Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/01E44BA28B8811EE9301BB44C4F9AE02.roa
File: 01E44BA28B8811EE9301BB44C4F9AE02.roa (raw, json)
Hash identifier: OTifVOS0+tXl+W2bGxOKbzUBXfFV2ZqTNx/0xjbVXcE=
Subject key identifier: E8:C2:8F:39:1A:48:82:58:B6:44:1B:58:AF:27:BA:34:90:B4:1F:1C
Certificate issuer: /CN=A91AB6EB/serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A
Certificate serial: 0981
Authority key identifier: FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/01E44BA28B8811EE9301BB44C4F9AE02.roa
Signing time: Sat 25 Nov 2023 11:44:36 +0000
ROA not before: Sat 25 Nov 2023 11:44:36 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 24105
IP address blocks: 27.255.0.0/24 maxlen: 24
27.255.1.0/24 maxlen: 24
27.255.2.0/24 maxlen: 24
27.255.3.0/24 maxlen: 24
27.255.4.0/24 maxlen: 24
27.255.5.0/24 maxlen: 24
27.255.6.0/24 maxlen: 24
27.255.7.0/24 maxlen: 24
27.255.8.0/24 maxlen: 24
27.255.9.0/24 maxlen: 24
27.255.10.0/24 maxlen: 24
27.255.11.0/24 maxlen: 24
27.255.12.0/24 maxlen: 24
27.255.13.0/24 maxlen: 24
27.255.14.0/24 maxlen: 24
27.255.15.0/24 maxlen: 24
27.255.16.0/24 maxlen: 24
27.255.17.0/24 maxlen: 24
27.255.18.0/24 maxlen: 24
27.255.19.0/24 maxlen: 24
27.255.20.0/24 maxlen: 24
27.255.21.0/24 maxlen: 24
27.255.22.0/24 maxlen: 24
27.255.23.0/24 maxlen: 24
27.255.24.0/24 maxlen: 24
27.255.25.0/24 maxlen: 24
27.255.26.0/24 maxlen: 24
27.255.27.0/24 maxlen: 24
27.255.28.0/24 maxlen: 24
27.255.29.0/24 maxlen: 24
27.255.30.0/24 maxlen: 24
27.255.31.0/24 maxlen: 24
27.255.32.0/24 maxlen: 24
27.255.33.0/24 maxlen: 24
27.255.34.0/24 maxlen: 24
27.255.35.0/24 maxlen: 24
27.255.36.0/24 maxlen: 24
27.255.37.0/24 maxlen: 24
27.255.38.0/24 maxlen: 24
27.255.39.0/24 maxlen: 24
27.255.40.0/24 maxlen: 24
27.255.41.0/24 maxlen: 24
27.255.42.0/24 maxlen: 24
27.255.43.0/24 maxlen: 24
27.255.44.0/24 maxlen: 24
27.255.45.0/24 maxlen: 24
27.255.46.0/24 maxlen: 24
27.255.47.0/24 maxlen: 24
27.255.48.0/24 maxlen: 24
27.255.49.0/24 maxlen: 24
27.255.50.0/24 maxlen: 24
27.255.51.0/24 maxlen: 24
27.255.52.0/24 maxlen: 24
27.255.53.0/24 maxlen: 24
27.255.54.0/24 maxlen: 24
27.255.55.0/24 maxlen: 24
27.255.56.0/24 maxlen: 24
27.255.57.0/24 maxlen: 24
27.255.58.0/24 maxlen: 24
27.255.59.0/24 maxlen: 24
27.255.60.0/24 maxlen: 24
27.255.61.0/24 maxlen: 24
27.255.62.0/24 maxlen: 24
27.255.63.0/24 maxlen: 24
42.201.195.0/24 maxlen: 24
42.201.204.0/24 maxlen: 24
42.201.207.0/24 maxlen: 24
42.201.222.0/24 maxlen: 24
42.201.223.0/24 maxlen: 24
42.201.226.0/24 maxlen: 24
42.201.227.0/24 maxlen: 24
42.201.233.0/24 maxlen: 24
42.201.235.0/24 maxlen: 24
42.201.244.0/24 maxlen: 24
42.201.245.0/24 maxlen: 24
42.201.246.0/24 maxlen: 24
