Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/5835D88617D311EFB37AB157C4F9AE02.roa
File: 5835D88617D311EFB37AB157C4F9AE02.roa (raw, json)
Hash identifier: aD64rXlr2F+gVGL71yhWAHXAYQMhIx6kRf7wouhpH0A=
Subject key identifier: 9C:65:A9:80:C7:1B:66:71:1A:60:A6:46:9E:7B:31:BE:59:18:CC:6B
Certificate issuer: /CN=A9120B99/serialNumber=86C7946946B2A57B056F02B279340D30C2CE49B4
Certificate serial: 3405
Authority key identifier: 86:C7:94:69:46:B2:A5:7B:05:6F:02:B2:79:34:0D:30:C2:CE:49:B4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hseUaUaypXsFbwKyeTQNMMLOSbQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/5835D88617D311EFB37AB157C4F9AE02.roa
Signing time: Thu 30 May 2024 14:50:32 +0000
ROA not before: Thu 30 May 2024 14:50:32 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 7540
IP address blocks: 117.18.96.0/24 maxlen: 24
117.18.98.0/24 maxlen: 24
117.18.101.0/24 maxlen: 24
117.18.102.0/24 maxlen: 24
117.18.105.0/24 maxlen: 24
117.18.106.0/24 maxlen: 24
117.18.107.0/24 maxlen: 24
117.18.108.0/24 maxlen: 24
117.18.110.0/24 maxlen: 24
117.18.112.0/24 maxlen: 24
117.18.113.0/24 maxlen: 24
117.18.114.0/24 maxlen: 24
117.18.115.0/24 maxlen: 24
117.18.116.0/24 maxlen: 24
117.18.119.0/24 maxlen: 24
117.18.120.0/24 maxlen: 24
117.18.121.0/24 maxlen: 24
117.18.124.0/24 maxlen: 24
117.18.125.0/24 maxlen: 24
117.18.126.0/24 maxlen: 24
202.181.137.0/24 maxlen: 24
202.181.138.0/24 maxlen: 24
202.181.140.0/24 maxlen: 24
202.181.141.0/24 maxlen: 24
202.181.142.0/24 maxlen: 24
202.181.143.0/24 maxlen: 24
202.181.150.0/24 maxlen: 24
202.181.152.0/24 maxlen: 24
202.181.154.0/24 maxlen: 24
202.181.156.0/24 maxlen: 24
202.181.157.0/24 maxlen: 24
202.181.158.0/24 maxlen: 24
202.181.159.0/24 maxlen: 24
202.181.160.0/24 maxlen: 24
202.181.161.0/24 maxlen: 24
202.181.162.0/24 maxlen: 24
202.181.163.0/24 maxlen: 24
202.181.164.0/24 maxlen: 24
202.181.165.0/24 maxlen: 24
202.181.166.0/24 maxlen: 24
202.181.167.0/24 maxlen: 24
202.181.168.0/24 maxlen: 24
202.181.169.0/24 maxlen: 24
202.181.170.0/24 maxlen: 24
202.181.171.0/24 maxlen: 24
202.181.172.0/24 maxlen: 24
202.181.173.0/24 maxlen: 24
202.181.174.0/24 maxlen: 24
202.181.175.0/24 maxlen: 24
202.181.176.0/24 maxlen: 24
202.181.178.0/24 maxlen: 24
202.181.179.0/24 maxlen: 24
202.181.180.0/24 maxlen: 24
202.181.181.0/24 maxlen: 24
202.181.182.0/24 maxlen: 24
202.181.183.0/24 maxlen: 24
202.181.184.0/24 maxlen: 24
202.181.185.0/24 maxlen: 24
202.181.186.0/24 maxlen: 24
202.181.187.0/24 maxlen: 24
202.181.189.0/24 maxlen: 24
202.181.190.0/24 maxlen: 24
202.181.191.0/24 maxlen: 24
202.181.192.0/24 maxlen: 24
202.181.193.0/24 maxlen: 24
202.181.194.0/24 maxlen: 24
202.181.195.0/24 maxlen: 24
202.181.196.0/24 maxlen: 24
202.181.197.0/24 maxlen: 24
202.181.198.0/24 maxlen: 24
202.181.199.0/24 maxlen: 24
202.181.200.0/24 maxlen: 24
202.181.201.0/24 maxlen: 24
202.181.202.0/24 maxlen: 24
202.181.203.0/24 maxlen: 24
202.181.205.0/24 maxlen: 24
202.181.206.0/24 maxlen: 24
202.181.207.0/24 maxlen: 24
