Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/D6531018675211ED8BC7BB36C4F9AE02.roa
File: D6531018675211ED8BC7BB36C4F9AE02.roa (raw, json)
Hash identifier: s5LT69N56dQvtgKR7YzSDXGLV5xrTAMQ7+PpuX0AWeY=
Subject key identifier: 49:47:AF:73:09:6E:1D:B0:88:CC:9F:DF:4E:55:3D:CF:1F:13:3B:F4
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0914
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/D6531018675211ED8BC7BB36C4F9AE02.roa
Signing time: Fri 18 Nov 2022 15:08:20 +0000
ROA not before: Fri 18 Nov 2022 15:08:20 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 9387
IP address blocks: 103.11.60.0/24 maxlen: 24
103.11.61.0/24 maxlen: 24
103.11.62.0/24 maxlen: 24
113.203.208.0/22 maxlen: 24
113.203.212.0/24 maxlen: 24
113.203.213.0/24 maxlen: 24
113.203.214.0/23 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.217.0/24 maxlen: 24
113.203.218.0/23 maxlen: 24
113.203.223.0/24 maxlen: 24
113.203.224.0/22 maxlen: 22
113.203.228.0/24 maxlen: 24
113.203.229.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
113.203.242.0/24 maxlen: 24
113.203.243.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
113.203.245.0/24 maxlen: 24
113.203.246.0/24 maxlen: 24
180.178.128.0/24 maxlen: 24
180.178.129.0/24 maxlen: 24
180.178.132.0/24 maxlen: 24
180.178.133.0/24 maxlen: 24
180.178.134.0/24 maxlen: 24
180.178.135.0/24 maxlen: 24
180.178.137.0/24 maxlen: 24
180.178.138.0/24 maxlen: 24
180.178.139.0/24 maxlen: 24
180.178.144.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.151.0/24 maxlen: 24
180.178.152.0/22 maxlen: 24
180.178.156.0/24 maxlen: 24
180.178.158.0/24 maxlen: 24
180.178.159.0/24 maxlen: 24
180.178.160.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.162.0/24 maxlen: 24
180.178.164.0/22 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.173.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
180.178.180.0/22 maxlen: 24
180.178.184.0/22 maxlen: 22
223.29.224.0/24 maxlen: 24
223.29.226.0/24 maxlen: 24
223.29.232.0/22 maxlen: 22
223.29.236.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
223.29.239.0/24 maxlen: 24
2401:4100::/33 maxlen: 33
2401:4100:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2324 (0x914)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7
Validity
Not Before: Nov 18 15:08:20 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63779fe4-c00d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b3:c6:5c:25:f0:38:5b:98:72:f3:3f:97:d6:
0d:17:db:6a:99:94:27:93:c7:a8:86:ac:61:1b:cc:
a5:8a:88:36:99:0c:80:6e:4d:68:e3:a1:28:a4:65:
f7:ae:59:0a:de:60:84:d2:f6:19:3c:82:da:ac:02:
ba:c6:8a:f3:6e:d2:89:cc:e0:4f:aa:3e:b9:76:a2:
a5:fe:57:1f:53:27:79:af:f6:42:15:bd:69:7c:bd:
ed:ad:aa:e5:e9:62:3f:36:9d:d5:cd:91:4e:c4:71:
f5:3a:27:34:93:06:11:f3:91:eb:32:58:4c:2a:d4:
de:6f:4a:29:83:a5:c2:dc:30:0e:1c:be:be:f6:88:
c4:7b:08:bf:79:38:44:80:3b:54:2e:56:53:26:e2:
63:cc:52:ad:14:4c:85:bb:2b:9e:24:d0:40:ff:88:
5b:32:9c:b6:1d:76:24:4f:1e:40:83:96:52:e5:6f:
85:3d:aa:18:2a:fc:8d:77:56:e9:b8:6e:a1:f9:91:
25:ce:b5:4b:b1:94:73:20:65:49:65:36:e6:17:5e:
b4:df:44:0a:a5:a6:b9:38:f7:7b:99:6c:a9:58:29:
ab:b0:0b:37:f4:2e:40:fb:ca:33:61:0e:c6:76:0a:
f6:b2:92:5c:78:ff:7c:9b:6f:c5:e9:33:41:30:73:
96:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:47:AF:73:09:6E:1D:B0:88:CC:9F:DF:4E:55:3D:CF:1F:13:3B:F4
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/D6531018675211ED8BC7BB36C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.60.0-103.11.62.255
113.203.208.0-113.203.219.255
113.203.223.0-113.203.229.255
113.203.231.0/24
113.203.234.0-113.203.240.255
113.203.242.0-113.203.246.255
180.178.128.0/23
180.178.132.0/22
180.178.137.0-180.178.139.255
180.178.144.0/24
180.178.149.0/24
180.178.151.0-180.178.156.255
180.178.158.0-180.178.162.255
180.178.164.0/22
180.178.172.0/22
180.178.180.0-180.178.187.255
223.29.224.0/24
223.29.226.0/24
223.29.232.0/21
IPv6:
2401:4100::-2401:4100:8000:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2b:fc:ff:31:2d:27:e0:fe:e6:64:78:e5:6a:79:32:8c:2a:1d:
91:aa:30:93:ae:1f:f4:e5:bd:69:62:50:2e:3f:02:03:c7:19:
4d:e6:b0:55:64:95:5a:3a:ba:76:2f:9d:d3:75:12:ce:b4:21:
8a:7f:d9:b4:9c:7a:04:0e:03:cc:a7:38:4f:02:0c:7d:cc:95:
f7:c0:08:32:03:ee:2d:6e:ae:df:1b:87:3b:f9:57:72:5e:b8:
cb:64:dd:57:54:06:7b:93:5f:47:5e:4c:b0:39:c2:50:ab:ce:
60:06:63:51:a8:00:bf:49:b9:77:1e:d4:4c:47:1e:87:59:84:
66:08:d9:cc:cf:d9:0a:ba:59:62:54:c2:e6:24:13:63:df:4a:
8c:81:ca:08:b7:b0:3e:e1:4d:dc:ef:8a:d7:83:84:1b:6d:67:
23:f3:48:f2:2c:2d:b2:71:20:48:4a:80:5c:88:01:47:3f:cb:
f5:47:d0:a7:89:7d:f2:0b:46:1f:8b:99:c3:50:35:dd:03:88:
28:34:1f:63:a4:c2:e5:b0:92:20:e6:86:f5:65:9e:fd:6f:cb:
86:f4:7f:a8:40:f8:fd:35:8a:af:48:d6:c5:05:01:2f:f0:da:
f6:aa:46:18:5d:36:bc:46:f1:d3:2a:3f:83:61:29:0a:d4:e3:
1b:43:b2:e6
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgICCRQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjIxMTE4MTUwODIwWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzc3OWZlNC1jMDBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxrPGXCXwOFuYcvM/l9YNF9tqmZQnk8eohqxhG8yliog2mQyAbk1o46EopGX3
rlkK3mCE0vYZPILarAK6xorzbtKJzOBPqj65dqKl/lcfUyd5r/ZCFb1pfL3trarl
6WI/Np3VzZFOxHH1Oic0kwYR85HrMlhMKtTeb0opg6XC3DAOHL6+9ojEewi/eThE
gDtULlZTJuJjzFKtFEyFuyueJNBA/4hbMpy2HXYkTx5Ag5ZS5W+FPaoYKvyNd1bp
uG6h+ZElzrVLsZRzIGVJZTbmF16030QKpaa5OPd7mWypWCmrsAs39C5A+8ozYQ7G
dgr2spJceP98m2/F6TNBMHOWDQIDAQABo4IDZzCCA2MwHQYDVR0OBBYEFElHr3MJ
bh2wiMyf305VPc8fEzv0MB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvRDY1MzEwMTg2
NzUyMTFFRDhCQzdCQjM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgfAGCCsGAQUFBwEHAQH/
BIHgMIHdMIHBBAIAATCBujAMAwQCZws8AwQAZws+MAwDBARxy9ADBAJxy9gwDAME
AHHL3wMEAXHL5AMEAHHL5zAMAwQBccvqAwQAccvwMAwDBAFxy/IDBABxy/YDBAG0
soADBAK0soQwDAMEALSyiQMEArSyiAMEALSykAMEALSylTAMAwQAtLKXAwQAtLKc
MAwDBAG0sp4DBAC0sqIDBAK0sqQDBAK0sqwwDAMEArSytAMEArSyuAMEAN8d4AME
AN8d4gMEA98d6DAXBAIAAjARMA8DBAAkAUEDBwAkAUEAgAAwDQYJKoZIhvcNAQEL
BQADggEBACv8/zEtJ+D+5mR45Wp5MowqHZGqMJOuH/TlvWliUC4/AgPHGU3msFVk
lVo6unYvndN1Es60IYp/2bScegQOA8ynOE8CDH3MlffACDID7i1urt8bhzv5V3Je
uMtk3VdUBnuTX0deTLA5wlCrzmAGY1GoAL9JuXce1ExHHodZhGYI2czP2Qq6WWJU
wuYkE2PfSoyBygi3sD7hTdzviteDhBttZyPzSPIsLbJxIEhKgFyIAUc/y/VH0KeJ
ffILRh+LmcNQNd0DiCg0H2OkwuWwkiDmhvVlnv1vy4b0f6hA+P01iq9I1sUFAS/w
2vaqRhhdNrxG8dMqP4NhKQrU4xtDsuY=
-----END CERTIFICATE-----
Generated at Sat Apr 12 06:08:56 2025 by rpki-client