Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/C3540A289AC611EEA2AF8862C4F9AE02.roa
File: C3540A289AC611EEA2AF8862C4F9AE02.roa (raw, json)
Hash identifier: Tt318KrTtef4nd743/Dwlh6zNxYQo8cjJgqpiY/aJJk=
Subject key identifier: F0:7A:19:D4:75:D1:63:53:36:63:FE:DE:E8:85:AB:E5:31:BA:E1:E0
Certificate issuer: /CN=A91AB6EB/serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A
Certificate serial: 09C3
Authority key identifier: FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/C3540A289AC611EEA2AF8862C4F9AE02.roa
Signing time: Sat 02 Mar 2024 21:29:56 +0000
ROA not before: Sat 02 Mar 2024 21:29:56 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 23607
IP address blocks: 27.255.0.0/18 maxlen: 18
27.255.0.0/24 maxlen: 24
27.255.1.0/24 maxlen: 24
27.255.2.0/24 maxlen: 24
27.255.3.0/24 maxlen: 24
27.255.4.0/24 maxlen: 24
27.255.5.0/24 maxlen: 24
27.255.6.0/24 maxlen: 24
27.255.7.0/24 maxlen: 24
27.255.8.0/24 maxlen: 24
27.255.9.0/24 maxlen: 24
27.255.10.0/24 maxlen: 24
27.255.11.0/24 maxlen: 24
27.255.12.0/24 maxlen: 24
27.255.13.0/24 maxlen: 24
27.255.14.0/24 maxlen: 24
27.255.15.0/24 maxlen: 24
27.255.16.0/24 maxlen: 24
27.255.17.0/24 maxlen: 24
27.255.18.0/24 maxlen: 24
27.255.19.0/24 maxlen: 24
27.255.20.0/24 maxlen: 24
27.255.21.0/24 maxlen: 24
27.255.22.0/24 maxlen: 24
27.255.23.0/24 maxlen: 24
27.255.24.0/24 maxlen: 24
27.255.25.0/24 maxlen: 24
27.255.26.0/24 maxlen: 24
27.255.27.0/24 maxlen: 24
27.255.28.0/24 maxlen: 24
27.255.29.0/24 maxlen: 24
27.255.30.0/24 maxlen: 24
27.255.31.0/24 maxlen: 24
27.255.32.0/24 maxlen: 24
27.255.33.0/24 maxlen: 24
27.255.34.0/24 maxlen: 24
27.255.36.0/24 maxlen: 24
27.255.37.0/24 maxlen: 24
27.255.38.0/24 maxlen: 24
27.255.39.0/24 maxlen: 24
27.255.40.0/24 maxlen: 24
27.255.41.0/24 maxlen: 24
27.255.42.0/24 maxlen: 24
27.255.43.0/24 maxlen: 24
27.255.44.0/24 maxlen: 24
27.255.45.0/24 maxlen: 24
27.255.46.0/24 maxlen: 24
27.255.47.0/24 maxlen: 24
27.255.48.0/24 maxlen: 24
27.255.49.0/24 maxlen: 24
27.255.50.0/24 maxlen: 24
27.255.51.0/24 maxlen: 24
27.255.52.0/24 maxlen: 24
27.255.53.0/24 maxlen: 24
27.255.54.0/24 maxlen: 24
27.255.55.0/24 maxlen: 24
27.255.56.0/24 maxlen: 24
27.255.57.0/24 maxlen: 24
27.255.58.0/24 maxlen: 24
27.255.59.0/24 maxlen: 24
27.255.60.0/24 maxlen: 24
27.255.61.0/24 maxlen: 24
27.255.62.0/24 maxlen: 24
27.255.63.0/24 maxlen: 24
103.17.200.0/24 maxlen: 24
103.17.201.0/24 maxlen: 24
103.17.202.0/24 maxlen: 24
103.17.203.0/24 maxlen: 24
110.34.32.0/24 maxlen: 24
110.34.33.0/24 maxlen: 24
110.34.34.0/24 maxlen: 24
110.34.35.0/24 maxlen: 24
