Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/9C9B2AC6114E11EE8546EE81C4F9AE02.roa
File: 9C9B2AC6114E11EE8546EE81C4F9AE02.roa (raw, json)
Hash identifier: nhWBUivU1s9dmGALKfM0q0JDHjjPpRASQSoSfirmoIA=
Subject key identifier: 64:2B:DB:4C:A9:27:6F:C2:EE:89:75:C0:B3:F1:95:04:99:08:DA:29
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 16DD
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/9C9B2AC6114E11EE8546EE81C4F9AE02.roa
Signing time: Thu 22 Jun 2023 22:46:23 +0000
ROA not before: Thu 22 Jun 2023 22:46:23 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 4826
IP address blocks: 14.137.106.0/24 maxlen: 24
27.106.200.0/22 maxlen: 22
43.241.188.0/22 maxlen: 22
43.252.252.0/22 maxlen: 22
49.255.0.0/16 maxlen: 16
49.255.233.0/24 maxlen: 24
49.255.249.0/24 maxlen: 24
49.255.255.0/24 maxlen: 24
103.37.120.0/24 maxlen: 24
103.233.148.0/22 maxlen: 22
103.255.16.0/22 maxlen: 22
110.5.116.0/22 maxlen: 22
112.213.192.0/19 maxlen: 19
112.213.224.0/19 maxlen: 19
113.29.240.0/22 maxlen: 22
113.29.243.0/24 maxlen: 24
114.31.192.0/20 maxlen: 20
116.212.192.0/18 maxlen: 18
116.212.204.0/24 maxlen: 24
116.212.230.0/23 maxlen: 24
116.212.253.0/24 maxlen: 24
119.161.83.0/24 maxlen: 24
119.161.84.0/24 maxlen: 24
119.161.86.0/23 maxlen: 23
119.161.90.0/24 maxlen: 24
119.161.91.0/24 maxlen: 24
119.161.92.0/24 maxlen: 24
119.161.93.0/24 maxlen: 24
119.161.94.0/24 maxlen: 24
119.161.95.0/24 maxlen: 24
121.54.128.0/19 maxlen: 19
121.54.128.0/20 maxlen: 20
121.54.136.0/24 maxlen: 24
121.54.145.0/24 maxlen: 24
121.79.0.0/17 maxlen: 17
123.103.192.0/19 maxlen: 19
124.254.64.0/18 maxlen: 18
124.254.64.0/24 maxlen: 24
124.254.95.0/24 maxlen: 24
124.254.96.0/24 maxlen: 24
175.45.64.0/18 maxlen: 18
175.45.78.0/24 maxlen: 24
175.45.82.0/24 maxlen: 24
175.45.83.0/24 maxlen: 24
175.45.85.0/24 maxlen: 24
175.45.92.0/24 maxlen: 24
175.45.94.0/23 maxlen: 23
175.45.99.0/24 maxlen: 24
175.45.100.0/24 maxlen: 24
175.45.101.0/24 maxlen: 24
175.45.105.0/24 maxlen: 24
175.45.111.0/24 maxlen: 24
175.45.125.0/24 maxlen: 24
180.148.64.0/19 maxlen: 19
180.148.76.0/24 maxlen: 24
180.148.77.0/24 maxlen: 24
180.148.83.0/24 maxlen: 24
180.148.84.0/24 maxlen: 24
180.148.95.0/24 maxlen: 24
202.62.138.0/24 maxlen: 24
202.62.139.0/24 maxlen: 24
202.62.141.0/24 maxlen: 24
202.62.142.0/24 maxlen: 24
202.62.147.0/24 maxlen: 24
202.62.152.0/24 maxlen: 24
202.62.153.0/24 maxlen: 24
202.62.154.0/24 maxlen: 24
202.62.155.0/24 maxlen: 24
202.62.240.0/22 maxlen: 22
202.80.176.0/20 maxlen: 20
202.89.160.0/19 maxlen: 19
202.137.96.0/20 maxlen: 20
202.137.192.0/21 maxlen: 21
202.189.64.0/20 maxlen: 20
202.189.72.0/24 maxlen: 24
202.189.73.0/24 maxlen: 24
203.12.251.0/24 maxlen: 24
203.18.212.0/23 maxlen: 23
203.22.206.0/24 maxlen: 24
203.26.237.0/24 maxlen: 24
