Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2DA4A73C9FCE11EE9B277179C4F9AE02.roa
File: 2DA4A73C9FCE11EE9B277179C4F9AE02.roa (raw, json)
Hash identifier: i0XNroD8L2Zth6TWm4PUA2ZSveXmJWy92qPrJgyBdGc=
Subject key identifier: FA:A7:68:4A:73:55:63:BF:30:8D:A0:69:CC:36:47:22:1D:06:15:F4
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8855
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2DA4A73C9FCE11EE9B277179C4F9AE02.roa
Signing time: Thu 30 May 2024 15:54:05 +0000
ROA not before: Thu 30 May 2024 15:54:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132215
IP address blocks: 1.6.136.0/24 maxlen: 24
1.6.226.0/24 maxlen: 24
1.6.227.0/24 maxlen: 24
1.6.228.0/24 maxlen: 24
1.7.142.0/24 maxlen: 24
1.7.151.0/24 maxlen: 24
1.7.161.0/24 maxlen: 24
1.7.162.0/24 maxlen: 24
1.7.180.0/24 maxlen: 24
1.7.200.0/24 maxlen: 24
1.7.201.0/24 maxlen: 24
1.7.202.0/24 maxlen: 24
43.227.132.0/22 maxlen: 24
45.127.208.0/22 maxlen: 24
45.127.228.0/22 maxlen: 24
45.127.236.0/22 maxlen: 24
45.249.232.0/22 maxlen: 24
58.84.20.0/22 maxlen: 24
58.84.24.0/22 maxlen: 24
59.152.80.0/22 maxlen: 24
61.14.204.0/22 maxlen: 24
103.7.128.0/22 maxlen: 24
103.15.228.0/22 maxlen: 24
103.59.140.0/22 maxlen: 24
103.70.60.0/22 maxlen: 24
103.119.240.0/22 maxlen: 23
103.119.241.0/24 maxlen: 24
103.119.242.0/23 maxlen: 24
103.120.28.0/22 maxlen: 24
103.196.188.0/22 maxlen: 24
103.196.216.0/22 maxlen: 24
103.196.224.0/22 maxlen: 24
103.197.36.0/22 maxlen: 24
103.197.40.0/22 maxlen: 24
103.197.80.0/22 maxlen: 24
103.197.100.0/22 maxlen: 24
103.197.124.0/22 maxlen: 24
103.197.128.0/22 maxlen: 24
103.197.136.0/22 maxlen: 24
103.197.140.0/22 maxlen: 24
103.200.76.0/22 maxlen: 24
103.200.80.0/22 maxlen: 24
103.200.88.0/22 maxlen: 24
103.203.80.0/22 maxlen: 24
103.218.228.0/22 maxlen: 24
111.235.68.0/22 maxlen: 24
114.134.16.0/22 maxlen: 24
202.177.153.0/24 maxlen: 24
202.177.157.0/24 maxlen: 24
218.185.248.0/22 maxlen: 24
220.158.128.0/22 maxlen: 24
220.158.144.0/22 maxlen: 24
220.158.168.0/22 maxlen: 24
220.158.172.0/22 maxlen: 24
220.158.180.0/22 maxlen: 24
220.158.184.0/22 maxlen: 24
223.31.120.0/24 maxlen: 24
223.31.121.0/24 maxlen: 24
223.31.122.0/24 maxlen: 24
223.31.123.0/24 maxlen: 24
223.31.159.0/24 maxlen: 24
223.31.174.0/24 maxlen: 24
