Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3AC16BE6DF1611EC8F85991EC4F9AE02.roa
File: 3AC16BE6DF1611EC8F85991EC4F9AE02.roa (raw, json)
Hash identifier: 9fCKxr9uEREGPsDF2LIMDD7vUT/tucZjLXi8rvcsjEo=
Subject key identifier: F9:F2:D0:32:66:A3:82:B8:08:73:B9:0E:0A:73:44:C5:87:5A:D9:0A
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5642
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3AC16BE6DF1611EC8F85991EC4F9AE02.roa
Signing time: Sun 29 May 2022 06:11:52 +0000
ROA not before: Sun 29 May 2022 06:11:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 140125
IP address blocks: 103.82.48.0/22 maxlen: 24
103.114.67.0/24 maxlen: 24
103.167.212.0/23 maxlen: 24
103.167.224.0/23 maxlen: 24
103.168.0.0/23 maxlen: 24
103.168.32.0/23 maxlen: 24
103.168.60.0/23 maxlen: 24
103.170.36.0/23 maxlen: 24
103.170.38.0/23 maxlen: 24
103.170.148.0/23 maxlen: 24
103.171.108.0/23 maxlen: 24
103.171.110.0/23 maxlen: 24
103.171.174.0/23 maxlen: 24
103.173.14.0/23 maxlen: 24
103.173.98.0/23 maxlen: 24
103.177.226.0/23 maxlen: 24
103.178.166.0/23 maxlen: 24
103.178.202.0/23 maxlen: 24
103.179.94.0/23 maxlen: 24
103.179.96.0/23 maxlen: 24
103.179.100.0/23 maxlen: 24
103.179.118.0/23 maxlen: 24
103.179.120.0/23 maxlen: 24
103.179.224.0/23 maxlen: 24
103.179.226.0/23 maxlen: 24
103.180.110.0/23 maxlen: 24
103.180.168.0/23 maxlen: 24
103.180.172.0/23 maxlen: 24
103.180.174.0/23 maxlen: 24
103.180.212.0/23 maxlen: 24
103.180.214.0/23 maxlen: 24
103.180.236.0/23 maxlen: 24
103.180.238.0/23 maxlen: 24
103.181.64.0/23 maxlen: 24
103.181.110.0/23 maxlen: 24
103.181.114.0/23 maxlen: 24
103.181.150.0/23 maxlen: 24
103.181.152.0/23 maxlen: 24
103.181.154.0/23 maxlen: 24
103.181.174.0/23 maxlen: 24
103.181.198.0/23 maxlen: 24
103.182.58.0/23 maxlen: 24
103.183.216.0/23 maxlen: 24
103.187.92.0/23 maxlen: 24
103.194.118.0/24 maxlen: 24
103.212.134.0/24 maxlen: 24
103.229.208.0/23 maxlen: 24
103.252.40.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22082 (0x5642)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 29 06:11:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62930ea7-e89e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ff:2c:b0:84:d1:82:2d:cc:67:91:fa:08:e9:
01:5d:06:0c:8a:ae:4f:0a:30:1d:44:7a:dd:30:53:
4a:04:48:58:c8:77:df:69:96:55:b9:2c:a7:42:62:
45:7f:01:df:02:d5:22:a8:ea:42:13:7c:5d:be:e4:
37:a3:9c:fc:86:4e:58:3e:5f:d0:8e:79:97:31:63:
1e:b3:02:15:5f:77:5f:bc:d7:5f:3a:9f:5b:8d:27:
b2:42:3b:64:45:a9:e9:7b:db:6f:95:0a:68:94:24:
52:a7:df:60:f5:6c:40:f6:59:eb:ca:12:c6:46:ca:
1c:cd:11:6d:69:7c:1c:94:15:34:7c:c8:d2:c7:ca:
28:a7:91:a4:d0:4f:4c:34:79:b4:b1:19:4a:60:bf:
a7:70:25:03:48:7c:e4:03:41:51:3b:e6:a9:89:e2:
2f:23:d7:ae:bf:53:00:8d:e2:05:b2:28:bf:05:f0:
b2:1f:b5:6b:b9:92:df:e2:53:c2:27:c1:00:70:d2:
1e:5f:4e:57:62:85:9d:04:df:ce:a2:92:7c:4c:90:
58:72:67:f2:8b:66:67:6e:52:bb:41:a4:af:37:c4:
e8:d4:f8:ee:2a:7c:64:c0:7b:b6:76:a5:4e:bf:fa:
b5:5f:cf:94:69:19:ff:8e:ea:5e:38:41:e1:de:0e:
73:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F2:D0:32:66:A3:82:B8:08:73:B9:0E:0A:73:44:C5:87:5A:D9:0A
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3AC16BE6DF1611EC8F85991EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.82.48.0/22
