Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6F4D4C5C087311EBBB1BBF5EC4F9AE02.roa
File: 6F4D4C5C087311EBBB1BBF5EC4F9AE02.roa (raw, json)
Hash identifier: LY60gMM6CJyIFdSfPk3fClTrecYnvhnTQt1QehMM5IU=
Subject key identifier: 4E:5C:EF:07:66:93:76:3B:19:BE:78:BA:5E:F8:3D:30:0E:45:21:7C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4C18
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6F4D4C5C087311EBBB1BBF5EC4F9AE02.roa
Signing time: Tue 12 Apr 2022 10:01:45 +0000
ROA not before: Tue 12 Apr 2022 10:01:45 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 132770
IP address blocks: 43.227.20.0/22 maxlen: 24
43.228.72.0/22 maxlen: 24
43.241.24.0/22 maxlen: 24
45.119.57.0/24 maxlen: 24
45.119.58.0/24 maxlen: 24
45.119.59.0/24 maxlen: 24
45.252.72.0/22 maxlen: 24
103.59.104.0/24 maxlen: 24
103.81.36.0/22 maxlen: 24
103.93.240.0/24 maxlen: 24
103.93.241.0/24 maxlen: 24
103.93.242.0/24 maxlen: 24
103.93.243.0/24 maxlen: 24
103.94.56.0/22 maxlen: 24
103.178.206.0/24 maxlen: 24
103.178.207.0/24 maxlen: 24
103.184.86.0/24 maxlen: 24
103.184.87.0/24 maxlen: 24
103.204.36.0/22 maxlen: 24
103.211.60.0/24 maxlen: 24
103.211.61.0/24 maxlen: 24
103.211.62.0/24 maxlen: 24
103.211.63.0/24 maxlen: 24
103.221.72.0/22 maxlen: 24
103.229.244.0/22 maxlen: 24
103.239.84.0/22 maxlen: 24
103.241.80.0/22 maxlen: 24
103.243.112.0/22 maxlen: 24
103.249.240.0/22 maxlen: 24
103.251.208.0/22 maxlen: 24
103.254.52.0/22 maxlen: 24
150.129.128.0/22 maxlen: 24
150.129.156.0/22 maxlen: 24
163.53.200.0/22 maxlen: 24
202.136.68.0/22 maxlen: 24
2404:4980::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19480 (0x4c18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Apr 12 10:01:45 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=62554e09-4b59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:85:fd:3c:db:c3:72:61:32:4d:72:a5:08:6c:
da:e4:74:c6:ca:eb:3b:e6:fd:5a:38:88:dd:88:21:
40:e2:98:62:cb:14:f5:a4:af:c9:71:b9:9b:20:0a:
a1:a6:19:56:81:aa:a0:8f:5a:51:a4:09:c8:58:6d:
da:e0:84:8f:01:2e:90:16:b1:d5:94:db:15:4d:03:
0c:07:ee:52:4c:df:00:07:56:73:54:c6:23:f8:16:
a2:a2:c9:45:f9:f7:d7:8f:01:d7:e8:b2:d6:07:01:
83:fe:dc:45:ea:41:dd:31:3e:1c:53:39:55:fe:96:
de:39:25:35:12:c2:08:c0:01:25:24:d1:7f:d1:d7:
c9:1c:a5:51:a6:4e:53:2a:a8:19:a2:5b:72:f8:14:
53:00:73:76:92:4b:80:b9:ac:29:3e:54:9b:1d:7d:
8f:7f:bb:14:fc:46:f8:0c:87:e3:5f:c5:4e:43:ec:
5b:6c:c2:4a:a1:d5:07:6c:8b:6d:64:65:14:51:e6:
27:19:63:db:88:68:eb:a2:8a:09:2a:71:f6:67:7b:
16:ee:2e:06:bd:cb:10:16:57:51:57:9a:3e:a4:ea:
ca:39:a7:57:25:ea:63:a0:ca:6f:1a:ee:c3:89:38:
71:68:e9:4d:3e:79:89:3a:4b:94:c3:6d:06:aa:17:
d1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:5C:EF:07:66:93:76:3B:19:BE:78:BA:5E:F8:3D:30:0E:45:21:7C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6F4D4C5C087311EBBB1BBF5EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.227.20.0/22
