Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/696723E4505B11EDB7C39884C4F9AE02.roa
File: 696723E4505B11EDB7C39884C4F9AE02.roa (raw, json)
Hash identifier: IiTnKuKgQgwCABNhry8yvLuu9X7GnGMqq0/jv//2ZO4=
Subject key identifier: 62:B5:71:D6:9E:7C:CD:A3:60:2E:89:5D:2F:A7:AF:CE:4A:6C:ED:D9
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 61FD
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/696723E4505B11EDB7C39884C4F9AE02.roa
Signing time: Tue 27 Dec 2022 12:31:39 +0000
ROA not before: Tue 27 Dec 2022 12:31:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58678
IP address blocks: 43.241.28.0/22 maxlen: 24
43.241.128.0/22 maxlen: 24
43.241.132.0/22 maxlen: 24
43.242.208.0/24 maxlen: 24
43.242.209.0/24 maxlen: 24
43.242.210.0/24 maxlen: 24
43.242.211.0/24 maxlen: 24
43.242.224.0/22 maxlen: 24
43.242.228.0/22 maxlen: 24
45.64.84.0/22 maxlen: 24
45.114.192.0/22 maxlen: 24
45.117.0.0/22 maxlen: 24
45.127.120.0/22 maxlen: 24
45.250.248.0/24 maxlen: 24
45.250.249.0/24 maxlen: 24
45.250.250.0/24 maxlen: 24
103.14.232.0/22 maxlen: 24
103.26.52.0/22 maxlen: 22
103.26.52.0/24 maxlen: 24
103.26.53.0/24 maxlen: 24
103.26.54.0/24 maxlen: 24
103.26.55.0/24 maxlen: 24
103.26.56.0/22 maxlen: 24
103.42.160.0/22 maxlen: 24
103.48.56.0/22 maxlen: 24
103.48.100.0/22 maxlen: 24
103.59.188.0/22 maxlen: 24
103.59.212.0/22 maxlen: 24
103.66.80.0/24 maxlen: 24
103.66.81.0/24 maxlen: 24
103.66.82.0/24 maxlen: 24
103.66.83.0/24 maxlen: 24
103.74.236.0/22 maxlen: 24
103.77.152.0/22 maxlen: 23
103.77.152.0/23 maxlen: 24
103.77.154.0/24 maxlen: 24
103.89.40.0/22 maxlen: 24
103.111.132.0/22 maxlen: 24
103.112.32.0/24 maxlen: 24
103.112.33.0/24 maxlen: 24
103.112.34.0/24 maxlen: 24
103.112.35.0/24 maxlen: 24
103.137.152.0/22 maxlen: 24
103.155.170.0/24 maxlen: 24
103.162.190.0/23 maxlen: 24
103.163.188.0/24 maxlen: 24
103.163.189.0/24 maxlen: 24
103.168.62.0/24 maxlen: 24
103.168.63.0/24 maxlen: 24
103.174.38.0/24 maxlen: 24
103.177.180.0/24 maxlen: 24
103.177.181.0/24 maxlen: 24
103.178.212.0/23 maxlen: 24
103.181.52.0/24 maxlen: 24
103.181.53.0/24 maxlen: 24
103.181.208.0/24 maxlen: 24
103.181.209.0/24 maxlen: 24
103.185.174.0/23 maxlen: 24
103.204.119.0/24 maxlen: 24
103.209.18.0/24 maxlen: 24
103.209.19.0/24 maxlen: 24
103.216.144.0/22 maxlen: 24
103.218.100.0/22 maxlen: 24
103.219.164.0/24 maxlen: 24
103.219.165.0/24 maxlen: 24
103.219.166.0/24 maxlen: 24
103.219.167.0/24 maxlen: 24
103.220.80.0/22 maxlen: 24
103.220.212.0/22 maxlen: 24
103.226.0.0/22 maxlen: 24
103.226.4.0/22 maxlen: 24
103.226.28.0/22 maxlen: 24
