Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0D4BF828B20111EFB05B2B38C4F9AE02.roa
File: 0D4BF828B20111EFB05B2B38C4F9AE02.roa (raw, json)
Hash identifier: h4Xc2zTuzXQ7UMgYTOZ/Yzj+kyrtrQ+PxCry7Q8iXPQ=
Subject key identifier: ED:80:2E:04:EF:6E:D6:80:24:63:0B:56:C8:2A:E2:75:FB:AB:6C:9D
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9E91
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0D4BF828B20111EFB05B2B38C4F9AE02.roa
Signing time: Wed 04 Dec 2024 05:31:46 +0000
ROA not before: Wed 04 Dec 2024 05:31:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18002
IP address blocks: 14.102.0.0/22 maxlen: 24
14.102.0.0/24 maxlen: 24
14.102.1.0/24 maxlen: 24
14.102.2.0/24 maxlen: 24
14.102.3.0/24 maxlen: 24
14.102.22.0/23 maxlen: 24
14.102.22.0/24 maxlen: 24
14.102.23.0/24 maxlen: 24
14.102.24.0/22 maxlen: 24
14.102.24.0/24 maxlen: 24
14.102.25.0/24 maxlen: 24
14.102.26.0/24 maxlen: 24
14.102.27.0/24 maxlen: 24
14.102.28.0/22 maxlen: 24
14.102.28.0/24 maxlen: 24
14.102.29.0/24 maxlen: 24
14.102.30.0/24 maxlen: 24
14.102.31.0/24 maxlen: 24
14.102.32.0/22 maxlen: 24
14.102.32.0/24 maxlen: 24
14.102.33.0/24 maxlen: 24
14.102.34.0/24 maxlen: 24
14.102.35.0/24 maxlen: 24
14.102.36.0/23 maxlen: 24
14.102.36.0/24 maxlen: 24
14.102.37.0/24 maxlen: 24
14.102.38.0/24 maxlen: 24
14.102.40.0/22 maxlen: 24
14.102.40.0/24 maxlen: 24
14.102.41.0/24 maxlen: 24
14.102.42.0/24 maxlen: 24
14.102.43.0/24 maxlen: 24
14.102.44.0/24 maxlen: 24
14.102.45.0/24 maxlen: 24
14.102.48.0/24 maxlen: 24
14.102.50.0/24 maxlen: 24
14.102.56.0/23 maxlen: 24
14.102.56.0/24 maxlen: 24
14.102.57.0/24 maxlen: 24
14.102.59.0/24 maxlen: 24
14.102.64.0/22 maxlen: 24
14.102.64.0/24 maxlen: 24
14.102.65.0/24 maxlen: 24
14.102.66.0/24 maxlen: 24
14.102.67.0/24 maxlen: 24
14.102.68.0/22 maxlen: 24
14.102.68.0/24 maxlen: 24
14.102.69.0/24 maxlen: 24
14.102.70.0/24 maxlen: 24
14.102.71.0/24 maxlen: 24
14.102.72.0/22 maxlen: 24
14.102.72.0/24 maxlen: 24
14.102.73.0/24 maxlen: 24
14.102.74.0/24 maxlen: 24
14.102.75.0/24 maxlen: 24
14.102.76.0/23 maxlen: 24
14.102.78.0/24 maxlen: 24
14.102.80.0/22 maxlen: 24
14.102.80.0/24 maxlen: 24
14.102.81.0/24 maxlen: 24
14.102.82.0/24 maxlen: 24
14.102.83.0/24 maxlen: 24
14.102.88.0/24 maxlen: 24
14.102.91.0/24 maxlen: 24
14.102.92.0/22 maxlen: 24
14.102.92.0/24 maxlen: 24
14.102.93.0/24 maxlen: 24
14.102.95.0/24 maxlen: 24
14.102.96.0/23 maxlen: 24
14.102.96.0/24 maxlen: 24
14.102.97.0/24 maxlen: 24
14.102.99.0/24 maxlen: 24