202.181.208.0/24 maxlen: 24
202.181.209.0/24 maxlen: 24
202.181.210.0/24 maxlen: 24
202.181.211.0/24 maxlen: 24
202.181.212.0/24 maxlen: 24
202.181.213.0/24 maxlen: 24
202.181.214.0/24 maxlen: 24
202.181.215.0/24 maxlen: 24
202.181.216.0/24 maxlen: 24
202.181.217.0/24 maxlen: 24
202.181.219.0/24 maxlen: 24
202.181.220.0/24 maxlen: 24
202.181.221.0/24 maxlen: 24
202.181.222.0/24 maxlen: 24
202.181.223.0/24 maxlen: 24
202.181.224.0/24 maxlen: 24
202.181.225.0/24 maxlen: 24
202.181.226.0/24 maxlen: 24
202.181.227.0/24 maxlen: 24
202.181.228.0/24 maxlen: 24
202.181.229.0/24 maxlen: 24
202.181.230.0/24 maxlen: 24
202.181.231.0/24 maxlen: 24
202.181.233.0/24 maxlen: 24
202.181.234.0/24 maxlen: 24
202.181.235.0/24 maxlen: 24
202.181.236.0/24 maxlen: 24
202.181.237.0/24 maxlen: 24
202.181.238.0/24 maxlen: 24
202.181.239.0/24 maxlen: 24
202.181.240.0/24 maxlen: 24
202.181.241.0/24 maxlen: 24
202.181.242.0/24 maxlen: 24
202.181.243.0/24 maxlen: 24
202.181.244.0/24 maxlen: 24
202.181.245.0/24 maxlen: 24
202.181.246.0/24 maxlen: 24
202.181.247.0/24 maxlen: 24
202.181.248.0/23 maxlen: 24
2405:5d00::/64 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13317 (0x3405)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9120B99
Validity
Not Before: May 30 14:50:32 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66589238-6b86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fd:f6:a1:2b:fa:29:99:5a:b7:1f:d2:44:d1:
02:82:eb:47:70:1d:20:c0:c3:a7:ca:3b:66:b6:89:
cd:e4:58:0f:a7:fb:39:f7:b3:72:71:60:a3:32:06:
d1:86:50:3f:2b:fd:3c:2d:11:2f:4f:a7:6c:06:50:
64:0e:b8:29:14:b2:d0:b4:ec:a8:fe:90:d2:52:14:
1a:9a:f1:53:1c:f6:e7:7f:cf:f7:dd:67:06:76:80:
66:67:b5:ba:80:e5:d6:ca:70:1f:61:b8:0d:4d:80:
6e:e9:e1:08:b8:b0:78:8e:43:44:9e:e7:ef:8e:d3:
c8:6e:31:a0:f6:ae:f1:2d:4f:35:99:88:72:e8:76:
99:ad:7a:89:72:c0:18:33:2c:7f:44:c4:01:2f:10:
c6:7b:0e:f8:18:88:c0:94:c0:36:d1:ab:ac:71:50:
61:7b:8b:25:df:6a:68:fd:51:50:8b:0f:a1:10:0c:
6e:41:0b:f3:f5:55:5e:04:a1:c6:19:1d:f9:55:c0:
fa:85:43:96:f4:48:4b:a2:0a:51:72:85:b2:10:dd:
15:63:11:1c:09:98:c2:94:7d:0a:c3:b1:33:a2:e5:
f2:8b:d9:a7:1b:8f:d7:86:61:65:18:8b:aa:c5:44:
4a:f2:b8:be:3f:32:b1:78:bc:fe:41:49:b1:da:d8:
db:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:65:A9:80:C7:1B:66:71:1A:60:A6:46:9E:7B:31:BE:59:18:CC:6B
X509v3 Authority Key Identifier:
keyid:86:C7:94:69:46:B2:A5:7B:05:6F:02:B2:79:34:0D:30:C2:CE:49:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/hseUaUaypXsFbwKyeTQNMMLOSbQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hseUaUaypXsFbwKyeTQNMMLOSbQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/5835D88617D311EFB37AB157C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
117.18.96.0/24
117.18.98.0/24
117.18.101.0-117.18.102.255
117.18.105.0-117.18.108.255
117.18.110.0/24
117.18.112.0-117.18.116.255
117.18.119.0-117.18.121.255
117.18.124.0-117.18.126.255
202.181.137.0-202.181.138.255
202.181.140.0/22
202.181.150.0/24
202.181.152.0/24
202.181.154.0/24
202.181.156.0-202.181.176.255
202.181.178.0-202.181.187.255
