Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2293079AA5A311EF898D1A65C4F9AE02.roa
File: 2293079AA5A311EF898D1A65C4F9AE02.roa (raw, json)
Hash identifier: 7f3rtu3vOW0znKaoLZoxG2d5xMETpcXhymHT7thyKP4=
Subject key identifier: DF:F1:DF:F1:21:16:A6:DD:50:06:CD:97:90:AB:7C:CF:D4:0C:57:BC
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9F58
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2293079AA5A311EF898D1A65C4F9AE02.roa
Signing time: Tue 17 Dec 2024 06:40:20 +0000
ROA not before: Tue 17 Dec 2024 06:40:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138296
IP address blocks: 103.2.190.0/23 maxlen: 24
103.31.140.0/23 maxlen: 24
103.31.142.0/23 maxlen: 24
103.31.220.0/23 maxlen: 24
103.41.32.0/22 maxlen: 24
103.93.192.0/22 maxlen: 24
103.111.69.0/24 maxlen: 24
103.111.70.0/24 maxlen: 24
103.111.71.0/24 maxlen: 24
103.115.154.0/23 maxlen: 24
103.119.82.0/23 maxlen: 24
103.119.172.0/23 maxlen: 24
103.123.154.0/23 maxlen: 24
103.123.224.0/22 maxlen: 24
103.124.22.0/23 maxlen: 24
103.124.122.0/23 maxlen: 24
103.127.116.0/23 maxlen: 24
103.127.252.0/24 maxlen: 24
103.132.100.0/23 maxlen: 24
103.134.4.0/22 maxlen: 24
103.143.8.0/23 maxlen: 23
103.143.8.0/24 maxlen: 24
103.143.9.0/24 maxlen: 24
103.157.178.0/23 maxlen: 24
103.157.222.0/23 maxlen: 24
103.158.48.0/23 maxlen: 24
103.163.190.0/23 maxlen: 24
103.167.176.0/23 maxlen: 24
103.171.210.0/23 maxlen: 24
103.172.86.0/23 maxlen: 24
103.172.156.0/23 maxlen: 24
103.173.120.0/23 maxlen: 24
103.173.205.0/24 maxlen: 24
103.173.244.0/24 maxlen: 24
103.173.245.0/24 maxlen: 24
103.174.244.0/23 maxlen: 24
103.175.60.0/23 maxlen: 24
103.179.46.0/23 maxlen: 24
103.179.232.0/24 maxlen: 24
103.179.236.0/23 maxlen: 24
103.181.54.0/23 maxlen: 24
103.190.212.0/24 maxlen: 24
103.190.213.0/24 maxlen: 24
103.195.80.0/23 maxlen: 24
103.204.132.0/22 maxlen: 24
103.206.26.0/23 maxlen: 24
103.207.90.0/23 maxlen: 24
103.208.90.0/23 maxlen: 24
103.209.72.0/23 maxlen: 24
103.212.172.0/23 maxlen: 24
103.215.184.0/23 maxlen: 24
103.217.138.0/23 maxlen: 24
103.218.106.0/23 maxlen: 24
103.218.180.0/23 maxlen: 24
103.218.184.0/23 maxlen: 24
103.218.186.0/23 maxlen: 24
103.220.232.0/23 maxlen: 24
103.225.30.0/23 maxlen: 24
103.225.116.0/23 maxlen: 24
103.227.104.0/23 maxlen: 24
103.228.72.0/23 maxlen: 24
103.229.90.0/23 maxlen: 24
103.244.24.0/23 maxlen: 24
103.244.94.0/23 maxlen: 24
110.44.10.0/24 maxlen: 24
110.44.11.0/24 maxlen: 24
2001:df2:380::/48 maxlen: 48
2400:4fe0::/32 maxlen: 32