110.34.36.0/24 maxlen: 24
110.34.37.0/24 maxlen: 24
110.34.38.0/24 maxlen: 24
110.34.39.0/24 maxlen: 24
180.92.128.0/24 maxlen: 24
180.92.129.0/24 maxlen: 24
180.92.130.0/24 maxlen: 24
180.92.131.0/24 maxlen: 24
180.92.132.0/24 maxlen: 24
180.92.133.0/24 maxlen: 24
180.92.134.0/24 maxlen: 24
180.92.135.0/24 maxlen: 24
180.92.136.0/24 maxlen: 24
180.92.137.0/24 maxlen: 24
180.92.138.0/24 maxlen: 24
180.92.139.0/24 maxlen: 24
180.92.140.0/24 maxlen: 24
180.92.141.0/24 maxlen: 24
180.92.142.0/24 maxlen: 24
180.92.143.0/24 maxlen: 24
180.92.144.0/24 maxlen: 24
180.92.145.0/24 maxlen: 24
180.92.146.0/24 maxlen: 24
180.92.147.0/24 maxlen: 24
180.92.148.0/24 maxlen: 24
180.92.149.0/24 maxlen: 24
180.92.150.0/24 maxlen: 24
180.92.151.0/24 maxlen: 24
180.92.152.0/24 maxlen: 24
180.92.153.0/24 maxlen: 24
180.92.154.0/24 maxlen: 24
180.92.155.0/24 maxlen: 24
180.92.156.0/24 maxlen: 24
180.92.157.0/24 maxlen: 24
180.92.158.0/24 maxlen: 24
180.92.159.0/24 maxlen: 24
192.135.90.0/24 maxlen: 24
192.135.91.0/24 maxlen: 24
192.144.78.0/24 maxlen: 24
192.144.79.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2499 (0x9c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AB6EB/serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A
Validity
Not Before: Mar 2 21:29:56 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65e39a54-4136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:56:07:58:86:2f:ba:65:6a:fd:78:59:10:e3:
a5:ed:e7:15:2e:45:49:f7:7a:ac:b0:25:da:30:46:
9c:53:c6:81:ac:0d:bb:55:df:8d:6d:41:46:9d:08:
6f:2b:31:92:6e:e2:97:fc:95:c2:c5:6d:5d:da:83:
6f:4b:01:4e:8a:13:76:cf:67:c3:48:33:cf:93:6f:
38:b5:8e:b3:57:d0:38:90:8f:20:df:07:48:db:0d:
74:7c:12:2e:b9:14:63:a6:68:40:c5:27:51:08:4c:
01:55:04:ef:85:b7:88:0c:d7:ab:47:a2:62:b0:c5:
28:c3:c7:9e:9c:3f:f8:08:0e:b3:c9:cf:aa:27:aa:
78:ee:b5:40:00:d5:ed:77:05:b2:5a:f1:11:11:0f:
57:b5:d6:40:25:85:ff:50:97:63:e3:8c:31:13:ff:
d7:86:4e:8e:05:bd:71:7a:44:21:d2:3c:5d:b2:a4:
c4:16:46:36:89:06:9e:0d:2f:aa:44:9b:8f:40:35:
df:ff:71:5a:61:00:07:0c:ef:32:62:aa:46:5a:64:
e7:ef:8f:e3:12:36:6f:43:ab:ea:64:19:cb:8e:42:
1b:46:6d:ac:30:36:bc:70:77:0c:a6:46:fd:43:18:
6c:09:60:8b:de:7c:cc:4f:89:ff:aa:cf:5d:70:1f:
62:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:7A:19:D4:75:D1:63:53:36:63:FE:DE:E8:85:AB:E5:31:BA:E1:E0
X509v3 Authority Key Identifier:
keyid:FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/_JvUY9Aun9Lfw8Oa5M1asyJljCo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/C3540A289AC611EEA2AF8862C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.255.0.0/18
103.17.200.0/22
110.34.32.0/21
