Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/4E682B0A65B511ED8C1B854AC4F9AE02.roa
File: 4E682B0A65B511ED8C1B854AC4F9AE02.roa (raw, json)
Hash identifier: 1uKhnHab9H1AgDmZF3bc/wyRnia7xdnU95zrvAHYBjw=
Subject key identifier: F1:1E:9F:EA:29:51:53:01:53:93:E8:B8:0B:30:52:7F:EB:B6:38:C5
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0904
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/4E682B0A65B511ED8C1B854AC4F9AE02.roa
Signing time: Wed 16 Nov 2022 13:48:10 +0000
ROA not before: Wed 16 Nov 2022 13:48:10 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 9387
IP address blocks: 103.11.60.0/24 maxlen: 24
103.11.61.0/24 maxlen: 24
103.11.62.0/24 maxlen: 24
113.203.208.0/22 maxlen: 24
113.203.212.0/24 maxlen: 24
113.203.213.0/24 maxlen: 24
113.203.214.0/23 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.217.0/24 maxlen: 24
113.203.218.0/23 maxlen: 24
113.203.223.0/24 maxlen: 24
113.203.224.0/22 maxlen: 22
113.203.228.0/24 maxlen: 24
113.203.229.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
113.203.242.0/24 maxlen: 24
113.203.243.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
113.203.245.0/24 maxlen: 24
113.203.246.0/24 maxlen: 24
180.178.128.0/24 maxlen: 24
180.178.129.0/24 maxlen: 24
180.178.132.0/24 maxlen: 24
180.178.133.0/24 maxlen: 24
180.178.134.0/24 maxlen: 24
180.178.135.0/24 maxlen: 24
180.178.137.0/24 maxlen: 24
180.178.138.0/24 maxlen: 24
180.178.139.0/24 maxlen: 24
180.178.144.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.150.0/24 maxlen: 24
180.178.151.0/24 maxlen: 24
180.178.152.0/22 maxlen: 24
180.178.156.0/24 maxlen: 24
180.178.158.0/24 maxlen: 24
180.178.159.0/24 maxlen: 24
180.178.160.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.162.0/24 maxlen: 24
180.178.164.0/22 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.173.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
180.178.180.0/22 maxlen: 24
180.178.184.0/22 maxlen: 22
223.29.224.0/24 maxlen: 24
223.29.225.0/24 maxlen: 24
223.29.226.0/24 maxlen: 24
223.29.232.0/22 maxlen: 22
223.29.236.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
223.29.239.0/24 maxlen: 24
2401:4100::/33 maxlen: 33
2401:4100:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2308 (0x904)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Nov 16 13:48:10 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6374ea1a-c925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:42:12:b6:e3:a9:45:da:d7:d4:2d:d0:4b:68:
cc:28:32:02:f4:f2:ac:ff:d8:5d:84:98:99:1d:1a:
5f:95:9f:ce:51:5c:52:10:c6:16:0f:f9:24:47:95:
6f:5d:26:52:e3:6d:4d:fb:b1:ea:17:6b:04:7c:38:
27:ba:47:01:10:fe:12:61:43:10:cf:f0:47:6f:38:
73:24:48:7e:bc:1d:f4:b9:41:71:96:ee:12:9b:92:
16:9d:63:0b:e7:cc:d2:83:d8:70:9e:b1:f7:03:ff:
99:d5:13:48:a7:8c:29:44:7e:e8:0a:cd:65:0e:82:
c8:f8:96:07:26:e4:91:17:67:b0:87:06:a4:48:29:
15:94:b7:b3:7a:7d:2a:91:3a:fb:af:82:8b:af:71:
6b:27:2c:fb:d4:cf:26:ef:9f:08:ce:18:aa:70:04:
1f:81:a5:0f:9a:67:e7:0f:1d:c2:64:72:ad:81:36:
17:c0:c7:f0:b7:5e:a4:96:94:91:3a:22:dc:d9:66:
7d:23:72:03:e1:14:1b:f5:1a:49:57:92:81:40:75:
10:8f:da:13:27:56:37:fa:2a:8a:ed:ae:41:d5:b4:
a4:09:e6:84:c8:e2:02:b8:f9:3c:d8:0a:02:2d:26:
0f:1c:bf:39:af:22:2f:db:fb:0e:04:1e:5a:56:f6:
8a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:1E:9F:EA:29:51:53:01:53:93:E8:B8:0B:30:52:7F:EB:B6:38:C5
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/4E682B0A65B511ED8C1B854AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.60.0-103.11.62.255
113.203.208.0-113.203.219.255
113.203.223.0-113.203.229.255
113.203.231.0/24
113.203.234.0-113.203.240.255
113.203.242.0-113.203.246.255
180.178.128.0/23
180.178.132.0/22
180.178.137.0-180.178.139.255
180.178.144.0/24
180.178.149.0-180.178.156.255
180.178.158.0-180.178.162.255
180.178.164.0/22
180.178.172.0/22
180.178.180.0-180.178.187.255
223.29.224.0-223.29.226.255
223.29.232.0/21
IPv6:
2401:4100::-2401:4100:8000:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
01:6e:82:f4:cb:e3:68:03:b1:f0:8d:9d:9b:7e:82:8c:5d:74:
c5:55:01:f6:69:ed:6f:ae:8d:17:cc:a7:19:2b:3e:cf:7e:52:
5a:93:a2:c8:58:8c:68:78:2a:82:2c:39:b6:05:46:67:ee:e9:
e4:0f:d1:ff:3e:6c:d7:7a:be:bb:7b:51:6d:cb:04:0c:d7:b0:
69:2e:f0:51:86:91:7b:d8:a1:b2:28:08:3f:b3:c4:ab:03:05:
54:2f:9d:0e:58:ce:80:25:2a:72:ce:30:41:b3:e6:f7:5f:3b:
58:18:f6:ab:8c:64:3d:4d:47:36:9b:7a:e0:2d:a7:61:6b:d1:
7c:56:87:7f:5e:3c:80:f2:e7:4a:7e:b5:9d:63:8c:7c:0b:35:
d4:95:aa:83:72:da:ce:ff:27:91:2a:86:7b:6d:5c:44:58:00:
7a:d4:f5:15:34:3f:35:a0:4a:75:05:7c:f6:2b:dc:df:b3:8d:
96:98:fa:49:3f:fc:fe:ff:12:1a:04:a1:ff:e8:d8:4b:a3:a1:
63:fa:cf:58:18:86:44:5a:83:0a:f6:ce:0c:30:cb:31:15:9f:
75:10:1c:b6:70:31:99:08:f0:6f:fb:43:fb:7e:64:31:b0:5f:
b0:0c:3b:10:88:42:e2:f5:38:94:e4:dd:17:62:21:b6:db:bc:
c6:ee:bf:88
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgICCQQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjIxMTE2MTM0ODEwWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzc0ZWExYS1jOTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1EIStuOpRdrX1C3QS2jMKDIC9PKs/9hdhJiZHRpflZ/OUVxSEMYWD/kkR5Vv
XSZS421N+7HqF2sEfDgnukcBEP4SYUMQz/BHbzhzJEh+vB30uUFxlu4Sm5IWnWML
58zSg9hwnrH3A/+Z1RNIp4wpRH7oCs1lDoLI+JYHJuSRF2ewhwakSCkVlLezen0q
kTr7r4KLr3FrJyz71M8m758IzhiqcAQfgaUPmmfnDx3CZHKtgTYXwMfwt16klpSR
OiLc2WZ9I3ID4RQb9RpJV5KBQHUQj9oTJ1Y3+iqK7a5B1bSkCeaEyOICuPk82AoC
LSYPHL85ryIv2/sOBB5aVvaK6wIDAQABo4IDYzCCA18wHQYDVR0OBBYEFPEen+op
UVMBU5PouAswUn/rtjjFMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvNEU2ODJCMEE2
NUI1MTFFRDhDMUI4NTRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgewGCCsGAQUFBwEHAQH/
BIHcMIHZMIG9BAIAATCBtjAMAwQCZws8AwQAZws+MAwDBARxy9ADBAJxy9gwDAME
AHHL3wMEAXHL5AMEAHHL5zAMAwQBccvqAwQAccvwMAwDBAFxy/IDBABxy/YDBAG0
soADBAK0soQwDAMEALSyiQMEArSyiAMEALSykDAMAwQAtLKVAwQAtLKcMAwDBAG0
sp4DBAC0sqIDBAK0sqQDBAK0sqwwDAMEArSytAMEArSyuDAMAwQF3x3gAwQA3x3i
AwQD3x3oMBcEAgACMBEwDwMEACQBQQMHACQBQQCAADANBgkqhkiG9w0BAQsFAAOC
AQEAAW6C9MvjaAOx8I2dm36CjF10xVUB9mntb66NF8ynGSs+z35SWpOiyFiMaHgq
giw5tgVGZ+7p5A/R/z5s13q+u3tRbcsEDNewaS7wUYaRe9ihsigIP7PEqwMFVC+d
DljOgCUqcs4wQbPm9187WBj2q4xkPU1HNpt64C2nYWvRfFaHf148gPLnSn61nWOM
fAs11JWqg3Lazv8nkSqGe21cRFgAetT1FTQ/NaBKdQV89ivc37ONlpj6ST/8/v8S
GgSh/+jYS6OhY/rPWBiGRFqDCvbODDDLMRWfdRActnAxmQjwb/tD+35kMbBfsAw7
EIhC4vU4lOTdF2Ihttu8xu6/iA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:14 2023 by rpki-client on console-fra.rpki-client.org