Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/23F7A5289CD911EFA222E77FC4F9AE02.roa
File: 23F7A5289CD911EFA222E77FC4F9AE02.roa (raw, json)
Hash identifier: OWvN2ur13YK6bJAHSabTdarmkw2w4HDex+U7MY00Kgo=
Subject key identifier: 6C:77:1F:DA:DC:CB:73:5E:71:83:14:76:77:70:37:D3:88:39:CC:A0
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9CA7
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/23F7A5289CD911EFA222E77FC4F9AE02.roa
Signing time: Thu 07 Nov 2024 07:30:32 +0000
ROA not before: Thu 07 Nov 2024 07:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18002
IP address blocks: 14.102.0.0/22 maxlen: 24
14.102.0.0/24 maxlen: 24
14.102.1.0/24 maxlen: 24
14.102.2.0/24 maxlen: 24
14.102.3.0/24 maxlen: 24
14.102.22.0/23 maxlen: 24
14.102.22.0/24 maxlen: 24
14.102.23.0/24 maxlen: 24
14.102.24.0/22 maxlen: 24
14.102.24.0/24 maxlen: 24
14.102.25.0/24 maxlen: 24
14.102.26.0/24 maxlen: 24
14.102.27.0/24 maxlen: 24
14.102.28.0/22 maxlen: 24
14.102.28.0/24 maxlen: 24
14.102.29.0/24 maxlen: 24
14.102.30.0/24 maxlen: 24
14.102.31.0/24 maxlen: 24
14.102.32.0/22 maxlen: 24
14.102.32.0/24 maxlen: 24
14.102.33.0/24 maxlen: 24
14.102.34.0/24 maxlen: 24
14.102.35.0/24 maxlen: 24
14.102.36.0/22 maxlen: 24
14.102.36.0/24 maxlen: 24
14.102.37.0/24 maxlen: 24
14.102.38.0/24 maxlen: 24
14.102.40.0/22 maxlen: 24
14.102.40.0/24 maxlen: 24
14.102.41.0/24 maxlen: 24
14.102.42.0/24 maxlen: 24
14.102.43.0/24 maxlen: 24
14.102.44.0/24 maxlen: 24
14.102.45.0/24 maxlen: 24
14.102.48.0/22 maxlen: 24
14.102.48.0/24 maxlen: 24
14.102.49.0/24 maxlen: 24
14.102.50.0/24 maxlen: 24
14.102.56.0/22 maxlen: 24
14.102.56.0/24 maxlen: 24
14.102.57.0/24 maxlen: 24
14.102.58.0/24 maxlen: 24
14.102.59.0/24 maxlen: 24
14.102.64.0/22 maxlen: 24
14.102.64.0/24 maxlen: 24
14.102.65.0/24 maxlen: 24
14.102.66.0/24 maxlen: 24
14.102.67.0/24 maxlen: 24
14.102.68.0/22 maxlen: 24
14.102.68.0/24 maxlen: 24
14.102.69.0/24 maxlen: 24
14.102.70.0/24 maxlen: 24
14.102.71.0/24 maxlen: 24
14.102.72.0/22 maxlen: 24
14.102.72.0/24 maxlen: 24
14.102.73.0/24 maxlen: 24
14.102.74.0/24 maxlen: 24
14.102.75.0/24 maxlen: 24
14.102.76.0/23 maxlen: 24
14.102.78.0/24 maxlen: 24
14.102.80.0/22 maxlen: 24
14.102.80.0/24 maxlen: 24
14.102.81.0/24 maxlen: 24
14.102.82.0/24 maxlen: 24
14.102.83.0/24 maxlen: 24
14.102.88.0/24 maxlen: 24
14.102.91.0/24 maxlen: 24
14.102.92.0/22 maxlen: 24
14.102.92.0/24 maxlen: 24
14.102.93.0/24 maxlen: 24
14.102.95.0/24 maxlen: 24
14.102.96.0/22 maxlen: 24
14.102.96.0/24 maxlen: 24
