Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9C54662C61B811EDA304BA0BC4F9AE02.roa
File: 9C54662C61B811EDA304BA0BC4F9AE02.roa (raw, json)
Hash identifier: TV6UVsliaSpksGSI1PCfSQajw82VqwnEEb7a8iQYsmY=
Subject key identifier: FB:54:A5:D1:5B:35:26:71:EA:44:E6:17:B0:9D:4D:EB:F8:E0:8C:97
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9242
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9C54662C61B811EDA304BA0BC4F9AE02.roa
Signing time: Wed 12 Jun 2024 07:08:21 +0000
ROA not before: Wed 12 Jun 2024 07:08:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9830
IP address blocks: 103.60.198.0/24 maxlen: 24
103.60.199.0/24 maxlen: 24
103.68.184.0/22 maxlen: 22
103.68.184.0/24 maxlen: 24
103.68.185.0/24 maxlen: 24
103.68.186.0/24 maxlen: 24
103.68.187.0/24 maxlen: 24
103.169.167.0/24 maxlen: 24
103.170.20.0/24 maxlen: 24
103.216.172.0/24 maxlen: 24
103.216.173.0/24 maxlen: 24
103.216.174.0/24 maxlen: 24
103.216.175.0/24 maxlen: 24
103.239.64.0/23 maxlen: 24
202.91.64.0/24 maxlen: 24
202.91.65.0/24 maxlen: 24
202.91.66.0/24 maxlen: 24
202.91.67.0/24 maxlen: 24
202.91.68.0/24 maxlen: 24
202.91.69.0/24 maxlen: 24
202.91.70.0/24 maxlen: 24
202.91.71.0/24 maxlen: 24
202.91.72.0/24 maxlen: 24
202.91.73.0/24 maxlen: 24
202.91.74.0/24 maxlen: 24
202.91.75.0/24 maxlen: 24
202.91.76.0/24 maxlen: 24
202.91.77.0/24 maxlen: 24
202.91.78.0/24 maxlen: 24
202.91.79.0/24 maxlen: 24
202.91.80.0/24 maxlen: 24
202.91.81.0/24 maxlen: 24
202.91.82.0/24 maxlen: 24
202.91.83.0/24 maxlen: 24
202.91.84.0/24 maxlen: 24
202.91.85.0/24 maxlen: 24
202.91.86.0/24 maxlen: 24
202.91.87.0/24 maxlen: 24
202.91.88.0/24 maxlen: 24
202.91.89.0/24 maxlen: 24
202.91.90.0/24 maxlen: 24
202.91.91.0/24 maxlen: 24
202.91.92.0/24 maxlen: 24
202.91.93.0/24 maxlen: 24
202.91.94.0/24 maxlen: 24
202.91.95.0/24 maxlen: 24
2001:df0:cf80::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37442 (0x9242)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jun 12 07:08:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66694964-dd07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7b:b4:c7:95:88:f7:c3:cb:66:8b:3d:be:2f:
08:ca:3e:25:8c:7f:ec:0f:b4:08:bc:24:c3:a2:83:
23:50:b8:8e:80:7f:50:49:53:a6:7b:94:71:df:54:
49:3d:35:10:01:cb:55:70:cb:6b:87:d0:d0:58:ed:
5a:22:88:c8:a0:8f:cd:7d:f5:ef:10:c8:e7:61:f8:
5b:90:60:95:92:72:60:d7:df:5a:ab:0c:7b:38:fc:
0f:7f:7c:93:e2:b4:05:bb:e9:3a:7f:55:64:bd:d2:
9f:0b:79:36:61:09:55:b6:dc:e9:9e:54:6a:d7:33:
b5:44:d5:17:20:dd:aa:a7:f5:38:15:b0:fd:22:a0:
99:6e:e2:b4:88:e0:9d:7c:24:08:11:78:93:c6:58:
c3:2b:92:2e:ff:2b:eb:dd:2f:34:2d:f1:29:8a:6f:
f1:10:a0:66:25:32:8f:28:48:fe:a8:b6:05:8d:15:
a2:c4:80:a6:eb:58:5e:e2:18:40:10:16:a3:d9:bc:
1d:77:50:8b:4a:dc:36:38:e2:ef:07:9f:6a:6f:3d:
e0:55:c3:06:3e:ea:d6:b0:6e:00:9d:f1:eb:f9:54:
e2:16:44:d2:2e:65:8a:3a:10:78:27:fb:20:d3:4b:
28:c4:ef:fa:9f:27:e3:eb:3b:fe:64:91:47:16:31:
3d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:54:A5:D1:5B:35:26:71:EA:44:E6:17:B0:9D:4D:EB:F8:E0:8C:97
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9C54662C61B811EDA304BA0BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.60.198.0/23
103.68.184.0/22
103.169.167.0/24
103.170.20.0/24
103.216.172.0/22
103.239.64.0/23
202.91.64.0/19
IPv6:
2001:df0:cf80::/48
Signature Algorithm: sha256WithRSAEncryption
a6:02:60:f8:5c:6a:bd:51:17:0a:20:52:56:bf:67:2c:74:09:
72:07:db:75:82:eb:7b:ee:df:3d:b2:35:87:11:c8:02:be:aa:
70:41:f7:b1:e0:fe:bf:95:dc:fa:00:b3:80:9a:80:d0:a9:bf:
99:aa:0e:b4:50:2e:0a:b8:d0:00:a2:3a:ff:b2:d4:e8:42:5d:
9f:98:c6:67:6c:da:4e:a5:36:09:a1:bb:2b:00:96:87:ba:0c:
f3:17:b5:ae:54:d7:6c:16:43:a7:7f:51:cf:06:3e:de:04:3d:
a2:2f:d6:33:e3:a7:b1:1a:e6:e6:aa:54:f2:02:92:88:7f:a3:
70:62:81:97:9d:cd:e0:60:78:ac:b8:88:95:e0:06:a6:9a:8a:
0a:79:a8:c3:03:2b:20:18:5d:e9:49:4a:26:e5:5f:3e:b2:b8:
7c:ab:48:ca:8b:b2:98:b9:21:f4:c1:9d:13:6e:78:44:f9:e4:
f0:c8:a2:8e:85:79:ac:7c:c7:89:18:c3:a9:5e:da:07:52:7b:
bf:61:c5:53:0f:fb:05:bf:7f:68:a0:c8:e5:33:9d:de:ef:dd:
43:e2:7a:e1:11:85:33:a4:ba:d9:dc:c7:8f:62:94:c0:cf:e7:
e7:3b:af:7d:e8:51:91:bc:fd:13:b4:91:d3:5b:59:1a:ea:cf:
c4:a9:43:f6
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgIDAJJCMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDYxMjA3MDgyMVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY2OTQ5NjQtZGQwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALN7tMeViPfDy2aLPb4vCMo+JYx/7A+0CLwkw6KDI1C4joB/UElTpnuUcd9U
ST01EAHLVXDLa4fQ0FjtWiKIyKCPzX317xDI52H4W5BglZJyYNffWqsMezj8D398
k+K0BbvpOn9VZL3Snwt5NmEJVbbc6Z5UatcztUTVFyDdqqf1OBWw/SKgmW7itIjg
nXwkCBF4k8ZYwyuSLv8r690vNC3xKYpv8RCgZiUyjyhI/qi2BY0VosSAputYXuIY
QBAWo9m8HXdQi0rcNjji7wefam894FXDBj7q1rBuAJ3x6/lU4hZE0i5lijoQeCf7
INNLKMTv+p8n4+s7/mSRRxYxPf0CAwEAAaOCAsowggLGMB0GA1UdDgQWBBT7VKXR
WzUmcepE5hewnU3r+OCMlzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzlDNTQ2NjJD
NjFCODExRURBMzA0QkEwQkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMFQGCCsGAQUFBwEHAQH/
BEUwQzAwBAIAATAqAwQBZzzGAwQCZ0S4AwQAZ6mnAwQAZ6oUAwQCZ9isAwQBZ+9A
AwQFyltAMA8EAgACMAkDBwAgAQ3wz4AwDQYJKoZIhvcNAQELBQADggEBAKYCYPhc
ar1RFwogUla/Zyx0CXIH23WC63vu3z2yNYcRyAK+qnBB97Hg/r+V3PoAs4CagNCp
v5mqDrRQLgq40ACiOv+y1OhCXZ+Yxmds2k6lNgmhuysAloe6DPMXta5U12wWQ6d/
Uc8GPt4EPaIv1jPjp7Ea5uaqVPICkoh/o3BigZedzeBgeKy4iJXgBqaaigp5qMMD
KyAYXelJSiblXz6yuHyrSMqLspi5IfTBnRNueET55PDIoo6Feax8x4kYw6le2gdS
e79hxVMP+wW/f2igyOUznd7v3UPieuERhTOkutncx49ilMDP5+c7r33oUZG8/RO0
kdNbWRrqz8SpQ/Y=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:51:53 2025 by rpki-client