Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0BF97CCC34C311EF83285535C4F9AE02.roa
File: 0BF97CCC34C311EF83285535C4F9AE02.roa (raw, json)
Hash identifier: zidoxBBTvby1NMqeCq66ObcD7Rs8h4ow6HefDM79stw=
Subject key identifier: F6:11:55:02:BC:81:9B:E3:CD:AD:09:53:A4:E5:5A:DF:EC:AA:04:A9
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 95AD
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0BF97CCC34C311EF83285535C4F9AE02.roa
Signing time: Tue 30 Jul 2024 12:10:34 +0000
ROA not before: Tue 30 Jul 2024 12:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 43.225.0.0/22 maxlen: 24
45.112.192.0/22 maxlen: 24
45.115.92.0/22 maxlen: 24
103.14.197.0/24 maxlen: 24
103.27.168.0/24 maxlen: 24
103.27.170.0/23 maxlen: 23
103.47.152.0/24 maxlen: 24
103.51.92.0/22 maxlen: 24
103.52.48.0/22 maxlen: 24
103.55.84.0/22 maxlen: 24
103.68.206.0/23 maxlen: 24
103.108.76.0/22 maxlen: 24
103.142.64.0/23 maxlen: 24
103.171.236.0/23 maxlen: 24
103.180.216.0/23 maxlen: 24
103.182.214.0/23 maxlen: 24
103.183.132.0/23 maxlen: 24
103.183.134.0/23 maxlen: 24
103.183.136.0/23 maxlen: 24
103.183.160.0/23 maxlen: 24
103.183.162.0/23 maxlen: 24
103.183.164.0/23 maxlen: 24
103.183.166.0/23 maxlen: 24
103.183.168.0/23 maxlen: 24
103.183.170.0/23 maxlen: 24
103.183.172.0/23 maxlen: 24
103.183.174.0/23 maxlen: 24
103.183.176.0/23 maxlen: 24
103.183.196.0/23 maxlen: 24
103.183.200.0/23 maxlen: 24
103.183.206.0/23 maxlen: 24
103.183.210.0/23 maxlen: 24
103.183.222.0/23 maxlen: 24
103.183.224.0/23 maxlen: 24
103.183.234.0/23 maxlen: 24
103.183.236.0/23 maxlen: 24
103.184.4.0/23 maxlen: 24
103.184.6.0/23 maxlen: 24
103.184.8.0/23 maxlen: 24
103.184.34.0/23 maxlen: 24
103.184.38.0/23 maxlen: 24
103.184.116.0/23 maxlen: 24
103.184.140.0/23 maxlen: 24
103.184.142.0/23 maxlen: 24
103.184.158.0/23 maxlen: 24
103.184.160.0/23 maxlen: 24
103.184.198.0/23 maxlen: 24
103.184.200.0/23 maxlen: 24
103.184.202.0/23 maxlen: 24
103.184.226.0/23 maxlen: 24
103.185.180.0/23 maxlen: 24
103.186.38.0/23 maxlen: 24
103.187.50.0/23 maxlen: 24
103.187.60.0/23 maxlen: 24
103.187.72.0/23 maxlen: 24
103.190.56.0/23 maxlen: 24
103.200.48.0/22 maxlen: 24
103.226.224.0/22 maxlen: 24
103.228.172.0/24 maxlen: 24
103.228.173.0/24 maxlen: 24
103.228.174.0/24 maxlen: 24
103.228.175.0/24 maxlen: 24
203.191.56.0/22 maxlen: 24
2400:d180:66::/48 maxlen: 48
2400:d180:67::/48 maxlen: 48
2400:d180:68::/48 maxlen: 48
