Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ECB5A58AD6FB11EF99B38323C4F9AE02.roa
File: ECB5A58AD6FB11EF99B38323C4F9AE02.roa (raw, json)
Hash identifier: 1MVNhOnWPHIEobsD4pyaFqUD8glsZB5x9IKf8weW8XE=
Subject key identifier: CB:26:2F:2B:2B:D8:76:4B:70:19:D2:82:6B:FF:96:3F:3E:93:26:C9
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A325
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ECB5A58AD6FB11EF99B38323C4F9AE02.roa
Signing time: Mon 20 Jan 2025 07:09:52 +0000
ROA not before: Mon 20 Jan 2025 07:09:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18002
IP address blocks: 14.102.0.0/22 maxlen: 24
14.102.0.0/24 maxlen: 24
14.102.1.0/24 maxlen: 24
14.102.2.0/24 maxlen: 24
14.102.3.0/24 maxlen: 24
14.102.22.0/23 maxlen: 24
14.102.22.0/24 maxlen: 24
14.102.23.0/24 maxlen: 24
14.102.24.0/22 maxlen: 24
14.102.24.0/24 maxlen: 24
14.102.25.0/24 maxlen: 24
14.102.26.0/24 maxlen: 24
14.102.27.0/24 maxlen: 24
14.102.28.0/22 maxlen: 24
14.102.28.0/24 maxlen: 24
14.102.29.0/24 maxlen: 24
14.102.30.0/24 maxlen: 24
14.102.31.0/24 maxlen: 24
14.102.32.0/22 maxlen: 24
14.102.32.0/24 maxlen: 24
14.102.33.0/24 maxlen: 24
14.102.34.0/24 maxlen: 24
14.102.35.0/24 maxlen: 24
14.102.36.0/23 maxlen: 24
14.102.36.0/24 maxlen: 24
14.102.37.0/24 maxlen: 24
14.102.38.0/24 maxlen: 24
14.102.40.0/22 maxlen: 24
14.102.40.0/24 maxlen: 24
14.102.41.0/24 maxlen: 24
14.102.42.0/24 maxlen: 24
14.102.43.0/24 maxlen: 24
14.102.44.0/24 maxlen: 24
14.102.45.0/24 maxlen: 24
14.102.48.0/24 maxlen: 24
14.102.50.0/24 maxlen: 24
14.102.56.0/23 maxlen: 24
14.102.56.0/24 maxlen: 24
14.102.57.0/24 maxlen: 24
14.102.59.0/24 maxlen: 24
14.102.64.0/22 maxlen: 24
14.102.64.0/24 maxlen: 24
14.102.65.0/24 maxlen: 24
14.102.66.0/24 maxlen: 24
14.102.67.0/24 maxlen: 24
14.102.68.0/22 maxlen: 24
14.102.68.0/24 maxlen: 24
14.102.69.0/24 maxlen: 24
14.102.70.0/24 maxlen: 24
14.102.71.0/24 maxlen: 24
14.102.72.0/22 maxlen: 24
14.102.72.0/24 maxlen: 24
14.102.73.0/24 maxlen: 24
14.102.74.0/24 maxlen: 24
14.102.75.0/24 maxlen: 24
14.102.76.0/23 maxlen: 24
14.102.78.0/24 maxlen: 24
14.102.80.0/22 maxlen: 24
14.102.80.0/24 maxlen: 24
14.102.81.0/24 maxlen: 24
14.102.82.0/24 maxlen: 24
14.102.83.0/24 maxlen: 24
14.102.88.0/24 maxlen: 24
14.102.91.0/24 maxlen: 24
14.102.92.0/23 maxlen: 24
14.102.95.0/24 maxlen: 24
14.102.96.0/23 maxlen: 24
14.102.96.0/24 maxlen: 24
14.102.97.0/24 maxlen: 24
14.102.100.0/23 maxlen: 24
14.102.103.0/24 maxlen: 24
14.102.104.0/22 maxlen: 24
14.102.104.0/24 maxlen: 24
14.102.105.0/24 maxlen: 24
14.102.106.0/23 maxlen: 24
