Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FD8A21BC85C811EF98015735C4F9AE02.roa
File: FD8A21BC85C811EF98015735C4F9AE02.roa (raw, json)
Hash identifier: P8ZBXA2m/YRnhgClAdi/IQSdDO73uczNbX9Oh6f/Ng0=
Subject key identifier: A1:2F:1C:B4:3B:04:68:86:75:75:F6:20:3A:DF:CA:61:9F:D1:47:6C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9B5B
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FD8A21BC85C811EF98015735C4F9AE02.roa
Signing time: Tue 08 Oct 2024 22:59:36 +0000
ROA not before: Tue 08 Oct 2024 22:59:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18002
IP address blocks: 14.102.0.0/22 maxlen: 24
14.102.0.0/24 maxlen: 24
14.102.1.0/24 maxlen: 24
14.102.2.0/24 maxlen: 24
14.102.3.0/24 maxlen: 24
14.102.4.0/24 maxlen: 24
14.102.5.0/24 maxlen: 24
14.102.6.0/24 maxlen: 24
14.102.7.0/24 maxlen: 24
14.102.20.0/22 maxlen: 24
14.102.22.0/24 maxlen: 24
14.102.23.0/24 maxlen: 24
14.102.24.0/22 maxlen: 24
14.102.24.0/24 maxlen: 24
14.102.25.0/24 maxlen: 24
14.102.26.0/24 maxlen: 24
14.102.27.0/24 maxlen: 24
14.102.28.0/22 maxlen: 24
14.102.28.0/24 maxlen: 24
14.102.29.0/24 maxlen: 24
14.102.30.0/24 maxlen: 24
14.102.31.0/24 maxlen: 24
14.102.32.0/22 maxlen: 24
14.102.32.0/24 maxlen: 24
14.102.33.0/24 maxlen: 24
14.102.34.0/24 maxlen: 24
14.102.35.0/24 maxlen: 24
14.102.36.0/22 maxlen: 24
14.102.36.0/24 maxlen: 24
14.102.37.0/24 maxlen: 24
14.102.38.0/24 maxlen: 24
14.102.40.0/22 maxlen: 24
14.102.40.0/24 maxlen: 24
14.102.41.0/24 maxlen: 24
14.102.42.0/24 maxlen: 24
14.102.43.0/24 maxlen: 24
14.102.44.0/22 maxlen: 24
14.102.44.0/24 maxlen: 24
14.102.45.0/24 maxlen: 24
14.102.46.0/24 maxlen: 24
14.102.47.0/24 maxlen: 24
14.102.48.0/22 maxlen: 24
14.102.48.0/24 maxlen: 24
14.102.49.0/24 maxlen: 24
14.102.50.0/24 maxlen: 24
14.102.56.0/22 maxlen: 24
14.102.56.0/24 maxlen: 24
14.102.57.0/24 maxlen: 24
14.102.58.0/24 maxlen: 24
14.102.59.0/24 maxlen: 24
14.102.64.0/22 maxlen: 24
14.102.64.0/24 maxlen: 24
14.102.65.0/24 maxlen: 24
14.102.66.0/24 maxlen: 24
14.102.67.0/24 maxlen: 24
14.102.68.0/22 maxlen: 24
14.102.68.0/24 maxlen: 24
14.102.69.0/24 maxlen: 24
14.102.70.0/24 maxlen: 24
14.102.71.0/24 maxlen: 24
14.102.72.0/22 maxlen: 24
14.102.72.0/24 maxlen: 24
14.102.73.0/24 maxlen: 24
14.102.74.0/24 maxlen: 24
14.102.75.0/24 maxlen: 24
14.102.76.0/23 maxlen: 24
14.102.78.0/24 maxlen: 24
14.102.80.0/22 maxlen: 24
14.102.80.0/24 maxlen: 24
14.102.81.0/24 maxlen: 24
14.102.82.0/24 maxlen: 24
14.102.83.0/24 maxlen: 24
14.102.88.0/24 maxlen: 24
14.102.91.0/24 maxlen: 24