14.102.100.0/23 maxlen: 24
14.102.103.0/24 maxlen: 24
14.102.104.0/22 maxlen: 24
14.102.104.0/24 maxlen: 24
14.102.105.0/24 maxlen: 24
14.102.106.0/23 maxlen: 24
14.102.108.0/22 maxlen: 24
14.102.108.0/24 maxlen: 24
14.102.109.0/24 maxlen: 24
14.102.110.0/24 maxlen: 24
14.102.111.0/24 maxlen: 24
14.102.112.0/22 maxlen: 24
14.102.112.0/24 maxlen: 24
14.102.113.0/24 maxlen: 24
14.102.114.0/24 maxlen: 24
14.102.115.0/24 maxlen: 24
14.102.116.0/22 maxlen: 24
14.102.116.0/24 maxlen: 24
14.102.117.0/24 maxlen: 24
14.102.118.0/24 maxlen: 24
14.102.119.0/24 maxlen: 24
14.102.120.0/22 maxlen: 24
14.102.120.0/24 maxlen: 24
14.102.121.0/24 maxlen: 24
14.102.122.0/24 maxlen: 24
14.102.123.0/24 maxlen: 24
14.102.125.0/24 maxlen: 24
14.102.126.0/23 maxlen: 24
14.102.126.0/24 maxlen: 24
14.102.127.0/24 maxlen: 24
43.245.136.0/22 maxlen: 24
43.251.212.0/22 maxlen: 24
61.14.228.0/23 maxlen: 24
61.14.231.0/24 maxlen: 24
103.5.200.0/22 maxlen: 24
103.59.189.0/24 maxlen: 24
103.87.100.0/22 maxlen: 24
103.122.84.0/24 maxlen: 24
103.158.131.0/24 maxlen: 24
103.160.24.0/24 maxlen: 24
103.175.72.0/24 maxlen: 24
103.175.73.0/24 maxlen: 24
103.176.8.0/23 maxlen: 24
110.172.130.0/23 maxlen: 24
110.172.132.0/24 maxlen: 24
110.172.134.0/23 maxlen: 24
110.172.136.0/24 maxlen: 24
110.172.138.0/23 maxlen: 24
110.172.140.0/24 maxlen: 24
110.172.145.0/24 maxlen: 24
110.172.147.0/24 maxlen: 24
110.172.150.0/24 maxlen: 24
110.172.151.0/24 maxlen: 24
110.172.152.0/22 maxlen: 24
110.172.156.0/22 maxlen: 24
110.172.160.0/22 maxlen: 24
110.172.164.0/24 maxlen: 24
110.172.166.0/23 maxlen: 24
110.172.168.0/24 maxlen: 24
110.172.170.0/23 maxlen: 24
110.172.174.0/23 maxlen: 24
110.172.177.0/24 maxlen: 24
110.172.178.0/23 maxlen: 24
110.172.184.0/22 maxlen: 24
111.235.64.0/22 maxlen: 24
114.69.228.0/22 maxlen: 24
114.69.232.0/24 maxlen: 24
114.69.234.0/24 maxlen: 24
114.69.235.0/24 maxlen: 24
114.69.240.0/24 maxlen: 24
114.69.242.0/23 maxlen: 24
114.69.248.0/23 maxlen: 24
114.69.252.0/22 maxlen: 24
118.91.176.0/23 maxlen: 24
118.91.178.0/24 maxlen: 24
118.91.189.0/24 maxlen: 24
118.91.191.0/24 maxlen: 24
150.107.192.0/22 maxlen: 24
202.89.64.0/24 maxlen: 24
202.89.65.0/24 maxlen: 24
202.89.66.0/24 maxlen: 24
202.89.67.0/24 maxlen: 24
202.89.68.0/24 maxlen: 24
202.89.69.0/24 maxlen: 24
202.89.70.0/24 maxlen: 24
202.89.71.0/24 maxlen: 24
202.89.72.0/24 maxlen: 24
202.89.74.0/24 maxlen: 24
202.89.76.0/24 maxlen: 24
202.89.77.0/24 maxlen: 24
202.89.78.0/24 maxlen: 24