14.102.108.0/22 maxlen: 24
14.102.108.0/24 maxlen: 24
14.102.109.0/24 maxlen: 24
14.102.110.0/24 maxlen: 24
14.102.111.0/24 maxlen: 24
14.102.112.0/22 maxlen: 24
14.102.112.0/24 maxlen: 24
14.102.113.0/24 maxlen: 24
14.102.114.0/24 maxlen: 24
14.102.115.0/24 maxlen: 24
14.102.116.0/22 maxlen: 24
14.102.116.0/24 maxlen: 24
14.102.117.0/24 maxlen: 24
14.102.118.0/24 maxlen: 24
14.102.119.0/24 maxlen: 24
14.102.120.0/22 maxlen: 24
14.102.120.0/24 maxlen: 24
14.102.121.0/24 maxlen: 24
14.102.122.0/24 maxlen: 24
14.102.123.0/24 maxlen: 24
14.102.125.0/24 maxlen: 24
14.102.126.0/23 maxlen: 24
14.102.126.0/24 maxlen: 24
14.102.127.0/24 maxlen: 24
43.251.212.0/22 maxlen: 24
61.14.228.0/23 maxlen: 24
61.14.231.0/24 maxlen: 24
103.5.200.0/22 maxlen: 24
103.59.189.0/24 maxlen: 24
103.87.100.0/22 maxlen: 24
103.158.131.0/24 maxlen: 24
103.160.24.0/24 maxlen: 24
103.175.72.0/24 maxlen: 24
103.175.73.0/24 maxlen: 24
103.176.8.0/23 maxlen: 24
110.172.130.0/23 maxlen: 24
110.172.132.0/24 maxlen: 24
110.172.134.0/23 maxlen: 24
110.172.136.0/24 maxlen: 24
110.172.138.0/23 maxlen: 24
110.172.140.0/24 maxlen: 24
110.172.145.0/24 maxlen: 24
110.172.147.0/24 maxlen: 24
110.172.150.0/24 maxlen: 24
110.172.151.0/24 maxlen: 24
110.172.152.0/22 maxlen: 24
110.172.156.0/22 maxlen: 24
110.172.160.0/22 maxlen: 24
110.172.164.0/24 maxlen: 24
110.172.166.0/23 maxlen: 24
110.172.168.0/24 maxlen: 24
110.172.170.0/23 maxlen: 24
110.172.174.0/23 maxlen: 24
110.172.177.0/24 maxlen: 24
110.172.178.0/23 maxlen: 24
110.172.184.0/22 maxlen: 24
111.235.64.0/22 maxlen: 24
114.69.228.0/22 maxlen: 24
114.69.232.0/24 maxlen: 24
114.69.234.0/24 maxlen: 24
114.69.235.0/24 maxlen: 24
114.69.240.0/24 maxlen: 24
114.69.242.0/23 maxlen: 24
114.69.248.0/23 maxlen: 24
114.69.252.0/22 maxlen: 24
118.91.176.0/23 maxlen: 24
118.91.178.0/24 maxlen: 24
118.91.189.0/24 maxlen: 24
118.91.191.0/24 maxlen: 24
202.89.64.0/24 maxlen: 24
202.89.65.0/24 maxlen: 24
202.89.66.0/24 maxlen: 24
202.89.67.0/24 maxlen: 24
202.89.68.0/24 maxlen: 24
202.89.69.0/24 maxlen: 24
202.89.70.0/24 maxlen: 24
202.89.71.0/24 maxlen: 24
202.89.72.0/24 maxlen: 24
202.89.74.0/24 maxlen: 24
202.89.76.0/24 maxlen: 24
202.89.77.0/24 maxlen: 24
202.89.78.0/24 maxlen: 24
2402:5b00::/44 maxlen: 44
2402:5b00:20::/44 maxlen: 44
2402:5b00:40::/44 maxlen: 44
2402:5b00:b0::/44 maxlen: 44
2402:5b00:d0::/44 maxlen: 44
2402:5b00:e0::/44 maxlen: 44
2402:5b00:f0::/44 maxlen: 44
2402:5b00:110::/44 maxlen: 44