14.102.92.0/22 maxlen: 24
14.102.92.0/24 maxlen: 24
14.102.93.0/24 maxlen: 24
14.102.95.0/24 maxlen: 24
14.102.96.0/22 maxlen: 24
14.102.96.0/24 maxlen: 24
14.102.97.0/24 maxlen: 24
14.102.100.0/22 maxlen: 24
14.102.100.0/24 maxlen: 24
14.102.101.0/24 maxlen: 24
14.102.103.0/24 maxlen: 24
14.102.104.0/22 maxlen: 24
14.102.104.0/24 maxlen: 24
14.102.105.0/24 maxlen: 24
14.102.106.0/23 maxlen: 24
14.102.108.0/22 maxlen: 24
14.102.108.0/24 maxlen: 24
14.102.109.0/24 maxlen: 24
14.102.110.0/24 maxlen: 24
14.102.111.0/24 maxlen: 24
14.102.112.0/22 maxlen: 24
14.102.112.0/24 maxlen: 24
14.102.113.0/24 maxlen: 24
14.102.114.0/24 maxlen: 24
14.102.115.0/24 maxlen: 24
14.102.116.0/22 maxlen: 24
14.102.116.0/24 maxlen: 24
14.102.117.0/24 maxlen: 24
14.102.118.0/24 maxlen: 24
14.102.119.0/24 maxlen: 24
14.102.120.0/22 maxlen: 24
14.102.120.0/24 maxlen: 24
14.102.121.0/24 maxlen: 24
14.102.122.0/24 maxlen: 24
14.102.123.0/24 maxlen: 24
14.102.124.0/22 maxlen: 24
14.102.124.0/24 maxlen: 24
14.102.125.0/24 maxlen: 24
14.102.126.0/24 maxlen: 24
14.102.127.0/24 maxlen: 24
43.245.136.0/22 maxlen: 24
43.251.212.0/22 maxlen: 24
61.14.228.0/23 maxlen: 24
61.14.231.0/24 maxlen: 24
103.5.200.0/22 maxlen: 24
103.59.189.0/24 maxlen: 24
103.87.100.0/22 maxlen: 24
103.122.84.0/24 maxlen: 24
103.158.131.0/24 maxlen: 24
103.160.24.0/24 maxlen: 24
103.175.72.0/24 maxlen: 24
103.175.73.0/24 maxlen: 24
103.176.8.0/23 maxlen: 24
110.172.130.0/23 maxlen: 24
110.172.132.0/24 maxlen: 24
110.172.134.0/23 maxlen: 24
110.172.136.0/24 maxlen: 24
110.172.138.0/23 maxlen: 24
110.172.140.0/23 maxlen: 24
110.172.143.0/24 maxlen: 24
110.172.145.0/24 maxlen: 24
110.172.147.0/24 maxlen: 24
110.172.150.0/24 maxlen: 24
110.172.151.0/24 maxlen: 24
110.172.152.0/22 maxlen: 24
110.172.156.0/22 maxlen: 24
110.172.160.0/22 maxlen: 24
110.172.164.0/24 maxlen: 24
110.172.166.0/23 maxlen: 24
110.172.168.0/24 maxlen: 24
110.172.170.0/23 maxlen: 24
110.172.172.0/24 maxlen: 24
110.172.174.0/23 maxlen: 24
110.172.177.0/24 maxlen: 24
110.172.178.0/23 maxlen: 24
110.172.184.0/22 maxlen: 24
111.235.64.0/22 maxlen: 24
114.69.228.0/22 maxlen: 24
114.69.232.0/24 maxlen: 24
114.69.234.0/24 maxlen: 24
114.69.235.0/24 maxlen: 24
114.69.240.0/24 maxlen: 24
114.69.242.0/23 maxlen: 24
114.69.248.0/24 maxlen: 24
114.69.249.0/24 maxlen: 24
114.69.252.0/22 maxlen: 24
118.91.176.0/23 maxlen: 24
118.91.178.0/24 maxlen: 24
118.91.189.0/24 maxlen: 24
118.91.190.0/23 maxlen: 24
150.107.192.0/22 maxlen: 24
202.89.64.0/20 maxlen: 20
202.89.64.0/24 maxlen: 24
202.89.65.0/24 maxlen: 24