43.228.72.0/22
43.241.24.0/22
45.119.57.0-45.119.59.255
45.252.72.0/22
103.59.104.0/24
103.81.36.0/22
103.93.240.0/22
103.94.56.0/22
103.178.206.0/23
103.184.86.0/23
103.204.36.0/22
103.211.60.0/22
103.221.72.0/22
103.229.244.0/22
103.239.84.0/22
103.241.80.0/22
103.243.112.0/22
103.249.240.0/22
103.251.208.0/22
103.254.52.0/22
150.129.128.0/22
150.129.156.0/22
163.53.200.0/22
202.136.68.0/22
IPv6:
2404:4980::/32
Signature Algorithm: sha256WithRSAEncryption
08:19:f2:9a:00:95:92:37:9c:f6:33:52:87:f9:db:0d:14:2d:
1c:82:e6:bc:47:45:8a:38:83:c5:37:56:bf:40:61:bc:ff:01:
43:4e:ff:14:cf:6b:cd:4b:07:4f:6c:ab:bf:e3:c4:e6:fa:8c:
51:b4:00:59:e6:10:c7:1c:86:56:33:6d:c7:95:44:6a:69:35:
93:1d:ad:7d:e6:b9:fe:25:b9:08:5a:10:92:bb:31:63:6a:9c:
9a:e1:89:0d:8e:5d:24:bf:34:1f:57:f0:bf:d4:f3:af:c9:76:
4d:73:fc:92:18:47:4a:62:29:30:76:af:6e:90:48:d8:12:a0:
85:59:ee:0f:83:fc:18:e0:b2:b0:79:f1:4a:ae:b9:31:eb:02:
ac:51:b1:52:42:83:05:5d:1e:fa:4b:f5:9b:a7:06:36:c1:bf:
41:d4:ed:d2:70:d1:20:7e:88:d5:02:5d:31:a2:0b:8e:ed:6d:
0d:d2:c2:d7:98:b7:39:02:5d:c0:9d:c4:d1:82:fb:a3:3a:69:
65:06:9d:1c:e7:5b:f0:1e:61:7f:e9:0b:df:c5:79:4a:b3:31:
9c:21:39:3f:e6:50:f2:64:ab:72:59:dd:93:9a:ba:4a:4d:36:
e6:9c:17:95:a2:fa:69:a5:a8:e1:26:60:74:a9:39:30:87:17:
d6:53:bc:13
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgICTBgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNDEyMTAwMTQ1WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjU1NGUwOS00YjU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuYX9PNvDcmEyTXKlCGza5HTGyus75v1aOIjdiCFA4phiyxT1pK/JcbmbIAqh
phlWgaqgj1pRpAnIWG3a4ISPAS6QFrHVlNsVTQMMB+5STN8AB1ZzVMYj+BaioslF
+ffXjwHX6LLWBwGD/txF6kHdMT4cUzlV/pbeOSU1EsIIwAElJNF/0dfJHKVRpk5T
KqgZolty+BRTAHN2kkuAuawpPlSbHX2Pf7sU/Eb4DIfjX8VOQ+xbbMJKodUHbItt
ZGUUUeYnGWPbiGjroooJKnH2Z3sW7i4GvcsQFldRV5o+pOrKOadXJepjoMpvGu7D
iThxaOlNPnmJOkuUw20GqhfRcQIDAQABo4IDQTCCAz0wHQYDVR0OBBYEFE5c7wdm
k3Y7Gb54ul74PTAORSF8MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNkY0RDRDNUMw
ODczMTFFQkJCMUJCRjVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgcoGCCsGAQUFBwEHAQH/
BIG6MIG3MIGlBAIAATCBngMEAivjFAMEAivkSAMEAivxGDAMAwQALXc5AwQCLXc4
AwQCLfxIAwQAZztoAwQCZ1EkAwQCZ13wAwQCZ144AwQBZ7LOAwQBZ7hWAwQCZ8wk
AwQCZ9M8AwQCZ91IAwQCZ+X0AwQCZ+9UAwQCZ/FQAwQCZ/NwAwQCZ/nwAwQCZ/vQ
AwQCZ/40AwQCloGAAwQCloGcAwQCozXIAwQCyohEMA0EAgACMAcDBQAkBEmAMA0G
CSqGSIb3DQEBCwUAA4IBAQAIGfKaAJWSN5z2M1KH+dsNFC0cgua8R0WKOIPFN1a/
QGG8/wFDTv8Uz2vNSwdPbKu/48Tm+oxRtABZ5hDHHIZWM23HlURqaTWTHa195rn+
JbkIWhCSuzFjapya4YkNjl0kvzQfV/C/1POvyXZNc/ySGEdKYikwdq9ukEjYEqCF
We4Pg/wY4LKwefFKrrkx6wKsUbFSQoMFXR76S/WbpwY2wb9B1O3ScNEgfojVAl0x
oguO7W0N0sLXmLc5Al3AncTRgvujOmllBp0c51vwHmF/6QvfxXlKszGcITk/5lDy
ZKtyWd2TmrpKTTbmnBeVovpppajhJmB0qTkwhxfWU7wT
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:27:40 2025 by rpki-client