13:8b:96:74:db:
9f:2d:a1:5c:8a:ab:e5:e4:8c:0d:18:4f:02:60:d8:8e:7c:a1:
4a:56:e3:20:35:ce:0d:73:16:74:86:be:f4:26:f9:63:6f:7e:
b5:8c:c0:ab:94:7b:63:80:d6:34:a5:c5:2b:52:88:36:8e:fa:
e2:6a:79:36:4d:c2:3b:6b:96:d1:b5:ea:44:75:77:90:7c:34:
9c:70:b2:75:85:b8:da:33:f9:e3:fb:7e:ad:85:cb:92:c3:5a:
e2:c2:0a:6f:01:ab:a9:1a:d6:44:d1:6a:0c:b8:79:32:fd:a4:
83:14:4b:f6:ec:e8:62:39:bd:28:fd:60:2b:95:c3:93:50:17:
51:d6:74:b9:5d:b6:ef:a9:4d:14:f5:c8:2f:42:9b:da:84:11:
61:6e:ea:66:56:c7:56:47:c4:55:19:2d:d5:c5:c1:9d:93:78:
38:26:f8:80:ae:82:9d:5e:b3:87:79:ef:d2:e5:67:82:89:fc:
46:a1:6d:fe:bf:52:cb:66:e7:4f:7f:5a:86:c4:ad:0c:f5:93:
27:db:69:c4:7c:c3:0c:26:75:d0:08:ee:37:51:04:0f:5f:ad:
4a:11:11:27
-----BEGIN CERTIFICATE-----
MIIHezCCBmOgAwIBAgIDAJbDMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDgxNDA2MzI1MloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjZiYzRmOTQtZWUxYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKx4Zv5JcAzGGTxTNn9T62rsBdtJaEx854hvsF00rmQwbBb+CYhKUE5s91GB
XaLgkYJu8xJu0krsX6C7MD2+aO3i2M/YYVMHakkTFMCaXRgHzNiZ79iXE37Qs2lZ
vEo2TE8/zal2mlN/eUoVE9HO/Q7bcm1pdhvPpYTBO2Wkyk9ZbZ7axiixjGPypXfn
ULs6DMDfldnQZP55njOODLwEaVr/i7vpoYGBlqOE1pmLO1gbsFCyFdNPImlRK5ex
IUA4IqDbw5eV9xm9dMWHc/bDnRVhaFh7WODM8wMac1PVjPlchDqEyufh5DeEyEsC
vvZiISlFZTaLdT4BHiRB7OeebA8CAwEAAaOCBJ4wggSaMB0GA1UdDgQWBBSa803O
QMrvYND6I8DgzIqskOB3zzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzA4NzQwOTVB
NUEwNzExRUY4NzI2OTE3N0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIICJgYIKwYBBQUHAQcB
Af8EggIVMIICETCCAdwEAgABMIIB1AMEAmUAIAMEAGUAJTAMAwQCZ0mUAwQAZ0mW
AwQCZ274AwQCZ3JAAwQCZ3YIAwQAZ47GAwQAZ6MOAwQBZ6VIAwQBZ6VMAwQBZ6VY
AwQBZ6bWAwQBZ6eaAwQBZ6e2AwQBZ6fUAwQBZ6fgAwQBZ6fuAwQBZ6gAAwQAZ6gW
AwQBZ6ggAwQBZ6g8AwQBZ6nyAwQCZ6okAwQBZ6pUAwQAZ6tsAwQBZ6tuAwQBZ6uu
AwQBZ61iAwQBZ65cAwQBZ7HiAwQBZ7JAAwQBZ7KgAwQBZ7KmAwQBZ7LKAwQBZ7MK
MAwDBAFns14DBAFns2ADBAJns2QwDAMEAWezdgMEAWezeAMEAmez4AMEAWe0bgME
AWe0qDAMAwQCZ7SsAwQBZ7SwAwQCZ7TUAwQCZ7TsAwQBZ7UEAwQBZ7U4AwQBZ7VA
AwQCZ7VUAwQBZ7VuAwQBZ7VyMAwDBAFntZYDBAJntZgDBAFnta4DBAFntcYDBABn
tdQwDAMEAWe3HgMEAme3IAMEAWe32AMEAWe7VAMEAWe7XAMEAWe7YAMEAWe7ZgME
AWe7ggMEAWe7ngMEAWe7qgMEAWe9UgMEAmfHuAMEAmfUhAMEAMtMsgMEActMtAME
AMtMvAMEActMvjAvBAIAAjApAwcAIAEN8OQAAwcAIAEN8uIAAwcAIAEN8uYAAwUA
JAB7IAMFACQEfIAwDQYJKoZIhvcNAQELBQADggEBADz4vOKiZRf5UX5j6wYNeNBf
Ww2UsbA/B46q+AkxfVQTi5Z0258toVyKq+XkjA0YTwJg2I58oUpW4yA1zg1zFnSG
vvQm+WNvfrWMwKuUe2OA1jSlxStSiDaO+uJqeTZNwjtrltG16kR1d5B8NJxwsnWF
uNoz+eP7fq2Fy5LDWuLCCm8Bq6ka1kTRagy4eTL9pIMUS/bs6GI5vSj9YCuVw5NQ
F1HWdLldtu+pTRT1yC9Cm9qEEWFu6mZWx1ZHxFUZLdXFwZ2TeDgm+ICugp1es4d5
79LlZ4KJ/Eahbf6/Ustm509/WobErQz1kyfbacR8wwwmddAI7jdRBA9frUoRESc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:19:44 2025 by rpki-client