Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0A0ED114B95A11ECADCDE663C4F9AE02.roa
File: 0A0ED114B95A11ECADCDE663C4F9AE02.roa (raw, json)
Hash identifier: TSajsLd9YOFv0a1R0DKrCWZ8pa4QQpijYE7/jc6WtaA=
Subject key identifier: 74:CA:BE:7D:D4:7B:F5:79:58:53:86:9F:CA:0A:67:D5:AA:B8:38:65
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5D3A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0A0ED114B95A11ECADCDE663C4F9AE02.roa
Signing time: Thu 15 Sep 2022 08:31:43 +0000
ROA not before: Thu 15 Sep 2022 08:31:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58678
IP address blocks: 43.241.28.0/22 maxlen: 24
43.241.128.0/22 maxlen: 24
43.241.132.0/22 maxlen: 24
43.242.208.0/24 maxlen: 24
43.242.209.0/24 maxlen: 24
43.242.210.0/24 maxlen: 24
43.242.211.0/24 maxlen: 24
43.242.224.0/22 maxlen: 24
43.242.228.0/22 maxlen: 24
45.64.84.0/22 maxlen: 24
45.114.192.0/22 maxlen: 24
45.117.0.0/22 maxlen: 24
45.127.120.0/22 maxlen: 24
45.250.248.0/24 maxlen: 24
45.250.249.0/24 maxlen: 24
45.250.250.0/24 maxlen: 24
103.14.232.0/22 maxlen: 24
103.26.52.0/22 maxlen: 22
103.26.52.0/24 maxlen: 24
103.26.53.0/24 maxlen: 24
103.26.54.0/24 maxlen: 24
103.26.55.0/24 maxlen: 24
103.26.56.0/22 maxlen: 24
103.42.160.0/22 maxlen: 24
103.48.56.0/22 maxlen: 24
103.48.100.0/22 maxlen: 24
103.59.188.0/22 maxlen: 24
103.59.207.0/24 maxlen: 24
103.59.212.0/22 maxlen: 24
103.66.80.0/24 maxlen: 24
103.66.81.0/24 maxlen: 24
103.66.82.0/24 maxlen: 24
103.66.83.0/24 maxlen: 24
103.74.236.0/22 maxlen: 24
103.77.152.0/22 maxlen: 23
103.77.152.0/23 maxlen: 24
103.77.154.0/24 maxlen: 24
103.89.40.0/22 maxlen: 24
103.111.132.0/22 maxlen: 24
103.112.32.0/24 maxlen: 24
103.112.33.0/24 maxlen: 24
103.112.34.0/24 maxlen: 24
103.112.35.0/24 maxlen: 24
103.137.152.0/22 maxlen: 24
103.148.65.0/24 maxlen: 24
103.155.170.0/24 maxlen: 24
103.162.190.0/23 maxlen: 24
103.163.188.0/24 maxlen: 24
103.163.189.0/24 maxlen: 24
103.168.62.0/24 maxlen: 24
103.168.63.0/24 maxlen: 24
103.174.38.0/24 maxlen: 24
103.177.180.0/24 maxlen: 24
103.177.181.0/24 maxlen: 24
103.181.52.0/24 maxlen: 24
103.181.53.0/24 maxlen: 24
103.181.208.0/24 maxlen: 24
103.181.209.0/24 maxlen: 24
103.185.174.0/23 maxlen: 24
103.204.119.0/24 maxlen: 24
103.209.18.0/24 maxlen: 24
103.209.19.0/24 maxlen: 24
103.216.144.0/22 maxlen: 24
103.218.100.0/22 maxlen: 24
103.219.164.0/24 maxlen: 24
103.219.165.0/24 maxlen: 24
103.219.166.0/24 maxlen: 24
103.219.167.0/24 maxlen: 24
103.220.80.0/22 maxlen: 24
103.220.212.0/22 maxlen: 24
103.226.0.0/22 maxlen: 24
103.226.4.0/22 maxlen: 24
103.226.28.0/22 maxlen: 24
