Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/16B1275A146911EC81328F59C4F9AE02.roa
File: 16B1275A146911EC81328F59C4F9AE02.roa (raw, json)
Hash identifier: zWkT4VmFT/BFtYE+34R7v3Y7I0mFIyrBqDqBSzoAqlQ=
Subject key identifier: 8B:2E:7E:5A:26:92:41:CE:68:86:0A:4B:D5:EA:5B:34:C5:93:54:75
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 49EF
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/16B1275A146911EC81328F59C4F9AE02.roa
Signing time: Thu 10 Mar 2022 11:01:54 +0000
ROA not before: Thu 10 Mar 2022 11:01:54 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 59162
IP address blocks: 43.225.68.0/22 maxlen: 24
43.225.212.0/22 maxlen: 24
45.114.152.0/24 maxlen: 24
45.114.153.0/24 maxlen: 24
45.114.154.0/24 maxlen: 24
45.114.155.0/24 maxlen: 24
45.115.168.0/22 maxlen: 24
45.117.112.0/24 maxlen: 24
45.117.113.0/24 maxlen: 24
45.117.114.0/24 maxlen: 24
45.117.115.0/24 maxlen: 24
45.119.236.0/24 maxlen: 24
45.119.237.0/24 maxlen: 24
45.119.238.0/24 maxlen: 24
45.119.239.0/24 maxlen: 24
45.123.8.0/22 maxlen: 22
45.123.8.0/24 maxlen: 24
45.123.9.0/24 maxlen: 24
45.123.10.0/24 maxlen: 24
45.123.11.0/24 maxlen: 24
45.248.12.0/22 maxlen: 24
45.251.40.0/22 maxlen: 24
103.17.48.0/22 maxlen: 24
103.38.200.0/22 maxlen: 22
103.38.200.0/24 maxlen: 24
103.38.201.0/24 maxlen: 24
103.38.202.0/24 maxlen: 24
103.38.203.0/24 maxlen: 24
103.40.64.0/24 maxlen: 24
103.40.65.0/24 maxlen: 24
103.40.66.0/24 maxlen: 24
103.40.67.0/24 maxlen: 24
103.57.176.0/24 maxlen: 24
103.57.177.0/24 maxlen: 24
103.57.178.0/24 maxlen: 24
103.57.179.0/24 maxlen: 24
103.101.88.0/24 maxlen: 24
103.101.89.0/24 maxlen: 24
103.101.90.0/24 maxlen: 24
103.101.91.0/24 maxlen: 24
103.106.152.0/24 maxlen: 24
103.106.153.0/24 maxlen: 24
103.106.154.0/24 maxlen: 24
103.106.155.0/24 maxlen: 24
103.146.233.0/24 maxlen: 24
103.193.200.0/22 maxlen: 24
103.219.216.0/22 maxlen: 24
103.239.140.0/24 maxlen: 24
103.239.141.0/24 maxlen: 24
103.239.142.0/24 maxlen: 24
103.239.143.0/24 maxlen: 24
103.253.208.0/22 maxlen: 24
103.254.206.0/24 maxlen: 24
103.254.207.0/24 maxlen: 24
103.255.72.0/22 maxlen: 24
114.134.20.0/24 maxlen: 24
114.134.21.0/24 maxlen: 24
114.134.22.0/24 maxlen: 24
114.134.23.0/24 maxlen: 24
2001:df7::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18927 (0x49ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 10 11:01:54 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=6229daa1-0bf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:db:c8:e4:13:03:f4:65:19:5d:41:ec:2a:00:
63:d7:91:30:25:3b:e7:9c:88:64:dc:64:33:72:cb:
58:9a:87:0c:f6:12:4d:d8:d8:96:9a:4b:33:55:93:
23:55:90:bf:ae:56:e0:3a:61:5b:33:5b:fc:55:17:
d4:cb:7e:fc:b6:cc:9a:1f:83:8a:02:24:cd:fb:c5:
82:12:d9:19:c1:77:bb:0a:a3:24:0a:42:35:f9:79:
28:0b:b7:b9:65:90:3f:59:48:ab:5e:24:5a:00:74:
e6:a6:ac:d8:87:cc:aa:a1:38:1b:7a:b2:ac:9d:89:
96:3e:dc:b9:15:80:5e:f5:b2:41:2a:41:69:ad:7c:
ac:85:88:79:05:66:70:9b:b5:49:f2:f2:35:b7:75:
bd:a1:25:61:bd:97:9c:8f:b4:71:71:a2:2c:e4:b4:
a6:0f:8e:33:72:80:b9:09:d7:48:a7:2e:a7:95:c8:
34:d0:e7:0e:0e:20:03:46:fb:28:1f:7f:f5:16:33:
f8:ec:08:e5:5a:4f:97:c1:2d:30:40:28:a7:f5:aa:
a3:ae:6a:e4:d9:70:d0:e1:06:da:55:8d:b5:47:e3:
54:d8:d2:fc:9b:0d:c1:2e:76:87:70:72:12:e1:47:
61:9f:16:25:e1:61:4c:57:3c:dd:35:a0:44:33:4b:
8d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:2E:7E:5A:26:92:41:CE:68:86:0A:4B:D5:EA:5B:34:C5:93:54:75
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/16B1275A146911EC81328F59C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.68.0/22
43.225.212.0/22
45.114.152.0/22
45.115.168.0/22
45.117.112.0/22
45.119.236.0/22
45.123.8.0/22
45.248.12.0/22
45.251.40.0/22
103.17.48.0/22
103.38.200.0/22
103.40.64.0/22
103.57.176.0/22
103.101.88.0/22
103.106.152.0/22
103.146.233.0/24
103.193.200.0/22
103.219.216.0/22
103.239.140.0/22
103.253.208.0/22
103.254.206.0/23
103.255.72.0/22
114.134.20.0/22
IPv6:
2001:df7::/48
Signature Algorithm: sha256WithRSAEncryption
39:b8:5e:8e:d6:7f:84:b3:4c:84:72:fd:00:27:b6:1e:ee:fb:
6e:46:e4:9e:54:c8:8d:42:86:af:c4:d0:c7:98:0e:d9:be:16:
ba:b4:dd:38:96:52:d4:a1:d1:66:d5:06:f7:01:2f:1f:f3:36:
c8:a1:cd:4e:49:d7:21:d3:5c:ae:f6:18:46:37:87:81:a3:27:
c2:1b:e6:65:35:50:d2:0c:8d:65:54:b9:e1:2c:88:b9:cc:79:
0b:13:fe:aa:f4:64:56:96:ec:46:c1:83:6f:86:5c:66:d6:b7:
0b:90:a8:92:3d:19:b0:38:e3:7f:d5:96:6d:d4:54:c8:0a:23:
9d:f1:64:4b:0d:f3:10:02:b9:c1:fc:18:b1:08:68:50:8a:18:
6f:bb:bd:1e:37:92:07:79:3e:cb:d0:75:c1:b2:e5:88:ff:0b:
2e:03:21:3d:3d:65:a3:3a:4a:e9:99:ea:62:b2:00:c4:4e:07:
95:4c:a9:3f:d1:00:3d:9d:ed:da:74:e2:6f:8c:c9:67:d9:a6:
4a:11:1d:7c:72:52:94:a4:ba:3d:bc:3e:18:a1:73:17:7e:0c:
a6:61:60:eb:e4:78:3f:23:eb:cb:15:e3:35:a2:19:d9:97:9e:
7d:1c:22:1c:03:e4:35:32:9e:b7:ec:a1:bd:78:fc:65:8a:ad:
c4:3a:92:c5
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgICSe8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwMzEwMTEwMTU0WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjI5ZGFhMS0wYmY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuNvI5BMD9GUZXUHsKgBj15EwJTvnnIhk3GQzcstYmocM9hJN2NiWmkszVZMj
VZC/rlbgOmFbM1v8VRfUy378tsyaH4OKAiTN+8WCEtkZwXe7CqMkCkI1+XkoC7e5
ZZA/WUirXiRaAHTmpqzYh8yqoTgberKsnYmWPty5FYBe9bJBKkFprXyshYh5BWZw
m7VJ8vI1t3W9oSVhvZecj7RxcaIs5LSmD44zcoC5CddIpy6nlcg00OcODiADRvso
H3/1FjP47AjlWk+XwS0wQCin9aqjrmrk2XDQ4QbaVY21R+NU2NL8mw3BLnaHcHIS
4UdhnxYl4WFMVzzdNaBEM0uNdwIDAQABo4IDLzCCAyswHQYDVR0OBBYEFIsuflom
kkHOaIYKS9XqWzTFk1R1MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMTZCMTI3NUEx
NDY5MTFFQzgxMzI4RjU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbgGCCsGAQUFBwEHAQH/
BIGoMIGlMIGRBAIAATCBigMEAivhRAMEAivh1AMEAi1ymAMEAi1zqAMEAi11cAME
Ai137AMEAi17CAMEAi34DAMEAi37KAMEAmcRMAMEAmcmyAMEAmcoQAMEAmc5sAME
AmdlWAMEAmdqmAMEAGeS6QMEAmfByAMEAmfb2AMEAmfvjAMEAmf90AMEAWf+zgME
Amf/SAMEAnKGFDAPBAIAAjAJAwcAIAEN9wAAMA0GCSqGSIb3DQEBCwUAA4IBAQA5
uF6O1n+Es0yEcv0AJ7Ye7vtuRuSeVMiNQoavxNDHmA7Zvha6tN04llLUodFm1Qb3
AS8f8zbIoc1OSdch01yu9hhGN4eBoyfCG+ZlNVDSDI1lVLnhLIi5zHkLE/6q9GRW
luxGwYNvhlxm1rcLkKiSPRmwOON/1ZZt1FTICiOd8WRLDfMQArnB/BixCGhQihhv
u70eN5IHeT7L0HXBsuWI/wsuAyE9PWWjOkrpmepisgDETgeVTKk/0QA9ne3adOJv
jMln2aZKER18clKUpLo9vD4YoXMXfgymYWDr5Hg/I+vLFeM1ohnZl559HCIcA+Q1
Mp637KG9ePxliq3EOpLF
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:51 2023 by rpki-client on console-fra.rpki-client.org