Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6EEC34AA340A11EF91291642C4F9AE02.roa
File: 6EEC34AA340A11EF91291642C4F9AE02.roa (raw, json)
Hash identifier: k4Lr1QFJb15AvB863QE68c21+8CeVFIEcV8SdkSnb0o=
Subject key identifier: 82:F5:34:90:93:D4:35:35:D5:63:7F:49:B0:A7:A0:00:8B:27:A3:F5
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9328
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6EEC34AA340A11EF91291642C4F9AE02.roa
Signing time: Wed 26 Jun 2024 22:21:29 +0000
ROA not before: Wed 26 Jun 2024 22:21:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 43.225.0.0/22 maxlen: 24
45.112.192.0/22 maxlen: 24
45.115.92.0/22 maxlen: 24
103.14.197.0/24 maxlen: 24
103.27.168.0/24 maxlen: 24
103.27.170.0/23 maxlen: 23
103.47.152.0/24 maxlen: 24
103.51.92.0/22 maxlen: 24
103.52.48.0/22 maxlen: 24
103.55.84.0/22 maxlen: 24
103.108.76.0/22 maxlen: 24
103.142.64.0/23 maxlen: 24
103.171.236.0/23 maxlen: 24
103.180.216.0/23 maxlen: 24
103.181.88.0/23 maxlen: 24
103.200.48.0/22 maxlen: 24
103.226.224.0/22 maxlen: 24
103.228.172.0/24 maxlen: 24
103.228.173.0/24 maxlen: 24
103.228.174.0/24 maxlen: 24
103.228.175.0/24 maxlen: 24
203.191.56.0/22 maxlen: 24
2400:d180:66::/48 maxlen: 48
2400:d180:67::/48 maxlen: 48
2400:d180:68::/48 maxlen: 48
2400:d180:69::/48 maxlen: 48
2400:d180:70::/48 maxlen: 48
2400:d180:71::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37672 (0x9328)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jun 26 22:21:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=667c9469-e322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ea:85:4e:cf:38:65:20:12:08:d7:9f:80:db:
7a:f6:80:46:78:41:75:5b:28:ab:67:fe:df:5a:e2:
b8:63:d9:0d:bb:95:db:39:76:2e:71:bb:71:f0:d1:
af:c3:85:43:90:34:53:c2:e6:25:8f:4e:bb:62:d6:
b5:ad:04:72:b0:3b:f4:36:1f:9f:1e:f1:f6:e6:c5:
3c:62:da:9e:ed:94:63:b4:f0:f1:27:f8:ac:9f:a0:
5a:5d:eb:9b:5a:e0:26:70:48:54:47:11:56:0b:a8:
d1:87:a0:1c:b3:f8:25:9b:fa:82:f6:ab:93:24:1d:
21:d0:0e:bf:ad:f1:f0:0f:90:a3:2e:38:46:62:c6:
d4:1d:cf:4f:52:ce:ea:2e:1b:4e:3f:5b:5f:c8:96:
cf:29:79:67:02:42:6e:03:de:6e:74:3d:2f:a7:0d:
84:77:c4:98:92:81:ed:f6:9f:5c:85:5f:62:ea:82:
15:16:27:ec:f5:2c:5e:9a:c5:31:dc:55:b8:e5:5b:
a0:ac:fe:f4:1f:ce:84:a8:9b:a0:21:e9:05:a0:17:
72:15:1b:7c:a0:7b:26:dc:a1:23:7f:d4:3c:7f:c4:
1d:4d:95:71:d0:48:0e:b1:6f:c2:df:c8:10:4f:35:
b2:70:a2:29:1c:63:04:12:2d:c6:59:e2:38:62:14:
8f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:F5:34:90:93:D4:35:35:D5:63:7F:49:B0:A7:A0:00:8B:27:A3:F5
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6EEC34AA340A11EF91291642C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.0.0/22
45.112.192.0/22
45.115.92.0/22