103.232.24.0/22 maxlen: 24
124.108.16.0/22 maxlen: 24
2404:bd00::/48 maxlen: 48
2404:bd00:1::/48 maxlen: 48
2404:bd00:2::/48 maxlen: 48
2404:bd00:3::/48 maxlen: 48
2404:bd00:4::/48 maxlen: 48
2404:bd00:5::/48 maxlen: 48
2404:bd00:6::/48 maxlen: 48
2404:bd00:7::/48 maxlen: 48
2404:bd00:8::/48 maxlen: 48
2404:bd00:a::/48 maxlen: 48
2404:bd00:b::/48 maxlen: 48
2404:bd00:c::/48 maxlen: 48
2404:bd00:d::/48 maxlen: 48
2404:bd00:e::/48 maxlen: 48
2404:bd00:f::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25085 (0x61fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Dec 27 12:31:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63aae5ab-87f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f6:bd:ea:eb:01:f3:dc:3b:62:5d:8b:26:29:
87:93:7e:5e:ce:30:3b:a1:c6:80:21:c2:93:3e:61:
16:5f:41:bb:01:7e:42:60:25:66:1e:68:5f:1c:e1:
51:7f:ae:69:b4:d1:0d:f7:cf:7e:0e:e4:d1:78:e5:
57:5d:1a:34:d5:c7:eb:33:30:f2:e5:e7:8a:cf:79:
f7:95:f2:c2:98:f5:36:d8:71:eb:26:d6:68:93:02:
7e:58:e6:2b:56:05:c4:ce:bb:64:71:8c:91:78:39:
c2:36:c3:0a:4f:09:87:c7:cb:aa:5d:02:83:8f:68:
8e:92:6a:31:21:60:fb:ea:f9:cc:f6:e3:55:fd:7d:
6d:f7:cf:71:d1:e7:b6:35:2a:19:c4:8d:b9:79:ee:
cf:89:88:24:f7:1d:35:79:94:63:2a:a8:42:93:74:
a5:77:e4:d5:64:2a:92:7c:33:df:c6:66:e6:fa:9b:
40:b8:71:6f:fd:72:6a:e9:7a:a8:a4:5e:0c:45:fa:
19:9e:46:c5:db:15:fd:91:b0:cf:29:40:f6:b5:d3:
63:c8:71:d5:73:1c:1a:79:0e:23:b0:fb:51:26:9f:
8b:41:b2:72:83:c7:8d:3c:20:dc:bf:b6:be:4b:4e:
7d:d4:dc:19:9f:20:cd:98:36:02:b4:fe:d2:72:2b:
ef:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B5:71:D6:9E:7C:CD:A3:60:2E:89:5D:2F:A7:AF:CE:4A:6C:ED:D9
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/696723E4505B11EDB7C39884C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.28.0/22
43.241.128.0/21
43.242.208.0/22
43.242.224.0/21
45.64.84.0/22
45.114.192.0/22
45.117.0.0/22
45.127.120.0/22
45.250.248.0-45.250.250.255
103.14.232.0/22
103.26.52.0-103.26.59.255
103.42.160.0/22
103.48.56.0/22
103.48.100.0/22
103.59.188.0/22
103.59.212.0/22
103.66.80.0/22
103.74.236.0/22
103.77.152.0/22
103.89.40.0/22
103.111.132.0/22
103.112.32.0/22
103.137.152.0/22
103.155.170.0/24
103.162.190.0/23
103.163.188.0/23
103.168.62.0/23
103.174.38.0/24
103.177.180.0/23
103.178.212.0/23
103.181.52.0/23
103.181.208.0/23
103.185.174.0/23
103.204.119.0/24
103.209.18.0/23
103.216.144.0/22
103.218.100.0/22
103.219.164.0/22
103.220.80.0/22
103.220.212.0/22
103.226.0.0/21
103.226.28.0/22
103.232.24.0/22
124.108.16.0/22
IPv6:
2404:bd00::-2404:bd00:8:ffff:ffff:ffff:ffff:ffff
2404:bd00:a::-2404:bd00:f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