14.102.97.0/24 maxlen: 24
14.102.100.0/22 maxlen: 24
14.102.100.0/24 maxlen: 24
14.102.101.0/24 maxlen: 24
14.102.103.0/24 maxlen: 24
14.102.104.0/22 maxlen: 24
14.102.104.0/24 maxlen: 24
14.102.105.0/24 maxlen: 24
14.102.106.0/23 maxlen: 24
14.102.108.0/22 maxlen: 24
14.102.108.0/24 maxlen: 24
14.102.109.0/24 maxlen: 24
14.102.110.0/24 maxlen: 24
14.102.111.0/24 maxlen: 24
14.102.112.0/22 maxlen: 24
14.102.112.0/24 maxlen: 24
14.102.113.0/24 maxlen: 24
14.102.114.0/24 maxlen: 24
14.102.115.0/24 maxlen: 24
14.102.116.0/22 maxlen: 24
14.102.116.0/24 maxlen: 24
14.102.117.0/24 maxlen: 24
14.102.118.0/24 maxlen: 24
14.102.119.0/24 maxlen: 24
14.102.120.0/22 maxlen: 24
14.102.120.0/24 maxlen: 24
14.102.121.0/24 maxlen: 24
14.102.122.0/24 maxlen: 24
14.102.123.0/24 maxlen: 24
14.102.124.0/22 maxlen: 24
14.102.124.0/24 maxlen: 24
14.102.125.0/24 maxlen: 24
14.102.126.0/24 maxlen: 24
14.102.127.0/24 maxlen: 24
43.245.136.0/22 maxlen: 24
43.251.212.0/22 maxlen: 24
61.14.228.0/23 maxlen: 24
61.14.231.0/24 maxlen: 24
103.5.200.0/22 maxlen: 24
103.59.189.0/24 maxlen: 24
103.87.100.0/22 maxlen: 24
103.122.84.0/24 maxlen: 24
103.158.131.0/24 maxlen: 24
103.160.24.0/24 maxlen: 24
103.175.72.0/24 maxlen: 24
103.175.73.0/24 maxlen: 24
103.176.8.0/23 maxlen: 24
110.172.130.0/23 maxlen: 24
110.172.132.0/24 maxlen: 24
110.172.134.0/23 maxlen: 24
110.172.136.0/24 maxlen: 24
110.172.138.0/23 maxlen: 24
110.172.140.0/23 maxlen: 24
110.172.143.0/24 maxlen: 24
110.172.145.0/24 maxlen: 24
110.172.147.0/24 maxlen: 24
110.172.150.0/24 maxlen: 24
110.172.151.0/24 maxlen: 24
110.172.152.0/22 maxlen: 24
110.172.156.0/22 maxlen: 24
110.172.160.0/22 maxlen: 24
110.172.164.0/24 maxlen: 24
110.172.166.0/23 maxlen: 24
110.172.168.0/24 maxlen: 24
110.172.170.0/23 maxlen: 24
110.172.172.0/24 maxlen: 24
110.172.174.0/23 maxlen: 24
110.172.177.0/24 maxlen: 24
110.172.178.0/23 maxlen: 24
110.172.184.0/22 maxlen: 24
111.235.64.0/22 maxlen: 24
114.69.228.0/22 maxlen: 24
114.69.232.0/24 maxlen: 24
114.69.234.0/24 maxlen: 24
114.69.235.0/24 maxlen: 24
114.69.240.0/24 maxlen: 24
114.69.242.0/23 maxlen: 24
114.69.248.0/24 maxlen: 24
114.69.249.0/24 maxlen: 24
114.69.252.0/22 maxlen: 24
118.91.176.0/23 maxlen: 24
118.91.178.0/24 maxlen: 24
118.91.189.0/24 maxlen: 24
118.91.190.0/23 maxlen: 24
150.107.192.0/22 maxlen: 24
202.89.64.0/20 maxlen: 20
202.89.64.0/24 maxlen: 24
202.89.65.0/24 maxlen: 24
202.89.66.0/24 maxlen: 24
202.89.67.0/24 maxlen: 24
202.89.68.0/24 maxlen: 24
