Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/96983A68B27311EDB099A036C4F9AE02.roa
File: 96983A68B27311EDB099A036C4F9AE02.roa (raw, json)
Hash identifier: xF6cBGh3piVoG6A7o/scaC5U43XiRoZ3MowWwwxok10=
Subject key identifier: 2E:DB:57:2E:F9:FF:57:05:53:7E:E3:05:43:1D:D8:75:DA:E2:13:4F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 76B1
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/96983A68B27311EDB099A036C4F9AE02.roa
Signing time: Tue 01 Aug 2023 18:55:56 +0000
ROA not before: Tue 01 Aug 2023 18:55:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55352
IP address blocks: 43.231.132.0/22 maxlen: 24
43.231.212.0/22 maxlen: 24
43.231.236.0/22 maxlen: 24
43.231.252.0/22 maxlen: 24
43.247.136.0/22 maxlen: 24
43.247.140.0/23 maxlen: 24
43.247.142.0/23 maxlen: 24
45.112.8.0/22 maxlen: 24
45.112.56.0/22 maxlen: 24
45.114.80.0/22 maxlen: 24
45.115.56.0/24 maxlen: 24
45.115.57.0/24 maxlen: 24
45.115.58.0/24 maxlen: 24
45.115.59.0/24 maxlen: 24
45.126.144.0/22 maxlen: 24
45.251.12.0/24 maxlen: 24
45.251.13.0/24 maxlen: 24
45.251.14.0/24 maxlen: 24
45.251.15.0/24 maxlen: 24
59.152.56.0/22 maxlen: 24
59.153.0.0/22 maxlen: 24
59.153.120.0/22 maxlen: 24
103.8.164.0/22 maxlen: 24
103.15.52.0/23 maxlen: 24
103.15.54.0/23 maxlen: 24
103.29.156.0/22 maxlen: 24
103.60.208.0/22 maxlen: 24
103.75.60.0/23 maxlen: 24
103.102.92.0/22 maxlen: 24
103.111.112.0/22 maxlen: 24
103.114.2.0/23 maxlen: 23
103.114.3.0/24 maxlen: 24
103.119.188.0/22 maxlen: 24
103.156.212.0/23 maxlen: 24
103.176.240.0/23 maxlen: 24
103.179.212.0/23 maxlen: 24
103.197.224.0/22 maxlen: 24
103.198.164.0/22 maxlen: 24
103.200.104.0/22 maxlen: 24
103.204.160.0/22 maxlen: 24
103.205.172.0/22 maxlen: 24
103.220.40.0/22 maxlen: 24
103.221.248.0/22 maxlen: 24
103.226.140.0/22 maxlen: 24
103.226.144.0/22 maxlen: 24
103.226.188.0/22 maxlen: 24
103.226.204.0/22 maxlen: 24
103.226.236.0/22 maxlen: 24
103.226.240.0/22 maxlen: 24
103.239.171.0/24 maxlen: 24
103.249.132.0/22 maxlen: 24
111.125.217.0/24 maxlen: 24
111.125.218.0/23 maxlen: 24
111.125.224.0/24 maxlen: 24
111.125.226.0/24 maxlen: 24
111.125.228.0/24 maxlen: 24
111.125.233.0/24 maxlen: 24
111.125.252.0/22 maxlen: 24
124.66.172.0/22 maxlen: 24
175.100.176.0/20 maxlen: 24
202.168.144.0/22 maxlen: 24
2406:9e00:20::/48 maxlen: 48
2406:9e00:21::/48 maxlen: 48
2406:9e00:22::/48 maxlen: 48
2406:9e00:23::/48 maxlen: 48
2406:9e00:24::/48 maxlen: 48
2406:9e00:25::/48 maxlen: 48
2406:9e00:26::/48 maxlen: 48
2406:9e00:27::/48 maxlen: 48
2406:9e00:28::/48 maxlen: 48
2406:9e00:29::/48 maxlen: 48
2406:9e00:2a::/48 maxlen: 48
2406:9e00:2b::/48 maxlen: 48
2406:9e00:2c::/48 maxlen: 48