103.114.67.0/24
103.167.212.0/23
103.167.224.0/23
103.168.0.0/23
103.168.32.0/23
103.168.60.0/23
103.170.36.0/22
103.170.148.0/23
103.171.108.0/22
103.171.174.0/23
103.173.14.0/23
103.173.98.0/23
103.177.226.0/23
103.178.166.0/23
103.178.202.0/23
103.179.94.0-103.179.97.255
103.179.100.0/23
103.179.118.0-103.179.121.255
103.179.224.0/22
103.180.110.0/23
103.180.168.0/23
103.180.172.0/22
103.180.212.0/22
103.180.236.0/22
103.181.64.0/23
103.181.110.0/23
103.181.114.0/23
103.181.150.0-103.181.155.255
103.181.174.0/23
103.181.198.0/23
103.182.58.0/23
103.183.216.0/23
103.187.92.0/23
103.194.118.0/24
103.212.134.0/24
103.229.208.0/23
103.252.40.0/22
Signature Algorithm: sha256WithRSAEncryption
76:f5:34:bf:c9:13:16:58:2a:9d:e4:49:d7:0f:63:e3:46:87:
54:d1:5b:2e:0e:de:5a:7b:c1:87:7f:81:d6:23:73:29:ce:de:
b4:b8:0b:71:d9:f2:6d:fc:19:84:70:8c:e8:34:db:0c:5a:5c:
5a:38:c5:93:30:ac:ff:ba:af:42:63:48:14:56:ee:c7:50:c7:
ab:7f:b3:b6:65:9b:84:8a:cc:5e:5d:e4:95:af:be:0a:7c:cb:
12:98:35:d2:dd:be:dd:4b:01:7d:0b:d4:c5:76:03:23:c8:6c:
ce:dc:ef:ab:23:bf:b1:d4:5a:e4:9f:17:ef:bd:c9:18:77:e6:
74:fd:04:a7:b9:38:e6:0a:76:82:f4:e6:9a:02:af:fa:bc:33:
0a:9b:9b:d1:83:10:68:d4:c7:a3:b6:13:b3:63:6b:ed:74:80:
45:d1:f7:18:29:b6:a3:a5:75:5f:b0:9e:8a:00:6a:00:97:c5:
f1:19:08:cd:59:c3:01:80:57:94:82:ab:dc:db:d6:3d:af:5f:
55:e5:2a:98:1f:89:95:ac:98:a5:b9:e6:07:d5:4d:1f:1b:d6:
28:f3:7e:02:ec:7e:e1:d0:b0:45:e9:b9:4d:f5:15:61:76:b5:
c4:7d:ed:5c:65:b1:b3:61:14:f0:30:10:ef:f5:c6:9c:2b:cd:
6c:c0:34:64
-----BEGIN CERTIFICATE-----
MIIGcDCCBVigAwIBAgICVkIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTI5MDYxMTUyWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjkzMGVhNy1lODllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr/8ssITRgi3MZ5H6COkBXQYMiq5PCjAdRHrdMFNKBEhYyHffaZZVuSynQmJF
fwHfAtUiqOpCE3xdvuQ3o5z8hk5YPl/QjnmXMWMeswIVX3dfvNdfOp9bjSeyQjtk
Ranpe9tvlQpolCRSp99g9WxA9lnryhLGRsoczRFtaXwclBU0fMjSx8oop5Gk0E9M
NHm0sRlKYL+ncCUDSHzkA0FRO+apieIvI9euv1MAjeIFsii/BfCyH7VruZLf4lPC
J8EAcNIeX05XYoWdBN/OopJ8TJBYcmfyi2ZnblK7QaSvN8To1PjuKnxkwHu2dqVO
v/q1X8+UaRn/jupeOEHh3g5z4QIDAQABo4IDlDCCA5AwHQYDVR0OBBYEFPny0DJm
o4K4CHO5DgpzRMWHWtkKMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvM0FDMTZCRTZE
RjE2MTFFQzhGODU5OTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEcBggrBgEFBQcBBwEB
/wSCAQswggEHMIIBAwQCAAEwgfwDBAJnUjADBABnckMDBAFnp9QDBAFnp+ADBAFn
qAADBAFnqCADBAFnqDwDBAJnqiQDBAFnqpQDBAJnq2wDBAFnq64DBAFnrQ4DBAFn
rWIDBAFnseIDBAFnsqYDBAFnssowDAMEAWezXgMEAWezYAMEAWezZDAMAwQBZ7N2
AwQBZ7N4AwQCZ7PgAwQBZ7RuAwQBZ7SoAwQCZ7SsAwQCZ7TUAwQCZ7TsAwQBZ7VA
AwQBZ7VuAwQBZ7VyMAwDBAFntZYDBAJntZgDBAFnta4DBAFntcYDBAFntjoDBAFn
t9gDBAFnu1wDBABnwnYDBABn1IYDBAFn5dADBAJn/CgwDQYJKoZIhvcNAQELBQAD
ggEBAHb1NL/JExZYKp3kSdcPY+NGh1TRWy4O3lp7wYd/gdYjcynO3rS4C3HZ8m38
GYRwjOg02wxaXFo4xZMwrP+6r0JjSBRW7sdQx6t/s7Zlm4SKzF5d5JWvvgp8yxKY
NdLdvt1LAX0L1MV2AyPIbM7c76sjv7HUWuSfF++9yRh35nT9BKe5OOYKdoL05poC
r/q8Mwqbm9GDEGjUx6O2E7Nja+10gEXR9xgptqOldV+wnooAagCXxfEZCM1ZwwGA
V5SCq9zb1j2vX1XlKpgfiZWsmKW55gfVTR8b1ijzfgLsfuHQsEXpuU31FWF2tcR9
7VxlsbNhFPAwEO/1xpwrzWzANGQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:11:02 2025 by rpki-client