Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9916C4B03AC811EFA7BD4C13C4F9AE02.roa
File: 9916C4B03AC811EFA7BD4C13C4F9AE02.roa (raw, json)
Hash identifier: 8lEK5D72JOTre3DZjqRX2vmrCyqq9lbSsXVPbF37BZ8=
Subject key identifier: 08:C2:FA:6C:D6:C1:B3:9C:D4:F9:47:3B:B6:68:A7:AA:FC:34:2D:22
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9423
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9916C4B03AC811EFA7BD4C13C4F9AE02.roa
Signing time: Fri 05 Jul 2024 12:17:51 +0000
ROA not before: Fri 05 Jul 2024 12:17:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18002
IP address blocks: 14.102.0.0/24 maxlen: 24
14.102.1.0/24 maxlen: 24
14.102.2.0/24 maxlen: 24
14.102.3.0/24 maxlen: 24
14.102.4.0/24 maxlen: 24
14.102.5.0/24 maxlen: 24
14.102.6.0/24 maxlen: 24
14.102.7.0/24 maxlen: 24
14.102.8.0/24 maxlen: 24
14.102.9.0/24 maxlen: 24
14.102.10.0/24 maxlen: 24
14.102.11.0/24 maxlen: 24
14.102.12.0/24 maxlen: 24
14.102.13.0/24 maxlen: 24
14.102.14.0/24 maxlen: 24
14.102.15.0/24 maxlen: 24
14.102.16.0/24 maxlen: 24
14.102.22.0/24 maxlen: 24
14.102.23.0/24 maxlen: 24
14.102.24.0/24 maxlen: 24
14.102.25.0/24 maxlen: 24
14.102.26.0/24 maxlen: 24
14.102.27.0/24 maxlen: 24
14.102.28.0/24 maxlen: 24
14.102.29.0/24 maxlen: 24
14.102.30.0/24 maxlen: 24
14.102.31.0/24 maxlen: 24
14.102.32.0/24 maxlen: 24
14.102.33.0/24 maxlen: 24
14.102.34.0/24 maxlen: 24
14.102.35.0/24 maxlen: 24
14.102.36.0/24 maxlen: 24
14.102.37.0/24 maxlen: 24
14.102.38.0/24 maxlen: 24
14.102.39.0/24 maxlen: 24
14.102.40.0/24 maxlen: 24
14.102.41.0/24 maxlen: 24
14.102.42.0/24 maxlen: 24
14.102.43.0/24 maxlen: 24
14.102.44.0/24 maxlen: 24
14.102.45.0/24 maxlen: 24
14.102.46.0/24 maxlen: 24
14.102.47.0/24 maxlen: 24
14.102.48.0/24 maxlen: 24
14.102.49.0/24 maxlen: 24
14.102.50.0/24 maxlen: 24
14.102.52.0/24 maxlen: 24
14.102.53.0/24 maxlen: 24
14.102.54.0/24 maxlen: 24
14.102.55.0/24 maxlen: 24
14.102.56.0/24 maxlen: 24
14.102.57.0/24 maxlen: 24
14.102.58.0/24 maxlen: 24
14.102.59.0/24 maxlen: 24
14.102.64.0/24 maxlen: 24
14.102.65.0/24 maxlen: 24
14.102.66.0/24 maxlen: 24
14.102.67.0/24 maxlen: 24
14.102.68.0/24 maxlen: 24
14.102.69.0/24 maxlen: 24
14.102.70.0/24 maxlen: 24
14.102.71.0/24 maxlen: 24
14.102.72.0/24 maxlen: 24
14.102.73.0/24 maxlen: 24