202.89.66.0/24 maxlen: 24
202.89.67.0/24 maxlen: 24
202.89.68.0/24 maxlen: 24
202.89.69.0/24 maxlen: 24
202.89.70.0/24 maxlen: 24
202.89.71.0/24 maxlen: 24
202.89.72.0/24 maxlen: 24
202.89.73.0/24 maxlen: 24
202.89.74.0/24 maxlen: 24
202.89.75.0/24 maxlen: 24
202.89.76.0/24 maxlen: 24
202.89.77.0/24 maxlen: 24
202.89.78.0/24 maxlen: 24
202.89.79.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39771 (0x9b5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Oct 8 22:59:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6705b958-000a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ae:ed:ec:d8:d6:c8:33:77:e6:ed:20:d9:a3:
54:e4:ae:eb:81:c2:24:40:ae:f4:1c:73:6e:a0:39:
82:d2:f9:6d:e1:5d:3f:39:18:c9:31:f2:80:ce:4d:
14:bc:e3:e4:47:da:14:20:7a:18:a4:a1:65:3a:59:
60:d0:57:8d:b3:81:4a:ec:e3:08:63:70:5f:d0:ec:
b6:ce:f2:cc:2f:a4:f3:e6:2f:00:66:b0:ac:69:24:
56:95:91:3a:e3:60:fa:bc:16:3e:73:37:49:ee:39:
c7:8f:b4:06:bc:38:56:49:b3:36:1f:20:08:4b:51:
fd:e8:0d:e3:7c:1c:9a:fc:35:73:8e:cc:5c:f8:a8:
df:c9:f0:a7:79:cc:9a:f0:7d:f2:05:79:8a:6b:b7:
b6:60:b2:11:dc:7e:6f:a0:93:c0:2a:25:15:28:c6:
92:a7:e2:12:97:48:cc:16:6e:fa:91:c9:b7:22:f9:
5d:ba:ca:c3:ce:0d:47:15:0b:c9:11:b9:fe:81:d3:
50:c1:01:cd:60:0d:ff:02:52:c5:a5:ba:76:f7:f5:
0f:4b:67:76:a5:0c:67:29:d6:fe:53:ae:45:d4:9b:
03:70:4d:30:7a:bf:96:94:40:11:bd:58:6f:3b:09:
d1:6a:1f:ce:fc:f9:16:6c:4c:27:d4:4c:65:ed:81:
8b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:2F:1C:B4:3B:04:68:86:75:75:F6:20:3A:DF:CA:61:9F:D1:47:6C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FD8A21BC85C811EF98015735C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.0.0/21
14.102.20.0-14.102.51.255
14.102.56.0/22
14.102.64.0-14.102.78.255
14.102.80.0/22
14.102.88.0/24
14.102.91.0-14.102.127.255
43.245.136.0/22
43.251.212.0/22
61.14.228.0/23
61.14.231.0/24
103.5.200.0/22
103.59.189.0/24
103.87.100.0/22
103.122.84.0/24
103.158.131.0/24
103.160.24.0/24
103.175.72.0/23
103.176.8.0/23
110.172.130.0-110.172.132.255
110.172.134.0-110.172.136.255
110.172.138.0-110.172.141.255
110.172.143.0/24
110.172.145.0/24
110.172.147.0/24
110.172.150.0-110.172.164.255
110.172.166.0-110.172.168.255
110.172.170.0-110.172.172.255
110.172.174.0/23
110.172.177.0-110.172.179.255
110.172.184.0/22
111.235.64.0/22
114.69.228.0-114.69.232.255
114.69.234.0/23
114.69.240.0/24
114.69.242.0/23
114.69.248.0/23
114.69.252.0/22
118.91.176.0-118.91.178.255
118.91.189.0-118.91.191.255
150.107.192.0/22
202.89.64.0/20
Signature Algorithm: sha256WithRSAEncryption
3f:e9:a4:63:69:6c:93:de:b6:61:d1:74:2f:eb:e1:af:fd:ce:
1d:fd:0b:ee:3e:da:87:12:11:06:15:d3:eb:13:c5:31:3d:57:
dd:d7:36:a4:92:f0:91:c6:68:e4:f7:ec:72:ac:6e:d2:83:5a:
75:80:a7:d7:0e:44:86:2c:13:90:4d:c1:05:92:06:b2:96:13:
78:2e:b0:c0:18:25:a8:ca:f6:b3:f8:0b:4d:e9:14:61:9b:b7:
8d:d2:7a:68:97:b0:21:a9:58:9d:d1:b8:66:91:dc:44:dc:f3:
b7:7a:30:fd:6f:5e:2e:76:b5:8f:27:b2:27:1f:db:5c:03:50:
2f:b0:b8:26:d0:d9:ac:3c:f4:f5:88:1d:75:84:97:27:e5:a2:
8d:9a:75:15:43:28:7e:bf:26:4b:89:5c:ed:6c:a0:94:b6:ba:
f6:bb:0d:48:d3:2c:53:d0:1b:79:16:ac:84:fe:4e:f5:63:ee:
bb:68:b6:f1:c7:17:23:93:d3:51:7a:61:74:6e:32:65:b2:37:
45:47:39:19:75:c3:d8:85:cd:c1:9d:21:05:42:80:e0:45:3a:
63:8f:d2:43:1a:84:e3:2d:db:eb:e5:0a:a4:28:19:2d:50:09:
fa:b9:41:2c:c3:71:a3:7c:a1:28:89:86:7e:48:fa:50:bc:65:
d4:a3:a8:ed
-----BEGIN CERTIFICATE-----
MIIG2jCCBcKgAwIBAgIDAJtbMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTAwODIyNTkzNloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjcwNWI5NTgtMDAwYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALiu7ezY1sgzd+btINmjVOSu64HCJECu9BxzbqA5gtL5beFdPzkYyTHygM5N
FLzj5EfaFCB6GKShZTpZYNBXjbOBSuzjCGNwX9Dsts7yzC+k8+YvAGawrGkkVpWR
OuNg+rwWPnM3Se45x4+0Brw4VkmzNh8gCEtR/egN43wcmvw1c47MXPio38nwp3nM
mvB98gV5imu3tmCyEdx+b6CTwColFSjGkqfiEpdIzBZu+pHJtyL5XbrKw84NRxUL
yRG5/oHTUMEBzWAN/wJSxaW6dvf1D0tndqUMZynW/lOuRdSbA3BNMHq/lpRAEb1Y
bzsJ0Wofzvz5FmxMJ9RMZe2Bi08CAwEAAaOCA/0wggP5MB0GA1UdDgQWBBShLxy0
OwRohnV19iA638phn9FHbDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0ZEOEEyMUJD
ODVDODExRUY5ODAxNTczNUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBhQYIKwYBBQUHAQcB
Af8EggF0MIIBcDCCAWwEAgABMIIBZAMEAw5mADAMAwQCDmYUAwQCDmYwAwQCDmY4
MAwDBAYOZkADBAAOZk4DBAIOZlADBAAOZlgwDAMEAA5mWwMEBw5mAAMEAiv1iAME
Aiv71AMEAT0O5AMEAD0O5wMEAmcFyAMEAGc7vQMEAmdXZAMEAGd6VAMEAGeegwME
AGegGAMEAWevSAMEAWewCDAMAwQBbqyCAwQAbqyEMAwDBAFurIYDBABurIgwDAME
AW6sigMEAW6sjAMEAG6sjwMEAG6skQMEAG6skzAMAwQBbqyWAwQAbqykMAwDBAFu
rKYDBABurKgwDAMEAW6sqgMEAG6srAMEAW6srjAMAwQAbqyxAwQCbqywAwQCbqy4
AwQCb+tAMAwDBAJyReQDBAByRegDBAFyReoDBAByRfADBAFyRfIDBAFyRfgDBAJy
RfwwDAMEBHZbsAMEAHZbsjAMAwQAdlu9AwQGdluAAwQClmvAAwQEyllAMA0GCSqG
SIb3DQEBCwUAA4IBAQA/6aRjaWyT3rZh0XQv6+Gv/c4d/QvuPtqHEhEGFdPrE8Ux
PVfd1zakkvCRxmjk9+xyrG7Sg1p1gKfXDkSGLBOQTcEFkgaylhN4LrDAGCWoyvaz
+AtN6RRhm7eN0npol7AhqVid0bhmkdxE3PO3ejD9b14udrWPJ7InH9tcA1AvsLgm
0NmsPPT1iB11hJcn5aKNmnUVQyh+vyZLiVztbKCUtrr2uw1I0yxT0Bt5FqyE/k71
Y+67aLbxxxcjk9NRemF0bjJlsjdFRzkZdcPYhc3BnSEFQoDgRTpjj9JDGoTjLdvr
5QqkKBktUAn6uUEsw3GjfKEoiYZ+SPpQvGXUo6jt
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:06:50 2025 by rpki-client