Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/56A669285B9D11EF83E85C5FC4F9AE02.roa
File: 56A669285B9D11EF83E85C5FC4F9AE02.roa (raw, json)
Hash identifier: yAqvtkkMawx8ZgCqQssEZQMdQgLMjwp6eLj/oiT0eA8=
Subject key identifier: 8A:37:D9:AF:66:19:0D:BF:9F:E1:B8:9B:70:B3:32:A5:EF:A9:A3:16
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 96CB
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/56A669285B9D11EF83E85C5FC4F9AE02.roa
Signing time: Fri 16 Aug 2024 07:01:19 +0000
ROA not before: Fri 16 Aug 2024 07:01:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 43.225.0.0/22 maxlen: 24
45.112.192.0/22 maxlen: 24
45.115.92.0/22 maxlen: 24
103.14.197.0/24 maxlen: 24
103.27.168.0/24 maxlen: 24
103.27.170.0/23 maxlen: 23
103.47.152.0/24 maxlen: 24
103.51.92.0/22 maxlen: 24
103.52.48.0/22 maxlen: 24
103.55.84.0/22 maxlen: 24
103.68.206.0/23 maxlen: 24
103.86.20.0/22 maxlen: 24
103.108.76.0/22 maxlen: 24
103.142.64.0/23 maxlen: 24
103.171.236.0/23 maxlen: 24
103.180.216.0/23 maxlen: 24
103.183.132.0/23 maxlen: 24
103.183.134.0/23 maxlen: 24
103.183.136.0/23 maxlen: 24
103.183.168.0/23 maxlen: 24
103.183.176.0/23 maxlen: 24
103.183.196.0/23 maxlen: 24
103.183.206.0/23 maxlen: 24
103.183.222.0/23 maxlen: 24
103.183.224.0/23 maxlen: 24
103.183.234.0/23 maxlen: 24
103.184.4.0/23 maxlen: 24
103.184.6.0/23 maxlen: 24
103.184.38.0/23 maxlen: 24
103.184.116.0/23 maxlen: 24
103.184.140.0/23 maxlen: 24
103.184.142.0/23 maxlen: 24
103.184.158.0/23 maxlen: 24
103.184.160.0/23 maxlen: 24
103.184.198.0/23 maxlen: 24
103.184.200.0/23 maxlen: 24
103.184.202.0/23 maxlen: 24
103.184.226.0/23 maxlen: 24
103.185.180.0/23 maxlen: 24
103.186.38.0/23 maxlen: 24
103.187.50.0/23 maxlen: 24
103.187.60.0/23 maxlen: 24
103.187.72.0/23 maxlen: 24
103.190.56.0/23 maxlen: 24
103.200.48.0/22 maxlen: 24
103.206.64.0/22 maxlen: 24
103.226.224.0/22 maxlen: 24
103.228.172.0/24 maxlen: 24
103.228.173.0/24 maxlen: 24
103.228.174.0/24 maxlen: 24
103.228.175.0/24 maxlen: 24
203.191.56.0/22 maxlen: 24
2400:d180:66::/48 maxlen: 48
2400:d180:67::/48 maxlen: 48
2400:d180:68::/48 maxlen: 48
2400:d180:69::/48 maxlen: 48
2400:d180:70::/48 maxlen: 48
2400:d180:71::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38603 (0x96cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Aug 16 07:01:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66bef93f-a277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:1a:cc:83:22:e2:1d:9f:9e:1c:91:ea:eb:32:
3c:7f:bb:8c:22:b8:ac:17:32:14:ec:79:56:7e:63:
2d:b9:e9:af:ee:a9:dd:8e:7d:12:39:51:1f:a4:87:
c7:2b:24:d3:77:77:ea:dc:76:01:dc:b2:4e:49:d2:
87:0e:8c:55:93:27:fb:03:cd:97:16:23:13:92:14:
e1:6b:9a:af:96:e3:85:68:2c:4a:2e:72:8d:9b:79:
d8:ca:c9:6a:c3:43:33:3b:2c:80:c5:ba:d6:f3:27:
fd:94:59:d0:c2:46:6f:31:a9:c6:a9:b7:6a:15:a8:
cf:27:fb:e9:51:9c:fa:46:ec:dd:ba:b7:1f:30:17:
61:a7:d1:36:24:7c:dd:d2:2c:d1:50:66:3b:b3:07:
a4:ad:90:0a:02:48:4c:df:21:0e:33:7b:cf:53:76:
ff:85:38:79:6f:23:33:87:31:5a:1e:83:e2:cd:16:
c6:9f:e5:a5:f8:7f:85:f3:ca:ab:df:3a:8d:d0:0e:
63:3e:f9:7a:61:30:23:8a:9e:d8:2c:cb:5b:1f:59:
87:6b:12:14:ad:b1:b6:0d:5f:d3:7b:2b:c8:78:ea:
1d:de:ed:95:f3:53:e0:b4:cf:ac:c4:88:56:81:80:
eb:75:0a:a1:36:8a:37:f6:a5:62:ed:70:83:0f:18:
eb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:37:D9:AF:66:19:0D:BF:9F:E1:B8:9B:70:B3:32:A5:EF:A9:A3:16
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/56A669285B9D11EF83E85C5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.0.0/22