203.28.186.0/24 maxlen: 24
203.29.177.0/24 maxlen: 24
203.55.11.0/24 maxlen: 24
203.89.64.0/19 maxlen: 19
203.89.80.0/24 maxlen: 24
203.89.92.0/24 maxlen: 24
203.92.28.0/22 maxlen: 22
203.129.128.0/19 maxlen: 19
203.153.224.0/19 maxlen: 19
203.153.226.0/24 maxlen: 24
203.161.64.0/18 maxlen: 18
203.188.128.0/19 maxlen: 19
210.50.198.0/24 maxlen: 24
211.26.193.0/24 maxlen: 24
218.100.80.0/22 maxlen: 22
223.27.96.0/21 maxlen: 21
2402:7800::/32 maxlen: 32
2402:7800:ff00::/40 maxlen: 40
2402:7800:ff00::/48 maxlen: 48
2402:7800:ff01::/48 maxlen: 48
2402:7800:ff20::/48 maxlen: 48
2402:7800:ff40::/44 maxlen: 44
2402:7800:ffe0::/48 maxlen: 48
2403:d600::/32 maxlen: 32
2403:fc00:300::/40 maxlen: 40
2404:b000::/32 maxlen: 32
2404:bc00::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5853 (0x16dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Jun 22 22:46:23 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=6494cf3f-1486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1e:56:6b:64:9d:2a:fe:09:3f:cc:3d:d7:5e:
c6:25:01:6c:3a:0c:d8:54:ba:26:58:c9:fa:30:56:
5b:9f:51:54:87:cd:03:f1:fb:b7:12:73:39:74:a8:
22:57:bc:15:20:c5:07:15:20:cd:98:77:9f:65:4c:
06:3e:96:52:07:cd:7b:71:eb:9e:99:02:17:02:65:
9a:66:4a:b2:3a:58:db:64:42:04:16:14:f4:ba:f7:
e1:09:1d:1e:bc:5e:9e:bc:4d:71:57:16:0e:5e:7f:
87:c6:ae:5a:31:db:42:c6:74:2c:94:87:3c:17:e5:
e8:39:04:0e:6b:21:2c:0d:9e:40:84:f2:87:45:47:
12:ba:74:be:dc:85:06:d3:2b:e6:c9:5c:07:8e:1c:
67:f3:09:bd:35:57:e0:40:6d:3b:25:54:71:3a:04:
99:14:9d:b9:17:29:69:1f:73:78:7c:04:81:f1:37:
d3:0c:6d:e7:75:25:3f:51:23:53:72:7e:36:26:e9:
ee:fb:09:fd:22:4a:64:ce:b1:dd:9f:8e:c2:c1:54:
43:86:ff:ca:f1:f9:65:5a:b6:79:3a:4b:d4:3c:34:
ac:f5:ab:44:ba:72:d0:5d:bb:33:1f:76:d0:7f:7d:
dd:69:02:34:32:e5:d3:4c:06:f7:65:84:86:c6:0c:
5d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:2B:DB:4C:A9:27:6F:C2:EE:89:75:C0:B3:F1:95:04:99:08:DA:29
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/9C9B2AC6114E11EE8546EE81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.137.106.0/24
27.106.200.0/22
43.241.188.0/22
43.252.252.0/22
49.255.0.0/16
103.37.120.0/24
103.233.148.0/22
103.255.16.0/22
110.5.116.0/22
112.213.192.0/18
113.29.240.0/22
114.31.192.0/20
116.212.192.0/18
119.161.83.0-119.161.84.255
119.161.86.0/23
119.161.90.0-119.161.95.255
121.54.128.0/19
121.79.0.0/17
123.103.192.0/19
124.254.64.0/18
175.45.64.0/18
180.148.64.0/19
202.62.138.0/23
202.62.141.0-202.62.142.255
202.62.147.0/24
202.62.152.0/22
202.62.240.0/22
202.80.176.0/20
202.89.160.0/19
202.137.96.0/20
202.137.192.0/21
202.189.64.0/20
203.12.251.0/24
203.18.212.0/23
203.22.206.0/24
203.26.237.0/24
203.28.186.0/24
203.29.177.0/24
203.55.11.0/24
203.89.64.0/19
203.92.28.0/22
203.129.128.0/19
203.153.224.0/19
203.161.64.0/18