42.201.247.0/24 maxlen: 24
103.17.202.0/24 maxlen: 24
180.92.128.0/24 maxlen: 24
180.92.129.0/24 maxlen: 24
180.92.130.0/24 maxlen: 24
180.92.131.0/24 maxlen: 24
180.92.132.0/24 maxlen: 24
180.92.133.0/24 maxlen: 24
180.92.134.0/24 maxlen: 24
180.92.135.0/24 maxlen: 24
180.92.136.0/24 maxlen: 24
180.92.137.0/24 maxlen: 24
180.92.138.0/24 maxlen: 24
180.92.139.0/24 maxlen: 24
180.92.140.0/24 maxlen: 24
180.92.141.0/24 maxlen: 24
180.92.142.0/24 maxlen: 24
180.92.143.0/24 maxlen: 24
180.92.144.0/24 maxlen: 24
180.92.145.0/24 maxlen: 24
180.92.146.0/24 maxlen: 24
180.92.147.0/24 maxlen: 24
180.92.148.0/24 maxlen: 24
180.92.149.0/24 maxlen: 24
180.92.150.0/24 maxlen: 24
180.92.151.0/24 maxlen: 24
180.92.152.0/24 maxlen: 24
180.92.153.0/24 maxlen: 24
180.92.154.0/24 maxlen: 24
180.92.155.0/24 maxlen: 24
180.92.156.0/24 maxlen: 24
180.92.157.0/24 maxlen: 24
180.92.158.0/24 maxlen: 24
180.92.159.0/24 maxlen: 24
192.135.90.0/24 maxlen: 24
192.135.91.0/24 maxlen: 24
192.144.78.0/24 maxlen: 24
192.144.79.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2433 (0x981)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AB6EB/serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A
Validity
Not Before: Nov 25 11:44:36 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=6561de24-9b49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:67:8e:85:c1:cb:94:59:53:9a:cc:a5:70:c7:
b8:e3:21:09:2a:14:4d:4d:2e:aa:59:e7:2b:de:31:
8c:e8:06:04:83:e6:5f:50:93:07:14:68:aa:49:31:
71:5b:08:23:e3:57:45:88:57:07:ec:d7:6e:a3:90:
d0:e0:69:4b:25:9a:67:56:d2:bd:6a:73:36:07:45:
de:48:c9:84:00:6c:b3:ba:8b:fe:33:f7:cc:ea:83:
a1:d7:56:9b:aa:da:db:53:a7:5b:bf:7a:8e:33:78:
d1:34:a8:db:36:3b:ff:9a:8e:67:c1:dd:47:10:1e:
c8:fb:2a:62:4b:62:dd:d4:75:47:43:66:95:89:39:
2e:1d:23:c9:84:b1:dd:99:d0:f6:c8:f2:14:b4:95:
2d:ee:9a:ac:90:67:30:6d:06:87:0c:be:35:1c:1d:
d5:02:51:71:54:57:1e:61:24:1c:0c:e9:df:3f:ae:
43:30:d1:a5:3e:80:ad:5d:24:66:04:1c:20:ad:ac:
a0:2f:3c:a6:eb:68:51:1b:8a:1d:c8:5a:dd:12:70:
96:0c:15:fb:eb:06:11:c5:e7:2b:61:b0:8f:a0:5b:
e6:60:e7:91:a4:7e:db:e8:9f:ac:c9:ba:6c:b6:87:
e5:fd:30:ea:4a:27:74:d3:eb:a2:aa:0d:dc:d1:46:
e5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:C2:8F:39:1A:48:82:58:B6:44:1B:58:AF:27:BA:34:90:B4:1F:1C
X509v3 Authority Key Identifier:
keyid:FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/_JvUY9Aun9Lfw8Oa5M1asyJljCo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/01E44BA28B8811EE9301BB44C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.255.0.0/18
42.201.195.0/24
42.201.204.0/24
42.201.207.0/24
42.201.222.0/23
42.201.226.0/23
42.201.233.0/24
42.201.235.0/24
42.201.244.0/22
103.17.202.0/24
