Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/68039988495D11ED9B339853C4F9AE02.roa
File: 68039988495D11ED9B339853C4F9AE02.roa (raw, json)
Hash identifier: j5ZihnCCrlE7UxYZmoHFkYCAz9dm9RCY1DSdiks6MuE=
Subject key identifier: F1:BE:89:36:6D:01:55:AB:43:7D:D8:29:67:15:66:E9:72:46:D8:E3
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 08F4
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/68039988495D11ED9B339853C4F9AE02.roa
Signing time: Wed 02 Nov 2022 18:08:19 +0000
ROA not before: Wed 02 Nov 2022 18:08:19 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 9387
IP address blocks: 103.11.60.0/24 maxlen: 24
103.11.61.0/24 maxlen: 24
103.11.62.0/24 maxlen: 24
113.203.208.0/22 maxlen: 24
113.203.212.0/24 maxlen: 24
113.203.213.0/24 maxlen: 24
113.203.214.0/23 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.217.0/24 maxlen: 24
113.203.218.0/23 maxlen: 24
113.203.223.0/24 maxlen: 24
113.203.224.0/22 maxlen: 22
113.203.228.0/24 maxlen: 24
113.203.229.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.233.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
113.203.242.0/24 maxlen: 24
113.203.243.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
113.203.245.0/24 maxlen: 24
113.203.246.0/24 maxlen: 24
113.203.248.0/22 maxlen: 22
113.203.252.0/22 maxlen: 22
180.178.128.0/24 maxlen: 24
180.178.129.0/24 maxlen: 24
180.178.132.0/24 maxlen: 24
180.178.133.0/24 maxlen: 24
180.178.134.0/24 maxlen: 24
180.178.135.0/24 maxlen: 24
180.178.137.0/24 maxlen: 24
180.178.138.0/24 maxlen: 24
180.178.139.0/24 maxlen: 24
180.178.140.0/24 maxlen: 24
180.178.144.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.150.0/24 maxlen: 24
180.178.151.0/24 maxlen: 24
180.178.152.0/22 maxlen: 24
180.178.156.0/24 maxlen: 24
180.178.158.0/24 maxlen: 24
180.178.159.0/24 maxlen: 24
180.178.160.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.162.0/24 maxlen: 24
180.178.164.0/22 maxlen: 24
180.178.168.0/24 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.173.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
180.178.180.0/22 maxlen: 24
180.178.184.0/22 maxlen: 22
223.29.224.0/24 maxlen: 24
223.29.225.0/24 maxlen: 24
223.29.226.0/24 maxlen: 24
223.29.232.0/22 maxlen: 22
223.29.236.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
223.29.239.0/24 maxlen: 24
2401:4100::/33 maxlen: 33
2401:4100:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2292 (0x8f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Nov 2 18:08:19 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6362b212-14c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6f:88:57:2c:bc:34:25:32:4d:43:4e:3d:80:
c9:e5:75:a0:6d:75:0f:31:63:36:b8:9f:a2:eb:50:
b2:6f:9e:4d:22:a2:b1:de:64:9e:e0:36:e3:af:01:
18:7a:69:1c:37:8d:8d:33:ab:51:c7:36:a0:b3:b0:
7b:a1:5a:9d:40:61:37:95:c4:c3:b4:ae:0b:e1:d2:
eb:43:49:e8:7d:73:9b:cf:1a:21:5d:ff:b3:8b:46:
f2:d6:71:31:24:bf:e2:8a:7e:17:9f:49:60:6e:84:
e9:89:ee:94:21:6e:bf:e5:e6:45:68:5b:a6:63:4c:
4d:82:93:b3:92:ec:8f:58:de:58:85:52:5d:f4:e3:
af:7d:7f:b0:d2:96:84:b8:ed:34:34:57:e3:0d:c2:
ea:6f:81:5d:b4:a2:f8:9f:62:f5:67:2b:ad:b8:70:
1b:86:a0:48:16:dd:31:94:63:80:b7:00:54:a4:11:
0c:33:4e:65:1f:3a:d8:34:d5:7c:72:ee:29:3c:ac:
1c:b5:15:11:c0:71:af:2f:4e:10:13:36:1d:f5:a0:
71:5f:63:f7:93:aa:a2:80:22:5b:1b:dd:4f:26:22:
9b:20:d8:f6:d5:85:00:b6:75:41:76:e2:f0:38:96:
27:2c:63:41:61:a8:d2:6c:83:de:94:1c:9a:a1:98:
f9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:BE:89:36:6D:01:55:AB:43:7D:D8:29:67:15:66:E9:72:46:D8:E3
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/68039988495D11ED9B339853C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.60.0-103.11.62.255
113.203.208.0-113.203.219.255
113.203.223.0-113.203.229.255
113.203.231.0/24
113.203.233.0-113.203.240.255
113.203.242.0-113.203.246.255
113.203.248.0/21
180.178.128.0/23
180.178.132.0/22
180.178.137.0-180.178.140.255
180.178.144.0/24
180.178.149.0-180.178.156.255
180.178.158.0-180.178.162.255
180.178.164.0-180.178.168.255
180.178.172.0/22
180.178.180.0-180.178.187.255
223.29.224.0-223.29.226.255
223.29.232.0/21
IPv6:
2401:4100::-2401:4100:8000:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9e:5d:f6:05:0b:34:30:60:68:11:cb:5b:75:04:02:c8:17:c2:
70:33:91:74:47:66:27:ff:c5:3e:04:c2:16:d1:43:24:1f:7d:
f4:57:f6:d6:8a:cd:f0:7b:cd:47:62:93:0a:3a:0d:d4:e0:50:
2d:bf:95:2b:95:44:54:72:fe:07:f0:9a:28:59:9c:8b:d2:c3:
90:63:e3:09:8a:78:2b:6b:5a:e1:6f:5b:36:d7:86:fa:99:d6:
0a:cb:7d:2d:e4:93:96:02:29:64:30:fe:29:e6:84:6b:ff:6c:
9e:a0:49:15:27:b3:ca:bc:7d:ef:9b:c2:8e:b4:85:7b:5b:81:
0e:89:20:30:d5:91:7b:d7:76:38:c9:5e:be:c7:c8:28:88:55:
ae:39:83:65:76:57:8f:f6:49:a7:ed:75:f6:0e:6f:7c:52:86:
2d:4e:b9:54:7d:47:d8:b5:69:03:7f:9c:86:f5:d6:02:f2:94:
26:97:e1:ec:01:f6:f8:9d:c8:34:fc:61:56:58:68:fa:58:43:
22:df:ac:5c:07:bd:81:1d:c5:36:2b:aa:c8:20:4d:47:ef:46:
b5:b5:47:84:09:e8:d4:1f:fd:9e:82:48:1b:5a:7f:2f:5b:c6:
99:49:19:bd:36:a0:ba:50:b2:c8:b8:a9:9e:c6:02:80:20:f5:
56:19:a7:46
-----BEGIN CERTIFICATE-----
MIIGTTCCBTWgAwIBAgICCPQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjIxMTAyMTgwODE5WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzYyYjIxMi0xNGM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq2+IVyy8NCUyTUNOPYDJ5XWgbXUPMWM2uJ+i61Cyb55NIqKx3mSe4DbjrwEY
emkcN42NM6tRxzags7B7oVqdQGE3lcTDtK4L4dLrQ0nofXObzxohXf+zi0by1nEx
JL/iin4Xn0lgboTpie6UIW6/5eZFaFumY0xNgpOzkuyPWN5YhVJd9OOvfX+w0paE
uO00NFfjDcLqb4FdtKL4n2L1ZyutuHAbhqBIFt0xlGOAtwBUpBEMM05lHzrYNNV8
cu4pPKwctRURwHGvL04QEzYd9aBxX2P3k6qigCJbG91PJiKbINj21YUAtnVBduLw
OJYnLGNBYajSbIPelByaoZj5KwIDAQABo4IDcTCCA20wHQYDVR0OBBYEFPG+iTZt
AVWrQ33YKWcVZulyRtjjMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvNjgwMzk5ODg0
OTVEMTFFRDlCMzM5ODUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgfoGCCsGAQUFBwEHAQH/
BIHqMIHnMIHLBAIAATCBxDAMAwQCZws8AwQAZws+MAwDBARxy9ADBAJxy9gwDAME
AHHL3wMEAXHL5AMEAHHL5zAMAwQAccvpAwQAccvwMAwDBAFxy/IDBABxy/YDBANx
y/gDBAG0soADBAK0soQwDAMEALSyiQMEALSyjAMEALSykDAMAwQAtLKVAwQAtLKc
MAwDBAG0sp4DBAC0sqIwDAMEArSypAMEALSyqAMEArSyrDAMAwQCtLK0AwQCtLK4
MAwDBAXfHeADBADfHeIDBAPfHegwFwQCAAIwETAPAwQAJAFBAwcAJAFBAIAAMA0G
CSqGSIb3DQEBCwUAA4IBAQCeXfYFCzQwYGgRy1t1BALIF8JwM5F0R2Yn/8U+BMIW
0UMkH330V/bWis3we81HYpMKOg3U4FAtv5UrlURUcv4H8JooWZyL0sOQY+MJingr
a1rhb1s214b6mdYKy30t5JOWAilkMP4p5oRr/2yeoEkVJ7PKvH3vm8KOtIV7W4EO
iSAw1ZF713Y4yV6+x8goiFWuOYNldleP9kmn7XX2Dm98UoYtTrlUfUfYtWkDf5yG
9dYC8pQml+HsAfb4ncg0/GFWWGj6WEMi36xcB72BHcU2K6rIIE1H70a1tUeECejU
H/2egkgbWn8vW8aZSRm9NqC6ULLIuKmexgKAIPVWGadG
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:14 2023 by rpki-client on console-fra.rpki-client.org