202.89.79.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40593 (0x9e91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Dec 4 05:31:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=674fe942-61c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ad:38:08:52:17:49:fd:82:a8:95:80:a9:96:
1b:b0:64:73:4f:db:7a:a7:80:2c:16:bd:92:a7:ad:
de:c8:44:8b:8c:48:3d:48:08:9c:77:d3:e7:4a:51:
78:e6:13:ef:bf:8c:4a:de:5c:87:1f:f2:d4:71:49:
dd:6e:65:96:33:72:a3:1d:31:d9:f2:86:d0:dc:04:
d3:2b:cf:ec:85:c1:9f:d1:73:a8:ae:e1:65:a2:6c:
67:76:5c:a3:ff:80:01:b7:ff:b9:29:7f:0f:f0:fd:
33:84:c7:10:f2:29:7c:d6:d9:2b:44:75:3e:89:c3:
eb:8e:64:04:f2:18:bd:45:6f:7b:41:57:36:53:b2:
43:b7:a0:92:55:c9:9b:97:f0:a6:a5:a9:ae:53:63:
d5:a8:16:a5:e3:47:68:bc:eb:16:fb:db:fd:f6:c3:
84:ad:22:69:b3:ac:93:be:d9:77:e0:45:ed:8d:b3:
d8:73:c7:bc:97:44:79:2a:c1:5f:18:4c:c2:21:98:
51:47:83:5f:39:db:07:e7:d0:00:a3:78:b7:0e:d7:
d4:7e:59:8b:d2:00:ad:0b:36:2b:fc:42:ae:34:c1:
7a:af:1b:8d:e1:c6:86:ed:cd:c3:c5:54:64:6b:2b:
5a:47:cd:be:c6:ce:2c:2c:ca:3c:c7:1c:dc:2d:86:
48:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:80:2E:04:EF:6E:D6:80:24:63:0B:56:C8:2A:E2:75:FB:AB:6C:9D
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0D4BF828B20111EFB05B2B38C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.0.0/22
14.102.22.0-14.102.38.255
14.102.40.0-14.102.45.255
14.102.48.0/24
14.102.50.0/24
14.102.56.0/23
14.102.59.0/24
14.102.64.0-14.102.78.255
14.102.80.0/22
14.102.88.0/24
14.102.91.0-14.102.97.255
14.102.99.0-14.102.101.255
14.102.103.0-14.102.123.255
14.102.125.0-14.102.127.255
43.245.136.0/22
43.251.212.0/22
61.14.228.0/23
61.14.231.0/24
103.5.200.0/22
103.59.189.0/24
103.87.100.0/22
103.122.84.0/24
103.158.131.0/24
103.160.24.0/24
103.175.72.0/23
103.176.8.0/23
110.172.130.0-110.172.132.255
110.172.134.0-110.172.136.255
110.172.138.0-110.172.140.255
110.172.145.0/24
110.172.147.0/24
110.172.150.0-110.172.164.255
110.172.166.0-110.172.168.255
110.172.170.0/23
110.172.174.0/23
110.172.177.0-110.172.179.255
110.172.184.0/22
111.235.64.0/22
114.69.228.0-114.69.232.255
114.69.234.0/23
114.69.240.0/24
114.69.242.0/23
114.69.248.0/23
114.69.252.0/22
118.91.176.0-118.91.178.255
118.91.189.0/24
118.91.191.0/24
150.107.192.0/22
202.89.64.0-202.89.72.255
202.89.74.0/24
202.89.76.0/22
Signature Algorithm: sha256WithRSAEncryption
68:03:37:b1:2c:a2:22:55:0c:5d:8f:fb:6a:6d:c7:f2:19:e7:
7e:93:7d:a6:ff:0e:94:91:e7:2b:99:9d:ad:ca:0b:e0:8f:27:
6f:d1:82:34:90:48:de:da:0f:cb:55:06:d4:54:9c:a6:8d:10:
5f:b6:44:fc:62:4c:05:48:35:bb:fa:ed:20:eb:69:85:ac:85:
34:22:0e:b4:af:1f:5f:38:e8:05:54:68:b6:4d:60:76:ef:95:
5b:7f:3e:8f:d8:8f:a8:c0:b4:32:2a:8a:e5:43:bb:ca:08:2d:
88:db:b7:fc:f5:74:0c:ba:c6:11:3d:21:70:7d:66:d2:89:83:
dc:30:10:2c:ae:bb:04:d9:7a:0c:4f:8c:e2:35:6d:05:9f:33:
57:da:ea:aa:aa:f5:52:b0:35:a0:f3:33:27:99:a9:ba:43:42:
76:6b:f9:82:c8:fd:5f:a5:6a:6f:48:87:0e:af:38:49:c2:84:
71:f2:e1:ca:aa:68:5e:04:e7:9a:1f:cd:ca:c7:4c:6b:87:94:
16:41:88:b4:74:20:30:da:7f:fc:e1:a9:7f:4a:74:2a:d5:f2:
ed:03:48:ef:01:d9:6c:84:99:a2:26:ad:17:00:62:d1:2f:08:
00:ce:6b:dd:4f:2f:82:ce:6a:49:c6:c2:86:08:4b:54:d6:c7:
93:e7:fd:13
-----BEGIN CERTIFICATE-----
MIIHKDCCBhCgAwIBAgIDAJ6RMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTIwNDA1MzE0NloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc0ZmU5NDItNjFjMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKitOAhSF0n9gqiVgKmWG7Bkc0/beqeALBa9kqet3shEi4xIPUgInHfT50pR
eOYT77+MSt5chx/y1HFJ3W5lljNyox0x2fKG0NwE0yvP7IXBn9FzqK7hZaJsZ3Zc
o/+AAbf/uSl/D/D9M4THEPIpfNbZK0R1PonD645kBPIYvUVve0FXNlOyQ7egklXJ
m5fwpqWprlNj1agWpeNHaLzrFvvb/fbDhK0iabOsk77Zd+BF7Y2z2HPHvJdEeSrB
XxhMwiGYUUeDXznbB+fQAKN4tw7X1H5Zi9IArQs2K/xCrjTBeq8bjeHGhu3Nw8VU
ZGsrWkfNvsbOLCzKPMcc3C2GSLUCAwEAAaOCBEswggRHMB0GA1UdDgQWBBTtgC4E
727WgCRjC1bIKuJ1+6tsnTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzBENEJGODI4
QjIwMTExRUZCMDVCMkIzOEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIB0wYIKwYBBQUHAQcB
Af8EggHCMIIBvjCCAboEAgABMIIBsgMEAg5mADAMAwQBDmYWAwQADmYmMAwDBAMO
ZigDBAEOZiwDBAAOZjADBAAOZjIDBAEOZjgDBAAOZjswDAMEBg5mQAMEAA5mTgME
Ag5mUAMEAA5mWDAMAwQADmZbAwQBDmZgMAwDBAAOZmMDBAEOZmQwDAMEAA5mZwME
Ag5meDAMAwQADmZ9AwQHDmYAAwQCK/WIAwQCK/vUAwQBPQ7kAwQAPQ7nAwQCZwXI
AwQAZzu9AwQCZ1dkAwQAZ3pUAwQAZ56DAwQAZ6AYAwQBZ69IAwQBZ7AIMAwDBAFu
rIIDBABurIQwDAMEAW6shgMEAG6siDAMAwQBbqyKAwQAbqyMAwQAbqyRAwQAbqyT
MAwDBAFurJYDBABurKQwDAMEAW6spgMEAG6sqAMEAW6sqgMEAW6srjAMAwQAbqyx
AwQCbqywAwQCbqy4AwQCb+tAMAwDBAJyReQDBAByRegDBAFyReoDBAByRfADBAFy
RfIDBAFyRfgDBAJyRfwwDAMEBHZbsAMEAHZbsgMEAHZbvQMEAHZbvwMEApZrwDAM
AwQGyllAAwQAyllIAwQAyllKAwQCyllMMA0GCSqGSIb3DQEBCwUAA4IBAQBoAzex
LKIiVQxdj/tqbcfyGed+k32m/w6UkecrmZ2tygvgjydv0YI0kEje2g/LVQbUVJym
jRBftkT8YkwFSDW7+u0g62mFrIU0Ig60rx9fOOgFVGi2TWB275Vbfz6P2I+owLQy
KorlQ7vKCC2I27f89XQMusYRPSFwfWbSiYPcMBAsrrsE2XoMT4ziNW0FnzNX2uqq
qvVSsDWg8zMnmam6Q0J2a/mCyP1fpWpvSIcOrzhJwoRx8uHKqmheBOeaH83Kx0xr
h5QWQYi0dCAw2n/84al/SnQq1fLtA0jvAdlshJmiJq0XAGLRLwgAzmvdTy+CzmpJ
xsKGCEtU1seT5/0T
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:29:57 2025 by rpki-client