2406:9e00:2d::/48 maxlen: 48
2406:9e00:2e::/48 maxlen: 48
2406:9e00:2f::/48 maxlen: 48
2406:9e00:30::/48 maxlen: 48
2406:9e00:31::/48 maxlen: 48
2406:9e00:32::/48 maxlen: 48
2406:9e00:33::/48 maxlen: 48
2406:9e00:34::/48 maxlen: 48
2406:9e00:35::/48 maxlen: 48
2406:9e00:36::/48 maxlen: 48
2406:9e00:37::/48 maxlen: 48
2406:9e00:38::/48 maxlen: 48
2406:9e00:39::/48 maxlen: 48
2406:9e00:3a::/48 maxlen: 48
2406:9e00:3b::/48 maxlen: 48
2406:9e00:3c::/48 maxlen: 48
2406:9e00:3d::/48 maxlen: 48
2406:9e00:3e::/48 maxlen: 48
2406:9e00:3f::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30385 (0x76b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 1 18:55:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64c9553c-df46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:1f:18:7c:4c:5d:9c:d6:ec:8f:5f:f1:a7:82:
32:7f:02:5d:4b:bb:bf:21:9c:97:62:03:b6:19:00:
cf:e7:d6:6d:2b:f8:13:23:71:5a:27:6a:1e:41:44:
44:b8:e2:7f:46:db:3d:72:29:a6:6e:ba:d4:c0:14:
49:e5:d4:74:c8:8b:f5:d8:c2:09:a0:4c:9b:ea:28:
8c:c5:97:f5:b1:c5:f0:35:e8:c8:13:f4:3a:32:a8:
a4:0c:e8:04:7a:30:02:c0:61:26:da:a4:b5:c8:5b:
54:99:1b:f1:ab:e2:06:4f:80:9a:e5:20:58:fb:6e:
7c:e1:e5:3b:9a:e6:ed:37:97:f2:08:13:e3:45:36:
e7:87:a5:3a:b8:84:7a:48:cc:5e:fe:ea:4b:25:77:
76:01:7e:08:9d:2e:bc:76:89:c5:a0:44:e3:f5:26:
5e:87:93:b5:55:36:d3:db:b2:c9:81:0e:80:6c:45:
bc:cc:43:5c:a8:ba:a3:a3:1e:e2:fa:ed:9f:1d:62:
cc:bd:d1:11:23:70:02:29:1e:35:68:67:2a:66:f7:
d3:aa:3a:43:92:13:fb:f8:ad:a6:89:45:b5:a2:dd:
e4:54:4d:ad:23:f5:e0:dc:74:d6:52:7e:01:6b:b1:
85:2c:5c:0c:1c:08:8b:f0:68:4a:0d:0c:13:20:e8:
df:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:DB:57:2E:F9:FF:57:05:53:7E:E3:05:43:1D:D8:75:DA:E2:13:4F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/96983A68B27311EDB099A036C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.231.132.0/22
43.231.212.0/22
43.231.236.0/22
43.231.252.0/22
43.247.136.0/21
45.112.8.0/22
45.112.56.0/22
45.114.80.0/22
45.115.56.0/22
45.126.144.0/22
45.251.12.0/22
59.152.56.0/22
59.153.0.0/22
59.153.120.0/22
103.8.164.0/22
103.15.52.0/22
103.29.156.0/22
103.60.208.0/22
103.75.60.0/23
103.102.92.0/22
103.111.112.0/22
103.114.2.0/23
103.119.188.0/22
103.156.212.0/23
103.176.240.0/23
103.179.212.0/23
103.197.224.0/22
103.198.164.0/22
103.200.104.0/22
103.204.160.0/22
103.205.172.0/22
103.220.40.0/22
103.221.248.0/22
103.226.140.0-103.226.147.255
103.226.188.0/22
103.226.204.0/22
103.226.236.0-103.226.243.255
103.239.171.0/24
103.249.132.0/22
111.125.217.0-111.125.219.255
111.125.224.0/24
111.125.226.0/24
111.125.228.0/24
111.125.233.0/24
111.125.252.0/22
124.66.172.0/22
175.100.176.0/20