203.188.128.0/19
210.50.198.0/24
211.26.193.0/24
218.100.80.0/22
223.27.96.0/21
IPv6:
2402:7800::/32
2403:d600::/32
2403:fc00:300::/40
2404:b000::/32
2404:bc00::/32
Signature Algorithm: sha256WithRSAEncryption
ae:4b:3c:27:72:51:59:fc:a2:46:1e:2c:28:43:94:c9:01:23:
4f:43:8b:05:e6:0e:3f:bd:95:1b:29:4c:92:23:03:ea:22:1e:
69:b3:a6:7a:27:74:67:c1:2d:07:18:f6:61:b5:08:1f:e3:80:
e9:16:58:a2:7a:62:0a:70:7c:36:a8:bd:91:d4:fb:88:75:a8:
8a:7a:54:4e:62:64:45:50:f7:dc:f6:1a:ac:6d:5c:3e:da:43:
91:94:a1:28:4c:f5:5f:94:ca:2b:a7:90:06:a6:32:cc:09:c9:
de:ca:9a:34:15:33:bc:7d:d2:15:ad:81:aa:ce:9a:f8:4e:ab:
d0:ee:ac:d0:d2:86:2c:3b:59:4f:4c:f6:9c:73:dc:a6:93:e9:
57:12:21:20:50:2f:b0:65:5e:86:da:32:28:a4:ae:f1:aa:08:
c6:8d:64:e5:5e:e4:91:7c:78:75:93:8f:f7:bc:b7:5c:bb:cd:
02:ea:2b:57:36:96:7b:99:de:00:de:ee:a8:4d:53:10:a0:4b:
cb:48:0e:3f:b7:43:b3:77:f3:83:20:cb:7f:18:f8:9f:6f:7b:
08:b9:ed:9b:db:1d:7d:bb:f4:75:90:50:e7:45:99:9c:7f:e7:
db:09:e3:4b:01:eb:94:bb:1e:96:1f:1c:00:44:b7:cf:f4:9c:
6c:bc:d2:9b
-----BEGIN CERTIFICATE-----
MIIG3jCCBcagAwIBAgICFt0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjMwNjIyMjI0NjIzWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDk0Y2YzZi0xNDg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxh5Wa2SdKv4JP8w9117GJQFsOgzYVLomWMn6MFZbn1FUh80D8fu3EnM5dKgi
V7wVIMUHFSDNmHefZUwGPpZSB817ceuemQIXAmWaZkqyOljbZEIEFhT0uvfhCR0e
vF6evE1xVxYOXn+Hxq5aMdtCxnQslIc8F+XoOQQOayEsDZ5AhPKHRUcSunS+3IUG
0yvmyVwHjhxn8wm9NVfgQG07JVRxOgSZFJ25FylpH3N4fASB8TfTDG3ndSU/USNT
cn42Junu+wn9IkpkzrHdn47CwVRDhv/K8fllWrZ5OkvUPDSs9atEunLQXbszH3bQ
f33daQI0MuXTTAb3ZYSGxgxddwIDAQABo4IEAjCCA/4wHQYDVR0OBBYEFGQr20yp
J2/C7ol1wLPxlQSZCNopMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvOUM5QjJBQzYx
MTRFMTFFRTg1NDZFRTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggGKBggrBgEFBQcBBwEB
/wSCAXkwggF1MIIBRQQCAAEwggE9AwQADolqAwQCG2rIAwQCK/G8AwQCK/z8AwMA
Mf8DBABnJXgDBAJn6ZQDBAJn/xADBAJuBXQDBAZw1cADBAJxHfADBARyH8ADBAZ0
1MAwDAMEAHehUwMEAHehVAMEAXehVjAMAwQBd6FaAwQFd6FAAwQFeTaAAwQHeU8A
AwQFe2fAAwQGfP5AAwQGry1AAwQFtJRAAwQByj6KMAwDBADKPo0DBADKPo4DBADK
PpMDBALKPpgDBALKPvADBATKULADBAXKWaADBATKiWADBAPKicADBATKvUADBADL
DPsDBAHLEtQDBADLFs4DBADLGu0DBADLHLoDBADLHbEDBADLNwsDBAXLWUADBALL
XBwDBAXLgYADBAXLmeADBAbLoUADBAXLvIADBADSMsYDBADTGsEDBALaZFADBAPf
G2AwKgQCAAIwJAMFACQCeAADBQAkA9YAAwYAJAP8AAMDBQAkBLAAAwUAJAS8ADAN
BgkqhkiG9w0BAQsFAAOCAQEArks8J3JRWfyiRh4sKEOUyQEjT0OLBeYOP72VGylM
kiMD6iIeabOmeid0Z8EtBxj2YbUIH+OA6RZYonpiCnB8Nqi9kdT7iHWoinpUTmJk
RVD33PYarG1cPtpDkZShKEz1X5TKK6eQBqYyzAnJ3sqaNBUzvH3SFa2Bqs6a+E6r
0O6s0NKGLDtZT0z2nHPcppPpVxIhIFAvsGVehtoyKKSu8aoIxo1k5V7kkXx4dZOP
97y3XLvNAuorVzaWe5neAN7uqE1TEKBLy0gOP7dDs3fzgyDLfxj4n297CLntm9sd
fbv0dZBQ50WZnH/n2wnjSwHrlLselh8cAES3z/ScbLzSmw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org