78:b7:34:55:ea:2b:81:c4:77:4b:77:ad:a0:ae:b7:0f:92:50:
da:c6:24:b2:7d:be:6c:03:5b:d3:00:db:e1:8a:2c:21:60:5d:
cb:4f:cd:19:b2:92:6d:6f:3e:51:5b:03:bc:cf:f9:3a:17:51:
17:c2:ca:5a:cf:63:31:93:8b:3d:07:3c:6a:76:af:84:c9:eb:
65:7b:a2:1a:ac:4c:ad:21:e7:69:a1:33:9e:a5:71:3c:9e:30:
5f:fd:8e:83:80:64:fe:3f:2e:3c:91:29:ec:11:fe:7d:cd:20:
79:9c:4d:59:69:41:6e:9e:3d:10:f8:5a:b7:57:8f:d2:be:88:
5e:b0:81:5b:a9:fc:cf:58:fb:a6:d2:82:f5:e9:89:b3:05:ef:
38:c1:84:0f:4c:15:82:57:8a:eb:f8:56:9d:1f:4f:77:51:47:
c2:be:c5:2f:90:19:5d:fd:8e:64:64:53:6f:c5:94:46:c4:b5:
25:9d:c5:99:74:85:7f:b9:c7:11:26:de:33:b8:e4:a0:1f:50:
53:c9:50:55:b4:1c:5a:04:7b:93:da:12:2c:94:a7:bc:4b:7c:
9f:55:be:be:06:06:6f:1d:82:36:7e:be:24:65:15:f7:bc:ab:
69:4f:c7:87:0f:c4:82:95:01:0b:2f:d7:a5:3c:04:48:3b:72:
fd:62:cc:88
-----BEGIN CERTIFICATE-----
MIIGujCCBaKgAwIBAgICYf0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIxMjI3MTIzMTM5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2FhZTVhYi04N2Y4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqPa96usB89w7Yl2LJimHk35ezjA7ocaAIcKTPmEWX0G7AX5CYCVmHmhfHOFR
f65ptNEN989+DuTReOVXXRo01cfrMzDy5eeKz3n3lfLCmPU22HHrJtZokwJ+WOYr
VgXEzrtkcYyReDnCNsMKTwmHx8uqXQKDj2iOkmoxIWD76vnM9uNV/X1t989x0ee2
NSoZxI25ee7PiYgk9x01eZRjKqhCk3Sld+TVZCqSfDPfxmbm+ptAuHFv/XJq6Xqo
pF4MRfoZnkbF2xX9kbDPKUD2tdNjyHHVcxwaeQ4jsPtRJp+LQbJyg8eNPCDcv7a+
S0591NwZnyDNmDYCtP7ScivvNQIDAQABo4ID3jCCA9owHQYDVR0OBBYEFGK1cdae
fM2jYC6JXS+nr85KbO3ZMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNjk2NzIzRTQ1
MDVCMTFFREI3QzM5ODg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFmBggrBgEFBQcBBwEB
/wSCAVUwggFRMIIBIAQCAAEwggEYAwQCK/EcAwQDK/GAAwQCK/LQAwQDK/LgAwQC
LUBUAwQCLXLAAwQCLXUAAwQCLX94MAwDBAMt+vgDBAAt+voDBAJnDugwDAMEAmca
NAMEAmcaOAMEAmcqoAMEAmcwOAMEAmcwZAMEAmc7vAMEAmc71AMEAmdCUAMEAmdK
7AMEAmdNmAMEAmdZKAMEAmdvhAMEAmdwIAMEAmeJmAMEAGebqgMEAWeivgMEAWej
vAMEAWeoPgMEAGeuJgMEAWextAMEAWey1AMEAWe1NAMEAWe10AMEAWe5rgMEAGfM
dwMEAWfREgMEAmfYkAMEAmfaZAMEAmfbpAMEAmfcUAMEAmfc1AMEA2fiAAMEAmfi
HAMEAmfoGAMEAnxsEDArBAIAAjAlMA8DBAAkBL0DBwAkBL0AAAgwEgMHASQEvQAA
CgMHBCQEvQAAADANBgkqhkiG9w0BAQsFAAOCAQEAeLc0VeorgcR3S3etoK63D5JQ
2sYksn2+bANb0wDb4YosIWBdy0/NGbKSbW8+UVsDvM/5OhdRF8LKWs9jMZOLPQc8
anavhMnrZXuiGqxMrSHnaaEznqVxPJ4wX/2Og4Bk/j8uPJEp7BH+fc0geZxNWWlB
bp49EPhat1eP0r6IXrCBW6n8z1j7ptKC9emJswXvOMGED0wVgleK6/hWnR9Pd1FH
wr7FL5AZXf2OZGRTb8WURsS1JZ3FmXSFf7nHESbeM7jkoB9QU8lQVbQcWgR7k9oS
LJSnvEt8n1W+vgYGbx2CNn6+JGUV97yraU/Hhw/EgpUBCy/XpTwESDty/WLMiA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 00:23:42 2025 by rpki-client