Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/CD32E6EA232911EFA7F59571C4F9AE02.roa
File: CD32E6EA232911EFA7F59571C4F9AE02.roa (raw, json)
Hash identifier: Rm/JA4lb/3kpIb9999LewQk8fGCsyI+l59fw1oJsSzw=
Subject key identifier: 37:AD:95:52:11:0C:CB:5D:97:A9:9D:C4:91:5E:B9:D5:78:85:5A:84
Certificate issuer: /CN=A9120B99/serialNumber=86C7946946B2A57B056F02B279340D30C2CE49B4
Certificate serial: 340F
Authority key identifier: 86:C7:94:69:46:B2:A5:7B:05:6F:02:B2:79:34:0D:30:C2:CE:49:B4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hseUaUaypXsFbwKyeTQNMMLOSbQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/CD32E6EA232911EFA7F59571C4F9AE02.roa
Signing time: Wed 05 Jun 2024 10:53:12 +0000
ROA not before: Wed 05 Jun 2024 10:53:11 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 7540
IP address blocks: 117.18.96.0/24 maxlen: 24
117.18.98.0/24 maxlen: 24
117.18.101.0/24 maxlen: 24
117.18.105.0/24 maxlen: 24
117.18.106.0/24 maxlen: 24
117.18.107.0/24 maxlen: 24
117.18.108.0/24 maxlen: 24
117.18.110.0/24 maxlen: 24
117.18.112.0/24 maxlen: 24
117.18.113.0/24 maxlen: 24
117.18.114.0/24 maxlen: 24
117.18.115.0/24 maxlen: 24
117.18.116.0/24 maxlen: 24
117.18.119.0/24 maxlen: 24
117.18.120.0/24 maxlen: 24
117.18.121.0/24 maxlen: 24
117.18.124.0/24 maxlen: 24
117.18.125.0/24 maxlen: 24
117.18.126.0/24 maxlen: 24
202.181.137.0/24 maxlen: 24
202.181.138.0/24 maxlen: 24
202.181.140.0/24 maxlen: 24
202.181.141.0/24 maxlen: 24
202.181.142.0/24 maxlen: 24
202.181.143.0/24 maxlen: 24
202.181.150.0/24 maxlen: 24
202.181.152.0/24 maxlen: 24
202.181.154.0/24 maxlen: 24
202.181.160.0/24 maxlen: 24
202.181.161.0/24 maxlen: 24
202.181.162.0/24 maxlen: 24
202.181.163.0/24 maxlen: 24
202.181.164.0/24 maxlen: 24
202.181.165.0/24 maxlen: 24
202.181.166.0/24 maxlen: 24
202.181.167.0/24 maxlen: 24
202.181.168.0/24 maxlen: 24
202.181.169.0/24 maxlen: 24
202.181.170.0/24 maxlen: 24
202.181.171.0/24 maxlen: 24
202.181.172.0/24 maxlen: 24
202.181.173.0/24 maxlen: 24
202.181.174.0/24 maxlen: 24
202.181.175.0/24 maxlen: 24
202.181.176.0/24 maxlen: 24
202.181.178.0/24 maxlen: 24
202.181.179.0/24 maxlen: 24
202.181.180.0/24 maxlen: 24
202.181.181.0/24 maxlen: 24
202.181.182.0/24 maxlen: 24
202.181.183.0/24 maxlen: 24
202.181.184.0/24 maxlen: 24
202.181.185.0/24 maxlen: 24
202.181.186.0/24 maxlen: 24
202.181.187.0/24 maxlen: 24
202.181.189.0/24 maxlen: 24
202.181.190.0/24 maxlen: 24
202.181.191.0/24 maxlen: 24
202.181.192.0/24 maxlen: 24
202.181.193.0/24 maxlen: 24
202.181.194.0/24 maxlen: 24
202.181.195.0/24 maxlen: 24
202.181.196.0/24 maxlen: 24
202.181.197.0/24 maxlen: 24
202.181.198.0/24 maxlen: 24
202.181.199.0/24 maxlen: 24
202.181.200.0/24 maxlen: 24
202.181.201.0/24 maxlen: 24
202.181.202.0/24 maxlen: 24
202.181.203.0/24 maxlen: 24
202.181.205.0/24 maxlen: 24
202.181.206.0/24 maxlen: 24
202.181.207.0/24 maxlen: 24
202.181.208.0/24 maxlen: 24
202.181.209.0/24 maxlen: 24
202.181.210.0/24 maxlen: 24