103.232.24.0/22 maxlen: 24
124.108.16.0/22 maxlen: 24
2404:bd00::/48 maxlen: 48
2404:bd00:1::/48 maxlen: 48
2404:bd00:2::/48 maxlen: 48
2404:bd00:3::/48 maxlen: 48
2404:bd00:4::/48 maxlen: 48
2404:bd00:5::/48 maxlen: 48
2404:bd00:6::/48 maxlen: 48
2404:bd00:7::/48 maxlen: 48
2404:bd00:8::/48 maxlen: 48
2404:bd00:a::/48 maxlen: 48
2404:bd00:b::/48 maxlen: 48
2404:bd00:c::/48 maxlen: 48
2404:bd00:d::/48 maxlen: 48
2404:bd00:e::/48 maxlen: 48
2404:bd00:f::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23866 (0x5d3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Sep 15 08:31:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6322e2ef-45be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:77:22:66:44:5a:c2:5f:72:78:4f:04:fa:21:
72:9f:25:6b:72:8c:97:c3:fd:64:6a:7a:83:62:3d:
6d:37:69:ea:9a:db:39:f8:1d:81:07:84:82:e8:c4:
e2:4f:6a:1a:b3:6d:7e:bf:d1:53:13:83:38:68:57:
24:50:fc:a3:68:71:c2:b1:67:7c:4b:08:66:7f:be:
2b:bf:f1:41:c4:ef:70:6e:b8:72:5a:32:09:26:7d:
b6:db:a9:84:fd:7f:10:0f:cb:59:4c:e1:5a:0a:1a:
8a:6f:40:dd:3c:6f:94:60:96:b3:36:5e:4d:e3:89:
46:94:61:98:9d:ea:be:a7:5c:5e:ac:94:e6:68:6b:
fd:62:1e:9d:2d:2e:59:5d:80:26:ea:70:60:e5:ca:
d4:d3:7b:32:83:0d:e0:01:7e:97:7d:0f:2b:3e:31:
ce:62:a1:fa:7c:08:d4:38:f9:37:73:47:66:0c:b1:
5d:76:01:23:41:ed:80:ec:14:42:34:c8:ab:af:d3:
48:76:56:5e:6f:75:20:1c:59:9c:87:36:a9:2a:6e:
91:5e:f5:78:35:89:ef:2b:98:2a:6e:3e:41:f4:e2:
a3:9a:06:50:48:cc:85:f6:72:54:32:39:35:26:5e:
3f:bc:59:88:0d:7a:37:d3:18:74:be:13:4d:f2:39:
92:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:CA:BE:7D:D4:7B:F5:79:58:53:86:9F:CA:0A:67:D5:AA:B8:38:65
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0A0ED114B95A11ECADCDE663C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.28.0/22
43.241.128.0/21
43.242.208.0/22
43.242.224.0/21
45.64.84.0/22
45.114.192.0/22
45.117.0.0/22
45.127.120.0/22
45.250.248.0-45.250.250.255
103.14.232.0/22
103.26.52.0-103.26.59.255
103.42.160.0/22
103.48.56.0/22
103.48.100.0/22
103.59.188.0/22
103.59.207.0/24
103.59.212.0/22
103.66.80.0/22
103.74.236.0/22
103.77.152.0/22
103.89.40.0/22
103.111.132.0/22
103.112.32.0/22
103.137.152.0/22
103.148.65.0/24
103.155.170.0/24
103.162.190.0/23
103.163.188.0/23
103.168.62.0/23
103.174.38.0/24
103.177.180.0/23
103.181.52.0/23
103.181.208.0/23
103.185.174.0/23
103.204.119.0/24
103.209.18.0/23
103.216.144.0/22
103.218.100.0/22
103.219.164.0/22
103.220.80.0/22
103.220.212.0/22
103.226.0.0/21
103.226.28.0/22
103.232.24.0/22
124.108.16.0/22
IPv6:
2404:bd00::-2404:bd00:8:ffff:ffff:ffff:ffff:ffff
