Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4CF37A409CEF11EF9AAF091BC4F9AE02.roa
File: 4CF37A409CEF11EF9AAF091BC4F9AE02.roa (raw, json)
Hash identifier: Yx+CqXc56FjDVTfPpAYCRmOtOfm8YWHB7u7/yHsNDKo=
Subject key identifier: FD:C8:53:83:1D:1A:E4:6F:07:15:62:76:0B:B2:37:97:15:5A:F9:B6
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9CCC
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4CF37A409CEF11EF9AAF091BC4F9AE02.roa
Signing time: Thu 07 Nov 2024 10:09:21 +0000
ROA not before: Thu 07 Nov 2024 10:09:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18002
IP address blocks: 14.102.0.0/22 maxlen: 24
14.102.0.0/24 maxlen: 24
14.102.1.0/24 maxlen: 24
14.102.2.0/24 maxlen: 24
14.102.3.0/24 maxlen: 24
14.102.22.0/23 maxlen: 24
14.102.22.0/24 maxlen: 24
14.102.23.0/24 maxlen: 24
14.102.24.0/22 maxlen: 24
14.102.24.0/24 maxlen: 24
14.102.25.0/24 maxlen: 24
14.102.26.0/24 maxlen: 24
14.102.27.0/24 maxlen: 24
14.102.28.0/22 maxlen: 24
14.102.28.0/24 maxlen: 24
14.102.29.0/24 maxlen: 24
14.102.30.0/24 maxlen: 24
14.102.31.0/24 maxlen: 24
14.102.32.0/22 maxlen: 24
14.102.32.0/24 maxlen: 24
14.102.33.0/24 maxlen: 24
14.102.34.0/24 maxlen: 24
14.102.35.0/24 maxlen: 24
14.102.36.0/23 maxlen: 24
14.102.36.0/24 maxlen: 24
14.102.37.0/24 maxlen: 24
14.102.38.0/24 maxlen: 24
14.102.40.0/22 maxlen: 24
14.102.40.0/24 maxlen: 24
14.102.41.0/24 maxlen: 24
14.102.42.0/24 maxlen: 24
14.102.43.0/24 maxlen: 24
14.102.44.0/24 maxlen: 24
14.102.45.0/24 maxlen: 24
14.102.48.0/24 maxlen: 24
14.102.49.0/24 maxlen: 24
14.102.50.0/24 maxlen: 24
14.102.56.0/23 maxlen: 24
14.102.56.0/24 maxlen: 24
14.102.57.0/24 maxlen: 24
14.102.58.0/24 maxlen: 24
14.102.59.0/24 maxlen: 24
14.102.64.0/22 maxlen: 24
14.102.64.0/24 maxlen: 24
14.102.65.0/24 maxlen: 24
14.102.66.0/24 maxlen: 24
14.102.67.0/24 maxlen: 24
14.102.68.0/22 maxlen: 24
14.102.68.0/24 maxlen: 24
14.102.69.0/24 maxlen: 24
14.102.70.0/24 maxlen: 24
14.102.71.0/24 maxlen: 24
14.102.72.0/22 maxlen: 24
14.102.72.0/24 maxlen: 24
14.102.73.0/24 maxlen: 24
14.102.74.0/24 maxlen: 24
14.102.75.0/24 maxlen: 24
14.102.76.0/23 maxlen: 24
14.102.78.0/24 maxlen: 24
14.102.80.0/22 maxlen: 24
14.102.80.0/24 maxlen: 24
14.102.81.0/24 maxlen: 24
14.102.82.0/24 maxlen: 24
14.102.83.0/24 maxlen: 24
14.102.88.0/24 maxlen: 24
14.102.91.0/24 maxlen: 24
14.102.92.0/22 maxlen: 24
14.102.92.0/24 maxlen: 24
14.102.93.0/24 maxlen: 24
14.102.95.0/24 maxlen: 24
14.102.96.0/22 maxlen: 24
14.102.96.0/24 maxlen: 24
14.102.97.0/24 maxlen: 24
