Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CBBDBA46D5E711ED97D0CC0AC4F9AE02.roa
File: CBBDBA46D5E711ED97D0CC0AC4F9AE02.roa (raw, json)
Hash identifier: 4Sxo/IEfJdcOe85/MAAQJTf5EkEpNg8FgVVbVIcJFaU=
Subject key identifier: CF:C7:79:43:09:B7:E8:79:F0:CE:30:E1:C1:6D:06:99:D0:27:AF:BE
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 737E
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CBBDBA46D5E711ED97D0CC0AC4F9AE02.roa
Signing time: Wed 07 Jun 2023 11:22:03 +0000
ROA not before: Wed 07 Jun 2023 11:22:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133647
IP address blocks: 14.102.17.0/24 maxlen: 24
14.102.18.0/24 maxlen: 24
14.102.19.0/24 maxlen: 24
14.102.20.0/24 maxlen: 24
14.102.21.0/24 maxlen: 24
14.102.46.0/24 maxlen: 24
14.102.47.0/24 maxlen: 24
14.102.49.0/24 maxlen: 24
14.102.51.0/24 maxlen: 24
14.102.58.0/24 maxlen: 24
14.102.61.0/24 maxlen: 24
14.102.94.0/24 maxlen: 24
14.102.102.0/24 maxlen: 24
43.230.156.0/22 maxlen: 24
45.115.252.0/22 maxlen: 24
45.116.68.0/24 maxlen: 24
45.116.106.0/24 maxlen: 24
45.116.107.0/24 maxlen: 24
103.38.70.0/24 maxlen: 24
103.43.4.0/22 maxlen: 24
103.50.4.0/22 maxlen: 24
103.55.6.0/23 maxlen: 23
103.55.7.0/24 maxlen: 24
103.61.101.0/24 maxlen: 24
103.61.102.0/24 maxlen: 24
103.61.103.0/24 maxlen: 24
103.61.242.0/23 maxlen: 24
103.69.216.0/22 maxlen: 24
103.70.144.0/22 maxlen: 24
103.70.176.0/23 maxlen: 24
103.79.112.0/22 maxlen: 24
103.87.48.0/24 maxlen: 24
103.87.49.0/24 maxlen: 24
103.91.68.0/22 maxlen: 24
103.93.176.0/22 maxlen: 24
103.122.85.0/24 maxlen: 24
103.156.168.0/23 maxlen: 24
103.157.160.0/23 maxlen: 24
103.159.154.0/23 maxlen: 24
103.161.230.0/23 maxlen: 24
103.161.232.0/24 maxlen: 24
103.161.233.0/24 maxlen: 24
103.174.105.0/24 maxlen: 24
103.175.76.0/23 maxlen: 24
103.220.28.0/24 maxlen: 24
103.220.29.0/24 maxlen: 24
103.220.30.0/24 maxlen: 24
103.220.31.0/24 maxlen: 24
103.237.172.0/24 maxlen: 24
103.237.173.0/24 maxlen: 24
103.237.174.0/24 maxlen: 24
103.237.175.0/24 maxlen: 24
110.172.137.0/24 maxlen: 24
110.172.141.0/24 maxlen: 24
110.172.142.0/24 maxlen: 24
110.172.144.0/24 maxlen: 24
110.172.163.0/24 maxlen: 24
110.172.172.0/24 maxlen: 24
110.172.188.0/24 maxlen: 24
118.91.184.0/24 maxlen: 24
118.91.190.0/24 maxlen: 24
175.111.180.0/24 maxlen: 24
175.111.182.0/24 maxlen: 24
175.111.183.0/24 maxlen: 24
202.89.73.0/24 maxlen: 24