103.14.197.0/24
103.27.168.0/24
103.27.170.0/23
103.47.152.0/24
103.51.92.0/22
103.52.48.0/22
103.55.84.0/22
103.108.76.0/22
103.142.64.0/23
103.171.236.0/23
103.180.216.0/23
103.181.88.0/23
103.200.48.0/22
103.226.224.0/22
103.228.172.0/22
203.191.56.0/22
IPv6:
2400:d180:66::-2400:d180:69:ffff:ffff:ffff:ffff:ffff
2400:d180:70::/47
Signature Algorithm: sha256WithRSAEncryption
16:d3:ac:79:80:8a:65:03:6f:d4:39:87:7d:66:67:9e:7d:54:
cf:6f:53:b4:c3:90:b1:e4:70:c3:aa:85:a6:57:ce:e3:08:56:
34:fd:b6:f7:1c:02:45:94:74:62:b2:c3:9f:b3:03:0b:82:68:
b8:f7:fc:6d:31:85:a3:a7:ff:b2:bc:40:ec:5d:60:22:b3:ef:
5f:3f:83:50:d4:d0:f0:2b:c0:7d:83:d5:a7:2a:2c:63:35:6d:
14:7a:7c:ae:f7:2b:2f:3c:95:1b:eb:bc:87:6a:27:1e:8f:f6:
4d:9d:82:06:75:f1:e4:8e:72:ce:e1:4e:79:9b:75:47:86:30:
e8:34:8c:30:db:02:c4:95:2f:90:5a:74:2a:72:43:0d:b7:85:
b2:ec:0c:00:4a:79:c2:f9:91:46:29:63:5a:66:e3:55:52:68:
f5:6f:48:b0:4c:b8:06:93:e7:c2:ca:0b:46:e9:98:59:e9:e7:
ca:ea:69:82:98:22:92:00:aa:08:89:30:e5:fa:0c:62:d5:e9:
aa:d3:29:b9:31:a0:68:36:63:56:06:e3:29:92:49:e5:e7:9b:
1a:e8:11:bc:22:da:cc:58:f1:be:f9:bb:db:0e:e0:16:19:74:
4c:62:ff:48:57:d0:54:ad:03:2b:fb:aa:16:60:5c:8c:9c:e0:
48:b0:73:38
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgIDAJMoMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDYyNjIyMjEyOVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY3Yzk0NjktZTMyMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjqhU7POGUgEgjXn4DbevaARnhBdVsoq2f+31riuGPZDbuV2zl2LnG7cfDR
r8OFQ5A0U8LmJY9Ou2LWta0EcrA79DYfnx7x9ubFPGLanu2UY7Tw8Sf4rJ+gWl3r
m1rgJnBIVEcRVguo0YegHLP4JZv6gvarkyQdIdAOv63x8A+Qoy44RmLG1B3PT1LO
6i4bTj9bX8iWzyl5ZwJCbgPebnQ9L6cNhHfEmJKB7fafXIVfYuqCFRYn7PUsXprF
MdxVuOVboKz+9B/OhKiboCHpBaAXchUbfKB7JtyhI3/UPH/EHU2VcdBIDrFvwt/I
EE81snCiKRxjBBItxlniOGIUj9sCAwEAAaOCAykwggMlMB0GA1UdDgQWBBSC9TSQ
k9Q1NdVjf0mwp6AAiyej9TAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzZFRUMzNEFB
MzQwQTExRUY5MTI5MTY0MkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGyBggrBgEFBQcBBwEB
/wSBojCBnzB4BAIAATByAwQCK+EAAwQCLXDAAwQCLXNcAwQAZw7FAwQAZxuoAwQB
ZxuqAwQAZy+YAwQCZzNcAwQCZzQwAwQCZzdUAwQCZ2xMAwQBZ45AAwQBZ6vsAwQB
Z7TYAwQBZ7VYAwQCZ8gwAwQCZ+LgAwQCZ+SsAwQCy784MCMEAgACMB0wEgMHASQA
0YAAZgMHASQA0YAAaAMHASQA0YAAcDANBgkqhkiG9w0BAQsFAAOCAQEAFtOseYCK
ZQNv1DmHfWZnnn1Uz29TtMOQseRww6qFplfO4whWNP229xwCRZR0YrLDn7MDC4Jo
uPf8bTGFo6f/srxA7F1gIrPvXz+DUNTQ8CvAfYPVpyosYzVtFHp8rvcrLzyVG+u8
h2onHo/2TZ2CBnXx5I5yzuFOeZt1R4Yw6DSMMNsCxJUvkFp0KnJDDbeFsuwMAEp5
wvmRRiljWmbjVVJo9W9IsEy4BpPnwsoLRumYWennyuppgpgikgCqCIkw5foMYtXp
qtMpuTGgaDZjVgbjKZJJ5eebGugRvCLazFjxvvm72w7gFhl0TGL/SFfQVK0DK/uq
FmBcjJzgSLBzOA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:09:25 2025 by rpki-client