202.168.144.0/22
IPv6:
2406:9e00:20::/43
Signature Algorithm: sha256WithRSAEncryption
18:b0:c7:b7:db:fa:4d:51:ba:e7:85:9a:a9:8c:c4:db:4f:0c:
43:16:cc:62:28:7b:23:df:90:dc:5c:eb:9c:ce:62:8c:09:fa:
d6:b1:49:59:a6:c7:8a:c9:61:62:a2:3a:70:50:b8:7b:ec:70:
3e:2a:0d:2d:97:60:28:42:b0:c3:e9:47:75:0d:e8:15:b5:52:
27:69:50:69:6a:9b:46:89:4f:8b:81:5c:f1:26:6c:c7:0d:e1:
26:7a:fd:4e:4a:7e:c3:d4:de:e6:57:3b:74:5d:8c:8b:0f:8e:
05:4b:62:63:14:44:b9:5a:2a:81:10:50:32:13:25:ec:1c:a6:
25:1d:c1:d1:ba:33:b5:ad:db:27:20:db:4b:1a:df:2e:89:04:
81:bc:57:1c:6c:93:f3:20:9d:01:dc:31:af:9e:da:4d:7b:56:
32:f6:15:09:9e:49:02:52:eb:d0:7d:71:95:92:7d:ab:2e:50:
82:20:6d:e1:8b:b7:7c:f8:77:31:e6:fb:9a:8f:39:20:9d:94:
fc:20:36:b9:d3:6c:55:d5:be:2c:c3:8d:92:b4:34:c0:cb:76:
53:77:a1:e2:31:e5:d6:c2:1e:89:55:87:f8:32:d1:fc:2d:84:
a8:ca:57:de:ed:8c:89:8c:06:00:2c:48:e5:73:46:37:95:f5:
b0:fa:68:bc
-----BEGIN CERTIFICATE-----
MIIGvjCCBaagAwIBAgICdrEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwODAxMTg1NTU2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM5NTUzYy1kZjQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7x8YfExdnNbsj1/xp4IyfwJdS7u/IZyXYgO2GQDP59ZtK/gTI3FaJ2oeQURE
uOJ/Rts9cimmbrrUwBRJ5dR0yIv12MIJoEyb6iiMxZf1scXwNejIE/Q6MqikDOgE
ejACwGEm2qS1yFtUmRvxq+IGT4Ca5SBY+2584eU7mubtN5fyCBPjRTbnh6U6uIR6
SMxe/upLJXd2AX4InS68donFoETj9SZeh5O1VTbT27LJgQ6AbEW8zENcqLqjox7i
+u2fHWLMvdERI3ACKR41aGcqZvfTqjpDkhP7+K2miUW1ot3kVE2tI/Xg3HTWUn4B
a7GFLFwMHAiL8GhKDQwTIOjfTQIDAQABo4ID4jCCA94wHQYDVR0OBBYEFC7bVy75
/1cFU37jBUMd2HXa4hNPMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvOTY5ODNBNjhC
MjczMTFFREIwOTlBMDM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFqBggrBgEFBQcBBwEB
/wSCAVkwggFVMIIBQAQCAAEwggE4AwQCK+eEAwQCK+fUAwQCK+fsAwQCK+f8AwQD
K/eIAwQCLXAIAwQCLXA4AwQCLXJQAwQCLXM4AwQCLX6QAwQCLfsMAwQCO5g4AwQC
O5kAAwQCO5l4AwQCZwikAwQCZw80AwQCZx2cAwQCZzzQAwQBZ0s8AwQCZ2ZcAwQC
Z29wAwQBZ3ICAwQCZ3e8AwQBZ5zUAwQBZ7DwAwQBZ7PUAwQCZ8XgAwQCZ8akAwQC
Z8hoAwQCZ8ygAwQCZ82sAwQCZ9woAwQCZ934MAwDBAJn4owDBAJn4pADBAJn4rwD
BAJn4swwDAMEAmfi7AMEAmfi8AMEAGfvqwMEAmf5hDAMAwQAb33ZAwQCb33YAwQA
b33gAwQAb33iAwQAb33kAwQAb33pAwQCb338AwQCfEKsAwQEr2SwAwQCyqiQMA8E
AgACMAkDBwUkBp4AACAwDQYJKoZIhvcNAQELBQADggEBABiwx7fb+k1RuueFmqmM
xNtPDEMWzGIoeyPfkNxc65zOYowJ+taxSVmmx4rJYWKiOnBQuHvscD4qDS2XYChC
sMPpR3UN6BW1UidpUGlqm0aJT4uBXPEmbMcN4SZ6/U5KfsPU3uZXO3RdjIsPjgVL
YmMURLlaKoEQUDITJewcpiUdwdG6M7Wt2ycg20sa3y6JBIG8Vxxsk/MgnQHcMa+e
2k17VjL2FQmeSQJS69B9cZWSfasuUIIgbeGLt3z4dzHm+5qPOSCdlPwgNrnTbFXV
vizDjZK0NMDLdlN3oeIx5dbCHolVh/gy0fwthKjKV97tjImMBgAsSOVzRjeV9bD6
aLw=
-----END CERTIFICATE-----
Generated at Fri Aug 18 16:24:04 2023 by rpki-client on console-fra.rpki-client.org