2407:f700::/32 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34901 (0x8855)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 15:54:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a11d-5c16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:24:21:0c:e4:d9:f4:c9:d6:22:5a:e2:e6:bf:
23:49:bb:58:0d:02:12:2f:f1:c6:54:4f:39:73:27:
4a:f7:e6:65:2f:45:cf:0f:b2:23:ed:1b:83:ce:97:
49:c2:07:dd:5d:80:e8:21:fe:7f:ad:2a:29:e0:af:
c0:cd:3f:f3:43:2b:b5:6a:d8:34:da:32:f0:e4:f4:
91:24:35:3d:24:c8:80:da:60:8b:6a:3e:b9:df:f6:
6f:04:92:02:34:3e:a5:47:c7:2a:2e:03:9c:df:0f:
0f:ef:d4:02:1e:8c:34:51:aa:8c:25:d4:67:3d:c0:
78:ef:6e:1b:38:69:ef:bf:97:b5:a3:75:38:97:cd:
41:5f:58:fe:e7:d8:00:6d:38:5e:28:19:5d:7a:8d:
62:c1:48:37:89:da:04:3a:39:45:82:3b:ea:98:2c:
3a:5e:1d:38:4e:f4:fa:2e:c6:16:9f:c7:8b:96:6a:
2e:7f:19:98:e4:d5:64:9a:f1:67:fe:44:85:58:bb:
b3:7a:64:9d:f4:9f:0a:6a:8b:b5:57:c6:3f:3b:fe:
09:30:db:7b:86:31:bc:51:05:a0:a0:eb:81:93:25:
d3:4e:aa:51:1d:d8:a6:d3:dc:b1:a9:81:30:4d:9c:
3a:c5:32:c5:11:b5:02:b4:12:27:38:f6:2c:50:ae:
f2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:A7:68:4A:73:55:63:BF:30:8D:A0:69:CC:36:47:22:1D:06:15:F4
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2DA4A73C9FCE11EE9B277179C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.6.136.0/24
1.6.226.0-1.6.228.255
1.7.142.0/24
1.7.151.0/24
1.7.161.0-1.7.162.255
1.7.180.0/24
1.7.200.0-1.7.202.255
43.227.132.0/22
45.127.208.0/22
45.127.228.0/22
45.127.236.0/22
45.249.232.0/22
58.84.20.0-58.84.27.255
59.152.80.0/22
61.14.204.0/22
103.7.128.0/22
103.15.228.0/22
103.59.140.0/22
103.70.60.0/22
103.119.240.0/22
103.120.28.0/22
103.196.188.0/22
103.196.216.0/22
103.196.224.0/22
103.197.36.0-103.197.43.255
103.197.80.0/22
103.197.100.0/22
103.197.124.0-103.197.131.255
103.197.136.0/21
103.200.76.0-103.200.83.255
103.200.88.0/22
103.203.80.0/22
103.218.228.0/22
111.235.68.0/22
114.134.16.0/22
202.177.153.0/24
202.177.157.0/24
218.185.248.0/22
220.158.128.0/22
220.158.144.0/22
220.158.168.0/21
220.158.180.0-220.158.187.255
223.31.120.0/22
223.31.159.0/24
223.31.174.0/24
IPv6:
2407:f700::/32
Signature Algorithm: sha256WithRSAEncryption
a0:02:d4:82:75:60:69:fe:3d:e3:1a:22:93:7a:ab:d1:18:a5:
85:93:9b:3c:29:fe:56:db:6d:a3:9c:9f:3b:81:dc:63:27:5e:
af:f5:86:52:eb:94:37:6e:a9:2e:12:7c:2b:05:db:8f:2a:88:
7c:2a:3a:d7:e3:00:57:17:a5:0d:7d:a7:4d:c8:1d:64:38:27:
03:32:64:ea:8d:3b:f9:ef:9f:0d:f7:8f:05:e1:64:05:9b:9e:
f5:a6:8c:2d:ac:07:4d:ce:f5:c0:b9:78:dc:cc:74:5e:2d:1b:
b2:32:bb:43:59:b9:f1:e1:5a:c2:93:b1:7f:0f:20:06:89:d4:
92:3b:f8:36:62:7d:f6:4d:de:03:3b:eb:38:f4:6b:8d:c9:f7:
8b:9b:f7:32:ca:dd:76:65:e4:af:13:a4:fd:91:d0:6d:c9:6e:
0e:04:e1:05:0b:a6:a4:ba:ca:4d:f4:6f:5d:7e:08:c4:59:1a:
08:52:f6:4c:7b:77:63:95:78:34:97:4b:5e:57:dd:16:c3:a4:
d5:f9:8e:8e:f9:32:54:59:2e:12:39:df:20:7f:9b:ff:42:8a:
e1:5a:7b:c7:48:9f:47:81:c5:4a:34:30:c4:f7:59:d5:bf:24:
01:8c:45:89:b7:1c:bb:c5:94:ec:5e:ba:73:e8:cf:db:69:1d:
cf:f8:d7:8b
-----BEGIN CERTIFICATE-----
MIIG0zCCBbugAwIBAgIDAIhVMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE1NTQwNVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGExMWQtNWMxNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN0kIQzk2fTJ1iJa4ua/I0m7WA0CEi/xxlRPOXMnSvfmZS9Fzw+yI+0bg86X
ScIH3V2A6CH+f60qKeCvwM0/80MrtWrYNNoy8OT0kSQ1PSTIgNpgi2o+ud/2bwSS
AjQ+pUfHKi4DnN8PD+/UAh6MNFGqjCXUZz3AeO9uGzhp77+XtaN1OJfNQV9Y/ufY
AG04XigZXXqNYsFIN4naBDo5RYI76pgsOl4dOE70+i7GFp/Hi5ZqLn8ZmOTVZJrx
Z/5EhVi7s3pknfSfCmqLtVfGPzv+CTDbe4YxvFEFoKDrgZMl006qUR3YptPcsamB
ME2cOsUyxRG1ArQSJzj2LFCu8q0CAwEAAaOCA/YwggPyMB0GA1UdDgQWBBT6p2hK
c1VjvzCNoGnMNkciHQYV9DAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzJEQTRBNzND
OUZDRTExRUU5QjI3NzE3OUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBfgYIKwYBBQUHAQcB
Af8EggFtMIIBaTCCAVYEAgABMIIBTgMEAAEGiDAMAwQBAQbiAwQAAQbkAwQAAQeO
AwQAAQeXMAwDBAABB6EDBAABB6IDBAABB7QwDAMEAwEHyAMEAAEHygMEAivjhAME
Ai1/0AMEAi1/5AMEAi1/7AMEAi356DAMAwQCOlQUAwQCOlQYAwQCO5hQAwQCPQ7M
AwQCZweAAwQCZw/kAwQCZzuMAwQCZ0Y8AwQCZ3fwAwQCZ3gcAwQCZ8S8AwQCZ8TY
AwQCZ8TgMAwDBAJnxSQDBAJnxSgDBAJnxVADBAJnxWQwDAMEAmfFfAMEAmfFgAME
A2fFiDAMAwQCZ8hMAwQCZ8hQAwQCZ8hYAwQCZ8tQAwQCZ9rkAwQCb+tEAwQCcoYQ
AwQAyrGZAwQAyrGdAwQC2rn4AwQC3J6AAwQC3J6QAwQD3J6oMAwDBALcnrQDBALc
nrgDBALfH3gDBADfH58DBADfH64wDQQCAAIwBwMFACQH9wAwDQYJKoZIhvcNAQEL
BQADggEBAKAC1IJ1YGn+PeMaIpN6q9EYpYWTmzwp/lbbbaOcnzuB3GMnXq/1hlLr
lDduqS4SfCsF248qiHwqOtfjAFcXpQ19p03IHWQ4JwMyZOqNO/nvnw33jwXhZAWb
nvWmjC2sB03O9cC5eNzMdF4tG7Iyu0NZufHhWsKTsX8PIAaJ1JI7+DZiffZN3gM7
6zj0a43J94ub9zLK3XZl5K8TpP2R0G3Jbg4E4QULpqS6yk30b11+CMRZGghS9kx7
d2OVeDSXS15X3RbDpNX5jo75MlRZLhI53yB/m/9CiuFae8dIn0eBxUo0MMT3WdW/
JAGMRYm3HLvFlOxeunPoz9tpHc/414s=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:00:37 2025 by rpki-client