Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/CA184296DCF511ED8458BD5BC4F9AE02.roa
File: CA184296DCF511ED8458BD5BC4F9AE02.roa (raw, json)
Hash identifier: i1oV/3IDqTTh0cdPGnOzC53YPtCEIrIjZKM4k0M4PcE=
Subject key identifier: 3B:BE:0C:25:1C:19:7C:92:E7:F0:B9:0E:F7:F0:BF:52:9D:5B:50:70
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0A13
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/CA184296DCF511ED8458BD5BC4F9AE02.roa
Signing time: Mon 17 Apr 2023 07:59:33 +0000
ROA not before: Mon 17 Apr 2023 07:59:33 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 9387
IP address blocks: 113.203.209.0/24 maxlen: 24
113.203.211.0/24 maxlen: 24
113.203.212.0/24 maxlen: 24
113.203.213.0/24 maxlen: 24
113.203.214.0/23 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.219.0/24 maxlen: 24
113.203.226.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
180.178.128.0/21 maxlen: 21
180.178.128.0/22 maxlen: 22
180.178.128.0/24 maxlen: 24
180.178.129.0/24 maxlen: 24
180.178.132.0/24 maxlen: 24
180.178.133.0/24 maxlen: 24
180.178.134.0/24 maxlen: 24
180.178.135.0/24 maxlen: 24
180.178.136.0/21 maxlen: 21
180.178.137.0/24 maxlen: 24
180.178.138.0/24 maxlen: 24
180.178.139.0/24 maxlen: 24
180.178.144.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.160.0/20 maxlen: 20
180.178.160.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.164.0/22 maxlen: 24
180.178.168.0/24 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
180.178.178.0/24 maxlen: 24
180.178.180.0/22 maxlen: 24
223.29.224.0/20 maxlen: 20
2401:4100::/32 maxlen: 32
2401:4100::/33 maxlen: 33
2401:4100:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2579 (0xa13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7
Validity
Not Before: Apr 17 07:59:33 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=643cfc65-85e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b1:e6:ed:8b:40:2d:84:48:08:19:16:58:57:
c5:43:b9:b3:8b:8a:fc:69:29:f6:dd:42:13:83:b0:
db:88:8c:da:f7:f3:e0:82:b6:3c:09:c9:da:ea:a9:
b7:a0:3b:5c:00:56:96:17:9d:3d:5a:eb:e5:11:51:
2d:30:f1:73:03:14:02:2c:23:9d:86:b8:66:93:c5:
e8:79:67:ea:94:0a:52:52:e9:6e:25:35:99:55:c6:
8e:e0:98:30:38:59:6d:1c:8b:ef:47:a7:8f:73:fb:
93:61:b0:e3:61:38:1b:db:9f:4b:49:1a:bb:a8:ee:
5a:17:85:53:74:ce:1c:88:a6:5c:9b:8d:e6:6d:fd:
89:eb:92:e5:26:ce:73:0d:8b:a7:e2:1c:99:7e:2d:
f6:5a:2b:db:05:eb:ca:54:90:8c:26:a2:6a:47:1d:
53:c6:ad:51:e6:8d:1b:20:fc:d3:0e:84:dc:ec:72:
b0:5d:f1:53:09:7c:f2:de:61:56:df:10:09:4b:e7:
0d:8b:99:d3:88:61:94:cb:54:53:22:d9:45:e7:9c:
0e:c4:3e:87:0c:8c:f4:0a:a4:93:0c:2e:26:a1:32:
60:d7:00:8f:2d:d3:de:19:23:c7:ad:92:34:81:c3:
74:76:e6:d7:bc:3a:ac:ca:d1:97:0c:98:b5:d2:35:
fb:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:BE:0C:25:1C:19:7C:92:E7:F0:B9:0E:F7:F0:BF:52:9D:5B:50:70
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/CA184296DCF511ED8458BD5BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.209.0/24
113.203.211.0-113.203.216.255
113.203.219.0/24
113.203.226.0/24
113.203.234.0-113.203.240.255
113.203.244.0/24
180.178.128.0-180.178.144.255
180.178.149.0/24
180.178.160.0/20
180.178.178.0/24
180.178.180.0/22
223.29.224.0/20
IPv6:
2401:4100::/32
Signature Algorithm: sha256WithRSAEncryption
83:15:65:ee:52:b6:3b:9b:62:d0:06:02:a4:d6:36:62:8c:a3:
ce:b1:f2:39:89:dc:4c:3a:0d:74:53:e5:06:19:83:3b:f5:4f:
13:e5:bd:21:7c:56:a8:14:b4:46:14:a3:9e:47:99:f1:99:f4:
19:b5:a2:bd:fe:d6:86:60:6b:37:b9:9c:41:21:3a:c5:14:9d:
af:14:ad:95:a5:bb:62:1d:24:18:b2:ec:e7:03:03:d3:73:d0:
e0:29:51:45:5f:2f:9b:63:fd:87:a4:d7:f1:0e:ee:25:b2:f0:
7c:e1:2a:3f:71:9e:4c:7d:12:26:55:a6:ab:30:c5:d8:cd:33:
3e:d0:93:8b:fb:72:18:78:39:f2:97:d0:73:fa:a4:62:45:67:
bd:54:6a:77:0e:8c:a3:17:03:0e:48:29:83:94:77:15:ff:09:
3f:ed:e2:09:c6:47:64:07:ba:eb:48:4e:8f:cb:79:bb:11:5a:
1b:23:43:db:3c:fd:b9:f9:ab:3d:40:18:8f:9c:46:6a:e2:56:
8e:4d:9c:32:71:1a:a2:06:f5:4e:8f:95:c9:cc:99:fc:16:2e:
b0:5c:ab:69:2f:76:70:19:cf:4f:ea:ee:5f:95:8b:1c:17:64:
45:02:3a:e5:74:e1:98:71:67:2a:49:a1:67:14:8e:2f:f4:6f:
03:96:7c:4f
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgICChMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwNDE3MDc1OTMzWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDNjZmM2NS04NWUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu7Hm7YtALYRICBkWWFfFQ7mzi4r8aSn23UITg7DbiIza9/PggrY8Ccna6qm3
oDtcAFaWF509WuvlEVEtMPFzAxQCLCOdhrhmk8XoeWfqlApSUuluJTWZVcaO4Jgw
OFltHIvvR6ePc/uTYbDjYTgb259LSRq7qO5aF4VTdM4ciKZcm43mbf2J65LlJs5z
DYun4hyZfi32WivbBevKVJCMJqJqRx1Txq1R5o0bIPzTDoTc7HKwXfFTCXzy3mFW
3xAJS+cNi5nTiGGUy1RTItlF55wOxD6HDIz0CqSTDC4moTJg1wCPLdPeGSPHrZI0
gcN0dubXvDqsytGXDJi10jX7NwIDAQABo4IC/zCCAvswHQYDVR0OBBYEFDu+DCUc
GXyS5/C5Dvfwv1KdW1BwMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvQ0ExODQyOTZE
Q0Y1MTFFRDg0NThCRDVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYgGCCsGAQUFBwEHAQH/
BHkwdzBmBAIAATBgAwQAccvRMAwDBABxy9MDBABxy9gDBABxy9sDBABxy+IwDAME
AXHL6gMEAHHL8AMEAHHL9DAMAwQHtLKAAwQAtLKQAwQAtLKVAwQEtLKgAwQAtLKy
AwQCtLK0AwQE3x3gMA0EAgACMAcDBQAkAUEAMA0GCSqGSIb3DQEBCwUAA4IBAQCD
FWXuUrY7m2LQBgKk1jZijKPOsfI5idxMOg10U+UGGYM79U8T5b0hfFaoFLRGFKOe
R5nxmfQZtaK9/taGYGs3uZxBITrFFJ2vFK2VpbtiHSQYsuznAwPTc9DgKVFFXy+b
Y/2HpNfxDu4lsvB84So/cZ5MfRImVaarMMXYzTM+0JOL+3IYeDnyl9Bz+qRiRWe9
VGp3DoyjFwMOSCmDlHcV/wk/7eIJxkdkB7rrSE6Py3m7EVobI0PbPP25+as9QBiP
nEZq4laOTZwycRqiBvVOj5XJzJn8Fi6wXKtpL3ZwGc9P6u5flYscF2RFAjrldOGY
cWcqSaFnFI4v9G8DlnxP
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:00:04 2025 by rpki-client