180.92.128.0/19
192.135.90.0/23
192.144.78.0/23
Signature Algorithm: sha256WithRSAEncryption
80:d1:b6:58:55:3c:3d:7c:2e:62:ed:22:fd:84:89:13:7c:91:
26:4b:55:c0:34:87:7d:bc:b1:7d:1f:7f:54:36:27:87:52:70:
e9:34:9b:20:9d:dc:6f:d3:95:4b:4c:bf:d9:72:5b:d8:f7:52:
25:67:69:27:25:a4:72:8a:a5:17:e3:f7:bf:05:90:81:e7:34:
af:0c:c4:75:25:44:ab:98:32:b9:94:26:4b:12:ba:2c:f5:c3:
be:87:a4:bc:71:71:cb:b5:8a:7d:76:5e:8a:8a:54:66:0d:22:
bb:6b:af:3a:98:fb:23:7c:2d:0e:c2:ec:8c:80:ef:a6:b6:2f:
c8:4c:a3:0f:ce:fb:67:88:12:43:da:56:5b:54:95:b2:a8:11:
13:6c:ed:1c:54:6b:4c:b0:1a:37:f9:db:2b:c5:72:be:3d:71:
22:2e:53:e9:12:94:48:7c:9a:eb:d6:d6:68:8d:f1:b1:cc:e4:
6c:7b:1f:06:d5:76:9e:5a:77:23:db:ab:da:3d:0f:12:a6:89:
7a:ff:31:ea:fc:2a:51:78:b3:cc:bc:00:12:27:b6:76:55:ef:
bb:3f:30:c2:13:ce:f1:d7:ff:af:38:1a:e3:c1:85:9a:31:5e:
9b:ef:dc:7a:73:fe:eb:41:ac:6f:e4:46:d3:c1:7a:56:00:ab:
e4:0f:71:f9
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgICCYEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUI2RUIxMTAvBgNVBAUTKEZDOUJENDYzRDAyRTlGRDJERkMzQzM5QUU0Q0Q1QUIz
MjI2NThDMkEwHhcNMjMxMTI1MTE0NDM2WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTYxZGUyNC05YjQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2GeOhcHLlFlTmsylcMe44yEJKhRNTS6qWecr3jGM6AYEg+ZfUJMHFGiqSTFx
Wwgj41dFiFcH7Nduo5DQ4GlLJZpnVtK9anM2B0XeSMmEAGyzuov+M/fM6oOh11ab
qtrbU6dbv3qOM3jRNKjbNjv/mo5nwd1HEB7I+ypiS2Ld1HVHQ2aViTkuHSPJhLHd
mdD2yPIUtJUt7pqskGcwbQaHDL41HB3VAlFxVFceYSQcDOnfP65DMNGlPoCtXSRm
BBwgraygLzym62hRG4odyFrdEnCWDBX76wYRxecrYbCPoFvmYOeRpH7b6J+sybps
tofl/TDqSid00+uiqg3c0UblfwIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFOjCjzka
SIJYtkQbWK8nujSQtB8cMB8GA1UdIwQYMBaAFPyb1GPQLp/S38PDmuTNWrMiZYwq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjZFQi8wMTM5MUIwMDhF
MkIxMUVBQkY4NkRBNENDNEY5QUUwMi9fSnZVWTlBdW45TGZ3OE9hNU0xYXN5Smxq
Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19KdlVZOUF1bjlMZnc4T2E1TTFhc3lKbGpDby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUI2RUIvMDEzOTFCMDA4RTJCMTFFQUJGODZEQTRDQzRGOUFFMDIvMDFFNDRCQTI4
Qjg4MTFFRTkzMDFCQjQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZwYIKwYBBQUHAQcBAf8E
WDBWMFQEAgABME4DBAYb/wADBAAqycMDBAAqycwDBAAqyc8DBAEqyd4DBAEqyeID
BAAqyekDBAAqyesDBAIqyfQDBABnEcoDBAW0XIADBAHAh1oDBAHAkE4wDQYJKoZI
hvcNAQELBQADggEBAIDRtlhVPD18LmLtIv2EiRN8kSZLVcA0h328sX0ff1Q2J4dS
cOk0myCd3G/TlUtMv9lyW9j3UiVnaSclpHKKpRfj978FkIHnNK8MxHUlRKuYMrmU
JksSuiz1w76HpLxxccu1in12XoqKVGYNIrtrrzqY+yN8LQ7C7IyA76a2L8hMow/O
+2eIEkPaVltUlbKoERNs7RxUa0ywGjf52yvFcr49cSIuU+kSlEh8muvW1miN8bHM
5Gx7HwbVdp5adyPbq9o9DxKmiXr/Mer8KlF4s8y8ABIntnZV77s/MMITzvHX/684
GuPBhZoxXpvv3Hpz/utBrG/kRtPBelYAq+QPcfk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org