14.102.100.0/22 maxlen: 24
14.102.100.0/24 maxlen: 24
14.102.101.0/24 maxlen: 24
14.102.103.0/24 maxlen: 24
14.102.104.0/22 maxlen: 24
14.102.104.0/24 maxlen: 24
14.102.105.0/24 maxlen: 24
14.102.106.0/23 maxlen: 24
14.102.108.0/22 maxlen: 24
14.102.108.0/24 maxlen: 24
14.102.109.0/24 maxlen: 24
14.102.110.0/24 maxlen: 24
14.102.111.0/24 maxlen: 24
14.102.112.0/22 maxlen: 24
14.102.112.0/24 maxlen: 24
14.102.113.0/24 maxlen: 24
14.102.114.0/24 maxlen: 24
14.102.115.0/24 maxlen: 24
14.102.116.0/22 maxlen: 24
14.102.116.0/24 maxlen: 24
14.102.117.0/24 maxlen: 24
14.102.118.0/24 maxlen: 24
14.102.119.0/24 maxlen: 24
14.102.120.0/22 maxlen: 24
14.102.120.0/24 maxlen: 24
14.102.121.0/24 maxlen: 24
14.102.122.0/24 maxlen: 24
14.102.123.0/24 maxlen: 24
14.102.124.0/22 maxlen: 24
14.102.124.0/24 maxlen: 24
14.102.125.0/24 maxlen: 24
14.102.126.0/24 maxlen: 24
14.102.127.0/24 maxlen: 24
43.245.136.0/22 maxlen: 24
43.251.212.0/22 maxlen: 24
61.14.228.0/23 maxlen: 24
61.14.231.0/24 maxlen: 24
103.5.200.0/22 maxlen: 24
103.59.189.0/24 maxlen: 24
103.87.100.0/22 maxlen: 24
103.122.84.0/24 maxlen: 24
103.158.131.0/24 maxlen: 24
103.160.24.0/24 maxlen: 24
103.175.72.0/24 maxlen: 24
103.175.73.0/24 maxlen: 24
103.176.8.0/23 maxlen: 24
110.172.130.0/23 maxlen: 24
110.172.132.0/24 maxlen: 24
110.172.134.0/23 maxlen: 24
110.172.136.0/24 maxlen: 24
110.172.138.0/23 maxlen: 24
110.172.140.0/23 maxlen: 24
110.172.143.0/24 maxlen: 24
110.172.145.0/24 maxlen: 24
110.172.147.0/24 maxlen: 24
110.172.150.0/24 maxlen: 24
110.172.151.0/24 maxlen: 24
110.172.152.0/22 maxlen: 24
110.172.156.0/22 maxlen: 24
110.172.160.0/22 maxlen: 24
110.172.164.0/24 maxlen: 24
110.172.166.0/23 maxlen: 24
110.172.168.0/24 maxlen: 24
110.172.170.0/23 maxlen: 24
110.172.172.0/24 maxlen: 24
110.172.174.0/23 maxlen: 24
110.172.177.0/24 maxlen: 24
110.172.178.0/23 maxlen: 24
110.172.184.0/22 maxlen: 24
111.235.64.0/22 maxlen: 24
114.69.228.0/22 maxlen: 24
114.69.232.0/24 maxlen: 24
114.69.234.0/24 maxlen: 24
114.69.235.0/24 maxlen: 24
114.69.240.0/24 maxlen: 24
114.69.242.0/23 maxlen: 24
114.69.248.0/24 maxlen: 24
114.69.249.0/24 maxlen: 24
114.69.252.0/22 maxlen: 24
118.91.176.0/23 maxlen: 24
118.91.178.0/24 maxlen: 24
118.91.189.0/24 maxlen: 24
118.91.190.0/23 maxlen: 24
150.107.192.0/22 maxlen: 24
202.89.64.0/20 maxlen: 20
202.89.64.0/24 maxlen: 24
202.89.65.0/24 maxlen: 24
202.89.66.0/24 maxlen: 24
202.89.67.0/24 maxlen: 24
202.89.68.0/24 maxlen: 24
202.89.69.0/24 maxlen: 24
202.89.70.0/24 maxlen: 24
