Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/27B7B3BC1FB611ED8AFD5146C4F9AE02.roa
File: 27B7B3BC1FB611ED8AFD5146C4F9AE02.roa (raw, json)
Hash identifier: f/AG6c51dUsOMFHVJJ5THWZZaRJpkdSVM0cLRBOHHa8=
Subject key identifier: E7:65:C3:98:43:D3:B0:61:D6:A5:8A:B2:2B:11:65:38:18:A8:B3:AE
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 083D
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/27B7B3BC1FB611ED8AFD5146C4F9AE02.roa
Signing time: Fri 19 Aug 2022 11:57:53 +0000
ROA not before: Fri 19 Aug 2022 11:57:53 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 9387
IP address blocks: 103.11.60.0/24 maxlen: 24
103.11.62.0/24 maxlen: 24
103.11.63.0/24 maxlen: 24
113.203.208.0/22 maxlen: 24
113.203.212.0/24 maxlen: 24
113.203.213.0/24 maxlen: 24
113.203.214.0/23 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.217.0/24 maxlen: 24
113.203.218.0/23 maxlen: 24
113.203.223.0/24 maxlen: 24
113.203.228.0/24 maxlen: 24
113.203.229.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
113.203.242.0/24 maxlen: 24
113.203.243.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
113.203.245.0/24 maxlen: 24
113.203.246.0/24 maxlen: 24
113.203.247.0/24 maxlen: 24
180.178.128.0/24 maxlen: 24
180.178.129.0/24 maxlen: 24
180.178.132.0/24 maxlen: 24
180.178.133.0/24 maxlen: 24
180.178.134.0/24 maxlen: 24
180.178.135.0/24 maxlen: 24
180.178.137.0/24 maxlen: 24
180.178.138.0/24 maxlen: 24
180.178.139.0/24 maxlen: 24
180.178.140.0/22 maxlen: 22
180.178.144.0/24 maxlen: 24
180.178.145.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.150.0/24 maxlen: 24
180.178.151.0/24 maxlen: 24
180.178.152.0/22 maxlen: 24
180.178.156.0/23 maxlen: 24
180.178.159.0/24 maxlen: 24
180.178.160.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.162.0/24 maxlen: 24
180.178.164.0/22 maxlen: 24
180.178.168.0/24 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.173.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
180.178.180.0/22 maxlen: 24
223.29.224.0/24 maxlen: 24
223.29.225.0/24 maxlen: 24
223.29.227.0/24 maxlen: 24
223.29.232.0/22 maxlen: 22
223.29.236.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
223.29.239.0/24 maxlen: 24
2401:4100::/33 maxlen: 33
2401:4100:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2109 (0x83d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Aug 19 11:57:53 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=62ff7ac1-32d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ae:36:93:3b:ac:b3:f7:3d:f1:8e:61:4f:27:
d4:dd:b2:85:ee:1b:de:9e:29:20:8b:77:87:98:d1:
1d:e1:fe:53:fa:9a:2c:c6:5c:b6:19:19:ce:c7:15:
99:62:b0:79:ca:10:4c:c0:f4:50:4b:df:d9:a6:a9:
6e:a9:cd:fa:cc:2b:0b:fd:56:1c:94:86:c1:12:cd:
93:a2:e9:7b:1a:22:3f:6d:70:8d:44:4c:d8:2d:e6:
7b:97:d6:7d:be:5e:18:24:5d:d0:63:06:22:18:4c:
44:30:a0:f2:a1:93:66:79:ba:c6:22:f4:07:e9:46:
8d:38:46:1c:4b:1e:2f:cd:3e:08:f3:9c:2e:eb:f7:
45:52:c1:f0:02:d8:14:c1:32:83:5e:af:0f:31:62:
f5:0e:d5:9c:a9:0e:9e:d2:58:51:a3:7c:77:40:af:
a1:0f:e4:be:a9:80:ad:7d:81:e6:b3:d5:3b:fa:b9:
6e:30:dc:2b:2b:06:67:03:0b:3e:45:b9:27:92:83:
ea:cc:d8:b7:aa:e0:49:fa:12:96:5a:17:5d:65:76:
4a:23:24:98:37:a1:f1:b7:62:8c:af:41:12:5d:dc:
f3:03:7b:62:48:50:b5:ac:1c:eb:86:86:26:dd:72:
05:d7:60:5d:6b:ab:69:7d:62:67:86:6b:5c:75:ab:
8a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:65:C3:98:43:D3:B0:61:D6:A5:8A:B2:2B:11:65:38:18:A8:B3:AE
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/27B7B3BC1FB611ED8AFD5146C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.60.0/24
103.11.62.0/23
113.203.208.0-113.203.219.255
113.203.223.0/24
113.203.228.0/23
113.203.231.0/24
113.203.234.0-113.203.240.255
113.203.242.0-113.203.247.255
180.178.128.0/23
180.178.132.0/22
180.178.137.0-180.178.145.255
180.178.149.0-180.178.157.255
180.178.159.0-180.178.162.255
180.178.164.0-180.178.168.255
180.178.172.0/22
180.178.180.0/22
223.29.224.0/23
223.29.227.0/24
223.29.232.0/21
IPv6:
2401:4100::-2401:4100:8000:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
93:65:8a:7f:45:b8:aa:3e:83:f2:a7:e7:f8:cc:f9:d6:32:1e:
65:60:5f:7f:2b:6b:c2:e7:35:64:45:34:84:3d:63:80:0a:d0:
69:81:35:56:8c:28:0c:51:43:9a:be:f1:b9:a6:1c:eb:bd:c3:
68:f6:5b:8d:f6:c6:88:f5:93:58:5e:49:e3:26:c4:b8:5c:29:
73:37:38:70:8f:79:f1:34:d5:4f:4f:5b:0d:61:a4:39:e7:86:
25:85:7e:76:97:29:22:59:26:b5:9e:73:ae:40:7e:49:02:d8:
f4:9d:8d:d6:1d:c1:9e:e5:c0:0c:c8:c3:de:50:35:99:b2:1b:
34:40:9f:d5:6a:8d:c7:d0:11:e3:1a:a1:07:ec:5e:47:24:c2:
96:d1:d7:b4:40:c0:b9:74:28:d3:4b:12:bb:73:76:c0:ec:ef:
01:b1:11:a6:31:ad:77:73:c3:fb:18:4b:29:50:46:f9:a3:e0:
de:73:f5:d5:ef:fb:b2:b1:af:cf:0f:94:23:2e:f7:6e:79:ce:
14:84:8c:b3:67:08:b6:9b:c5:c2:1a:eb:d8:46:7c:3e:ba:8f:
3c:fd:c4:76:5f:43:30:cd:2a:d6:e2:f1:bc:c4:2c:69:1b:69:
4e:64:3b:a9:8d:c8:bd:2c:55:89:2c:47:a5:03:20:98:72:cd:
15:a4:20:b2
-----BEGIN CERTIFICATE-----
MIIGMzCCBRugAwIBAgICCD0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjIwODE5MTE1NzUzWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmZmN2FjMS0zMmQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2K42kzuss/c98Y5hTyfU3bKF7hvenikgi3eHmNEd4f5T+posxly2GRnOxxWZ
YrB5yhBMwPRQS9/Zpqluqc36zCsL/VYclIbBEs2Toul7GiI/bXCNREzYLeZ7l9Z9
vl4YJF3QYwYiGExEMKDyoZNmebrGIvQH6UaNOEYcSx4vzT4I85wu6/dFUsHwAtgU
wTKDXq8PMWL1DtWcqQ6e0lhRo3x3QK+hD+S+qYCtfYHms9U7+rluMNwrKwZnAws+
RbknkoPqzNi3quBJ+hKWWhddZXZKIySYN6Hxt2KMr0ESXdzzA3tiSFC1rBzrhoYm
3XIF12Bda6tpfWJnhmtcdauKKQIDAQABo4IDVzCCA1MwHQYDVR0OBBYEFOdlw5hD
07Bh1qWKsisRZTgYqLOuMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvMjdCN0IzQkMx
RkI2MTFFRDhBRkQ1MTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgeAGCCsGAQUFBwEHAQH/
BIHQMIHNMIGxBAIAATCBqgMEAGcLPAMEAWcLPjAMAwQEccvQAwQCccvYAwQAccvf
AwQBccvkAwQAccvnMAwDBAFxy+oDBABxy/AwDAMEAXHL8gMEA3HL8AMEAbSygAME
ArSyhDAMAwQAtLKJAwQBtLKQMAwDBAC0spUDBAG0spwwDAMEALSynwMEALSyojAM
AwQCtLKkAwQAtLKoAwQCtLKsAwQCtLK0AwQB3x3gAwQA3x3jAwQD3x3oMBcEAgAC
MBEwDwMEACQBQQMHACQBQQCAADANBgkqhkiG9w0BAQsFAAOCAQEAk2WKf0W4qj6D
8qfn+Mz51jIeZWBffytrwuc1ZEU0hD1jgArQaYE1VowoDFFDmr7xuaYc673DaPZb
jfbGiPWTWF5J4ybEuFwpczc4cI958TTVT09bDWGkOeeGJYV+dpcpIlkmtZ5zrkB+
SQLY9J2N1h3BnuXADMjD3lA1mbIbNECf1WqNx9AR4xqhB+xeRyTCltHXtEDAuXQo
00sSu3N2wOzvAbERpjGtd3PD+xhLKVBG+aPg3nP11e/7srGvzw+UIy73bnnOFISM
s2cItpvFwhrr2EZ8PrqPPP3Edl9DMM0q1uLxvMQsaRtpTmQ7qY3IvSxViSxHpQMg
mHLNFaQgsg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:14 2023 by rpki-client on console-fra.rpki-client.org