2404:58c0::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40792 (0x9f58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Dec 17 06:40:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67611cd4-028b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a6:a2:ac:6c:7c:2b:45:97:44:7c:c5:9b:0f:
16:df:e2:a5:71:c9:d7:3b:30:4f:22:39:ce:39:7a:
52:d7:6a:29:83:94:52:5c:a4:e5:4c:78:a2:db:b6:
6b:15:db:ae:14:73:62:cb:2b:1d:ec:f9:d2:53:77:
aa:27:f8:b7:1a:f3:35:d1:84:c1:4c:09:b1:bd:3e:
82:34:83:84:7c:28:8e:91:83:64:67:27:ef:7e:11:
cf:00:b5:c2:96:c6:24:e8:9e:dd:2e:fa:c0:ca:b0:
9a:99:87:e0:30:ad:f1:b1:cb:90:eb:92:b6:d3:02:
b1:aa:35:e4:f2:33:55:9d:92:ab:53:c5:0b:a7:a4:
d5:92:aa:cf:dd:b1:eb:eb:45:64:fb:4b:60:f7:8d:
56:ff:53:bc:fb:6e:8e:42:b0:bb:78:8e:7d:9b:73:
76:cd:41:e7:28:5d:d7:82:5a:2e:e1:50:2d:95:35:
c0:96:4d:93:fa:93:53:22:a6:45:a1:b7:68:d7:38:
8c:8e:07:50:5e:68:76:c8:19:e4:1d:e7:cf:16:59:
b2:74:64:c9:e2:8c:28:16:69:82:19:79:ef:8f:94:
d7:d2:93:04:ae:25:b1:88:ee:ae:3f:3f:23:79:95:
ef:88:9c:35:f3:88:72:a0:9c:44:3d:b9:60:2a:1a:
6b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:F1:DF:F1:21:16:A6:DD:50:06:CD:97:90:AB:7C:CF:D4:0C:57:BC
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2293079AA5A311EF898D1A65C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.2.190.0/23
103.31.140.0/22
103.31.220.0/23
103.41.32.0/22
103.93.192.0/22
103.111.69.0-103.111.71.255
103.115.154.0/23
103.119.82.0/23
103.119.172.0/23
103.123.154.0/23
103.123.224.0/22
103.124.22.0/23
103.124.122.0/23
103.127.116.0/23
103.127.252.0/24
103.132.100.0/23
103.134.4.0/22
103.143.8.0/23
103.157.178.0/23
103.157.222.0/23
103.158.48.0/23
103.163.190.0/23
103.167.176.0/23
103.171.210.0/23
103.172.86.0/23
103.172.156.0/23
103.173.120.0/23
103.173.205.0/24
103.173.244.0/23
103.174.244.0/23
103.175.60.0/23
103.179.46.0/23
103.179.232.0/24
103.179.236.0/23
103.181.54.0/23
103.190.212.0/23
103.195.80.0/23
103.204.132.0/22
103.206.26.0/23
103.207.90.0/23
103.208.90.0/23
103.209.72.0/23
103.212.172.0/23
103.215.184.0/23
103.217.138.0/23
103.218.106.0/23
103.218.180.0/23
103.218.184.0/22
103.220.232.0/23
103.225.30.0/23
103.225.116.0/23
103.227.104.0/23
103.228.72.0/23
103.229.90.0/23
103.244.24.0/23
103.244.94.0/23
110.44.10.0/23
IPv6:
2001:df2:380::/48
2400:4fe0::/32
2404:58c0::/48
Signature Algorithm: sha256WithRSAEncryption
1b:75:48:34:90:0a:61:0a:87:1b:a3:b7:73:77:5d:70:ea:ac:
7d:b8:a4:c5:e8:41:a8:e3:df:d6:62:3e:c4:f3:7f:3b:a4:8c:
bc:58:16:cd:39:cd:96:2a:d5:06:54:cf:29:89:5c:8b:d5:ce:
4f:dc:7a:ec:53:95:4e:f6:9e:0c:f9:58:c8:a3:0d:4e:ab:81:
57:1a:aa:9b:23:ce:f2:2d:c6:cd:2e:3f:6d:db:cf:69:ab:78:
96:1e:bc:c7:74:b5:34:6e:0a:60:9f:29:c7:67:70:25:0c:d7:
a8:24:95:0b:c8:9d:5e:93:49:0c:8e:82:11:a2:88:3e:32:07:
4a:12:43:b9:bb:8e:69:70:bf:47:50:e2:8b:7e:a1:99:89:d5:
e7:35:a0:63:70:09:69:d7:00:8f:08:f4:4a:cf:36:16:8e:f1:
36:86:22:70:2d:b6:8f:82:2b:f4:80:06:a3:de:ca:68:6e:c1:
22:89:9f:36:5d:af:06:93:ff:8d:e5:5c:ea:7e:ac:b9:39:a3:
2c:58:50:a8:7a:35:bd:13:60:ed:ff:d3:58:3f:89:01:9c:2e:
14:31:53:0a:ae:d6:fe:57:0c:15:22:44:2c:5e:51:c5:01:58:
3f:ac:85:13:cd:6d:e6:a6:a7:7e:1d:67:43:d7:34:c2:5f:3a:
eb:45:c7:9e
-----BEGIN CERTIFICATE-----
MIIG9TCCBd2gAwIBAgIDAJ9YMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTIxNzA2NDAyMFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc2MTFjZDQtMDI4YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+moqxsfCtFl0R8xZsPFt/ipXHJ1zswTyI5zjl6UtdqKYOUUlyk5Ux4otu2
axXbrhRzYssrHez50lN3qif4txrzNdGEwUwJsb0+gjSDhHwojpGDZGcn734RzwC1
wpbGJOie3S76wMqwmpmH4DCt8bHLkOuSttMCsao15PIzVZ2Sq1PFC6ek1ZKqz92x
6+tFZPtLYPeNVv9TvPtujkKwu3iOfZtzds1B5yhd14JaLuFQLZU1wJZNk/qTUyKm
RaG3aNc4jI4HUF5odsgZ5B3nzxZZsnRkyeKMKBZpghl574+U19KTBK4lsYjurj8/
I3mV74icNfOIcqCcRD25YCoaa58CAwEAAaOCBBgwggQUMB0GA1UdDgQWBBTf8d/x
IRam3VAGzZeQq3zP1AxXvDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzIyOTMwNzlB
QTVBMzExRUY4OThEMUE2NUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBoAYIKwYBBQUHAQcB
Af8EggGPMIIBizCCAWYEAgABMIIBXgMEAWcCvgMEAmcfjAMEAWcf3AMEAmcpIAME
AmddwDAMAwQAZ29FAwQDZ29AAwQBZ3OaAwQBZ3dSAwQBZ3esAwQBZ3uaAwQCZ3vg
AwQBZ3wWAwQBZ3x6AwQBZ390AwQAZ3/8AwQBZ4RkAwQCZ4YEAwQBZ48IAwQBZ52y
AwQBZ53eAwQBZ54wAwQBZ6O+AwQBZ6ewAwQBZ6vSAwQBZ6xWAwQBZ6ycAwQBZ614
AwQAZ63NAwQBZ630AwQBZ670AwQBZ688AwQBZ7MuAwQAZ7PoAwQBZ7PsAwQBZ7U2
AwQBZ77UAwQBZ8NQAwQCZ8yEAwQBZ84aAwQBZ89aAwQBZ9BaAwQBZ9FIAwQBZ9Ss
AwQBZ9e4AwQBZ9mKAwQBZ9pqAwQBZ9q0AwQCZ9q4AwQBZ9zoAwQBZ+EeAwQBZ+F0
AwQBZ+NoAwQBZ+RIAwQBZ+VaAwQBZ/QYAwQBZ/ReAwQBbiwKMB8EAgACMBkDBwAg
AQ3yA4ADBQAkAE/gAwcAJARYwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQAbdUg0kAph
Cocbo7dzd11w6qx9uKTF6EGo49/WYj7E8387pIy8WBbNOc2WKtUGVM8piVyL1c5P
3HrsU5VO9p4M+VjIow1Oq4FXGqqbI87yLcbNLj9t289pq3iWHrzHdLU0bgpgnynH
Z3AlDNeoJJULyJ1ek0kMjoIRoog+MgdKEkO5u45pcL9HUOKLfqGZidXnNaBjcAlp
1wCPCPRKzzYWjvE2hiJwLbaPgiv0gAaj3spobsEiiZ82Xa8Gk/+N5Vzqfqy5OaMs
WFCoejW9E2Dt/9NYP4kBnC4UMVMKrtb+VwwVIkQsXlHFAVg/rIUTzW3mpqd+HWdD
1zTCXzrrRcee
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:04:13 2025 by rpki-client