202.89.79.0/24 maxlen: 24
2001:df1:b280::/48 maxlen: 48
2001:df1:f440::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29566 (0x737e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jun 7 11:22:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6480685b-bb35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8e:bf:f9:cf:9f:85:fb:02:a6:9a:7c:9c:0a:
78:7b:c9:1d:66:43:a3:bd:93:42:dc:b6:36:6b:fa:
12:a5:22:a9:82:ac:48:a7:e6:55:4c:bc:3f:fc:6c:
55:5e:89:3f:3d:c0:55:4b:38:fd:e4:07:49:2b:7e:
d0:38:64:28:65:92:29:b1:6a:ab:c5:ce:8a:c1:37:
4c:4a:b2:02:fb:de:3d:ba:34:c9:ff:62:af:b5:11:
22:f1:24:2e:5f:3d:8a:66:b8:cd:09:3b:51:db:cd:
af:ad:e7:bc:80:e4:d7:c2:58:9c:36:90:4f:67:18:
55:ee:87:3a:ff:99:60:f7:4e:81:a4:15:4a:38:a9:
16:f9:e7:55:d2:64:e6:5c:ad:8e:53:1e:e6:e3:52:
20:4a:0a:7e:51:8b:14:36:cf:9e:5e:9a:a5:88:3d:
1b:01:36:1e:81:87:56:af:ab:d6:fd:f6:7c:b8:07:
c7:c3:7b:c3:63:08:2a:d0:aa:58:40:93:74:4f:e8:
39:e2:fc:59:3e:1e:eb:d6:71:cf:00:d6:01:f3:ab:
48:1e:48:c6:1d:28:b4:5e:c7:1a:ac:ba:66:bb:9b:
30:92:c9:a7:53:05:85:c7:38:e5:2e:de:42:20:c6:
54:a0:f8:fa:07:f0:7d:4b:e8:17:4b:e8:07:d6:34:
18:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:C7:79:43:09:B7:E8:79:F0:CE:30:E1:C1:6D:06:99:D0:27:AF:BE
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CBBDBA46D5E711ED97D0CC0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.17.0-14.102.21.255
14.102.46.0/23
14.102.49.0/24
14.102.51.0/24
14.102.58.0/24
14.102.61.0/24
14.102.94.0/24
14.102.102.0/24
43.230.156.0/22
45.115.252.0/22
45.116.68.0/24
45.116.106.0/23
103.38.70.0/24
103.43.4.0/22
103.50.4.0/22
103.55.6.0/23
103.61.101.0-103.61.103.255
103.61.242.0/23
103.69.216.0/22
103.70.144.0/22
103.70.176.0/23
103.79.112.0/22
103.87.48.0/23
103.91.68.0/22
103.93.176.0/22
103.122.85.0/24
103.156.168.0/23
103.157.160.0/23
103.159.154.0/23
103.161.230.0-103.161.233.255
103.174.105.0/24
103.175.76.0/23
103.220.28.0/22
103.237.172.0/22
110.172.137.0/24
110.172.141.0-110.172.142.255
110.172.144.0/24
110.172.163.0/24
110.172.172.0/24
110.172.188.0/24
118.91.184.0/24
118.91.190.0/24
175.111.180.0/24
175.111.182.0/23
202.89.73.0/24
202.89.79.0/24
IPv6:
2001:df1:b280::/48
2001:df1:f440::/48
Signature Algorithm: sha256WithRSAEncryption
03:8a:40:9d:75:74:49:5e:49:ac:2f:3f:5e:7a:d0:42:b3:03:
5a:06:2f:93:c8:45:b1:41:77:66:b5:da:cc:49:e4:61:b9:cc:
fc:39:54:02:f0:37:6e:eb:2d:59:06:f4:d6:e6:ad:9f:b2:6d:
55:24:3f:61:96:3b:f9:de:88:e0:2a:79:70:c3:54:51:67:af:
25:16:31:fc:d0:16:ee:fc:9c:3e:6e:52:fb:dd:97:6d:95:4b:
93:d2:b9:57:a0:c6:ab:a9:e0:12:9d:44:ff:0c:01:05:05:ac:
03:eb:eb:1a:9d:4b:ba:10:09:b5:f0:3b:90:38:20:57:01:a9:
0e:87:d5:50:a9:47:39:73:5d:84:7c:79:39:87:06:df:0c:4d:
87:d7:78:fb:ad:8f:00:1e:28:f7:a0:15:f8:11:c5:1a:44:c7:
10:75:be:37:01:c0:7a:f2:f6:4b:10:ad:2d:2d:14:73:d7:85:
58:8b:d1:b4:2e:fd:f8:07:81:5a:3f:6e:13:0f:6d:45:04:c1:
fa:f5:54:ec:78:69:70:c8:c7:7e:29:c5:9b:54:5e:77:36:dd:
a5:3a:ee:cf:1f:71:6a:31:00:f1:2e:cd:9b:7d:68:14:d8:f0:
9e:22:8e:90:49:5b:37:d2:47:d4:9b:13:20:f8:8a:38:e7:89:
b1:b8:c5:bd
-----BEGIN CERTIFICATE-----
MIIGwzCCBaugAwIBAgICc34wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNjA3MTEyMjAzWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgwNjg1Yi1iYjM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAro6/+c+fhfsCppp8nAp4e8kdZkOjvZNC3LY2a/oSpSKpgqxIp+ZVTLw//GxV
Xok/PcBVSzj95AdJK37QOGQoZZIpsWqrxc6KwTdMSrIC+949ujTJ/2KvtREi8SQu
Xz2KZrjNCTtR282vree8gOTXwlicNpBPZxhV7oc6/5lg906BpBVKOKkW+edV0mTm
XK2OUx7m41IgSgp+UYsUNs+eXpqliD0bATYegYdWr6vW/fZ8uAfHw3vDYwgq0KpY
QJN0T+g54vxZPh7r1nHPANYB86tIHkjGHSi0XscarLpmu5swksmnUwWFxzjlLt5C
IMZUoPj6B/B9S+gXS+gH1jQYOQIDAQABo4ID5zCCA+MwHQYDVR0OBBYEFM/HeUMJ
t+h58M4w4cFtBpnQJ6++MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQ0JCREJBNDZE
NUU3MTFFRDk3RDBDQzBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFvBggrBgEFBQcBBwEB
/wSCAV4wggFaMIIBPAQCAAEwggE0MAwDBAAOZhEDBAEOZhQDBAEOZi4DBAAOZjED
BAAOZjMDBAAOZjoDBAAOZj0DBAAOZl4DBAAOZmYDBAIr5pwDBAItc/wDBAAtdEQD
BAEtdGoDBABnJkYDBAJnKwQDBAJnMgQDBAFnNwYwDAMEAGc9ZQMEA2c9YAMEAWc9
8gMEAmdF2AMEAmdGkAMEAWdGsAMEAmdPcAMEAWdXMAMEAmdbRAMEAmddsAMEAGd6
VQMEAWecqAMEAWedoAMEAWefmjAMAwQBZ6HmAwQBZ6HoAwQAZ65pAwQBZ69MAwQC
Z9wcAwQCZ+2sAwQAbqyJMAwDBABurI0DBABurI4DBABurJADBABurKMDBABurKwD
BABurLwDBAB2W7gDBAB2W74DBACvb7QDBAGvb7YDBADKWUkDBADKWU8wGAQCAAIw
EgMHACABDfGygAMHACABDfH0QDANBgkqhkiG9w0BAQsFAAOCAQEAA4pAnXV0SV5J
rC8/XnrQQrMDWgYvk8hFsUF3ZrXazEnkYbnM/DlUAvA3bustWQb01uatn7JtVSQ/
YZY7+d6I4Cp5cMNUUWevJRYx/NAW7vycPm5S+92XbZVLk9K5V6DGq6ngEp1E/wwB
BQWsA+vrGp1LuhAJtfA7kDggVwGpDofVUKlHOXNdhHx5OYcG3wxNh9d4+62PAB4o
96AV+BHFGkTHEHW+NwHAevL2SxCtLS0Uc9eFWIvRtC79+AeBWj9uEw9tRQTB+vVU
7HhpcMjHfinFm1RedzbdpTruzx9xajEA8S7Nm31oFNjwniKOkElbN9JH1JsTIPiK
OOeJsbjFvQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:45:47 2025 by rpki-client