Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/45E402C0D51711ED98EC431DC4F9AE02.roa
File: 45E402C0D51711ED98EC431DC4F9AE02.roa (raw, json)
Hash identifier: nW6k9W6t2vjWQ5fLc7MyrOWA0KYmcg/e4CkHBtc+0Kc=
Subject key identifier: 86:2F:5F:12:3E:A8:CA:AC:C5:A4:29:AB:12:AE:8D:25:39:0E:B2:58
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 09F9
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/45E402C0D51711ED98EC431DC4F9AE02.roa
Signing time: Fri 07 Apr 2023 07:39:05 +0000
ROA not before: Fri 07 Apr 2023 07:39:05 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 9387
IP address blocks: 103.11.60.0/22 maxlen: 22
103.11.60.0/24 maxlen: 24
113.203.209.0/24 maxlen: 24
113.203.211.0/24 maxlen: 24
113.203.212.0/24 maxlen: 24
113.203.213.0/24 maxlen: 24
113.203.214.0/23 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.219.0/24 maxlen: 24
113.203.226.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
113.203.243.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
180.178.128.0/21 maxlen: 21
180.178.128.0/22 maxlen: 22
180.178.128.0/24 maxlen: 24
180.178.129.0/24 maxlen: 24
180.178.132.0/24 maxlen: 24
180.178.133.0/24 maxlen: 24
180.178.134.0/24 maxlen: 24
180.178.135.0/24 maxlen: 24
180.178.136.0/21 maxlen: 21
180.178.137.0/24 maxlen: 24
180.178.138.0/24 maxlen: 24
180.178.139.0/24 maxlen: 24
180.178.144.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.150.0/24 maxlen: 24
180.178.160.0/20 maxlen: 20
180.178.160.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.168.0/24 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
180.178.178.0/24 maxlen: 24
180.178.180.0/22 maxlen: 24
223.29.224.0/20 maxlen: 20
223.29.227.0/24 maxlen: 24
2401:4100::/32 maxlen: 32
2401:4100::/33 maxlen: 33
2401:4100:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2553 (0x9f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7
Validity
Not Before: Apr 7 07:39:05 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=642fc899-4184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c0:bc:bd:9b:c6:a0:a6:1d:fc:cb:03:b4:71:
9a:17:c8:28:21:9b:e2:ef:63:c8:83:16:33:28:f7:
f4:ef:09:5f:4a:a6:1b:15:7b:90:5d:c4:84:25:ef:
fa:52:4c:a9:fa:30:1d:2c:9a:7d:80:71:05:d6:ff:
44:12:bb:b3:d4:8e:07:39:5f:b6:27:af:b3:5a:e6:
d0:a3:88:0a:1a:b8:32:d5:96:47:28:a0:b2:86:47:
d0:1d:69:ec:5a:d0:9f:82:ce:f1:5a:5a:9b:6f:10:
b6:0b:78:82:c3:e7:46:5e:06:2d:99:67:9f:64:1a:
16:86:3f:8b:9d:9f:38:ad:13:5c:d7:28:2f:d7:bc:
89:32:f6:a9:db:b2:22:b9:9c:ef:65:ac:9e:66:42:
9f:f6:d1:a3:88:c4:fd:81:33:36:f0:a1:44:a9:ae:
90:ed:6a:97:ea:20:90:08:78:a6:04:59:fe:bd:b6:
15:10:8f:9d:ad:85:04:a6:35:91:9e:b6:64:15:bd:
16:07:be:e8:14:f7:3d:8f:0c:d6:f1:62:db:0b:56:
1c:5c:cb:a0:c7:4f:b4:49:6a:c4:95:a4:23:d5:b6:
32:aa:cb:3d:19:59:2a:86:3d:6d:55:0b:fd:af:02:
7f:51:71:9d:23:76:1e:ae:8c:31:3e:e6:32:7c:e6:
b4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:2F:5F:12:3E:A8:CA:AC:C5:A4:29:AB:12:AE:8D:25:39:0E:B2:58
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/45E402C0D51711ED98EC431DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.60.0/22
113.203.209.0/24
113.203.211.0-113.203.216.255
113.203.219.0/24
113.203.226.0/24
113.203.234.0-113.203.240.255
113.203.243.0-113.203.244.255
180.178.128.0-180.178.144.255
180.178.149.0-180.178.150.255
180.178.160.0/20
180.178.178.0/24
180.178.180.0/22
223.29.224.0/20
IPv6:
2401:4100::/32
Signature Algorithm: sha256WithRSAEncryption
6f:98:b8:d3:bf:40:de:3c:71:09:82:1d:a8:84:64:43:65:61:
f9:88:c0:53:27:f3:ef:e9:63:37:85:c6:31:58:f0:dd:42:57:
fd:3b:46:a7:d0:9c:5d:bb:76:2f:91:7d:3c:31:4d:12:9c:bf:
0b:fd:f3:c4:5b:94:4d:b9:16:12:24:cb:80:30:c5:0f:6d:ae:
5d:3f:ab:1b:68:91:1a:c9:78:3a:e9:09:24:03:ab:95:d3:f5:
73:a8:ae:15:24:e4:de:c0:a5:16:fb:47:ea:d3:6e:46:15:16:
15:15:ce:36:45:93:56:dd:d4:f2:f1:e7:bf:49:99:d0:5f:0d:
57:71:23:42:3a:cc:e9:09:27:13:1f:8f:6f:18:ea:12:e0:f6:
ea:14:d9:53:79:8a:65:e8:de:96:95:6c:50:66:16:cc:ce:e5:
1b:a4:8d:f9:a3:44:e7:c8:71:62:57:49:fd:bf:72:cf:98:45:
9d:10:7e:fd:b8:7b:47:5f:e7:0e:52:30:d1:5d:cd:cb:c4:83:
f9:c6:b0:00:f2:f7:7b:04:09:af:21:53:42:0d:17:bc:f8:8c:
d5:81:d7:b9:96:71:0e:92:a9:72:70:76:98:a2:c6:d1:cb:44:
1a:47:97:a0:99:37:f5:fd:40:89:05:84:9e:8b:65:15:31:02:
fc:8c:3b:6a
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgICCfkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwNDA3MDczOTA1WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDJmYzg5OS00MTg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv8C8vZvGoKYd/MsDtHGaF8goIZvi72PIgxYzKPf07wlfSqYbFXuQXcSEJe/6
Ukyp+jAdLJp9gHEF1v9EEruz1I4HOV+2J6+zWubQo4gKGrgy1ZZHKKCyhkfQHWns
WtCfgs7xWlqbbxC2C3iCw+dGXgYtmWefZBoWhj+LnZ84rRNc1ygv17yJMvap27Ii
uZzvZayeZkKf9tGjiMT9gTM28KFEqa6Q7WqX6iCQCHimBFn+vbYVEI+drYUEpjWR
nrZkFb0WB77oFPc9jwzW8WLbC1YcXMugx0+0SWrElaQj1bYyqss9GVkqhj1tVQv9
rwJ/UXGdI3YerowxPuYyfOa0YQIDAQABo4IDFzCCAxMwHQYDVR0OBBYEFIYvXxI+
qMqsxaQpqxKujSU5DrJYMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvNDVFNDAyQzBE
NTE3MTFFRDk4RUM0MzFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaAGCCsGAQUFBwEHAQH/
BIGQMIGNMHwEAgABMHYDBAJnCzwDBABxy9EwDAMEAHHL0wMEAHHL2AMEAHHL2wME
AHHL4jAMAwQBccvqAwQAccvwMAwDBABxy/MDBABxy/QwDAMEB7SygAMEALSykDAM
AwQAtLKVAwQAtLKWAwQEtLKgAwQAtLKyAwQCtLK0AwQE3x3gMA0EAgACMAcDBQAk
AUEAMA0GCSqGSIb3DQEBCwUAA4IBAQBvmLjTv0DePHEJgh2ohGRDZWH5iMBTJ/Pv
6WM3hcYxWPDdQlf9O0an0Jxdu3YvkX08MU0SnL8L/fPEW5RNuRYSJMuAMMUPba5d
P6sbaJEayXg66QkkA6uV0/VzqK4VJOTewKUW+0fq025GFRYVFc42RZNW3dTy8ee/
SZnQXw1XcSNCOszpCScTH49vGOoS4PbqFNlTeYpl6N6WlWxQZhbMzuUbpI35o0Tn
yHFiV0n9v3LPmEWdEH79uHtHX+cOUjDRXc3LxIP5xrAA8vd7BAmvIVNCDRe8+IzV
gde5lnEOkqlycHaYosbRy0QaR5egmTf1/UCJBYSei2UVMQL8jDtq
-----END CERTIFICATE-----
Generated at Sat Apr 12 06:04:16 2025 by rpki-client