202.181.189.0-202.181.203.255
202.181.205.0-202.181.217.255
202.181.219.0-202.181.231.255
202.181.233.0-202.181.249.255
IPv6:
2405:5d00::/64
Signature Algorithm: sha256WithRSAEncryption
6f:c0:93:f4:d9:35:be:6d:64:5b:51:b7:cf:07:33:54:63:c8:
d1:09:4f:bf:d5:b1:c2:55:87:a9:82:4a:27:b2:54:a6:7a:8b:
57:eb:be:ed:f5:f1:bf:24:e0:f1:97:b7:d8:9f:7c:f8:30:e9:
15:4c:54:6a:56:41:1e:82:8b:87:10:5f:87:23:2c:68:6a:c5:
64:07:39:fe:5e:5e:69:fe:7f:13:7e:8c:d4:47:09:02:9b:ea:
7c:cc:65:a1:f5:98:b2:4e:11:75:81:ec:d6:6f:e5:cc:0f:df:
c5:73:56:a0:28:af:e7:60:0b:cc:29:35:c7:49:9f:7e:5a:d4:
d8:96:f4:a7:61:1c:c9:e3:6e:fa:ed:5a:43:58:30:22:9f:e8:
85:31:f8:24:14:00:dd:56:f0:6c:5e:67:58:34:88:bb:8f:8b:
7f:15:be:da:dd:24:d5:c8:fd:73:e9:c8:ad:54:2a:c2:9d:18:
ce:9a:25:8e:04:20:8c:1a:fb:ca:aa:25:c7:00:9a:aa:9c:ee:
4b:97:ca:c7:6e:da:7f:3d:1a:2d:0a:b3:aa:84:79:33:4b:ee:
4e:34:08:1b:63:d1:6c:cd:e7:ca:60:08:90:a6:a9:40:ba:fb:
96:26:41:96:1f:1d:e4:a6:38:72:f1:83:ee:77:63:0b:c5:c9:
4e:dd:11:bc
-----BEGIN CERTIFICATE-----
MIIGVjCCBT6gAwIBAgICNAUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjBCOTkxMTAvBgNVBAUTKDg2Qzc5NDY5NDZCMkE1N0IwNTZGMDJCMjc5MzQwRDMw
QzJDRTQ5QjQwHhcNMjQwNTMwMTQ1MDMyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU4OTIzOC02Yjg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv/32oSv6KZlatx/SRNECgutHcB0gwMOnyjtmtonN5FgPp/s597NycWCjMgbR
hlA/K/08LREvT6dsBlBkDrgpFLLQtOyo/pDSUhQamvFTHPbnf8/33WcGdoBmZ7W6
gOXWynAfYbgNTYBu6eEIuLB4jkNEnufvjtPIbjGg9q7xLU81mYhy6HaZrXqJcsAY
Myx/RMQBLxDGew74GIjAlMA20auscVBhe4sl32po/VFQiw+hEAxuQQvz9VVeBKHG
GR35VcD6hUOW9EhLogpRcoWyEN0VYxEcCZjClH0Kw7EzouXyi9mnG4/XhmFlGIuq
xURK8ri+PzKxeLz+QUmx2tjbawIDAQABo4IDejCCA3YwHQYDVR0OBBYEFJxlqYDH
G2ZxGmCmRp57Mb5ZGMxrMB8GA1UdIwQYMBaAFIbHlGlGsqV7BW8Csnk0DTDCzkm0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMEI5OS9EM0Y5MDUxQzFE
ODMxMUUyQjRFRDVDRDkwOEIwMkNEMi9oc2VVYVVheXBYc0Zid0t5ZVRRTk1NTE9T
YlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hzZVVhVWF5cFhzRmJ3S3llVFFOTU1MT1NiUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjBCOTkvRDNGOTA1MUMxRDgzMTFFMkI0RUQ1Q0Q5MDhCMDJDRDIvNTgzNUQ4ODYx
N0QzMTFFRkIzN0FCMTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggECBggrBgEFBQcBBwEB
/wSB8jCB7zCB2QQCAAEwgdIDBAB1EmADBAB1EmIwDAMEAHUSZQMEAHUSZjAMAwQA
dRJpAwQAdRJsAwQAdRJuMAwDBAR1EnADBAB1EnQwDAMEAHUSdwMEAXUSeDAMAwQC
dRJ8AwQAdRJ+MAwDBADKtYkDBADKtYoDBALKtYwDBADKtZYDBADKtZgDBADKtZow
DAMEAsq1nAMEAMq1sDAMAwQByrWyAwQCyrW4MAwDBADKtb0DBALKtcgwDAMEAMq1
zQMEAcq12DAMAwQAyrXbAwQDyrXgMAwDBADKtekDBAHKtfgwEQQCAAIwCwMJACQF
XQAAAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBvwJP02TW+bWRbUbfPBzNUY8jRCU+/
1bHCVYepgkonslSmeotX677t9fG/JODxl7fYn3z4MOkVTFRqVkEegouHEF+HIyxo
asVkBzn+Xl5p/n8TfozURwkCm+p8zGWh9ZiyThF1gezWb+XMD9/Fc1agKK/nYAvM
KTXHSZ9+WtTYlvSnYRzJ42767VpDWDAin+iFMfgkFADdVvBsXmdYNIi7j4t/Fb7a
3STVyP1z6citVCrCnRjOmiWOBCCMGvvKqiXHAJqqnO5Ll8rHbtp/PRotCrOqhHkz
S+5ONAgbY9FszefKYAiQpqlAuvuWJkGWHx3kpjhy8YPud2MLxclO3RG8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:04 2025 by rpki-client