Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/43FB66E0602D11EF9E04DC7AC4F9AE02.roa
File: 43FB66E0602D11EF9E04DC7AC4F9AE02.roa (raw, json)
Hash identifier: 5/I+jh67b2TAEpZlYsTyz1VvWjJbpl/X2yKUKPvagiQ=
Subject key identifier: F1:00:84:09:A6:82:27:4F:25:90:D4:B0:73:3C:AC:52:83:FE:EC:2F
Certificate issuer: /CN=A91DB4FE/serialNumber=7F6BE1D5A2730FC227FAFC896D13433241783179
Certificate serial: 070D
Authority key identifier: 7F:6B:E1:D5:A2:73:0F:C2:27:FA:FC:89:6D:13:43:32:41:78:31:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/43FB66E0602D11EF9E04DC7AC4F9AE02.roa
Signing time: Thu 22 Aug 2024 02:21:41 +0000
ROA not before: Thu 22 Aug 2024 02:21:41 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 9723
IP address blocks: 1.178.0.0/20 maxlen: 24
1.178.64.0/20 maxlen: 24
1.178.80.0/20 maxlen: 24
1.178.96.0/20 maxlen: 20
1.178.144.0/20 maxlen: 20
1.178.144.0/21 maxlen: 24
1.178.160.0/20 maxlen: 20
1.178.176.0/20 maxlen: 20
1.178.176.0/21 maxlen: 24
1.178.192.0/20 maxlen: 20
1.178.192.0/21 maxlen: 24
1.179.0.0/20 maxlen: 20
1.179.16.0/20 maxlen: 20
1.179.32.0/21 maxlen: 21
1.179.48.0/20 maxlen: 20
1.179.48.0/21 maxlen: 24
1.179.64.0/21 maxlen: 21
1.179.80.0/21 maxlen: 21
1.179.96.0/20 maxlen: 20
58.87.0.0/20 maxlen: 20
58.87.0.0/23 maxlen: 23
58.87.2.0/23 maxlen: 23
58.87.6.0/23 maxlen: 23
58.87.8.0/23 maxlen: 23
58.87.10.0/23 maxlen: 23
58.87.12.0/23 maxlen: 23
58.87.14.0/24 maxlen: 24
58.87.15.0/24 maxlen: 24
110.238.2.0/23 maxlen: 23
110.238.4.0/22 maxlen: 22
110.238.4.0/23 maxlen: 23
110.238.6.0/23 maxlen: 23
110.238.8.0/23 maxlen: 23
110.238.10.0/23 maxlen: 23
110.238.12.0/23 maxlen: 23
110.238.14.0/23 maxlen: 23
110.238.16.0/20 maxlen: 20
110.238.16.0/24 maxlen: 24
110.238.18.0/24 maxlen: 24
110.238.21.0/24 maxlen: 24
110.238.24.0/24 maxlen: 24
110.238.25.0/24 maxlen: 24
110.238.128.0/20 maxlen: 20
110.238.128.0/21 maxlen: 24
110.238.144.0/20 maxlen: 20
110.238.144.0/22 maxlen: 22
110.238.152.0/21 maxlen: 21
110.238.224.0/20 maxlen: 20
110.238.224.0/21 maxlen: 24
110.238.240.0/20 maxlen: 20
110.238.240.0/21 maxlen: 24
110.239.0.0/20 maxlen: 20
110.239.16.0/20 maxlen: 20
110.239.32.0/20 maxlen: 20
110.239.32.0/21 maxlen: 24
110.239.128.0/20 maxlen: 20
110.239.128.0/21 maxlen: 21
110.239.144.0/20 maxlen: 20
110.239.176.0/21 maxlen: 22