2400:d180:69::/48 maxlen: 48
2400:d180:70::/48 maxlen: 48
2400:d180:71::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38317 (0x95ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jul 30 12:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66a8d83a-27a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f4:84:88:8b:3e:3b:e0:d2:62:87:2f:f4:e3:
7e:05:c6:3c:6e:e9:86:24:eb:a5:76:b2:9f:8d:83:
0b:56:e1:62:33:32:fb:a9:4b:f9:66:8f:75:0c:fe:
9e:71:ec:d2:6c:c2:98:45:5c:d6:45:30:10:45:4d:
63:5f:5e:bb:68:6c:35:89:cd:19:46:c9:91:69:d3:
9b:82:73:e9:6d:35:77:43:b4:c2:8e:7a:a3:46:71:
5e:09:9e:c4:f7:3f:3e:9c:56:ff:85:10:31:6b:7d:
72:51:b2:65:10:0f:d7:36:42:be:cd:66:c6:59:c7:
5f:08:29:91:7a:36:88:ee:53:6d:52:75:a3:7d:a3:
c8:e1:09:2f:6c:33:d2:a9:3e:c3:42:29:07:13:da:
07:de:ec:74:62:ef:5c:c0:68:f0:32:9b:43:c8:d2:
d5:d8:b1:ee:b2:b4:bc:78:e7:06:4c:70:c4:83:06:
e5:60:ed:9b:b9:7a:6c:ef:1f:4c:09:3c:05:f1:54:
70:b8:9a:18:f6:06:d4:e4:79:e0:33:81:4b:20:22:
61:14:97:80:71:0b:4b:91:5b:38:f3:13:30:15:33:
13:e0:f1:3c:9b:3f:ff:89:e0:2b:df:77:6d:89:fb:
75:21:93:02:46:68:96:7b:16:de:f1:7a:9a:73:bc:
09:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:11:55:02:BC:81:9B:E3:CD:AD:09:53:A4:E5:5A:DF:EC:AA:04:A9
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0BF97CCC34C311EF83285535C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.0.0/22
45.112.192.0/22
45.115.92.0/22
103.14.197.0/24
103.27.168.0/24
103.27.170.0/23
103.47.152.0/24
103.51.92.0/22
103.52.48.0/22
103.55.84.0/22
103.68.206.0/23
103.108.76.0/22
103.142.64.0/23
103.171.236.0/23
103.180.216.0/23
103.182.214.0/23
103.183.132.0-103.183.137.255
103.183.160.0-103.183.177.255
103.183.196.0/23
103.183.200.0/23
103.183.206.0/23
103.183.210.0/23
103.183.222.0-103.183.225.255
103.183.234.0-103.183.237.255
103.184.4.0-103.184.9.255
103.184.34.0/23
103.184.38.0/23
103.184.116.0/23
103.184.140.0/22
103.184.158.0-103.184.161.255
103.184.198.0-103.184.203.255
103.184.226.0/23
103.185.180.0/23
103.186.38.0/23
103.187.50.0/23
103.187.60.0/23
103.187.72.0/23
103.190.56.0/23
103.200.48.0/22
103.226.224.0/22
103.228.172.0/22
203.191.56.0/22
IPv6:
2400:d180:66::-2400:d180:69:ffff:ffff:ffff:ffff:ffff
2400:d180:70::/47
Signature Algorithm: sha256WithRSAEncryption
1a:69:98:1f:d7:1a:9a:8b:dd:ab:c0:2b:6c:c3:66:75:ab:bf:
8f:55:ca:f3:48:6d:1a:a7:1b:ab:a3:90:1a:68:12:c8:d4:0e:
ae:81:99:a7:bc:d2:c4:87:8d:6f:29:1e:42:ca:6f:d1:12:4f:
87:d8:c2:50:77:90:a2:c5:df:f4:14:89:e6:86:76:31:04:32:
13:0e:dc:01:0d:2d:6d:dd:5c:ac:5e:3b:28:77:5d:bc:33:65:
17:d6:9b:70:c7:a8:45:be:f1:e3:11:13:bc:c1:ea:4e:1d:c6:
3d:5c:e8:a9:1e:a1:8e:2e:06:98:06:a8:20:e8:e1:c9:6a:87:
f9:66:bc:d5:4e:ff:ab:e4:87:e5:bc:6b:6d:e0:4f:f0:29:45:
b4:75:f7:f4:97:e5:01:b7:fb:4f:fa:13:a1:05:f3:08:73:d3:
e2:18:1c:6d:2a:f4:10:aa:ea:1e:84:ae:a1:32:f6:f4:87:32:
32:7d:0e:c7:a4:17:26:bb:f5:21:af:c7:35:b6:03:98:70:ea:
d7:6c:70:ae:86:18:90:e8:d7:f8:9d:0b:2c:92:07:6d:63:d3:
da:16:3a:35:00:7c:79:73:31:65:c6:60:62:a7:dc:c1:43:d1:
2d:fc:a5:b2:e6:9b:fd:d0:6e:45:16:30:c2:94:a6:ff:37:a2:
d8:a6:fd:4b
-----BEGIN CERTIFICATE-----
MIIGzzCCBbegAwIBAgIDAJWtMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDczMDEyMTAzNFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjZhOGQ4M2EtMjdhMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ70hIiLPjvg0mKHL/TjfgXGPG7phiTrpXayn42DC1bhYjMy+6lL+WaPdQz+
nnHs0mzCmEVc1kUwEEVNY19eu2hsNYnNGUbJkWnTm4Jz6W01d0O0wo56o0ZxXgme
xPc/PpxW/4UQMWt9clGyZRAP1zZCvs1mxlnHXwgpkXo2iO5TbVJ1o32jyOEJL2wz
0qk+w0IpBxPaB97sdGLvXMBo8DKbQ8jS1dix7rK0vHjnBkxwxIMG5WDtm7l6bO8f
TAk8BfFUcLiaGPYG1OR54DOBSyAiYRSXgHELS5FbOPMTMBUzE+DxPJs//4ngK993
bYn7dSGTAkZolnsW3vF6mnO8CdkCAwEAAaOCA/IwggPuMB0GA1UdDgQWBBT2EVUC
vIGb482tCVOk5Vrf7KoEqTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzBCRjk3Q0ND
MzRDMzExRUY4MzI4NTUzNUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBegYIKwYBBQUHAQcB
Af8EggFpMIIBZTCCATwEAgABMIIBNAMEAivhAAMEAi1wwAMEAi1zXAMEAGcOxQME
AGcbqAMEAWcbqgMEAGcvmAMEAmczXAMEAmc0MAMEAmc3VAMEAWdEzgMEAmdsTAME
AWeOQAMEAWer7AMEAWe02AMEAWe21jAMAwQCZ7eEAwQBZ7eIMAwDBAVnt6ADBAFn
t7ADBAFnt8QDBAFnt8gDBAFnt84DBAFnt9IwDAMEAWe33gMEAWe34DAMAwQBZ7fq
AwQBZ7fsMAwDBAJnuAQDBAFnuAgDBAFnuCIDBAFnuCYDBAFnuHQDBAJnuIwwDAME
AWe4ngMEAWe4oDAMAwQBZ7jGAwQCZ7jIAwQBZ7jiAwQBZ7m0AwQBZ7omAwQBZ7sy
AwQBZ7s8AwQBZ7tIAwQBZ744AwQCZ8gwAwQCZ+LgAwQCZ+SsAwQCy784MCMEAgAC
MB0wEgMHASQA0YAAZgMHASQA0YAAaAMHASQA0YAAcDANBgkqhkiG9w0BAQsFAAOC
AQEAGmmYH9camovdq8ArbMNmdau/j1XK80htGqcbq6OQGmgSyNQOroGZp7zSxIeN
bykeQspv0RJPh9jCUHeQosXf9BSJ5oZ2MQQyEw7cAQ0tbd1crF47KHddvDNlF9ab
cMeoRb7x4xETvMHqTh3GPVzoqR6hji4GmAaoIOjhyWqH+Wa81U7/q+SH5bxrbeBP
8ClFtHX39JflAbf7T/oToQXzCHPT4hgcbSr0EKrqHoSuoTL29IcyMn0Ox6QXJrv1
Ia/HNbYDmHDq12xwroYYkOjX+J0LLJIHbWPT2hY6NQB8eXMxZcZgYqfcwUPRLfyl
suab/dBuRRYwwpSm/zei2Kb9Sw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:00:48 2025 by rpki-client