14.102.74.0/24 maxlen: 24
14.102.75.0/24 maxlen: 24
14.102.76.0/24 maxlen: 24
14.102.77.0/24 maxlen: 24
14.102.78.0/24 maxlen: 24
14.102.79.0/24 maxlen: 24
14.102.80.0/24 maxlen: 24
14.102.81.0/24 maxlen: 24
14.102.82.0/24 maxlen: 24
14.102.83.0/24 maxlen: 24
14.102.88.0/24 maxlen: 24
14.102.89.0/24 maxlen: 24
14.102.90.0/24 maxlen: 24
14.102.91.0/24 maxlen: 24
14.102.92.0/24 maxlen: 24
14.102.93.0/24 maxlen: 24
14.102.95.0/24 maxlen: 24
14.102.96.0/24 maxlen: 24
14.102.97.0/24 maxlen: 24
14.102.98.0/24 maxlen: 24
14.102.99.0/24 maxlen: 24
14.102.100.0/24 maxlen: 24
14.102.101.0/24 maxlen: 24
14.102.103.0/24 maxlen: 24
14.102.104.0/24 maxlen: 24
14.102.105.0/24 maxlen: 24
14.102.106.0/23 maxlen: 24
14.102.108.0/24 maxlen: 24
14.102.109.0/24 maxlen: 24
14.102.110.0/24 maxlen: 24
14.102.111.0/24 maxlen: 24
14.102.112.0/24 maxlen: 24
14.102.113.0/24 maxlen: 24
14.102.114.0/24 maxlen: 24
14.102.115.0/24 maxlen: 24
14.102.116.0/24 maxlen: 24
14.102.117.0/24 maxlen: 24
14.102.118.0/24 maxlen: 24
14.102.119.0/24 maxlen: 24
14.102.120.0/24 maxlen: 24
14.102.121.0/24 maxlen: 24
14.102.122.0/24 maxlen: 24
14.102.123.0/24 maxlen: 24
14.102.124.0/24 maxlen: 24
14.102.125.0/24 maxlen: 24
14.102.126.0/24 maxlen: 24
14.102.127.0/24 maxlen: 24
43.245.136.0/22 maxlen: 24
43.251.212.0/22 maxlen: 24
61.14.228.0/22 maxlen: 24
103.5.200.0/22 maxlen: 24
103.87.100.0/22 maxlen: 24
103.122.84.0/24 maxlen: 24
103.158.131.0/24 maxlen: 24
103.160.24.0/24 maxlen: 24
103.175.72.0/24 maxlen: 24
103.175.73.0/24 maxlen: 24
103.176.8.0/23 maxlen: 24
110.172.128.0/18 maxlen: 23
110.172.128.0/21 maxlen: 24
110.172.136.0/24 maxlen: 24
110.172.138.0/23 maxlen: 24
110.172.140.0/22 maxlen: 24
110.172.144.0/20 maxlen: 24
110.172.160.0/23 maxlen: 24
110.172.162.0/24 maxlen: 24
110.172.164.0/22 maxlen: 24
110.172.168.0/21 maxlen: 24
110.172.176.0/20 maxlen: 24
111.235.64.0/22 maxlen: 24
114.69.224.0/19 maxlen: 23
114.69.224.0/23 maxlen: 24
114.69.226.0/24 maxlen: 24
114.69.228.0/22 maxlen: 24
114.69.232.0/24 maxlen: 24
114.69.234.0/23 maxlen: 24
114.69.236.0/22 maxlen: 24
114.69.240.0/20 maxlen: 24
118.91.176.0/20 maxlen: 22
118.91.176.0/21 maxlen: 24
118.91.185.0/24 maxlen: 24
118.91.186.0/23 maxlen: 24
118.91.188.0/22 maxlen: 24
150.107.192.0/22 maxlen: 24
