Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/D8ECB79C642211EFA2887F4FC4F9AE02.roa
File: D8ECB79C642211EFA2887F4FC4F9AE02.roa (raw, json)
Hash identifier: cIuYAgWPV1//KhK3VVDhe5vCshyDGwom67mQhsiTy+M=
Subject key identifier: 82:44:8D:16:7F:3C:62:DB:67:DB:86:BE:E4:3C:60:07:06:8D:A8:7B
Certificate issuer: /CN=A91DB4FE/serialNumber=7F6BE1D5A2730FC227FAFC896D13433241783179
Certificate serial: 0738
Authority key identifier: 7F:6B:E1:D5:A2:73:0F:C2:27:FA:FC:89:6D:13:43:32:41:78:31:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/D8ECB79C642211EFA2887F4FC4F9AE02.roa
Signing time: Tue 27 Aug 2024 03:17:10 +0000
ROA not before: Tue 27 Aug 2024 03:17:10 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 9723
IP address blocks: 1.178.0.0/20 maxlen: 24
1.178.64.0/20 maxlen: 24
1.178.80.0/20 maxlen: 24
1.178.96.0/20 maxlen: 24
1.178.144.0/20 maxlen: 20
1.178.144.0/21 maxlen: 24
1.178.160.0/20 maxlen: 24
1.178.176.0/20 maxlen: 24
1.178.192.0/20 maxlen: 20
1.178.192.0/21 maxlen: 24
1.179.0.0/20 maxlen: 24
1.179.16.0/20 maxlen: 24
1.179.32.0/21 maxlen: 21
1.179.48.0/20 maxlen: 24
1.179.64.0/21 maxlen: 21
1.179.80.0/21 maxlen: 21
1.179.96.0/20 maxlen: 24
58.87.0.0/20 maxlen: 20
58.87.0.0/23 maxlen: 23
58.87.2.0/23 maxlen: 23
58.87.6.0/23 maxlen: 23
58.87.8.0/23 maxlen: 23
58.87.10.0/23 maxlen: 23
58.87.12.0/23 maxlen: 23
58.87.14.0/24 maxlen: 24
58.87.15.0/24 maxlen: 24
110.238.2.0/23 maxlen: 23
110.238.4.0/22 maxlen: 22
110.238.4.0/23 maxlen: 23
110.238.6.0/23 maxlen: 23
110.238.8.0/23 maxlen: 23
110.238.10.0/23 maxlen: 23
110.238.12.0/23 maxlen: 23
110.238.14.0/23 maxlen: 23
110.238.16.0/20 maxlen: 20
110.238.16.0/24 maxlen: 24
110.238.18.0/24 maxlen: 24
110.238.21.0/24 maxlen: 24
110.238.24.0/24 maxlen: 24
110.238.25.0/24 maxlen: 24
110.238.128.0/20 maxlen: 20
110.238.128.0/21 maxlen: 24
110.238.144.0/20 maxlen: 20
110.238.144.0/22 maxlen: 24
110.238.152.0/21 maxlen: 21
110.238.224.0/20 maxlen: 20
110.238.224.0/21 maxlen: 24
110.238.240.0/20 maxlen: 20
110.238.240.0/23 maxlen: 24
110.239.0.0/20 maxlen: 20
110.239.16.0/20 maxlen: 20
110.239.32.0/20 maxlen: 20
110.239.32.0/22 maxlen: 24
110.239.128.0/20 maxlen: 20
110.239.128.0/21 maxlen: 21
110.239.144.0/20 maxlen: 20
110.239.176.0/21 maxlen: 22
110.239.178.0/23 maxlen: 23
110.239.178.0/24 maxlen: 24