110.239.178.0/23 maxlen: 23
110.239.178.0/24 maxlen: 24
110.239.224.0/20 maxlen: 20
110.239.240.0/20 maxlen: 20
119.12.0.0/20 maxlen: 20
119.12.80.0/20 maxlen: 20
119.12.80.0/21 maxlen: 24
119.12.96.0/21 maxlen: 21
119.12.112.0/20 maxlen: 20
119.12.112.0/21 maxlen: 24
119.12.144.0/21 maxlen: 24
119.13.0.0/20 maxlen: 20
119.13.0.0/23 maxlen: 23
119.13.2.0/24 maxlen: 24
119.13.3.0/24 maxlen: 24
119.13.4.0/23 maxlen: 23
119.13.6.0/23 maxlen: 23
119.13.8.0/23 maxlen: 23
119.13.16.0/21 maxlen: 24
119.13.48.0/21 maxlen: 21
119.13.48.0/24 maxlen: 24
119.13.128.0/20 maxlen: 20
119.13.144.0/21 maxlen: 24
119.13.176.0/21 maxlen: 23
119.13.176.0/23 maxlen: 24
119.13.178.0/24 maxlen: 24
119.13.180.0/22 maxlen: 24
119.13.240.0/21 maxlen: 24
121.91.16.0/20 maxlen: 20
121.91.96.0/21 maxlen: 21
121.91.112.0/20 maxlen: 20
121.91.128.0/21 maxlen: 24
121.91.144.0/21 maxlen: 21
121.91.160.0/21 maxlen: 21
121.91.192.0/21 maxlen: 21
123.200.128.0/20 maxlen: 20
123.200.133.0/24 maxlen: 24
123.200.136.0/22 maxlen: 22
123.200.140.0/22 maxlen: 22
123.200.144.0/22 maxlen: 22
123.200.148.0/22 maxlen: 22
123.200.152.0/21 maxlen: 21
123.200.160.0/23 maxlen: 23
123.200.162.0/23 maxlen: 23
123.200.164.0/23 maxlen: 23
123.200.165.0/24 maxlen: 24
123.200.166.0/23 maxlen: 23
123.200.168.0/23 maxlen: 23
123.200.170.0/23 maxlen: 23
123.200.172.0/24 maxlen: 24
123.200.174.0/24 maxlen: 24
123.200.175.0/24 maxlen: 24
123.200.176.0/23 maxlen: 23
123.200.179.0/24 maxlen: 24
123.200.180.0/23 maxlen: 23
123.200.182.0/23 maxlen: 23
123.200.184.0/22 maxlen: 22
123.200.187.0/24 maxlen: 24
123.200.188.0/23 maxlen: 23
123.200.192.0/21 maxlen: 21
123.200.200.0/21 maxlen: 21
123.200.208.0/21 maxlen: 21
123.200.216.0/21 maxlen: 21
123.200.224.0/21 maxlen: 21
123.200.240.0/21 maxlen: 21
202.83.64.0/19 maxlen: 19
202.83.64.0/22 maxlen: 22
202.83.68.0/23 maxlen: 23
202.83.70.0/23 maxlen: 23
202.83.72.0/24 maxlen: 24
202.83.73.0/24 maxlen: 24
202.83.74.0/23 maxlen: 23
202.83.76.0/22 maxlen: 22
202.83.80.0/23 maxlen: 23
202.83.82.0/24 maxlen: 24
202.83.83.0/24 maxlen: 24
202.83.84.0/22 maxlen: 22
202.83.88.0/23 maxlen: 23
202.83.90.0/23 maxlen: 23
202.83.92.0/23 maxlen: 23
202.83.94.0/24 maxlen: 24
202.83.95.0/24 maxlen: 24
202.183.96.0/20 maxlen: 20
202.183.96.0/24 maxlen: 24
202.183.97.0/24 maxlen: 24
