Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/52F6A51CDAC111EDB48CB354C4F9AE02.roa
File: 52F6A51CDAC111EDB48CB354C4F9AE02.roa (raw, json)
Hash identifier: UF9Yz5f2Q9CpG/h5AJ629XPtnDw6r1Fo7PjO192dLwo=
Subject key identifier: 93:46:06:84:A0:FB:05:A6:34:55:56:5B:DA:24:22:14:14:FF:8E:5B
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0A0D
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/52F6A51CDAC111EDB48CB354C4F9AE02.roa
Signing time: Fri 14 Apr 2023 12:38:58 +0000
ROA not before: Fri 14 Apr 2023 12:38:58 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 9387
IP address blocks: 103.11.60.0/22 maxlen: 22
103.11.60.0/24 maxlen: 24
113.203.209.0/24 maxlen: 24
113.203.211.0/24 maxlen: 24
113.203.212.0/24 maxlen: 24
113.203.213.0/24 maxlen: 24
113.203.214.0/23 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.219.0/24 maxlen: 24
113.203.226.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
180.178.128.0/21 maxlen: 21
180.178.128.0/22 maxlen: 22
180.178.128.0/24 maxlen: 24
180.178.129.0/24 maxlen: 24
180.178.132.0/24 maxlen: 24
180.178.133.0/24 maxlen: 24
180.178.134.0/24 maxlen: 24
180.178.135.0/24 maxlen: 24
180.178.136.0/21 maxlen: 21
180.178.137.0/24 maxlen: 24
180.178.138.0/24 maxlen: 24
180.178.139.0/24 maxlen: 24
180.178.144.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.160.0/20 maxlen: 20
180.178.160.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.164.0/22 maxlen: 24
180.178.168.0/24 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
180.178.178.0/24 maxlen: 24
180.178.180.0/22 maxlen: 24
223.29.224.0/20 maxlen: 20
2401:4100::/32 maxlen: 32
2401:4100::/33 maxlen: 33
2401:4100:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2573 (0xa0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7
Validity
Not Before: Apr 14 12:38:58 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64394961-5b41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2a:a2:6d:10:66:8f:99:1b:c5:05:7d:a9:7d:
be:5c:89:30:bc:a0:bc:92:c9:f8:ce:b1:b5:4a:df:
68:fc:89:50:e1:81:58:66:5e:61:f6:e1:af:32:ec:
0f:46:0f:92:0a:e9:3c:0c:ae:e0:3f:61:48:4a:ba:
06:11:b8:07:ed:d2:ca:b1:c0:b8:b0:c1:ad:f6:e8:
57:45:9d:5b:59:46:9c:42:78:a6:60:72:3e:94:50:
23:7b:ad:55:17:8d:4b:d4:ef:3b:49:ac:a5:e4:f1:
3b:c9:4a:29:c3:a3:62:81:af:f8:a1:04:dc:fd:f0:
ff:1b:7c:58:83:d3:d0:dd:3c:99:86:0a:52:0c:42:
81:ee:42:49:d1:7d:17:c5:c3:f3:22:83:c0:09:f0:
76:14:90:9e:a2:77:37:dd:35:16:41:5a:59:60:1a:
c1:c9:e2:4d:ba:30:52:9a:8c:23:06:e5:66:d8:c8:
46:37:3d:1e:42:1a:1e:14:6a:0a:ae:09:02:ed:3e:
61:39:a1:b6:49:6c:20:88:55:f0:2e:8f:84:38:1a:
03:71:db:ad:a0:a6:45:27:07:7c:c8:fc:03:6b:7e:
25:23:75:71:69:38:91:f5:ae:8a:81:7d:ff:af:40:
1b:2a:35:51:b6:f1:48:d0:c2:a1:04:e7:e8:d9:fc:
5c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:46:06:84:A0:FB:05:A6:34:55:56:5B:DA:24:22:14:14:FF:8E:5B
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/52F6A51CDAC111EDB48CB354C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.60.0/22
113.203.209.0/24
113.203.211.0-113.203.216.255
113.203.219.0/24
113.203.226.0/24
113.203.234.0-113.203.240.255
113.203.244.0/24
180.178.128.0-180.178.144.255
180.178.149.0/24
180.178.160.0/20
180.178.178.0/24
180.178.180.0/22
223.29.224.0/20
IPv6:
2401:4100::/32
Signature Algorithm: sha256WithRSAEncryption
1d:e8:93:b5:ce:e2:e0:a1:a3:40:97:37:52:31:34:db:72:73:
a4:a8:0b:1e:25:a4:13:9d:1a:f9:50:6c:dd:6b:c7:8a:40:0d:
07:5e:3d:42:e1:50:94:aa:48:bb:95:fb:60:d8:cc:dd:0a:76:
43:bf:ce:5d:d8:79:a5:f3:54:a1:4d:a6:0d:03:dc:d6:4b:d7:
97:70:c3:e4:9d:67:1e:03:53:d6:90:fc:5e:01:61:8e:75:f4:
81:cf:11:56:7b:08:92:5c:a2:00:e4:08:aa:16:39:36:81:9e:
64:1a:41:e9:5c:94:7a:7d:77:50:05:67:66:01:bb:6d:df:be:
ef:c6:69:89:ab:3c:a1:55:8f:bd:10:95:71:5c:d1:29:9c:eb:
bc:87:22:3c:97:30:37:2e:11:79:98:8f:3f:e8:dc:b4:c7:e1:
a2:6b:df:ad:1b:a2:b8:14:ec:a5:3d:2f:0c:1e:29:35:f7:3f:
aa:31:37:d2:13:62:68:99:ad:8b:ef:c9:6b:33:8c:e6:36:20:
a6:46:e9:57:e6:fc:d3:e3:58:ff:be:52:34:a3:79:94:ab:e3:
ca:71:65:43:6d:40:3d:c3:bb:c1:8c:84:e1:fa:9f:aa:3a:90:
de:64:42:c4:3a:83:3a:b2:c2:85:71:6b:eb:0d:be:d4:11:39:
d7:de:e6:2e
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgICCg0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwNDE0MTIzODU4WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM5NDk2MS01YjQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsyqibRBmj5kbxQV9qX2+XIkwvKC8ksn4zrG1St9o/IlQ4YFYZl5h9uGvMuwP
Rg+SCuk8DK7gP2FISroGEbgH7dLKscC4sMGt9uhXRZ1bWUacQnimYHI+lFAje61V
F41L1O87Sayl5PE7yUopw6Niga/4oQTc/fD/G3xYg9PQ3TyZhgpSDEKB7kJJ0X0X
xcPzIoPACfB2FJCeonc33TUWQVpZYBrByeJNujBSmowjBuVm2MhGNz0eQhoeFGoK
rgkC7T5hOaG2SWwgiFXwLo+EOBoDcdutoKZFJwd8yPwDa34lI3VxaTiR9a6KgX3/
r0AbKjVRtvFI0MKhBOfo2fxcFQIDAQABo4IDBTCCAwEwHQYDVR0OBBYEFJNGBoSg
+wWmNFVWW9okIhQU/45bMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvNTJGNkE1MUNE
QUMxMTFFREI0OENCMzU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgY4GCCsGAQUFBwEHAQH/
BH8wfTBsBAIAATBmAwQCZws8AwQAccvRMAwDBABxy9MDBABxy9gDBABxy9sDBABx
y+IwDAMEAXHL6gMEAHHL8AMEAHHL9DAMAwQHtLKAAwQAtLKQAwQAtLKVAwQEtLKg
AwQAtLKyAwQCtLK0AwQE3x3gMA0EAgACMAcDBQAkAUEAMA0GCSqGSIb3DQEBCwUA
A4IBAQAd6JO1zuLgoaNAlzdSMTTbcnOkqAseJaQTnRr5UGzda8eKQA0HXj1C4VCU
qki7lftg2MzdCnZDv85d2Hml81ShTaYNA9zWS9eXcMPknWceA1PWkPxeAWGOdfSB
zxFWewiSXKIA5AiqFjk2gZ5kGkHpXJR6fXdQBWdmAbtt377vxmmJqzyhVY+9EJVx
XNEpnOu8hyI8lzA3LhF5mI8/6Ny0x+Gia9+tG6K4FOylPS8MHik19z+qMTfSE2Jo
ma2L78lrM4zmNiCmRulX5vzT41j/vlI0o3mUq+PKcWVDbUA9w7vBjITh+p+qOpDe
ZELEOoM6ssKFcWvrDb7UETnX3uYu
-----END CERTIFICATE-----
Generated at Sat Apr 12 06:08:48 2025 by rpki-client