110.239.224.0/20 maxlen: 20
110.239.240.0/20 maxlen: 20
119.12.0.0/20 maxlen: 20
119.12.80.0/20 maxlen: 20
119.12.80.0/21 maxlen: 24
119.12.96.0/21 maxlen: 21
119.12.112.0/20 maxlen: 20
119.12.112.0/21 maxlen: 24
119.12.144.0/21 maxlen: 24
119.13.0.0/20 maxlen: 20
119.13.0.0/23 maxlen: 23
119.13.2.0/24 maxlen: 24
119.13.3.0/24 maxlen: 24
119.13.4.0/23 maxlen: 23
119.13.6.0/23 maxlen: 23
119.13.8.0/23 maxlen: 23
119.13.10.0/23 maxlen: 24
119.13.16.0/21 maxlen: 24
119.13.48.0/21 maxlen: 21
119.13.48.0/24 maxlen: 24
119.13.49.0/24 maxlen: 24
119.13.128.0/20 maxlen: 20
119.13.144.0/21 maxlen: 24
119.13.176.0/21 maxlen: 23
119.13.176.0/23 maxlen: 24
119.13.178.0/24 maxlen: 24
119.13.180.0/22 maxlen: 24
119.13.240.0/21 maxlen: 24
121.91.16.0/20 maxlen: 20
121.91.96.0/21 maxlen: 24
121.91.112.0/20 maxlen: 20
121.91.128.0/21 maxlen: 24
121.91.144.0/21 maxlen: 21
121.91.160.0/21 maxlen: 21
121.91.192.0/21 maxlen: 24
123.200.128.0/20 maxlen: 20
123.200.133.0/24 maxlen: 24
123.200.136.0/22 maxlen: 22
123.200.140.0/22 maxlen: 22
123.200.144.0/22 maxlen: 22
123.200.148.0/22 maxlen: 22
123.200.152.0/21 maxlen: 21
123.200.160.0/23 maxlen: 23
123.200.162.0/23 maxlen: 23
123.200.164.0/23 maxlen: 23
123.200.165.0/24 maxlen: 24
123.200.166.0/23 maxlen: 23
123.200.168.0/23 maxlen: 23
123.200.170.0/23 maxlen: 23
123.200.172.0/24 maxlen: 24
123.200.174.0/24 maxlen: 24
123.200.175.0/24 maxlen: 24
123.200.176.0/23 maxlen: 23
123.200.179.0/24 maxlen: 24
123.200.180.0/23 maxlen: 23
123.200.182.0/23 maxlen: 23
123.200.184.0/22 maxlen: 22
123.200.187.0/24 maxlen: 24
123.200.188.0/23 maxlen: 23
123.200.192.0/21 maxlen: 21
123.200.200.0/21 maxlen: 21
123.200.208.0/21 maxlen: 21
123.200.216.0/21 maxlen: 21
123.200.224.0/21 maxlen: 21
123.200.240.0/21 maxlen: 21
202.83.64.0/19 maxlen: 19
202.83.64.0/22 maxlen: 22
202.83.68.0/23 maxlen: 23
202.83.70.0/23 maxlen: 23
202.83.72.0/24 maxlen: 24
202.83.73.0/24 maxlen: 24
202.83.74.0/23 maxlen: 23
202.83.76.0/22 maxlen: 22
202.83.80.0/23 maxlen: 23
202.83.82.0/24 maxlen: 24
202.83.83.0/24 maxlen: 24
202.83.84.0/22 maxlen: 22
202.83.88.0/23 maxlen: 23
202.83.90.0/23 maxlen: 23
202.83.92.0/23 maxlen: 23
202.83.94.0/24 maxlen: 24
202.83.95.0/24 maxlen: 24
202.183.96.0/20 maxlen: 20
202.183.96.0/24 maxlen: 24
202.183.97.0/24 maxlen: 24