202.181.211.0/24 maxlen: 24
202.181.212.0/24 maxlen: 24
202.181.213.0/24 maxlen: 24
202.181.214.0/24 maxlen: 24
202.181.215.0/24 maxlen: 24
202.181.216.0/24 maxlen: 24
202.181.217.0/24 maxlen: 24
202.181.219.0/24 maxlen: 24
202.181.220.0/24 maxlen: 24
202.181.221.0/24 maxlen: 24
202.181.222.0/24 maxlen: 24
202.181.223.0/24 maxlen: 24
202.181.224.0/24 maxlen: 24
202.181.225.0/24 maxlen: 24
202.181.226.0/24 maxlen: 24
202.181.227.0/24 maxlen: 24
202.181.228.0/24 maxlen: 24
202.181.229.0/24 maxlen: 24
202.181.230.0/24 maxlen: 24
202.181.231.0/24 maxlen: 24
202.181.233.0/24 maxlen: 24
202.181.234.0/24 maxlen: 24
202.181.235.0/24 maxlen: 24
202.181.236.0/24 maxlen: 24
202.181.237.0/24 maxlen: 24
202.181.238.0/24 maxlen: 24
202.181.239.0/24 maxlen: 24
202.181.240.0/24 maxlen: 24
202.181.241.0/24 maxlen: 24
202.181.242.0/24 maxlen: 24
202.181.243.0/24 maxlen: 24
202.181.244.0/24 maxlen: 24
202.181.245.0/24 maxlen: 24
202.181.246.0/24 maxlen: 24
202.181.247.0/24 maxlen: 24
202.181.248.0/23 maxlen: 24
2405:5d00::/64 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13327 (0x340f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9120B99
Validity
Not Before: Jun 5 10:53:11 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66604397-f3f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c1:9c:ab:24:8a:a0:d6:43:c6:2e:75:b3:6e:
84:06:f2:3c:04:82:fc:28:a5:c7:50:27:6f:a7:44:
a6:fc:ca:be:19:1d:a9:5a:88:a1:ad:25:37:ca:d5:
d8:6c:80:27:cf:51:d7:69:d1:3a:6b:96:c5:95:25:
71:56:f1:5c:84:26:52:06:36:45:bb:0d:73:7e:16:
cc:73:e2:d9:8f:5b:50:bb:ef:46:19:b1:9f:bd:89:
80:95:d3:de:8d:74:a0:7b:0b:3a:69:a6:75:7b:6c:
6d:f1:7b:eb:c9:22:03:41:f0:3b:a8:0a:95:b2:af:
e6:cc:41:80:78:c1:b6:72:68:57:6d:a0:bb:de:65:
07:cb:e1:4c:41:8e:66:b7:78:3e:aa:6e:7e:02:f6:
fc:28:22:7b:c3:81:2a:5f:ae:11:29:0e:d9:e3:b8:
57:d3:ec:f3:5f:61:f3:59:cc:d6:22:be:df:8b:18:
7c:eb:30:04:2d:fa:8b:96:d4:9d:73:e0:0f:ad:c2:
6d:15:39:f8:3f:97:0e:8d:3b:0c:22:59:5c:c4:9f:
3f:b4:05:76:76:fa:b8:f9:85:b8:ec:9c:3c:b9:68:
ce:f9:a7:7b:3e:0c:2d:8b:5b:dc:ce:e6:0f:bc:dd:
48:c3:2f:93:f6:d6:96:42:89:dd:aa:71:8d:3a:78:
63:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:AD:95:52:11:0C:CB:5D:97:A9:9D:C4:91:5E:B9:D5:78:85:5A:84
X509v3 Authority Key Identifier:
keyid:86:C7:94:69:46:B2:A5:7B:05:6F:02:B2:79:34:0D:30:C2:CE:49:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/hseUaUaypXsFbwKyeTQNMMLOSbQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hseUaUaypXsFbwKyeTQNMMLOSbQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/CD32E6EA232911EFA7F59571C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
117.18.96.0/24
117.18.98.0/24
117.18.101.0/24
117.18.105.0-117.18.108.255
117.18.110.0/24
117.18.112.0-117.18.116.255
117.18.119.0-117.18.121.255
117.18.124.0-117.18.126.255
202.181.137.0-202.181.138.255
202.181.140.0/22
202.181.150.0/24
202.181.152.0/24
202.181.154.0/24
202.181.160.0-202.181.176.255
202.181.178.0-202.181.187.255
202.181.189.0-202.181.203.255
