Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/72F3E6AC50D611E79C136214C4F9AE02.roa
File: 72F3E6AC50D611E79C136214C4F9AE02.roa (raw, json)
Hash identifier: RavGs9fLqew0bDigfMj7ROWY5lImnhQ5jnyZaGW+uvM=
Subject key identifier: 77:8B:CF:0B:78:02:73:51:06:70:E1:09:5F:C6:65:D3:6F:91:70:E9
Certificate issuer: /CN=A914DA2D/serialNumber=29962325DE0BADE4DC9DDBC576AE277012BC3758
Certificate serial: 18B0
Authority key identifier: 29:96:23:25:DE:0B:AD:E4:DC:9D:DB:C5:76:AE:27:70:12:BC:37:58
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KZYjJd4LreTcndvFdq4ncBK8N1g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/72F3E6AC50D611E79C136214C4F9AE02.roa
Signing time: Wed 10 May 2023 17:25:58 +0000
ROA not before: Wed 10 May 2023 17:25:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17882
IP address blocks: 14.1.124.0/24 maxlen: 24
14.1.125.0/24 maxlen: 24
14.1.126.0/24 maxlen: 24
14.1.127.0/24 maxlen: 24
103.11.192.0/24 maxlen: 24
103.11.193.0/24 maxlen: 24
103.11.194.0/24 maxlen: 24
103.11.195.0/24 maxlen: 24
103.48.184.0/24 maxlen: 24
103.48.185.0/24 maxlen: 24
103.48.186.0/24 maxlen: 24
103.48.187.0/24 maxlen: 24
103.79.156.0/23 maxlen: 24
103.197.240.0/24 maxlen: 24
103.197.241.0/24 maxlen: 24
103.197.242.0/24 maxlen: 24
103.197.243.0/24 maxlen: 24
103.206.68.0/24 maxlen: 24
103.206.69.0/24 maxlen: 24
103.206.70.0/24 maxlen: 24
103.206.71.0/24 maxlen: 24
103.212.116.0/24 maxlen: 24
103.212.117.0/24 maxlen: 24
103.212.118.0/24 maxlen: 24
103.212.119.0/24 maxlen: 24
103.219.136.0/24 maxlen: 24
103.219.137.0/24 maxlen: 24
103.219.138.0/24 maxlen: 24
103.219.139.0/24 maxlen: 24
103.239.56.0/24 maxlen: 24
103.239.57.0/24 maxlen: 24
103.239.58.0/24 maxlen: 24
103.239.59.0/24 maxlen: 24
119.12.104.0/24 maxlen: 24
119.12.105.0/24 maxlen: 24
119.12.106.0/24 maxlen: 24
119.12.107.0/24 maxlen: 24
119.12.108.0/24 maxlen: 24
119.12.109.0/24 maxlen: 24
119.12.110.0/24 maxlen: 24
119.12.111.0/24 maxlen: 24
122.201.16.0/24 maxlen: 24
122.201.17.0/24 maxlen: 24
122.201.18.0/24 maxlen: 24
122.201.19.0/24 maxlen: 24
122.201.20.0/24 maxlen: 24
122.201.21.0/24 maxlen: 24
122.201.22.0/24 maxlen: 24
122.201.23.0/24 maxlen: 24
122.201.24.0/24 maxlen: 24
122.201.25.0/24 maxlen: 24
122.201.26.0/24 maxlen: 24
122.201.27.0/24 maxlen: 24
122.201.28.0/24 maxlen: 24
122.201.29.0/24 maxlen: 24
122.201.30.0/24 maxlen: 24
122.201.31.0/24 maxlen: 24
123.200.232.0/24 maxlen: 24
123.200.233.0/24 maxlen: 24
123.200.234.0/24 maxlen: 24
123.200.235.0/24 maxlen: 24
123.200.236.0/24 maxlen: 24
123.200.237.0/24 maxlen: 24
123.200.238.0/24 maxlen: 24
123.200.239.0/24 maxlen: 24
123.200.248.0/24 maxlen: 24
123.200.249.0/24 maxlen: 24
123.200.250.0/24 maxlen: 24
123.200.251.0/24 maxlen: 24
123.200.252.0/24 maxlen: 24
123.200.253.0/24 maxlen: 24