2404:bd00:a::-2404:bd00:f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6b:a6:81:35:f4:38:cb:ce:e1:80:11:be:18:08:c7:c9:85:4c:
1d:70:55:d2:be:41:10:b8:41:2f:93:fb:c5:ed:fe:26:54:59:
55:54:52:32:81:7c:b7:42:9d:fb:c7:05:eb:0e:f5:88:9c:be:
e6:a0:05:10:5d:37:fc:c6:3d:00:a7:38:ed:3f:ba:e4:70:9e:
79:41:db:af:37:30:02:83:1b:f2:66:a7:73:45:ce:f4:2e:81:
03:fd:54:25:b2:f9:19:bb:06:28:1c:e2:ac:4f:d9:46:d8:56:
89:d9:df:46:01:d0:f2:34:4b:f2:17:42:25:bc:c9:cf:a8:30:
2f:34:c8:58:90:c2:53:97:f0:57:8f:25:26:60:e8:09:72:d4:
dc:29:fb:4c:c9:71:2e:49:1c:92:e6:5d:89:58:89:87:12:a1:
85:7a:eb:a8:04:94:17:f8:cd:fa:34:71:70:53:75:ca:76:5d:
74:b0:7e:e7:94:83:fe:a5:bd:26:df:0a:20:bf:56:ec:d3:79:
fe:b7:0b:b7:6e:da:2b:87:25:15:f0:fb:48:17:8b:a3:c4:86:
00:e9:a3:97:03:c5:93:f5:21:95:be:56:89:27:a0:30:34:94:
b6:d9:86:6f:c3:67:9a:98:ec:38:6f:33:7b:67:3d:ba:4d:be:
c2:9a:9e:0a
-----BEGIN CERTIFICATE-----
MIIGwDCCBaigAwIBAgICXTowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwOTE1MDgzMTQzWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzIyZTJlZi00NWJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwnciZkRawl9yeE8E+iFynyVrcoyXw/1kanqDYj1tN2nqmts5+B2BB4SC6MTi
T2oas21+v9FTE4M4aFckUPyjaHHCsWd8Swhmf74rv/FBxO9wbrhyWjIJJn2226mE
/X8QD8tZTOFaChqKb0DdPG+UYJazNl5N44lGlGGYneq+p1xerJTmaGv9Yh6dLS5Z
XYAm6nBg5crU03sygw3gAX6XfQ8rPjHOYqH6fAjUOPk3c0dmDLFddgEjQe2A7BRC
NMirr9NIdlZeb3UgHFmchzapKm6RXvV4NYnvK5gqbj5B9OKjmgZQSMyF9nJUMjk1
Jl4/vFmIDXo30xh0vhNN8jmSUwIDAQABo4ID5DCCA+AwHQYDVR0OBBYEFHTKvn3U
e/V5WFOGn8oKZ9WquDhlMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMEEwRUQxMTRC
OTVBMTFFQ0FEQ0RFNjYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFsBggrBgEFBQcBBwEB
/wSCAVswggFXMIIBJgQCAAEwggEeAwQCK/EcAwQDK/GAAwQCK/LQAwQDK/LgAwQC
LUBUAwQCLXLAAwQCLXUAAwQCLX94MAwDBAMt+vgDBAAt+voDBAJnDugwDAMEAmca
NAMEAmcaOAMEAmcqoAMEAmcwOAMEAmcwZAMEAmc7vAMEAGc7zwMEAmc71AMEAmdC
UAMEAmdK7AMEAmdNmAMEAmdZKAMEAmdvhAMEAmdwIAMEAmeJmAMEAGeUQQMEAGeb
qgMEAWeivgMEAWejvAMEAWeoPgMEAGeuJgMEAWextAMEAWe1NAMEAWe10AMEAWe5
rgMEAGfMdwMEAWfREgMEAmfYkAMEAmfaZAMEAmfbpAMEAmfcUAMEAmfc1AMEA2fi
AAMEAmfiHAMEAmfoGAMEAnxsEDArBAIAAjAlMA8DBAAkBL0DBwAkBL0AAAgwEgMH
ASQEvQAACgMHBCQEvQAAADANBgkqhkiG9w0BAQsFAAOCAQEAa6aBNfQ4y87hgBG+
GAjHyYVMHXBV0r5BELhBL5P7xe3+JlRZVVRSMoF8t0Kd+8cF6w71iJy+5qAFEF03
/MY9AKc47T+65HCeeUHbrzcwAoMb8manc0XO9C6BA/1UJbL5GbsGKBzirE/ZRthW
idnfRgHQ8jRL8hdCJbzJz6gwLzTIWJDCU5fwV48lJmDoCXLU3Cn7TMlxLkkckuZd
iViJhxKhhXrrqASUF/jN+jRxcFN1ynZddLB+55SD/qW9Jt8KIL9W7NN5/rcLt27a
K4clFfD7SBeLo8SGAOmjlwPFk/Uhlb5WiSegMDSUttmGb8NnmpjsOG8ze2c9uk2+
wpqeCg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:27 2024 by rpki-client on console-ams.rpki-client.org