Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/33545C1AE34911EC9DACF468C4F9AE02.roa
File: 33545C1AE34911EC9DACF468C4F9AE02.roa (raw, json)
Hash identifier: tczciK7QgaJx1co1fFKqT/3br+G4czu93KU4ige82OE=
Subject key identifier: 66:5E:09:D5:4C:8A:8E:9E:03:FB:9E:20:38:4A:38:41:D3:31:A8:72
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 07F0
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/33545C1AE34911EC9DACF468C4F9AE02.roa
Signing time: Mon 18 Jul 2022 09:09:47 +0000
ROA not before: Mon 18 Jul 2022 09:09:47 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 9387
IP address blocks: 103.11.60.0/24 maxlen: 24
103.11.62.0/24 maxlen: 24
103.11.63.0/24 maxlen: 24
113.203.208.0/22 maxlen: 24
113.203.212.0/24 maxlen: 24
113.203.213.0/24 maxlen: 24
113.203.214.0/23 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.217.0/24 maxlen: 24
113.203.218.0/23 maxlen: 24
113.203.221.0/24 maxlen: 24
113.203.223.0/24 maxlen: 24
113.203.228.0/24 maxlen: 24
113.203.229.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
113.203.242.0/24 maxlen: 24
113.203.243.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
113.203.245.0/24 maxlen: 24
113.203.246.0/24 maxlen: 24
180.178.128.0/24 maxlen: 24
180.178.129.0/24 maxlen: 24
180.178.132.0/24 maxlen: 24
180.178.133.0/24 maxlen: 24
180.178.134.0/24 maxlen: 24
180.178.135.0/24 maxlen: 24
180.178.137.0/24 maxlen: 24
180.178.138.0/24 maxlen: 24
180.178.139.0/24 maxlen: 24
180.178.140.0/22 maxlen: 22
180.178.144.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.150.0/24 maxlen: 24
180.178.151.0/24 maxlen: 24
180.178.152.0/22 maxlen: 24
180.178.156.0/23 maxlen: 24
180.178.159.0/24 maxlen: 24
180.178.160.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.162.0/24 maxlen: 24
180.178.164.0/22 maxlen: 24
180.178.168.0/24 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.173.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
180.178.176.0/21 maxlen: 24
223.29.224.0/24 maxlen: 24
223.29.225.0/24 maxlen: 24
223.29.227.0/24 maxlen: 24
223.29.232.0/22 maxlen: 22
223.29.236.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
223.29.239.0/24 maxlen: 24
2401:4100::/33 maxlen: 33
2401:4100:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2032 (0x7f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Jul 18 09:09:47 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=62d5235a-6c7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:92:bc:f9:6b:1e:d9:5a:fe:4c:80:b9:26:bb:
77:47:d0:36:4a:70:9f:b3:b5:96:60:99:16:fc:f2:
a6:76:7e:50:02:db:44:eb:22:68:a3:27:0f:f7:e4:
ac:1a:f7:82:70:06:28:19:d9:c2:ec:e1:b4:e2:87:
16:aa:a1:25:5b:86:a8:b5:cc:36:e9:1a:cf:b2:36:
34:61:f3:26:36:c2:e3:81:14:2e:58:d1:d8:b7:e9:
03:bc:a0:ac:9d:69:c2:5d:cf:53:e2:12:27:d2:c3:
6c:26:15:d2:84:c4:8c:35:8c:a2:0e:45:e9:2e:f6:
ed:60:8d:92:1f:25:d1:a8:12:95:74:8e:55:bc:ff:
dd:a7:9c:a2:fd:68:97:ef:7a:2b:ac:60:0e:ab:7e:
12:98:04:26:bd:54:f7:62:a6:df:e5:f3:77:43:9b:
7d:b0:5a:bd:72:12:bb:ce:3f:bc:62:d9:d3:14:96:
1f:98:bf:f7:14:d8:4a:c8:bc:31:5b:72:8b:77:74:
82:1e:1f:f3:af:2b:2f:33:74:c0:7d:52:d0:9b:7b:
a9:26:79:ca:b4:19:9b:76:f8:6f:3c:28:5a:d2:82:
b5:d6:6d:00:d3:f7:1f:80:1d:22:eb:13:6e:fa:f6:
3d:4a:f5:97:9f:f8:6d:8f:e8:dc:65:22:5b:78:65:
09:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:5E:09:D5:4C:8A:8E:9E:03:FB:9E:20:38:4A:38:41:D3:31:A8:72
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/33545C1AE34911EC9DACF468C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.60.0/24
103.11.62.0/23
113.203.208.0-113.203.219.255
113.203.221.0/24
113.203.223.0/24
113.203.228.0/23
113.203.231.0/24
113.203.234.0-113.203.240.255
113.203.242.0-113.203.246.255
180.178.128.0/23
180.178.132.0/22
180.178.137.0-180.178.144.255
180.178.149.0-180.178.157.255
180.178.159.0-180.178.162.255
180.178.164.0-180.178.168.255
180.178.172.0-180.178.183.255
223.29.224.0/23
223.29.227.0/24
223.29.232.0/21
IPv6:
2401:4100::-2401:4100:8000:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6f:08:b8:71:d3:6e:35:03:6b:19:1b:86:f7:df:ea:06:8a:4a:
48:1e:9e:71:2e:07:f0:73:7f:d7:de:4e:96:50:b1:24:75:60:
31:82:70:c7:9e:7f:e4:bc:15:b0:dc:09:64:ef:5f:ac:87:a4:
5c:4c:60:66:90:35:5a:50:49:1c:16:94:3a:ef:39:43:31:5b:
04:82:0e:59:30:1a:41:a6:69:25:fb:75:4c:86:c6:b0:20:42:
60:45:9f:03:53:5c:b6:85:00:74:59:dc:39:01:ad:a8:11:52:
0f:80:6a:9f:87:28:8e:c0:53:2d:13:66:79:bb:82:12:29:aa:
2b:13:21:7a:21:e7:9f:df:7b:2a:d4:85:4f:c8:1f:7f:52:a7:
cb:96:c1:52:2d:f7:2f:85:f4:78:c4:a1:95:55:75:ab:df:e3:
bf:22:2e:d6:7f:48:b3:49:53:6c:e0:c5:dd:c8:cb:79:53:b0:
42:1f:bc:cc:cc:fc:c3:89:30:a5:0f:6d:50:73:91:ac:00:7b:
eb:0c:f1:65:e9:f1:e9:0d:e1:25:10:75:de:56:e8:55:b8:8e:
0e:2c:a8:56:1b:4a:46:92:19:9d:54:f1:3d:03:0e:9d:9a:17:
ce:f2:9a:6e:96:f0:a3:ac:84:f4:67:9d:77:a2:ac:d0:ce:9b:
74:35:c9:c4
-----BEGIN CERTIFICATE-----
MIIGOzCCBSOgAwIBAgICB/AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjIwNzE4MDkwOTQ3WhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmQ1MjM1YS02YzdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4pK8+Wse2Vr+TIC5Jrt3R9A2SnCfs7WWYJkW/PKmdn5QAttE6yJooycP9+Ss
GveCcAYoGdnC7OG04ocWqqElW4aotcw26RrPsjY0YfMmNsLjgRQuWNHYt+kDvKCs
nWnCXc9T4hIn0sNsJhXShMSMNYyiDkXpLvbtYI2SHyXRqBKVdI5VvP/dp5yi/WiX
73orrGAOq34SmAQmvVT3Yqbf5fN3Q5t9sFq9chK7zj+8YtnTFJYfmL/3FNhKyLwx
W3KLd3SCHh/zrysvM3TAfVLQm3upJnnKtBmbdvhvPCha0oK11m0A0/cfgB0i6xNu
+vY9SvWXn/htj+jcZSJbeGUJVwIDAQABo4IDXzCCA1swHQYDVR0OBBYEFGZeCdVM
io6eA/ueIDhKOEHTMahyMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvMzM1NDVDMUFF
MzQ5MTFFQzlEQUNGNDY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgegGCCsGAQUFBwEHAQH/
BIHYMIHVMIG5BAIAATCBsgMEAGcLPAMEAWcLPjAMAwQEccvQAwQCccvYAwQAccvd
AwQAccvfAwQBccvkAwQAccvnMAwDBAFxy+oDBABxy/AwDAMEAXHL8gMEAHHL9gME
AbSygAMEArSyhDAMAwQAtLKJAwQAtLKQMAwDBAC0spUDBAG0spwwDAMEALSynwME
ALSyojAMAwQCtLKkAwQAtLKoMAwDBAK0sqwDBAO0srADBAHfHeADBADfHeMDBAPf
HegwFwQCAAIwETAPAwQAJAFBAwcAJAFBAIAAMA0GCSqGSIb3DQEBCwUAA4IBAQBv
CLhx0241A2sZG4b33+oGikpIHp5xLgfwc3/X3k6WULEkdWAxgnDHnn/kvBWw3Alk
71+sh6RcTGBmkDVaUEkcFpQ67zlDMVsEgg5ZMBpBpmkl+3VMhsawIEJgRZ8DU1y2
hQB0Wdw5Aa2oEVIPgGqfhyiOwFMtE2Z5u4ISKaorEyF6Ieef33sq1IVPyB9/UqfL
lsFSLfcvhfR4xKGVVXWr3+O/Ii7Wf0izSVNs4MXdyMt5U7BCH7zMzPzDiTClD21Q
c5GsAHvrDPFl6fHpDeElEHXeVuhVuI4OLKhWG0pGkhmdVPE9Aw6dmhfO8ppulvCj
rIT0Z513oqzQzpt0NcnE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:14 2023 by rpki-client on console-fra.rpki-client.org