45.112.192.0/22
45.115.92.0/22
103.14.197.0/24
103.27.168.0/24
103.27.170.0/23
103.47.152.0/24
103.51.92.0/22
103.52.48.0/22
103.55.84.0/22
103.68.206.0/23
103.86.20.0/22
103.108.76.0/22
103.142.64.0/23
103.171.236.0/23
103.180.216.0/23
103.183.132.0-103.183.137.255
103.183.168.0/23
103.183.176.0/23
103.183.196.0/23
103.183.206.0/23
103.183.222.0-103.183.225.255
103.183.234.0/23
103.184.4.0/22
103.184.38.0/23
103.184.116.0/23
103.184.140.0/22
103.184.158.0-103.184.161.255
103.184.198.0-103.184.203.255
103.184.226.0/23
103.185.180.0/23
103.186.38.0/23
103.187.50.0/23
103.187.60.0/23
103.187.72.0/23
103.190.56.0/23
103.200.48.0/22
103.206.64.0/22
103.226.224.0/22
103.228.172.0/22
203.191.56.0/22
IPv6:
2400:d180:66::-2400:d180:69:ffff:ffff:ffff:ffff:ffff
2400:d180:70::/47
Signature Algorithm: sha256WithRSAEncryption
74:cc:7a:d5:6b:d9:5c:1a:82:03:13:8b:e9:4f:e9:68:fd:a9:
e6:f5:3e:52:8f:fb:05:29:43:b7:af:51:ad:d2:0a:ca:6a:ba:
83:fa:f1:ea:04:1d:8f:d4:a8:de:01:db:7d:19:4c:5e:cb:02:
fb:0f:26:a6:b0:52:fd:27:d8:40:9b:12:57:74:99:17:b2:95:
b9:af:77:9f:92:ae:77:49:22:ea:fa:f8:b4:ed:86:75:af:e7:
96:92:c2:83:c6:05:9f:0e:10:5a:fc:fe:63:0b:e2:5b:b8:dd:
ab:78:33:b8:5a:1c:0c:fa:db:e1:95:1f:84:95:00:bf:05:6a:
52:fa:e1:00:63:c7:de:f1:ba:fb:64:24:82:e0:63:af:c3:08:
f9:7e:cc:45:72:30:52:73:99:f3:e2:6c:73:56:55:23:4a:ce:
8d:b2:29:39:00:34:70:cd:62:c4:de:04:f3:69:c0:4a:2a:82:
75:76:ae:55:1c:e6:b5:4a:e2:1f:64:38:9e:d9:0c:a6:fc:e0:
72:7c:70:17:db:84:81:7d:6e:0e:17:ab:39:94:a3:1b:21:88:
ab:b4:31:82:ca:9a:73:5d:b1:10:12:4d:fe:02:eb:b3:3d:0c:
a3:32:78:9a:48:dc:48:a4:7d:57:51:f4:e0:1a:68:f1:75:05:
c3:02:18:a8
-----BEGIN CERTIFICATE-----
MIIGsTCCBZmgAwIBAgIDAJbLMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDgxNjA3MDExOVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjZiZWY5M2YtYTI3NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQazIMi4h2fnhyR6usyPH+7jCK4rBcyFOx5Vn5jLbnpr+6p3Y59EjlRH6SH
xysk03d36tx2AdyyTknShw6MVZMn+wPNlxYjE5IU4Wuar5bjhWgsSi5yjZt52MrJ
asNDMzssgMW61vMn/ZRZ0MJGbzGpxqm3ahWozyf76VGc+kbs3bq3HzAXYafRNiR8
3dIs0VBmO7MHpK2QCgJITN8hDjN7z1N2/4U4eW8jM4cxWh6D4s0Wxp/lpfh/hfPK
q986jdAOYz75emEwI4qe2CzLWx9Zh2sSFK2xtg1f03sryHjqHd7tlfNT4LTPrMSI
VoGA63UKoTaKN/alYu1wgw8Y65UCAwEAAaOCA9QwggPQMB0GA1UdDgQWBBSKN9mv
ZhkNv5/huJtwszKl76mjFjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzU2QTY2OTI4
NUI5RDExRUY4M0U4NUM1RkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBXAYIKwYBBQUHAQcB
Af8EggFLMIIBRzCCAR4EAgABMIIBFgMEAivhAAMEAi1wwAMEAi1zXAMEAGcOxQME
AGcbqAMEAWcbqgMEAGcvmAMEAmczXAMEAmc0MAMEAmc3VAMEAWdEzgMEAmdWFAME
AmdsTAMEAWeOQAMEAWer7AMEAWe02DAMAwQCZ7eEAwQBZ7eIAwQBZ7eoAwQBZ7ew
AwQBZ7fEAwQBZ7fOMAwDBAFnt94DBAFnt+ADBAFnt+oDBAJnuAQDBAFnuCYDBAFn
uHQDBAJnuIwwDAMEAWe4ngMEAWe4oDAMAwQBZ7jGAwQCZ7jIAwQBZ7jiAwQBZ7m0
AwQBZ7omAwQBZ7syAwQBZ7s8AwQBZ7tIAwQBZ744AwQCZ8gwAwQCZ85AAwQCZ+Lg
AwQCZ+SsAwQCy784MCMEAgACMB0wEgMHASQA0YAAZgMHASQA0YAAaAMHASQA0YAA
cDANBgkqhkiG9w0BAQsFAAOCAQEAdMx61WvZXBqCAxOL6U/paP2p5vU+Uo/7BSlD
t69RrdIKymq6g/rx6gQdj9So3gHbfRlMXssC+w8mprBS/SfYQJsSV3SZF7KVua93
n5Kud0ki6vr4tO2Gda/nlpLCg8YFnw4QWvz+YwviW7jdq3gzuFocDPrb4ZUfhJUA
vwVqUvrhAGPH3vG6+2QkguBjr8MI+X7MRXIwUnOZ8+Jsc1ZVI0rOjbIpOQA0cM1i
xN4E82nASiqCdXauVRzmtUriH2Q4ntkMpvzgcnxwF9uEgX1uDherOZSjGyGIq7Qx
gsqac12xEBJN/gLrsz0MozJ4mkjcSKR9V1H04Bpo8XUFwwIYqA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:06:29 2025 by rpki-client