202.181.205.0-202.181.217.255
202.181.219.0-202.181.231.255
202.181.233.0-202.181.249.255
IPv6:
2405:5d00::/64
Signature Algorithm: sha256WithRSAEncryption
08:f1:ab:4b:31:67:52:0d:07:15:4d:a6:3a:22:85:a9:8d:22:
a0:c3:83:63:ac:60:c5:f8:ed:c7:7c:23:46:a5:35:0d:ae:57:
42:b3:e9:85:fe:24:1b:8b:9d:bd:b6:2d:24:59:1b:fa:90:a3:
60:ec:2d:ca:90:35:5a:5c:a4:28:42:58:c2:2d:bd:57:48:8a:
94:3b:6f:3b:cd:e2:87:ef:3d:75:ee:f6:cd:a2:fb:57:5b:58:
f9:fb:e3:41:cb:48:cc:6f:3b:aa:3c:cc:2c:81:0d:51:68:c3:
b8:92:fb:f4:3a:93:7d:ab:c4:e8:d0:eb:5a:3b:71:a0:04:76:
73:42:88:d9:d2:b0:24:50:d7:d3:ae:44:90:23:49:c1:db:4f:
48:6c:ce:e6:77:37:c8:89:60:96:cc:67:d6:fd:fc:bd:db:c8:
03:fa:16:4e:10:a5:26:b0:c8:5b:b0:be:e9:23:c6:b2:d7:b4:
14:1a:57:64:b2:9b:ac:79:70:3e:a1:79:9b:3e:0f:c6:0c:9f:
7b:ef:15:68:38:72:7d:7f:9f:67:d6:82:a4:62:d7:4f:21:4a:
a5:c0:33:a4:6d:19:14:56:53:1b:60:95:a8:52:61:26:6b:19:
7b:4a:53:6f:ea:d4:ce:9e:7a:93:62:69:8a:c8:0e:e1:23:ea:
c1:52:91:e6
-----BEGIN CERTIFICATE-----
MIIGTTCCBTWgAwIBAgICNA8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjBCOTkxMTAvBgNVBAUTKDg2Qzc5NDY5NDZCMkE1N0IwNTZGMDJCMjc5MzQwRDMw
QzJDRTQ5QjQwHhcNMjQwNjA1MTA1MzExWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjYwNDM5Ny1mM2YzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApMGcqySKoNZDxi51s26EBvI8BIL8KKXHUCdvp0Sm/Mq+GR2pWoihrSU3ytXY
bIAnz1HXadE6a5bFlSVxVvFchCZSBjZFuw1zfhbMc+LZj1tQu+9GGbGfvYmAldPe
jXSgews6aaZ1e2xt8XvrySIDQfA7qAqVsq/mzEGAeMG2cmhXbaC73mUHy+FMQY5m
t3g+qm5+Avb8KCJ7w4EqX64RKQ7Z47hX0+zzX2HzWczWIr7fixh86zAELfqLltSd
c+APrcJtFTn4P5cOjTsMIllcxJ8/tAV2dvq4+YW47Jw8uWjO+ad7Pgwti1vczuYP
vN1Iwy+T9taWQondqnGNOnhjTQIDAQABo4IDcTCCA20wHQYDVR0OBBYEFDetlVIR
DMtdl6mdxJFeudV4hVqEMB8GA1UdIwQYMBaAFIbHlGlGsqV7BW8Csnk0DTDCzkm0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMEI5OS9EM0Y5MDUxQzFE
ODMxMUUyQjRFRDVDRDkwOEIwMkNEMi9oc2VVYVVheXBYc0Zid0t5ZVRRTk1NTE9T
YlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hzZVVhVWF5cFhzRmJ3S3llVFFOTU1MT1NiUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjBCOTkvRDNGOTA1MUMxRDgzMTFFMkI0RUQ1Q0Q5MDhCMDJDRDIvQ0QzMkU2RUEy
MzI5MTFFRkE3RjU5NTcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgfoGCCsGAQUFBwEHAQH/
BIHqMIHnMIHRBAIAATCBygMEAHUSYAMEAHUSYgMEAHUSZTAMAwQAdRJpAwQAdRJs
AwQAdRJuMAwDBAR1EnADBAB1EnQwDAMEAHUSdwMEAXUSeDAMAwQCdRJ8AwQAdRJ+
MAwDBADKtYkDBADKtYoDBALKtYwDBADKtZYDBADKtZgDBADKtZowDAMEBcq1oAME
AMq1sDAMAwQByrWyAwQCyrW4MAwDBADKtb0DBALKtcgwDAMEAMq1zQMEAcq12DAM
AwQAyrXbAwQDyrXgMAwDBADKtekDBAHKtfgwEQQCAAIwCwMJACQFXQAAAAAAMA0G
CSqGSIb3DQEBCwUAA4IBAQAI8atLMWdSDQcVTaY6IoWpjSKgw4NjrGDF+O3HfCNG
pTUNrldCs+mF/iQbi529ti0kWRv6kKNg7C3KkDVaXKQoQljCLb1XSIqUO287zeKH
7z117vbNovtXW1j5++NBy0jMbzuqPMwsgQ1RaMO4kvv0OpN9q8To0OtaO3GgBHZz
QojZ0rAkUNfTrkSQI0nB209IbM7mdzfIiWCWzGfW/fy928gD+hZOEKUmsMhbsL7p
I8ay17QUGldkspuseXA+oXmbPg/GDJ977xVoOHJ9f59n1oKkYtdPIUqlwDOkbRkU
VlMbYJWoUmEmaxl7SlNv6tTOnnqTYmmKyA7hI+rBUpHm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:05 2025 by rpki-client