180.92.128.0/19
192.135.90.0/23
192.144.78.0/23
Signature Algorithm: sha256WithRSAEncryption
25:9d:2a:04:64:b9:16:67:b4:4d:b8:21:4c:15:7d:51:f6:86:
2e:96:1e:d7:29:5f:61:6a:91:71:18:2f:27:3c:11:7f:d4:96:
5c:75:ea:aa:27:51:ac:c0:e9:b6:03:a5:d7:02:30:8f:be:ca:
35:75:31:7d:d1:65:60:3f:40:27:29:2c:71:65:7d:66:8a:d9:
0a:a7:d5:47:6a:74:fb:93:12:1b:66:e6:d5:74:fd:c3:e0:7b:
ce:6d:f8:2b:f9:23:da:ad:74:1c:5c:58:54:54:b0:ab:1a:64:
86:6e:40:d8:e9:c8:dd:c9:1b:01:a2:b9:fe:d2:3f:42:44:2a:
e8:7d:ab:ce:8a:79:20:95:3c:1e:51:59:59:9b:7f:c4:69:18:
ad:e1:b5:d5:2c:e1:2e:ff:24:76:42:2f:32:95:b1:2c:ac:8e:
9d:3c:6a:09:02:10:8d:13:67:3b:71:65:4a:7c:a5:53:f1:0e:
c4:68:92:f8:65:99:a2:75:5d:7d:f6:17:89:46:e7:e4:d4:51:
fa:92:85:96:4c:b7:32:61:77:df:9b:83:d3:3a:39:30:64:3b:
e5:bb:53:9e:61:62:26:ba:5b:e2:5a:8c:98:17:c2:3d:86:26:
56:4c:83:47:00:0f:b7:31:2b:9b:7f:f6:9b:70:52:d0:b9:79:
ec:29:4b:33
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICCcMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUI2RUIxMTAvBgNVBAUTKEZDOUJENDYzRDAyRTlGRDJERkMzQzM5QUU0Q0Q1QUIz
MjI2NThDMkEwHhcNMjQwMzAyMjEyOTU2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUzOWE1NC00MTM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0VYHWIYvumVq/XhZEOOl7ecVLkVJ93qssCXaMEacU8aBrA27Vd+NbUFGnQhv
KzGSbuKX/JXCxW1d2oNvSwFOihN2z2fDSDPPk284tY6zV9A4kI8g3wdI2w10fBIu
uRRjpmhAxSdRCEwBVQTvhbeIDNerR6JisMUow8eenD/4CA6zyc+qJ6p47rVAANXt
dwWyWvEREQ9XtdZAJYX/UJdj44wxE//Xhk6OBb1xekQh0jxdsqTEFkY2iQaeDS+q
RJuPQDXf/3FaYQAHDO8yYqpGWmTn74/jEjZvQ6vqZBnLjkIbRm2sMDa8cHcMpkb9
QxhsCWCL3nzMT4n/qs9dcB9iKQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFPB6GdR1
0WNTNmP+3uiFq+UxuuHgMB8GA1UdIwQYMBaAFPyb1GPQLp/S38PDmuTNWrMiZYwq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjZFQi8wMTM5MUIwMDhF
MkIxMUVBQkY4NkRBNENDNEY5QUUwMi9fSnZVWTlBdW45TGZ3OE9hNU0xYXN5Smxq
Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19KdlVZOUF1bjlMZnc4T2E1TTFhc3lKbGpDby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUI2RUIvMDEzOTFCMDA4RTJCMTFFQUJGODZEQTRDQzRGOUFFMDIvQzM1NDBBMjg5
QUM2MTFFRUEyQUY4ODYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAYb/wADBAJnEcgDBANuIiADBAW0XIADBAHAh1oDBAHAkE4w
DQYJKoZIhvcNAQELBQADggEBACWdKgRkuRZntE24IUwVfVH2hi6WHtcpX2FqkXEY
Lyc8EX/Ullx16qonUazA6bYDpdcCMI++yjV1MX3RZWA/QCcpLHFlfWaK2Qqn1Udq
dPuTEhtm5tV0/cPge85t+Cv5I9qtdBxcWFRUsKsaZIZuQNjpyN3JGwGiuf7SP0JE
Kuh9q86KeSCVPB5RWVmbf8RpGK3htdUs4S7/JHZCLzKVsSysjp08agkCEI0TZztx
ZUp8pVPxDsRokvhlmaJ1XX32F4lG5+TUUfqShZZMtzJhd9+bg9M6OTBkO+W7U55h
Yia6W+JajJgXwj2GJlZMg0cAD7cxK5t/9ptwUtC5eewpSzM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org