Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/6F596A24B1EE11ED8802C909C4F9AE02.roa
File: 6F596A24B1EE11ED8802C909C4F9AE02.roa (raw, json)
Hash identifier: vPIunQJCcQqSCpojYxaI2+cWCF8v0hIsU6UvnFhCmNA=
Subject key identifier: AB:74:FA:66:09:61:01:05:B6:0B:5B:57:9B:E7:67:EE:61:08:8E:CF
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 09A9
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/6F596A24B1EE11ED8802C909C4F9AE02.roa
Signing time: Thu 09 Mar 2023 13:08:42 +0000
ROA not before: Thu 09 Mar 2023 13:08:42 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 9387
IP address blocks: 103.11.60.0/22 maxlen: 22
103.11.60.0/24 maxlen: 24
103.11.62.0/24 maxlen: 24
113.203.209.0/24 maxlen: 24
113.203.211.0/24 maxlen: 24
113.203.212.0/24 maxlen: 24
113.203.213.0/24 maxlen: 24
113.203.214.0/23 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.217.0/24 maxlen: 24
113.203.219.0/24 maxlen: 24
113.203.223.0/24 maxlen: 24
113.203.224.0/24 maxlen: 24
113.203.225.0/24 maxlen: 24
113.203.226.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
113.203.243.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
113.203.246.0/24 maxlen: 24
180.178.128.0/21 maxlen: 21
180.178.128.0/22 maxlen: 22
180.178.128.0/24 maxlen: 24
180.178.129.0/24 maxlen: 24
180.178.132.0/24 maxlen: 24
180.178.133.0/24 maxlen: 24
180.178.134.0/24 maxlen: 24
180.178.135.0/24 maxlen: 24
180.178.136.0/21 maxlen: 21
180.178.137.0/24 maxlen: 24
180.178.138.0/24 maxlen: 24
180.178.139.0/24 maxlen: 24
180.178.144.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.160.0/20 maxlen: 20
180.178.160.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
180.178.176.0/20 maxlen: 20
180.178.180.0/22 maxlen: 24
180.178.184.0/22 maxlen: 22
223.29.224.0/20 maxlen: 20
223.29.224.0/24 maxlen: 24
223.29.236.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
2401:4100::/32 maxlen: 32
2401:4100::/33 maxlen: 33
2401:4100:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2473 (0x9a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Mar 9 13:08:42 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6409da59-2731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:9c:79:b0:7a:12:69:a0:ad:a4:80:9a:39:c8:
99:d9:89:4c:02:50:f7:04:16:7e:3d:2e:e5:11:ac:
81:1b:97:c4:31:bc:fb:9b:94:7d:af:97:14:fa:3c:
47:4c:6c:75:6c:8d:5b:f0:69:8d:44:c0:fb:e9:57:
c3:57:8f:a7:4e:0a:25:e4:9b:47:78:39:5b:8c:dd:
1c:ae:41:d3:81:d3:e3:ba:1e:a1:6f:b6:3a:d9:46:
29:00:94:45:85:4b:70:ff:3d:4e:ef:70:7a:da:16:
9b:7d:2f:f0:78:35:86:86:a3:05:a6:f9:f0:a8:76:
63:d4:36:db:44:0b:83:59:71:14:3a:69:c8:8c:b3:
28:c9:13:1d:0c:93:bc:57:80:3a:04:be:79:47:90:
a6:07:e4:8d:30:69:8b:8f:88:38:5c:dd:6d:46:a1:
ef:66:6d:5a:3e:2b:fb:5e:e0:dd:c1:5e:fd:9e:e3:
50:63:4f:b7:c7:1e:74:c2:7e:d3:bb:8c:64:a9:97:
81:3f:17:f4:eb:d6:fa:5f:20:34:05:59:f5:67:a7:
1a:c8:23:44:06:25:27:8d:1a:22:61:b9:57:d6:65:
77:f1:98:57:c2:34:26:76:e2:ba:c8:16:ef:0e:78:
13:8c:a2:a8:5c:b2:d0:1a:f1:d3:37:a0:25:2e:8d:
e9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:74:FA:66:09:61:01:05:B6:0B:5B:57:9B:E7:67:EE:61:08:8E:CF
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/6F596A24B1EE11ED8802C909C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.60.0/22
113.203.209.0/24
113.203.211.0-113.203.217.255
113.203.219.0/24
113.203.223.0-113.203.226.255
113.203.234.0-113.203.240.255
113.203.243.0-113.203.244.255
113.203.246.0/24
180.178.128.0-180.178.144.255
180.178.149.0/24
180.178.160.0/19
223.29.224.0/20
IPv6:
2401:4100::/32
Signature Algorithm: sha256WithRSAEncryption
79:a5:c1:c1:b6:d3:8b:3b:c4:53:1c:c0:05:a4:55:f6:4d:8d:
78:39:aa:52:87:cb:71:a7:e0:61:db:d6:7e:23:92:f7:0d:a6:
9f:a4:1a:bb:62:26:0b:fe:59:6f:7f:1d:c3:e0:6e:6a:11:4e:
28:99:19:be:1a:e4:82:42:69:cc:b6:7e:93:20:1d:0c:9f:30:
bc:de:18:78:4b:6b:b2:a4:9b:d0:23:56:e4:c3:38:8e:32:c4:
fe:25:12:a2:ee:71:de:f9:ba:40:bb:6a:70:3d:d3:8b:60:40:
d0:bc:5c:61:ff:59:4a:bf:bd:07:c3:38:c8:37:4a:38:30:a2:
bb:83:cd:7d:7d:0c:ec:57:eb:af:25:fc:6e:25:49:7c:3b:1c:
3d:c0:d0:14:98:3d:d5:94:eb:48:4d:8a:1b:07:0e:00:70:8e:
81:cd:a9:c6:64:05:d4:9b:25:e5:9f:77:ce:97:ff:f2:65:33:
bc:c6:67:34:4d:29:55:04:eb:79:bf:19:93:0b:c4:a2:9e:f2:
70:28:06:5a:27:e8:37:92:41:9b:0c:f7:4b:b7:66:27:fb:bf:
4d:1f:3f:ce:84:29:71:b4:98:1d:dc:92:ce:d6:9c:f1:cb:13:
31:72:e0:09:ea:e7:6b:e8:16:cd:ee:1f:4e:f6:ca:8d:1d:0d:
20:fb:55:90
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgICCakwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjMwMzA5MTMwODQyWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDA5ZGE1OS0yNzMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6Zx5sHoSaaCtpICaOciZ2YlMAlD3BBZ+PS7lEayBG5fEMbz7m5R9r5cU+jxH
TGx1bI1b8GmNRMD76VfDV4+nTgol5JtHeDlbjN0crkHTgdPjuh6hb7Y62UYpAJRF
hUtw/z1O73B62habfS/weDWGhqMFpvnwqHZj1DbbRAuDWXEUOmnIjLMoyRMdDJO8
V4A6BL55R5CmB+SNMGmLj4g4XN1tRqHvZm1aPiv7XuDdwV79nuNQY0+3xx50wn7T
u4xkqZeBPxf069b6XyA0BVn1Z6cayCNEBiUnjRoiYblX1mV38ZhXwjQmduK6yBbv
DngTjKKoXLLQGvHTN6AlLo3pOwIDAQABo4IDETCCAw0wHQYDVR0OBBYEFKt0+mYJ
YQEFtgtbV5vnZ+5hCI7PMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvNkY1OTZBMjRC
MUVFMTFFRDg4MDJDOTA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZoGCCsGAQUFBwEHAQH/
BIGKMIGHMHYEAgABMHADBAJnCzwDBABxy9EwDAMEAHHL0wMEAXHL2AMEAHHL2zAM
AwQAccvfAwQAccviMAwDBAFxy+oDBABxy/AwDAMEAHHL8wMEAHHL9AMEAHHL9jAM
AwQHtLKAAwQAtLKQAwQAtLKVAwQFtLKgAwQE3x3gMA0EAgACMAcDBQAkAUEAMA0G
CSqGSIb3DQEBCwUAA4IBAQB5pcHBttOLO8RTHMAFpFX2TY14OapSh8txp+Bh29Z+
I5L3DaafpBq7YiYL/llvfx3D4G5qEU4omRm+GuSCQmnMtn6TIB0MnzC83hh4S2uy
pJvQI1bkwziOMsT+JRKi7nHe+bpAu2pwPdOLYEDQvFxh/1lKv70HwzjIN0o4MKK7
g819fQzsV+uvJfxuJUl8Oxw9wNAUmD3VlOtITYobBw4AcI6BzanGZAXUmyXln3fO
l//yZTO8xmc0TSlVBOt5vxmTC8SinvJwKAZaJ+g3kkGbDPdLt2Yn+79NHz/OhClx
tJgd3JLO1pzxyxMxcuAJ6udr6BbN7h9O9sqNHQ0g+1WQ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-ams.rpki-client.org