202.89.64.0/20 maxlen: 20
202.89.64.0/24 maxlen: 24
202.89.65.0/24 maxlen: 24
202.89.66.0/24 maxlen: 24
202.89.67.0/24 maxlen: 24
202.89.68.0/24 maxlen: 24
202.89.69.0/24 maxlen: 24
202.89.70.0/24 maxlen: 24
202.89.71.0/24 maxlen: 24
202.89.72.0/24 maxlen: 24
202.89.73.0/24 maxlen: 24
202.89.74.0/24 maxlen: 24
202.89.75.0/24 maxlen: 24
202.89.76.0/24 maxlen: 24
202.89.77.0/24 maxlen: 24
202.89.78.0/24 maxlen: 24
202.89.79.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37923 (0x9423)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jul 5 12:17:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6687e46f-3a8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:94:53:ca:cd:28:ed:17:e2:8b:8f:3f:54:40:
c6:f5:4c:c8:d1:bf:4c:06:11:a9:aa:5c:09:ff:31:
19:77:1c:9e:df:d9:60:1b:d8:55:37:7e:16:4b:a6:
85:f8:54:0c:05:bd:8b:f4:75:79:ea:06:e8:a5:15:
18:04:9e:ab:9a:1a:5f:93:7d:f2:4c:8b:dd:00:f2:
06:36:b3:22:87:78:1d:47:a8:30:73:0d:ae:91:ab:
16:8e:e3:2b:6d:55:a2:52:ce:17:9b:ea:02:a1:92:
ac:a9:e6:34:92:45:fd:56:2d:af:b8:e9:70:0e:e3:
3c:69:2d:29:c8:d9:61:23:28:6a:c2:2e:86:5a:0b:
a2:b3:7f:62:7a:76:54:1d:6b:99:5c:b4:77:11:bd:
32:b4:08:d0:03:48:0e:a7:29:ba:13:16:cd:8e:51:
de:00:d8:8f:57:08:56:8e:79:a5:9d:7b:fa:7e:8a:
fa:63:5f:c0:ad:56:cb:df:b5:9b:7e:b2:30:79:c7:
5f:64:46:e6:13:fb:93:8f:1c:ef:c3:54:ad:f0:d9:
c6:73:6f:ad:76:8c:42:65:26:00:9c:5a:b4:23:e2:
f3:88:c9:ca:19:f2:b4:6b:ec:a4:fa:c7:b6:52:7b:
b0:0c:a0:09:87:df:2f:24:f5:d4:c0:ec:a4:9f:68:
5f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:C2:FA:6C:D6:C1:B3:9C:D4:F9:47:3B:B6:68:A7:AA:FC:34:2D:22
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9916C4B03AC811EFA7BD4C13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.0.0-14.102.16.255
14.102.22.0-14.102.50.255
14.102.52.0-14.102.59.255
14.102.64.0-14.102.83.255
14.102.88.0-14.102.93.255
14.102.95.0-14.102.101.255
14.102.103.0-14.102.127.255
43.245.136.0/22
43.251.212.0/22
61.14.228.0/22
103.5.200.0/22
103.87.100.0/22
103.122.84.0/24
103.158.131.0/24
103.160.24.0/24
103.175.72.0/23
103.176.8.0/23
110.172.128.0/18
111.235.64.0/22
114.69.224.0/19
118.91.176.0/20
150.107.192.0/22
202.89.64.0/20
Signature Algorithm: sha256WithRSAEncryption
61:58:a1:2c:ee:5b:3d:d5:e3:07:d7:60:a9:b1:c8:ba:ca:95:
bb:b8:4e:f8:67:59:ff:f3:62:3d:d3:5b:52:37:a9:10:2d:36:
dd:fb:a5:32:9e:71:b5:e4:2b:53:44:71:75:93:ce:36:9d:5c:
82:d8:f7:fa:4c:e8:19:95:9b:93:ee:99:cc:a0:6b:06:e1:cd:
89:8b:68:15:4f:c0:37:cd:a8:5d:04:3f:73:74:18:73:4e:7d:
b8:1d:a2:30:81:79:04:99:4f:08:07:c5:dc:0c:0f:e1:ab:67:
84:3b:9c:d7:25:77:a3:95:54:11:14:35:52:12:6c:6f:21:bb:
9c:56:a2:40:f5:6e:89:4e:e7:39:fa:b4:66:04:51:54:10:c5:
c5:5f:e0:63:00:69:f9:22:4e:ae:1d:fd:3a:30:da:c4:4d:f2:
f5:7a:49:c4:15:93:3e:2e:f6:53:4d:94:67:bd:87:ab:1b:0f:
ca:5c:e9:7a:c0:f8:49:8a:69:c6:b1:47:13:3d:98:3a:71:11:
5e:92:1e:47:95:a1:ff:51:e8:8e:66:13:c3:2a:88:4d:e1:9d:
1e:6a:0d:4d:3e:fc:2c:d0:9c:44:89:4d:9a:f8:33:eb:34:fe:
26:6a:fc:46:e2:fd:6e:ad:82:79:16:0e:66:16:7e:a3:d9:ce:
11:a4:fc:63
-----BEGIN CERTIFICATE-----
MIIGMjCCBRqgAwIBAgIDAJQjMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDcwNTEyMTc1MVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY4N2U0NmYtM2E4ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGUU8rNKO0X4ouPP1RAxvVMyNG/TAYRqapcCf8xGXccnt/ZYBvYVTd+Fkum
hfhUDAW9i/R1eeoG6KUVGASeq5oaX5N98kyL3QDyBjazIod4HUeoMHMNrpGrFo7j
K21VolLOF5vqAqGSrKnmNJJF/VYtr7jpcA7jPGktKcjZYSMoasIuhloLorN/Ynp2
VB1rmVy0dxG9MrQI0ANIDqcpuhMWzY5R3gDYj1cIVo55pZ17+n6K+mNfwK1Wy9+1
m36yMHnHX2RG5hP7k48c78NUrfDZxnNvrXaMQmUmAJxatCPi84jJyhnytGvspPrH
tlJ7sAygCYffLyT11MDspJ9oX+sCAwEAAaOCA1UwggNRMB0GA1UdDgQWBBQIwvps
1sGznNT5Rzu2aKeq/DQtIjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzk5MTZDNEIw
M0FDODExRUZBN0JENEMxM0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIHeBggrBgEFBQcBBwEB
/wSBzjCByzCByAQCAAEwgcEwCwMDAQ5mAwQADmYQMAwDBAEOZhYDBAAOZjIwDAME
Ag5mNAMEAg5mODAMAwQGDmZAAwQCDmZQMAwDBAMOZlgDBAEOZlwwDAMEAA5mXwME
AQ5mZDAMAwQADmZnAwQHDmYAAwQCK/WIAwQCK/vUAwQCPQ7kAwQCZwXIAwQCZ1dk
AwQAZ3pUAwQAZ56DAwQAZ6AYAwQBZ69IAwQBZ7AIAwQGbqyAAwQCb+tAAwQFckXg
AwQEdluwAwQClmvAAwQEyllAMA0GCSqGSIb3DQEBCwUAA4IBAQBhWKEs7ls91eMH
12Cpsci6ypW7uE74Z1n/82I901tSN6kQLTbd+6UynnG15CtTRHF1k842nVyC2Pf6
TOgZlZuT7pnMoGsG4c2Ji2gVT8A3zahdBD9zdBhzTn24HaIwgXkEmU8IB8XcDA/h
q2eEO5zXJXejlVQRFDVSEmxvIbucVqJA9W6JTuc5+rRmBFFUEMXFX+BjAGn5Ik6u
Hf06MNrETfL1eknEFZM+LvZTTZRnvYerGw/KXOl6wPhJimnGsUcTPZg6cRFekh5H
laH/UeiOZhPDKohN4Z0eag1NPvws0JxEiU2a+DPrNP4mavxG4v1urYJ5Fg5mFn6j
2c4RpPxj
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:10:50 2025 by rpki-client