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41765 (0xa325)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 20 07:09:52 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=678df6bf-19b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:7e:a4:28:9e:81:2b:40:e6:de:eb:7f:3b:39:
f6:0e:bb:dc:de:e5:cc:7b:12:84:eb:dd:fc:49:1c:
34:28:82:52:ca:37:dd:2d:1c:2a:7e:13:64:ab:1a:
f8:cc:c1:27:23:6d:da:d8:77:4b:a8:54:d6:60:c4:
3e:65:09:eb:e5:7f:05:fd:60:58:4a:5a:81:a0:65:
47:ca:ca:80:35:7b:86:14:b8:34:47:41:47:0a:ab:
da:34:41:b0:c8:98:25:f4:9d:6d:43:09:5a:70:1b:
78:4e:a9:98:80:c4:7b:e7:bc:8f:c1:59:44:ae:67:
61:72:db:da:b2:5c:08:c4:0a:25:87:2c:30:8c:95:
fd:0d:fd:7c:3a:5e:de:38:d2:2c:93:41:49:92:6d:
65:d1:f6:d3:3c:2b:da:7b:77:04:9b:fc:64:12:63:
68:7e:19:0e:4b:f9:6e:43:64:46:54:ed:81:93:dd:
7d:4c:5d:f5:66:e9:5e:99:af:1f:e8:d2:43:da:14:
d7:cd:61:ba:39:ca:65:62:e8:94:f2:8b:7b:bd:da:
35:9d:f1:2d:b8:9b:41:87:a3:45:7d:60:51:70:41:
82:b2:9e:a9:14:37:0c:96:46:0d:75:49:6e:a7:fc:
c2:51:ea:8e:6c:1e:32:89:f8:57:90:b0:f3:00:4d:
fb:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:26:2F:2B:2B:D8:76:4B:70:19:D2:82:6B:FF:96:3F:3E:93:26:C9
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ECB5A58AD6FB11EF99B38323C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.0.0/22
14.102.22.0-14.102.38.255
14.102.40.0-14.102.45.255
14.102.48.0/24
14.102.50.0/24
14.102.56.0/23
14.102.59.0/24
14.102.64.0-14.102.78.255
14.102.80.0/22
14.102.88.0/24
14.102.91.0-14.102.93.255
14.102.95.0-14.102.97.255
14.102.100.0/23
14.102.103.0-14.102.123.255
14.102.125.0-14.102.127.255
43.251.212.0/22
61.14.228.0/23
61.14.231.0/24
103.5.200.0/22
103.59.189.0/24
103.87.100.0/22
103.158.131.0/24
103.160.24.0/24
103.175.72.0/23
103.176.8.0/23
110.172.130.0-110.172.132.255
110.172.134.0-110.172.136.255
110.172.138.0-110.172.140.255
110.172.145.0/24
110.172.147.0/24
110.172.150.0-110.172.164.255
110.172.166.0-110.172.168.255
110.172.170.0/23
110.172.174.0/23
110.172.177.0-110.172.179.255
110.172.184.0/22
111.235.64.0/22
114.69.228.0-114.69.232.255
114.69.234.0/23
114.69.240.0/24
114.69.242.0/23
114.69.248.0/23
114.69.252.0/22
118.91.176.0-118.91.178.255
118.91.189.0/24
118.91.191.0/24
202.89.64.0-202.89.72.255
202.89.74.0/24
202.89.76.0-202.89.78.255
IPv6:
2402:5b00::/44
2402:5b00:20::/44
2402:5b00:40::/44
2402:5b00:b0::/44
2402:5b00:d0::-2402:5b00:ff:ffff:ffff:ffff:ffff:ffff
2402:5b00:110::/44
Signature Algorithm: sha256WithRSAEncryption
23:6c:9e:81:24:da:65:ca:2e:43:e9:12:97:81:a7:2a:a2:8d:
48:c0:5e:61:d6:6b:99:21:b0:07:ca:af:8d:9c:e5:d7:df:26:
0a:84:cc:94:03:f5:2f:3e:83:4c:2a:75:1f:85:38:a9:2c:85:
8e:d6:9d:e0:84:e1:03:62:69:14:a5:24:fa:4b:16:81:f2:6b:
66:6f:a4:6c:b5:bb:8b:0c:a8:b2:bb:e5:21:0f:3a:54:dd:00:
34:de:ec:a2:34:bf:59:e9:35:39:13:01:a5:73:be:f4:64:69:
38:37:7d:87:24:c6:e7:ee:59:4b:8b:00:97:dc:f8:10:d8:67:
e1:e3:a7:c7:4e:6d:76:00:e6:12:c2:9c:8a:77:cd:0a:65:29:
2e:d7:66:98:c2:c0:0c:80:8c:2d:cb:2b:3c:64:fb:78:79:74:
6c:ae:8a:9d:e3:68:48:65:3a:ff:21:cb:a8:22:78:ad:a1:40:
87:0c:4d:58:f0:e2:a8:f3:d7:a1:52:a6:43:ed:b7:bc:3f:56:
d9:7a:13:2f:8f:4d:fa:5d:0b:1c:2a:ea:d8:91:c7:c5:1b:b9:
9a:d6:29:ba:78:97:7e:2f:e1:0a:77:d6:76:ae:e5:47:6a:61:
39:58:8a:e6:56:65:a0:92:97:88:65:a7:00:a2:1b:6b:eb:27:
9e:8b:54:25
-----BEGIN CERTIFICATE-----
MIIHbDCCBlSgAwIBAgIDAKMlMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDEyMDA3MDk1MloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc4ZGY2YmYtMTliNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANh+pCiegStA5t7rfzs59g673N7lzHsShOvd/EkcNCiCUso33S0cKn4TZKsa
+MzBJyNt2th3S6hU1mDEPmUJ6+V/Bf1gWEpagaBlR8rKgDV7hhS4NEdBRwqr2jRB
sMiYJfSdbUMJWnAbeE6pmIDEe+e8j8FZRK5nYXLb2rJcCMQKJYcsMIyV/Q39fDpe
3jjSLJNBSZJtZdH20zwr2nt3BJv8ZBJjaH4ZDkv5bkNkRlTtgZPdfUxd9WbpXpmv
H+jSQ9oU181hujnKZWLolPKLe73aNZ3xLbibQYejRX1gUXBBgrKeqRQ3DJZGDXVJ
bqf8wlHqjmweMon4V5Cw8wBN+30CAwEAAaOCBI8wggSLMB0GA1UdDgQWBBTLJi8r
K9h2S3AZ0oJr/5Y/PpMmyTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0VDQjVBNThB
RDZGQjExRUY5OUIzODMyM0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIICFwYIKwYBBQUHAQcB
Af8EggIGMIICAjCCAbYEAgABMIIBrgMEAg5mADAMAwQBDmYWAwQADmYmMAwDBAMO
ZigDBAEOZiwDBAAOZjADBAAOZjIDBAEOZjgDBAAOZjswDAMEBg5mQAMEAA5mTgME
Ag5mUAMEAA5mWDAMAwQADmZbAwQBDmZcMAwDBAAOZl8DBAEOZmADBAEOZmQwDAME
AA5mZwMEAg5meDAMAwQADmZ9AwQHDmYAAwQCK/vUAwQBPQ7kAwQAPQ7nAwQCZwXI
AwQAZzu9AwQCZ1dkAwQAZ56DAwQAZ6AYAwQBZ69IAwQBZ7AIMAwDBAFurIIDBABu
rIQwDAMEAW6shgMEAG6siDAMAwQBbqyKAwQAbqyMAwQAbqyRAwQAbqyTMAwDBAFu
rJYDBABurKQwDAMEAW6spgMEAG6sqAMEAW6sqgMEAW6srjAMAwQAbqyxAwQCbqyw
AwQCbqy4AwQCb+tAMAwDBAJyReQDBAByRegDBAFyReoDBAByRfADBAFyRfIDBAFy
RfgDBAJyRfwwDAMEBHZbsAMEAHZbsgMEAHZbvQMEAHZbvzAMAwQGyllAAwQAyllI
AwQAyllKMAwDBALKWUwDBADKWU4wRgQCAAIwQAMHBCQCWwAAAAMHBCQCWwAAIAMH
BCQCWwAAQAMHBCQCWwAAsDARAwcEJAJbAADQAwYAJAJbAAADBwQkAlsAARAwDQYJ
KoZIhvcNAQELBQADggEBACNsnoEk2mXKLkPpEpeBpyqijUjAXmHWa5khsAfKr42c
5dffJgqEzJQD9S8+g0wqdR+FOKkshY7WneCE4QNiaRSlJPpLFoHya2ZvpGy1u4sM
qLK75SEPOlTdADTe7KI0v1npNTkTAaVzvvRkaTg3fYckxufuWUuLAJfc+BDYZ+Hj
p8dObXYA5hLCnIp3zQplKS7XZpjCwAyAjC3LKzxk+3h5dGyuip3jaEhlOv8hy6gi
eK2hQIcMTVjw4qjz16FSpkPtt7w/Vtl6Ey+PTfpdCxwq6tiRx8UbuZrWKbp4l34v
4Qp31nau5UdqYTlYiuZWZaCSl4hlpwCiG2vrJ56LVCU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:52:01 2025 by rpki-client