202.183.98.0/24 maxlen: 24
202.183.100.0/23 maxlen: 23
202.183.102.0/23 maxlen: 23
202.183.102.0/24 maxlen: 24
202.183.104.0/22 maxlen: 22
202.183.108.0/24 maxlen: 24
202.183.110.0/24 maxlen: 24
202.183.111.0/24 maxlen: 24
202.183.112.0/20 maxlen: 20
202.183.112.0/23 maxlen: 23
202.183.114.0/23 maxlen: 23
202.183.116.0/23 maxlen: 23
202.183.118.0/24 maxlen: 24
202.183.119.0/24 maxlen: 24
202.183.120.0/22 maxlen: 22
202.183.124.0/23 maxlen: 23
202.183.126.0/24 maxlen: 24
202.183.127.0/24 maxlen: 24
210.56.64.0/20 maxlen: 20
210.56.64.0/22 maxlen: 22
210.56.64.0/24 maxlen: 24
210.56.65.0/24 maxlen: 24
210.56.66.0/24 maxlen: 24
210.56.67.0/24 maxlen: 24
210.56.68.0/23 maxlen: 23
210.56.70.0/23 maxlen: 23
210.56.72.0/23 maxlen: 23
210.56.74.0/23 maxlen: 23
210.56.76.0/23 maxlen: 23
210.56.78.0/23 maxlen: 23
220.157.64.0/19 maxlen: 19
220.157.64.0/23 maxlen: 23
220.157.66.0/23 maxlen: 23
220.157.66.0/24 maxlen: 24
220.157.69.0/24 maxlen: 24
220.157.70.0/24 maxlen: 24
220.157.71.0/24 maxlen: 24
220.157.72.0/23 maxlen: 23
220.157.76.0/23 maxlen: 23
220.157.78.0/23 maxlen: 23
220.157.78.0/24 maxlen: 24
220.157.79.0/24 maxlen: 24
220.157.80.0/23 maxlen: 23
220.157.82.0/23 maxlen: 23
220.157.84.0/23 maxlen: 23
220.157.86.0/23 maxlen: 23
220.157.88.0/23 maxlen: 23
220.157.90.0/24 maxlen: 24
220.157.91.0/24 maxlen: 24
220.157.92.0/24 maxlen: 24
220.157.93.0/24 maxlen: 24
220.157.94.0/24 maxlen: 24
220.157.95.0/24 maxlen: 24
2407:6800::/32 maxlen: 32
2407:6800:0:200::/56 maxlen: 56
2407:6800:0:300::/56 maxlen: 56
2407:6800:0:400::/56 maxlen: 56
2407:6800:0:500::/56 maxlen: 56
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1805 (0x70d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DB4FE
Validity
Not Before: Aug 22 02:21:41 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66c6a0b4-0a21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a8:b9:f6:5d:e6:02:08:db:64:dd:e9:8c:24:
0b:af:6b:91:53:19:43:e1:c7:e6:31:a1:32:2d:19:
cf:22:70:15:6e:fc:3a:a9:93:c9:cc:d4:ff:d5:f6:
76:89:5b:c3:34:17:0a:22:50:1c:e1:00:22:61:0f:
29:00:e0:71:d2:29:46:e3:e0:bc:5e:3f:d5:ff:76:
03:2a:d9:60:d4:dc:6a:1f:ac:53:a9:42:86:7c:82:
b4:c4:fa:66:4c:b3:e6:c3:30:f4:6e:c4:95:cc:60:
06:b5:31:fd:de:48:bf:88:10:c8:9c:c7:b4:05:43:
22:29:e7:eb:32:a6:ab:95:2e:e1:dc:db:62:8c:d2:
d9:7a:0e:b5:02:ac:ab:9f:b8:58:b0:89:f3:b2:48:
8c:87:94:3f:7c:f4:44:eb:4d:69:14:3e:d2:9d:f1:
30:87:fc:1b:ef:de:c9:ac:a8:e4:8d:ef:19:8d:05:
8a:a4:61:50:04:0b:68:7e:46:c9:6e:25:b0:d6:f2:
d2:50:b9:8b:e6:bf:b3:d2:0c:e8:07:fb:ff:5c:07:
7e:e1:96:c8:d1:b0:71:9a:b6:41:02:f6:c4:93:f2:
95:7f:4f:b6:b2:35:06:5d:91:fa:3c:da:be:b8:a6:
a9:64:7f:39:63:45:3a:d2:d2:4e:82:ca:da:48:77:
f6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:00:84:09:A6:82:27:4F:25:90:D4:B0:73:3C:AC:52:83:FE:EC:2F
X509v3 Authority Key Identifier:
keyid:7F:6B:E1:D5:A2:73:0F:C2:27:FA:FC:89:6D:13:43:32:41:78:31:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/f2vh1aJzD8In-vyJbRNDMkF4MXk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/43FB66E0602D11EF9E04DC7AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.178.0.0/20
1.178.64.0-1.178.111.255
1.178.144.0-1.178.207.255
1.179.0.0-1.179.39.255
1.179.48.0-1.179.71.255
1.179.80.0/21
1.179.96.0/20
58.87.0.0/20
110.238.2.0-110.238.31.255
110.238.128.0/19
110.238.224.0-110.239.47.255
110.239.128.0/19
110.239.176.0/21
110.239.224.0/19
119.12.0.0/20
119.12.80.0-119.12.103.255
119.12.112.0/20
119.12.144.0/21
119.13.0.0-119.13.23.255
119.13.48.0/21
119.13.128.0-119.13.151.255
119.13.176.0/21
119.13.240.0/21
121.91.16.0/20
121.91.96.0/21
121.91.112.0-121.91.135.255
121.91.144.0/21
121.91.160.0/21
121.91.192.0/21
123.200.128.0-123.200.172.255
123.200.174.0-123.200.177.255
123.200.179.0-123.200.189.255
123.200.192.0-123.200.231.255
123.200.240.0/21
202.83.64.0/19
202.183.96.0/19
210.56.64.0/20
220.157.64.0/19
IPv6:
2407:6800::/32
Signature Algorithm: sha256WithRSAEncryption
1e:fd:4a:2a:06:38:4f:f9:a4:4c:e0:83:fd:ff:74:26:35:27:
c9:44:b9:55:eb:48:a0:ba:9a:a9:84:0f:8b:01:18:99:87:dc:
0f:98:72:02:2f:7b:5f:f4:81:be:95:4e:17:93:8b:a1:ca:53:
3a:ae:a0:a5:f4:89:b3:ba:f4:45:79:ca:8d:f0:71:2d:bc:6a:
77:e5:25:57:82:e4:e2:81:b6:f5:0f:9f:ba:03:b1:95:cc:59:
36:e8:7e:94:72:7d:0d:d7:16:3b:a9:5f:44:53:23:da:36:f1:
e1:3d:fc:bc:95:c1:fe:4c:f6:c5:d8:c9:77:bd:ea:89:93:4e:
45:bc:69:b1:b5:56:b1:92:5a:5a:83:6d:54:05:f4:b5:37:ac:
d8:50:54:13:09:ee:34:ed:c6:db:07:58:d8:e7:a1:d2:4a:07:
04:ec:3d:0a:2f:a1:75:e9:7a:dc:c9:b6:9f:d7:62:a4:9c:7f:
69:10:d8:a0:83:66:d0:90:d5:32:9e:e6:e3:af:1d:ee:32:ca:
12:68:f8:09:50:5d:94:bd:ec:11:49:ea:58:3f:5b:2e:e9:aa:
a0:1e:3d:93:25:de:77:be:84:ca:e2:64:ab:f5:26:ae:d7:19:
65:2a:54:68:de:3e:b7:8e:df:44:98:cc:23:65:9a:6b:e6:e0:
1b:98:01:39
-----BEGIN CERTIFICATE-----
MIIG1jCCBb6gAwIBAgICBw0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REI0RkUxMTAvBgNVBAUTKDdGNkJFMUQ1QTI3MzBGQzIyN0ZBRkM4OTZEMTM0MzMy
NDE3ODMxNzkwHhcNMjQwODIyMDIyMTQxWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM2YTBiNC0wYTIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArKi59l3mAgjbZN3pjCQLr2uRUxlD4cfmMaEyLRnPInAVbvw6qZPJzNT/1fZ2
iVvDNBcKIlAc4QAiYQ8pAOBx0ilG4+C8Xj/V/3YDKtlg1NxqH6xTqUKGfIK0xPpm
TLPmwzD0bsSVzGAGtTH93ki/iBDInMe0BUMiKefrMqarlS7h3NtijNLZeg61Aqyr
n7hYsInzskiMh5Q/fPRE601pFD7SnfEwh/wb797JrKjkje8ZjQWKpGFQBAtofkbJ
biWw1vLSULmL5r+z0gzoB/v/XAd+4ZbI0bBxmrZBAvbEk/KVf0+2sjUGXZH6PNq+
uKapZH85Y0U60tJOgsraSHf2wwIDAQABo4ID+jCCA/YwHQYDVR0OBBYEFPEAhAmm
gidPJZDUsHM8rFKD/uwvMB8GA1UdIwQYMBaAFH9r4dWicw/CJ/r8iW0TQzJBeDF5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQjRGRS9DRjRBMTBFQTg1
RTExMUVCQUZCNTFFODRDNEY5QUUwMi9mMnZoMWFKekQ4SW4tdnlKYlJORE1rRjRN
WGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2YydmgxYUp6RDhJbi12eUpiUk5ETWtGNE1Yay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REI0RkUvQ0Y0QTEwRUE4NUUxMTFFQkFGQjUxRTg0QzRGOUFFMDIvNDNGQjY2RTA2
MDJEMTFFRjlFMDREQzdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggGCBggrBgEFBQcBBwEB
/wSCAXEwggFtMIIBWgQCAAEwggFSAwQEAbIAMAwDBAYBskADBAQBsmAwDAMEBAGy
kAMEBAGywDALAwMAAbMDBAMBsyAwDAMEBAGzMAMEAwGzQAMEAwGzUAMEBAGzYAME
BDpXADAMAwQBbu4CAwQFbu4AAwQFbu6AMAwDBAVu7uADBARu7yADBAVu74ADBANu
77ADBAVu7+ADBAR3DAAwDAMEBHcMUAMEA3cMYAMEBHcMcAMEA3cMkDALAwMAdw0D
BAN3DRADBAN3DTAwDAMEB3cNgAMEA3cNkAMEA3cNsAMEA3cN8AMEBHlbEAMEA3lb
YDAMAwQEeVtwAwQDeVuAAwQDeVuQAwQDeVugAwQDeVvAMAwDBAd7yIADBAB7yKww
DAMEAXvIrgMEAXvIsDAMAwQAe8izAwQBe8i8MAwDBAZ7yMADBAN7yOADBAN7yPAD
BAXKU0ADBAXKt2ADBATSOEADBAXcnUAwDQQCAAIwBwMFACQHaAAwDQYJKoZIhvcN
AQELBQADggEBAB79SioGOE/5pEzgg/3/dCY1J8lEuVXrSKC6mqmED4sBGJmH3A+Y
cgIve1/0gb6VTheTi6HKUzquoKX0ibO69EV5yo3wcS28anflJVeC5OKBtvUPn7oD
sZXMWTbofpRyfQ3XFjupX0RTI9o28eE9/LyVwf5M9sXYyXe96omTTkW8abG1VrGS
WlqDbVQF9LU3rNhQVBMJ7jTtxtsHWNjnodJKBwTsPQovoXXpetzJtp/XYqScf2kQ
2KCDZtCQ1TKe5uOvHe4yyhJo+AlQXZS97BFJ6lg/Wy7pqqAePZMl3ne+hMriZKv1
Jq7XGWUqVGjePreO30SYzCNlmmvm4BuYATk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:49:14 2025 by rpki-client