123.200.254.0/24 maxlen: 24
123.200.255.0/24 maxlen: 24
139.5.216.0/24 maxlen: 24
139.5.217.0/24 maxlen: 24
139.5.218.0/24 maxlen: 24
139.5.219.0/24 maxlen: 24
150.129.140.0/24 maxlen: 24
150.129.141.0/24 maxlen: 24
150.129.142.0/24 maxlen: 24
150.129.143.0/24 maxlen: 24
202.70.33.0/24 maxlen: 24
202.70.34.0/24 maxlen: 24
202.70.35.0/24 maxlen: 24
202.70.36.0/24 maxlen: 24
202.70.37.0/24 maxlen: 24
202.70.38.0/24 maxlen: 24
202.70.39.0/24 maxlen: 24
202.70.40.0/24 maxlen: 24
202.70.41.0/24 maxlen: 24
202.70.42.0/24 maxlen: 24
202.70.43.0/24 maxlen: 24
202.70.44.0/24 maxlen: 24
202.70.45.0/24 maxlen: 24
202.70.46.0/24 maxlen: 24
202.70.47.0/24 maxlen: 24
203.17.23.0/24 maxlen: 24
203.21.120.0/24 maxlen: 24
203.23.49.0/24 maxlen: 24
203.23.199.0/24 maxlen: 24
203.98.76.0/23 maxlen: 24
2405:5700::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6320 (0x18b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914DA2D/serialNumber=29962325DE0BADE4DC9DDBC576AE277012BC3758
Validity
Not Before: May 10 17:25:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bd3a5-53b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:42:c3:07:7e:f1:3a:d8:06:28:f0:ab:8b:ff:
71:60:b6:f7:d8:ce:da:e9:fa:65:8d:b9:e7:57:00:
db:6a:54:8f:a7:48:f3:2a:7b:5b:c4:4e:2f:8c:e3:
a4:bd:b5:d5:db:f2:24:e5:3c:b7:b1:48:e0:65:33:
8a:6e:cc:6d:c4:bf:e2:5d:60:21:ae:67:80:7f:f2:
92:7b:f9:19:ea:4d:e6:4d:06:83:e5:db:86:56:b3:
8a:69:15:19:9e:14:c2:13:02:05:8b:e1:13:80:6c:
ef:66:cb:8b:13:f3:56:44:75:9c:6b:1f:db:08:a9:
f3:cc:c1:a9:94:48:d5:48:58:ac:0f:ee:30:3f:5a:
e9:cf:a1:b5:ae:45:a6:e6:b5:65:03:48:91:9d:29:
4f:9d:7b:53:6a:89:19:12:6f:60:c5:3b:f0:eb:3f:
ae:c8:b0:db:bd:29:93:da:62:8c:fd:c1:85:ed:a7:
61:02:d4:79:25:e2:36:b7:d3:a0:84:c6:91:ee:bd:
70:68:7a:68:17:c3:33:6d:dd:61:d3:94:9e:ff:17:
24:2a:34:4c:79:df:4b:7a:b2:65:8b:0c:b4:0e:cb:
25:d4:60:7f:6a:7a:de:ed:d0:64:8f:37:50:44:93:
27:01:e4:0d:71:11:ed:3b:58:38:b0:2a:06:35:6c:
90:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:8B:CF:0B:78:02:73:51:06:70:E1:09:5F:C6:65:D3:6F:91:70:E9
X509v3 Authority Key Identifier:
keyid:29:96:23:25:DE:0B:AD:E4:DC:9D:DB:C5:76:AE:27:70:12:BC:37:58
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/KZYjJd4LreTcndvFdq4ncBK8N1g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KZYjJd4LreTcndvFdq4ncBK8N1g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/72F3E6AC50D611E79C136214C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.1.124.0/22
103.11.192.0/22
103.48.184.0/22
103.79.156.0/23
103.197.240.0/22
103.206.68.0/22
103.212.116.0/22
103.219.136.0/22
103.239.56.0/22
119.12.104.0/21
122.201.16.0/20
123.200.232.0/21
123.200.248.0/21
139.5.216.0/22
150.129.140.0/22
202.70.33.0-202.70.47.255
203.17.23.0/24
203.21.120.0/24
203.23.49.0/24
203.23.199.0/24
203.98.76.0/23
IPv6:
2405:5700::/32
Signature Algorithm: sha256WithRSAEncryption
5a:0f:83:4d:46:9e:c0:c2:b5:53:82:02:2c:9d:d7:21:3b:57:
8b:09:33:a7:bd:a1:07:a9:57:da:2d:37:e8:b2:d0:0d:37:87:
7a:0f:ae:17:9a:6b:d3:65:28:13:e3:98:1e:62:0d:83:68:53:
38:c8:0d:07:00:02:9c:c5:35:e1:27:03:20:1f:ed:56:e6:66:
6b:6e:16:bf:cc:93:d3:fd:23:d4:fd:d8:be:dc:83:28:9d:8c:
49:a0:7b:49:bd:ae:16:05:17:97:d8:e1:5e:84:4c:bb:4f:de:
ca:fc:61:a9:be:20:e5:cd:4a:6e:04:5c:47:74:45:64:93:48:
15:87:de:d1:2c:16:79:7c:c0:9c:58:4d:df:6e:4f:10:db:6b:
ce:0d:1f:89:75:27:c7:c4:4e:51:8c:89:58:2f:83:74:4e:68:
27:d3:7c:2e:17:72:2f:6c:4e:53:00:40:54:66:a7:c6:95:45:
b2:57:5c:7e:f1:6a:cd:21:4d:35:2a:bc:f2:5a:e2:d7:e2:71:
a1:83:6b:e5:72:d4:88:1a:69:72:2d:c1:5e:53:f3:92:d7:b5:
57:de:f6:8b:84:23:28:4c:0c:f1:a4:e3:4f:3b:18:0f:6d:ef:
e3:e7:e2:ab:77:fd:81:17:a2:97:24:59:d6:8a:47:78:e1:e8:
ed:fa:e4:16
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgICGLAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NERBMkQxMTAvBgNVBAUTKDI5OTYyMzI1REUwQkFERTREQzlEREJDNTc2QUUyNzcw
MTJCQzM3NTgwHhcNMjMwNTEwMTcyNTU4WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViZDNhNS01M2IzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxkLDB37xOtgGKPCri/9xYLb32M7a6fpljbnnVwDbalSPp0jzKntbxE4vjOOk
vbXV2/Ik5Ty3sUjgZTOKbsxtxL/iXWAhrmeAf/KSe/kZ6k3mTQaD5duGVrOKaRUZ
nhTCEwIFi+ETgGzvZsuLE/NWRHWcax/bCKnzzMGplEjVSFisD+4wP1rpz6G1rkWm
5rVlA0iRnSlPnXtTaokZEm9gxTvw6z+uyLDbvSmT2mKM/cGF7adhAtR5JeI2t9Og
hMaR7r1waHpoF8Mzbd1h05Se/xckKjRMed9LerJliwy0Dssl1GB/anre7dBkjzdQ
RJMnAeQNcRHtO1g4sCoGNWyQEwIDAQABo4IDKTCCAyUwHQYDVR0OBBYEFHeLzwt4
AnNRBnDhCV/GZdNvkXDpMB8GA1UdIwQYMBaAFCmWIyXeC63k3J3bxXauJ3ASvDdY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0REEyRC84MzgzNjIwQTUw
RDUxMUU3OUVDRTQwMTNDNEY5QUUwMi9LWllqSmQ0THJlVGNuZHZGZHE0bmNCSzhO
MWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0taWWpKZDRMcmVUY25kdkZkcTRuY0JLOE4xZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NERBMkQvODM4MzYyMEE1MEQ1MTFFNzlFQ0U0MDEzQzRGOUFFMDIvNzJGM0U2QUM1
MEQ2MTFFNzlDMTM2MjE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbIGCCsGAQUFBwEHAQH/
BIGiMIGfMIGNBAIAATCBhgMEAg4BfAMEAmcLwAMEAmcwuAMEAWdPnAMEAmfF8AME
AmfORAMEAmfUdAMEAmfbiAMEAmfvOAMEA3cMaAMEBHrJEAMEA3vI6AMEA3vI+AME
AosF2AMEApaBjDAMAwQAykYhAwQEykYgAwQAyxEXAwQAyxV4AwQAyxcxAwQAyxfH
AwQBy2JMMA0EAgACMAcDBQAkBVcAMA0GCSqGSIb3DQEBCwUAA4IBAQBaD4NNRp7A
wrVTggIsndchO1eLCTOnvaEHqVfaLTfostANN4d6D64XmmvTZSgT45geYg2DaFM4
yA0HAAKcxTXhJwMgH+1W5mZrbha/zJPT/SPU/di+3IMonYxJoHtJva4WBReX2OFe
hEy7T97K/GGpviDlzUpuBFxHdEVkk0gVh97RLBZ5fMCcWE3fbk8Q22vODR+JdSfH
xE5RjIlYL4N0Tmgn03wuF3IvbE5TAEBUZqfGlUWyV1x+8WrNIU01KrzyWuLX4nGh
g2vlctSIGmlyLcFeU/OS17VX3vaLhCMoTAzxpONPOxgPbe/j5+Krd/2BF6KXJFnW
ikd44ejt+uQW
-----END CERTIFICATE-----
Generated at Mon Sep 18 17:39:16 2023 by rpki-client on console-fra.rpki-client.org