202.89.71.0/24 maxlen: 24
202.89.72.0/24 maxlen: 24
202.89.73.0/24 maxlen: 24
202.89.74.0/24 maxlen: 24
202.89.75.0/24 maxlen: 24
202.89.76.0/24 maxlen: 24
202.89.77.0/24 maxlen: 24
202.89.78.0/24 maxlen: 24
202.89.79.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40140 (0x9ccc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Nov 7 10:09:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=672c91d0-3c5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:7f:34:01:93:9e:fc:ea:fe:f5:a0:cf:59:5d:
8b:d5:14:75:d8:20:1a:aa:0b:06:c9:4a:ff:60:6c:
41:40:fb:ce:db:59:fe:0e:30:d1:01:89:88:80:17:
a2:42:79:fb:71:78:13:57:1e:f4:79:84:94:f7:46:
76:98:3c:87:f2:f6:9e:bd:17:f1:b5:f0:2e:3e:cb:
6f:48:ef:57:6a:68:03:5f:44:54:26:55:f3:ed:a3:
50:e8:1d:f3:fc:4f:99:60:e2:13:1a:69:37:45:24:
9a:a8:43:55:24:db:f0:ce:8d:6a:13:81:53:15:d3:
1c:a9:54:c0:b6:db:85:42:bf:7d:db:8c:79:40:68:
c8:75:74:79:3e:be:e8:2d:4d:52:5d:92:5b:a2:52:
3f:45:ed:1a:7f:4f:9a:74:e1:c8:b6:ee:44:b0:6c:
ab:57:f7:34:75:cb:4b:58:3f:bc:54:e3:40:c1:1a:
c0:1d:0a:17:b6:70:b6:1d:04:ec:bb:b0:53:0e:b5:
13:44:f2:c7:72:22:df:d0:d6:a2:9f:0e:d9:67:f7:
80:68:8a:12:70:2f:0b:ba:83:2d:75:ae:ce:11:39:
e1:18:6a:2e:d8:6a:7a:02:43:3b:62:e5:f8:c2:4b:
4f:a3:99:73:15:8f:05:b0:4a:cf:d4:20:9c:f9:82:
4f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:C8:53:83:1D:1A:E4:6F:07:15:62:76:0B:B2:37:97:15:5A:F9:B6
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4CF37A409CEF11EF9AAF091BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.0.0/22
14.102.22.0-14.102.38.255
14.102.40.0-14.102.45.255
14.102.48.0-14.102.50.255
14.102.56.0/22
14.102.64.0-14.102.78.255
14.102.80.0/22
14.102.88.0/24
14.102.91.0-14.102.127.255
43.245.136.0/22
43.251.212.0/22
61.14.228.0/23
61.14.231.0/24
103.5.200.0/22
103.59.189.0/24
103.87.100.0/22
103.122.84.0/24
103.158.131.0/24
103.160.24.0/24
103.175.72.0/23
103.176.8.0/23
110.172.130.0-110.172.132.255
110.172.134.0-110.172.136.255
110.172.138.0-110.172.141.255
110.172.143.0/24
110.172.145.0/24
110.172.147.0/24
110.172.150.0-110.172.164.255
110.172.166.0-110.172.168.255
110.172.170.0-110.172.172.255
110.172.174.0/23
110.172.177.0-110.172.179.255
110.172.184.0/22
111.235.64.0/22
114.69.228.0-114.69.232.255
114.69.234.0/23
114.69.240.0/24
114.69.242.0/23
114.69.248.0/23
114.69.252.0/22
118.91.176.0-118.91.178.255
118.91.189.0-118.91.191.255
150.107.192.0/22
202.89.64.0/20
Signature Algorithm: sha256WithRSAEncryption
b2:5c:e9:9b:74:94:e2:12:77:a6:e0:11:29:93:1e:2e:c6:0a:
c2:9b:32:d3:4e:c3:4b:39:d1:be:50:62:73:7e:eb:b9:2d:ae:
33:a2:e9:4b:17:17:92:3a:fb:50:65:76:25:32:89:c7:76:80:
d4:40:7c:9d:00:1e:54:1d:48:37:89:9c:c8:13:cf:a9:1b:85:
a7:5f:d1:08:3e:a4:91:f6:15:55:8f:3c:73:1c:99:38:b8:a1:
a4:cd:6b:60:fa:42:ff:b6:8b:20:d0:6e:b4:c8:b6:c3:41:39:
89:97:73:18:20:a8:af:70:f4:c2:02:d0:02:b5:9a:be:2a:08:
41:c1:17:7b:6a:3e:5c:27:5e:81:20:01:e5:39:ae:ca:a9:ba:
3d:f2:19:b0:e6:df:34:65:37:1b:ac:df:5f:b5:1b:b7:70:f3:
cc:d0:64:29:c9:de:3e:b6:93:61:d2:fc:d6:4f:86:99:f0:75:
8d:89:b6:56:80:84:c5:56:3a:1f:05:cc:62:b6:e2:29:a0:67:
38:6e:d1:96:7a:04:14:9e:e8:95:65:ae:4a:42:8e:be:2d:3d:
b5:a2:15:80:7c:18:d6:47:ec:20:33:2c:21:3c:89:15:1d:ac:
20:0a:91:46:64:d6:b9:65:64:e8:2a:96:ac:72:0e:6d:0b:69:
cc:95:33:3e
-----BEGIN CERTIFICATE-----
MIIG9jCCBd6gAwIBAgIDAJzMMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTEwNzEwMDkyMVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjcyYzkxZDAtM2M1YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOB/NAGTnvzq/vWgz1ldi9UUddggGqoLBslK/2BsQUD7zttZ/g4w0QGJiIAX
okJ5+3F4E1ce9HmElPdGdpg8h/L2nr0X8bXwLj7Lb0jvV2poA19EVCZV8+2jUOgd
8/xPmWDiExppN0UkmqhDVSTb8M6NahOBUxXTHKlUwLbbhUK/fduMeUBoyHV0eT6+
6C1NUl2SW6JSP0XtGn9PmnThyLbuRLBsq1f3NHXLS1g/vFTjQMEawB0KF7Zwth0E
7LuwUw61E0Tyx3Ii39DWop8O2Wf3gGiKEnAvC7qDLXWuzhE54RhqLthqegJDO2Ll
+MJLT6OZcxWPBbBKz9QgnPmCT3MCAwEAAaOCBBkwggQVMB0GA1UdDgQWBBT9yFOD
HRrkbwcVYnYLsjeXFVr5tjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzRDRjM3QTQw
OUNFRjExRUY5QUFGMDkxQkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBoQYIKwYBBQUHAQcB
Af8EggGQMIIBjDCCAYgEAgABMIIBgAMEAg5mADAMAwQBDmYWAwQADmYmMAwDBAMO
ZigDBAEOZiwwDAMEBA5mMAMEAA5mMgMEAg5mODAMAwQGDmZAAwQADmZOAwQCDmZQ
AwQADmZYMAwDBAAOZlsDBAcOZgADBAIr9YgDBAIr+9QDBAE9DuQDBAA9DucDBAJn
BcgDBABnO70DBAJnV2QDBABnelQDBABnnoMDBABnoBgDBAFnr0gDBAFnsAgwDAME
AW6sggMEAG6shDAMAwQBbqyGAwQAbqyIMAwDBAFurIoDBAFurIwDBABurI8DBABu
rJEDBABurJMwDAMEAW6slgMEAG6spDAMAwQBbqymAwQAbqyoMAwDBAFurKoDBABu
rKwDBAFurK4wDAMEAG6ssQMEAm6ssAMEAm6suAMEAm/rQDAMAwQCckXkAwQAckXo
AwQBckXqAwQAckXwAwQBckXyAwQBckX4AwQCckX8MAwDBAR2W7ADBAB2W7IwDAME
AHZbvQMEBnZbgAMEApZrwAMEBMpZQDANBgkqhkiG9w0BAQsFAAOCAQEAslzpm3SU
4hJ3puARKZMeLsYKwpsy007DSznRvlBic37ruS2uM6LpSxcXkjr7UGV2JTKJx3aA
1EB8nQAeVB1IN4mcyBPPqRuFp1/RCD6kkfYVVY88cxyZOLihpM1rYPpC/7aLINBu
tMi2w0E5iZdzGCCor3D0wgLQArWavioIQcEXe2o+XCdegSAB5Tmuyqm6PfIZsObf
NGU3G6zfX7Ubt3DzzNBkKcnePraTYdL81k+GmfB1jYm2VoCExVY6HwXMYrbiKaBn
OG7RlnoEFJ7olWWuSkKOvi09taIVgHwY1kfsIDMsITyJFR2sIAqRRmTWuWVk6CqW
rHIObQtpzJUzPg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:49:26 2025 by rpki-client