202.183.98.0/24 maxlen: 24
202.183.100.0/23 maxlen: 23
202.183.102.0/23 maxlen: 23
202.183.102.0/24 maxlen: 24
202.183.104.0/22 maxlen: 22
202.183.108.0/24 maxlen: 24
202.183.110.0/24 maxlen: 24
202.183.111.0/24 maxlen: 24
202.183.112.0/20 maxlen: 20
202.183.112.0/23 maxlen: 23
202.183.114.0/23 maxlen: 23
202.183.116.0/23 maxlen: 23
202.183.118.0/24 maxlen: 24
202.183.119.0/24 maxlen: 24
202.183.120.0/22 maxlen: 22
202.183.124.0/23 maxlen: 23
202.183.126.0/24 maxlen: 24
202.183.127.0/24 maxlen: 24
210.56.64.0/20 maxlen: 20
210.56.64.0/22 maxlen: 22
210.56.64.0/24 maxlen: 24
210.56.65.0/24 maxlen: 24
210.56.66.0/24 maxlen: 24
210.56.67.0/24 maxlen: 24
210.56.68.0/23 maxlen: 23
210.56.70.0/23 maxlen: 23
210.56.72.0/23 maxlen: 23
210.56.74.0/23 maxlen: 23
210.56.76.0/23 maxlen: 23
210.56.78.0/23 maxlen: 23
220.157.64.0/19 maxlen: 19
220.157.64.0/23 maxlen: 23
220.157.66.0/23 maxlen: 23
220.157.66.0/24 maxlen: 24
220.157.69.0/24 maxlen: 24
220.157.70.0/24 maxlen: 24
220.157.71.0/24 maxlen: 24
220.157.72.0/23 maxlen: 23
220.157.76.0/23 maxlen: 23
220.157.78.0/23 maxlen: 23
220.157.78.0/24 maxlen: 24
220.157.79.0/24 maxlen: 24
220.157.80.0/23 maxlen: 23
220.157.82.0/23 maxlen: 23
220.157.84.0/23 maxlen: 23
220.157.86.0/23 maxlen: 23
220.157.88.0/23 maxlen: 23
220.157.90.0/24 maxlen: 24
220.157.91.0/24 maxlen: 24
220.157.92.0/24 maxlen: 24
220.157.93.0/24 maxlen: 24
220.157.94.0/24 maxlen: 24
220.157.95.0/24 maxlen: 24
2407:6800::/32 maxlen: 32
2407:6800:0:200::/56 maxlen: 56
2407:6800:0:300::/56 maxlen: 56
2407:6800:0:400::/56 maxlen: 56
2407:6800:0:500::/56 maxlen: 56
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1848 (0x738)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DB4FE
Validity
Not Before: Aug 27 03:17:10 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66cd4536-7961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:4f:76:31:12:aa:8d:87:c2:67:95:92:4e:b6:
9a:a6:f4:d5:18:2c:64:88:33:65:8f:85:3a:da:34:
2e:6a:24:0d:fb:08:6d:60:55:ca:49:8f:02:37:66:
47:f0:9a:d7:88:7d:e0:96:33:f6:8d:df:0b:f5:c8:
d3:2d:61:d9:d9:fe:5d:74:2d:69:f6:d5:8b:69:46:
c1:a9:f1:da:48:0f:23:03:db:51:eb:99:58:ba:7b:
26:88:9b:c9:d9:e5:e9:1f:24:e7:fb:f3:f4:77:a4:
3e:7c:2c:4b:7f:44:d2:b9:42:3b:19:8f:43:03:44:
52:3f:c9:63:c1:d1:46:ed:1d:f5:fb:97:de:f7:ed:
cd:b6:9c:d8:98:09:76:66:af:f6:a0:ee:cd:b5:7e:
40:5e:d7:ed:59:63:d8:ad:2d:1d:fe:ea:21:75:47:
19:d5:19:5a:3a:77:83:53:e5:c0:e3:10:a0:7d:77:
91:3e:de:15:d0:20:2c:e0:a5:7b:75:35:24:51:20:
a2:db:c4:38:12:61:bf:05:c9:fa:e7:93:3c:3f:c1:
07:8c:eb:3f:9d:0d:77:72:0a:e2:68:24:b2:59:27:
48:fc:f8:e9:1e:c1:e5:d9:4e:7c:aa:c7:2e:91:1e:
b1:14:6d:57:4d:c3:c8:04:65:ec:e8:50:69:0f:43:
2f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:44:8D:16:7F:3C:62:DB:67:DB:86:BE:E4:3C:60:07:06:8D:A8:7B
X509v3 Authority Key Identifier:
keyid:7F:6B:E1:D5:A2:73:0F:C2:27:FA:FC:89:6D:13:43:32:41:78:31:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/f2vh1aJzD8In-vyJbRNDMkF4MXk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/D8ECB79C642211EFA2887F4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.178.0.0/20
1.178.64.0-1.178.111.255
1.178.144.0-1.178.207.255
1.179.0.0-1.179.39.255
1.179.48.0-1.179.71.255
1.179.80.0/21
1.179.96.0/20
58.87.0.0/20
110.238.2.0-110.238.31.255
110.238.128.0/19
110.238.224.0-110.239.47.255
110.239.128.0/19
110.239.176.0/21
110.239.224.0/19
119.12.0.0/20
119.12.80.0-119.12.103.255
119.12.112.0/20
119.12.144.0/21
119.13.0.0-119.13.23.255
119.13.48.0/21
119.13.128.0-119.13.151.255
119.13.176.0/21
119.13.240.0/21
121.91.16.0/20
121.91.96.0/21
121.91.112.0-121.91.135.255
121.91.144.0/21
121.91.160.0/21
121.91.192.0/21
123.200.128.0-123.200.172.255
123.200.174.0-123.200.177.255
123.200.179.0-123.200.189.255
123.200.192.0-123.200.231.255
123.200.240.0/21
202.83.64.0/19
202.183.96.0/19
210.56.64.0/20
220.157.64.0/19
IPv6:
2407:6800::/32
Signature Algorithm: sha256WithRSAEncryption
dd:0b:89:27:6d:99:65:2e:20:cb:2f:d7:ec:36:20:71:7c:f1:
69:88:f0:25:b9:a5:8b:be:26:bb:8a:97:e8:1b:63:cc:4f:32:
5e:6c:bb:e9:f4:a0:0c:99:81:11:fc:b0:bf:5c:30:f6:28:01:
4c:5b:43:29:24:06:69:7b:25:c8:ad:00:90:31:49:13:58:9f:
31:a4:43:78:50:2a:0e:da:fe:7d:27:8a:38:26:3a:c0:b9:1f:
b9:0d:a0:33:d6:d8:17:c0:7d:e9:38:aa:27:41:02:18:a8:c2:
0f:4e:d0:6f:5d:d1:d2:b7:ff:ce:5c:96:01:08:1c:e6:7b:47:
db:1d:20:6f:93:60:88:5d:8d:a3:62:77:8d:1a:0d:72:7c:fd:
cf:4a:96:90:c2:69:a5:18:34:71:fb:42:aa:08:58:c4:a8:91:
f9:df:22:d7:dd:0d:6a:ad:fe:e1:12:22:54:8c:8f:1c:80:0e:
ea:12:10:e6:4b:f7:07:bc:7a:4a:4f:db:53:b9:aa:db:40:f7:
32:4b:1f:35:64:6b:22:bf:42:d8:f8:82:43:5a:b3:84:93:e5:
8f:f3:9a:5e:b6:d6:cb:0f:a9:33:1e:5a:d7:94:06:18:32:b4:
d5:72:a1:8d:0d:f9:9d:ce:c3:1a:46:39:3f:70:5b:d4:59:b4:
1b:24:bf:db
-----BEGIN CERTIFICATE-----
MIIG1jCCBb6gAwIBAgICBzgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REI0RkUxMTAvBgNVBAUTKDdGNkJFMUQ1QTI3MzBGQzIyN0ZBRkM4OTZEMTM0MzMy
NDE3ODMxNzkwHhcNMjQwODI3MDMxNzEwWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmNkNDUzNi03OTYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4092MRKqjYfCZ5WSTraapvTVGCxkiDNlj4U62jQuaiQN+whtYFXKSY8CN2ZH
8JrXiH3gljP2jd8L9cjTLWHZ2f5ddC1p9tWLaUbBqfHaSA8jA9tR65lYunsmiJvJ
2eXpHyTn+/P0d6Q+fCxLf0TSuUI7GY9DA0RSP8ljwdFG7R31+5fe9+3NtpzYmAl2
Zq/2oO7NtX5AXtftWWPYrS0d/uohdUcZ1RlaOneDU+XA4xCgfXeRPt4V0CAs4KV7
dTUkUSCi28Q4EmG/Bcn655M8P8EHjOs/nQ13cgriaCSyWSdI/PjpHsHl2U58qscu
kR6xFG1XTcPIBGXs6FBpD0MvcQIDAQABo4ID+jCCA/YwHQYDVR0OBBYEFIJEjRZ/
PGLbZ9uGvuQ8YAcGjah7MB8GA1UdIwQYMBaAFH9r4dWicw/CJ/r8iW0TQzJBeDF5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQjRGRS9DRjRBMTBFQTg1
RTExMUVCQUZCNTFFODRDNEY5QUUwMi9mMnZoMWFKekQ4SW4tdnlKYlJORE1rRjRN
WGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2YydmgxYUp6RDhJbi12eUpiUk5ETWtGNE1Yay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REI0RkUvQ0Y0QTEwRUE4NUUxMTFFQkFGQjUxRTg0QzRGOUFFMDIvRDhFQ0I3OUM2
NDIyMTFFRkEyODg3RjRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggGCBggrBgEFBQcBBwEB
/wSCAXEwggFtMIIBWgQCAAEwggFSAwQEAbIAMAwDBAYBskADBAQBsmAwDAMEBAGy
kAMEBAGywDALAwMAAbMDBAMBsyAwDAMEBAGzMAMEAwGzQAMEAwGzUAMEBAGzYAME
BDpXADAMAwQBbu4CAwQFbu4AAwQFbu6AMAwDBAVu7uADBARu7yADBAVu74ADBANu
77ADBAVu7+ADBAR3DAAwDAMEBHcMUAMEA3cMYAMEBHcMcAMEA3cMkDALAwMAdw0D
BAN3DRADBAN3DTAwDAMEB3cNgAMEA3cNkAMEA3cNsAMEA3cN8AMEBHlbEAMEA3lb
YDAMAwQEeVtwAwQDeVuAAwQDeVuQAwQDeVugAwQDeVvAMAwDBAd7yIADBAB7yKww
DAMEAXvIrgMEAXvIsDAMAwQAe8izAwQBe8i8MAwDBAZ7yMADBAN7yOADBAN7yPAD
BAXKU0ADBAXKt2ADBATSOEADBAXcnUAwDQQCAAIwBwMFACQHaAAwDQYJKoZIhvcN
AQELBQADggEBAN0LiSdtmWUuIMsv1+w2IHF88WmI8CW5pYu+JruKl+gbY8xPMl5s
u+n0oAyZgRH8sL9cMPYoAUxbQykkBml7JcitAJAxSRNYnzGkQ3hQKg7a/n0nijgm
OsC5H7kNoDPW2BfAfek4qidBAhiowg9O0G9d0dK3/85clgEIHOZ7R9sdIG+TYIhd
jaNid40aDXJ8/c9KlpDCaaUYNHH7QqoIWMSokfnfItfdDWqt/uESIlSMjxyADuoS
EOZL9we8ekpP21O5qttA9zJLHzVkayK/Qtj4gkNas4ST5Y/zml621ssPqTMeWteU
BhgytNVyoY0N+Z3OwxpGOT9wW9RZtBskv9s=
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:50:07 2025 by rpki-client