202.89.69.0/24 maxlen: 24
202.89.70.0/24 maxlen: 24
202.89.71.0/24 maxlen: 24
202.89.72.0/24 maxlen: 24
202.89.73.0/24 maxlen: 24
202.89.74.0/24 maxlen: 24
202.89.75.0/24 maxlen: 24
202.89.76.0/24 maxlen: 24
202.89.77.0/24 maxlen: 24
202.89.78.0/24 maxlen: 24
202.89.79.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40103 (0x9ca7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Nov 7 07:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=672c6c98-0317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e3:85:5e:12:f4:ee:de:a7:dd:64:0c:b5:ed:
f0:5a:fc:27:46:3b:19:a9:9c:4a:c8:fc:b4:9c:b3:
7f:22:12:fe:36:50:32:31:55:11:28:30:70:07:35:
dd:66:a1:ae:7b:f6:b7:fc:25:51:d0:55:3e:13:49:
2b:5b:63:db:9b:46:5b:58:f9:d7:c6:af:5c:53:a0:
b1:a6:0b:c0:3b:99:70:5a:77:98:6d:6b:19:5b:66:
c3:6f:11:83:37:16:ec:af:db:a5:df:f4:7b:d0:1f:
30:ff:fb:c8:79:12:67:ab:00:9d:25:dc:48:e2:0d:
c5:8e:1e:6c:56:0f:f0:d4:8f:e5:8e:de:66:51:4e:
4f:e1:57:43:40:fe:13:75:07:c8:82:cf:da:fe:5e:
2c:f8:66:5f:59:fc:3e:55:39:b3:76:37:27:fe:92:
bb:b7:6d:42:41:76:48:17:6b:3b:b0:90:33:f7:ba:
dc:2e:24:0a:20:f5:4e:37:93:cf:cc:2f:80:77:50:
38:bd:83:7a:cb:2c:54:1a:e2:c0:e9:f6:3f:c2:cc:
b3:30:a5:6d:d0:b6:be:6b:62:b4:d7:9d:78:d6:fd:
16:16:07:54:7d:66:31:a1:20:fc:0d:3d:22:ea:83:
af:73:4c:e8:3c:92:46:5a:98:4d:b5:10:a7:91:77:
92:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:77:1F:DA:DC:CB:73:5E:71:83:14:76:77:70:37:D3:88:39:CC:A0
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/23F7A5289CD911EFA222E77FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.0.0/22
14.102.22.0-14.102.45.255
14.102.48.0/22
14.102.56.0/22
14.102.64.0-14.102.78.255
14.102.80.0/22
14.102.88.0/24
14.102.91.0-14.102.127.255
43.245.136.0/22
43.251.212.0/22
61.14.228.0/23
61.14.231.0/24
103.5.200.0/22
103.59.189.0/24
103.87.100.0/22
103.122.84.0/24
103.158.131.0/24
103.160.24.0/24
103.175.72.0/23
103.176.8.0/23
110.172.130.0-110.172.132.255
110.172.134.0-110.172.136.255
110.172.138.0-110.172.141.255
110.172.143.0/24
110.172.145.0/24
110.172.147.0/24
110.172.150.0-110.172.164.255
110.172.166.0-110.172.168.255
110.172.170.0-110.172.172.255
110.172.174.0/23
110.172.177.0-110.172.179.255
110.172.184.0/22
111.235.64.0/22
114.69.228.0-114.69.232.255
114.69.234.0/23
114.69.240.0/24
114.69.242.0/23
114.69.248.0/23
114.69.252.0/22
118.91.176.0-118.91.178.255
118.91.189.0-118.91.191.255
150.107.192.0/22
202.89.64.0/20
Signature Algorithm: sha256WithRSAEncryption
57:e2:a8:62:c3:05:f4:21:38:28:65:0b:62:d5:dc:7c:97:15:
46:2d:0f:fc:97:6b:7f:1d:0c:b0:57:81:34:cb:ea:ec:b8:ef:
da:8a:01:7d:d4:70:7a:64:80:d8:03:45:29:45:04:21:5f:69:
07:8a:45:ea:4b:a0:27:16:34:f1:66:f2:43:b7:39:44:f6:20:
5b:eb:ae:52:78:86:e0:fa:da:fb:d0:04:29:e2:40:79:cf:af:
79:1f:0e:04:05:9e:cb:b2:84:2d:b0:19:36:af:75:4f:40:7e:
82:21:1e:03:b8:4b:43:31:35:68:ae:84:3e:76:cb:3f:b9:67:
fb:34:bb:9e:05:a3:ca:8c:af:ca:e0:c2:af:ba:81:9f:ba:01:
d3:6f:7d:ab:66:21:0e:46:2f:b1:9a:9f:de:1d:cf:2b:81:70:
85:31:bc:e8:2c:8a:87:e2:a4:af:4c:3b:3b:41:ee:f1:7c:8b:
f1:04:2c:41:46:1b:ff:91:3b:c4:19:aa:d3:8d:5f:ab:05:47:
03:5b:f7:9a:07:60:92:9f:5b:c0:68:ef:9a:35:1e:aa:c9:e0:
a4:37:9c:a4:f5:e2:5d:c2:c6:09:cb:54:18:b8:a5:09:87:ad:
32:1b:68:b1:c1:40:20:58:a1:53:bf:77:9c:98:ba:ac:f2:3a:
da:f7:bf:50
-----BEGIN CERTIFICATE-----
MIIG4DCCBcigAwIBAgIDAJynMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTEwNzA3MzAzMloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjcyYzZjOTgtMDMxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbjhV4S9O7ep91kDLXt8Fr8J0Y7GamcSsj8tJyzfyIS/jZQMjFVESgwcAc1
3Wahrnv2t/wlUdBVPhNJK1tj25tGW1j518avXFOgsaYLwDuZcFp3mG1rGVtmw28R
gzcW7K/bpd/0e9AfMP/7yHkSZ6sAnSXcSOINxY4ebFYP8NSP5Y7eZlFOT+FXQ0D+
E3UHyILP2v5eLPhmX1n8PlU5s3Y3J/6Su7dtQkF2SBdrO7CQM/e63C4kCiD1TjeT
z8wvgHdQOL2DesssVBriwOn2P8LMszClbdC2vmtitNedeNb9FhYHVH1mMaEg/A09
IuqDr3NM6DySRlqYTbUQp5F3klcCAwEAAaOCBAMwggP/MB0GA1UdDgQWBBRsdx/a
3MtzXnGDFHZ3cDfTiDnMoDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzIzRjdBNTI4
OUNEOTExRUZBMjIyRTc3RkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBiwYIKwYBBQUHAQcB
Af8EggF6MIIBdjCCAXIEAgABMIIBagMEAg5mADAMAwQBDmYWAwQBDmYsAwQCDmYw
AwQCDmY4MAwDBAYOZkADBAAOZk4DBAIOZlADBAAOZlgwDAMEAA5mWwMEBw5mAAME
Aiv1iAMEAiv71AMEAT0O5AMEAD0O5wMEAmcFyAMEAGc7vQMEAmdXZAMEAGd6VAME
AGeegwMEAGegGAMEAWevSAMEAWewCDAMAwQBbqyCAwQAbqyEMAwDBAFurIYDBABu
rIgwDAMEAW6sigMEAW6sjAMEAG6sjwMEAG6skQMEAG6skzAMAwQBbqyWAwQAbqyk
MAwDBAFurKYDBABurKgwDAMEAW6sqgMEAG6srAMEAW6srjAMAwQAbqyxAwQCbqyw
AwQCbqy4AwQCb+tAMAwDBAJyReQDBAByRegDBAFyReoDBAByRfADBAFyRfIDBAFy
RfgDBAJyRfwwDAMEBHZbsAMEAHZbsjAMAwQAdlu9AwQGdluAAwQClmvAAwQEyllA
MA0GCSqGSIb3DQEBCwUAA4IBAQBX4qhiwwX0ITgoZQti1dx8lxVGLQ/8l2t/HQyw
V4E0y+rsuO/aigF91HB6ZIDYA0UpRQQhX2kHikXqS6AnFjTxZvJDtzlE9iBb665S
eIbg+tr70AQp4kB5z695Hw4EBZ7LsoQtsBk2r3VPQH6CIR4DuEtDMTVoroQ+dss/
uWf7NLueBaPKjK/K4MKvuoGfugHTb32rZiEORi+xmp/eHc8rgXCFMbzoLIqH4qSv
TDs7Qe7xfIvxBCxBRhv/kTvEGarTjV+rBUcDW/eaB2CSn1vAaO+aNR6qyeCkN5yk
9eJdwsYJy1QYuKUJh60yG2ixwUAgWKFTv3ecmLqs8jra979Q
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:15:04 2025 by rpki-client