Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/D01AE368217511EF92339C27C4F9AE02.roa
File: D01AE368217511EF92339C27C4F9AE02.roa (raw, json)
Hash identifier: nPX8rpruqiM46jhA2J+fDLj+7poGr7iyrIluY6n2rP4=
Subject key identifier: 11:64:F4:BD:4E:79:59:2B:9F:A1:1B:DC:99:DB:3A:81:DF:58:90:C6
Certificate issuer: /CN=A91AA48F/serialNumber=BE0E7A890F7281C654632E8BE80EBBF9FFB56503
Certificate serial: 33FD
Authority key identifier: BE:0E:7A:89:0F:72:81:C6:54:63:2E:8B:E8:0E:BB:F9:FF:B5:65:03
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/D01AE368217511EF92339C27C4F9AE02.roa
Signing time: Mon 03 Jun 2024 06:52:16 +0000
ROA not before: Mon 03 Jun 2024 06:52:16 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 45143
IP address blocks: 14.100.128.0/17 maxlen: 17
14.100.133.0/24 maxlen: 24
14.100.137.0/24 maxlen: 24
111.65.31.0/24 maxlen: 24
111.65.32.0/24 maxlen: 24
111.65.33.0/24 maxlen: 24
111.65.34.0/24 maxlen: 24
111.65.35.0/24 maxlen: 24
111.65.36.0/24 maxlen: 24
111.65.37.0/24 maxlen: 24
111.65.38.0/24 maxlen: 24
111.65.39.0/24 maxlen: 24
111.65.40.0/24 maxlen: 24
111.65.41.0/24 maxlen: 24
111.65.42.0/24 maxlen: 24
111.65.43.0/24 maxlen: 24
111.65.44.0/24 maxlen: 24
111.65.45.0/24 maxlen: 24
111.65.46.0/24 maxlen: 24
111.65.47.0/24 maxlen: 24
111.65.48.0/24 maxlen: 24
111.65.49.0/24 maxlen: 24
111.65.50.0/24 maxlen: 24
111.65.51.0/24 maxlen: 24
111.65.52.0/24 maxlen: 24
111.65.53.0/24 maxlen: 24
111.65.54.0/24 maxlen: 24
111.65.55.0/24 maxlen: 24
111.65.56.0/24 maxlen: 24
111.65.57.0/24 maxlen: 24
111.65.58.0/24 maxlen: 24
111.65.59.0/24 maxlen: 24
111.65.60.0/24 maxlen: 24
111.65.61.0/24 maxlen: 24
111.65.62.0/24 maxlen: 24
111.65.63.0/24 maxlen: 24
111.65.64.0/24 maxlen: 24
111.65.65.0/24 maxlen: 24
111.65.66.0/24 maxlen: 24
111.65.67.0/24 maxlen: 24
111.65.68.0/24 maxlen: 24
111.65.69.0/24 maxlen: 24
111.65.70.0/24 maxlen: 24
111.65.71.0/24 maxlen: 24
111.65.72.0/24 maxlen: 24
111.65.73.0/24 maxlen: 24
111.65.74.0/24 maxlen: 24
111.65.75.0/24 maxlen: 24
111.65.76.0/24 maxlen: 24
111.65.77.0/24 maxlen: 24
111.65.78.0/24 maxlen: 24
111.65.79.0/24 maxlen: 24
119.234.0.0/16 maxlen: 24
180.255.128.0/17 maxlen: 17
180.255.129.0/24 maxlen: 24
180.255.254.0/24 maxlen: 24
180.255.255.0/24 maxlen: 24
202.78.56.0/24 maxlen: 24
202.78.57.0/24 maxlen: 24
202.78.58.0/24 maxlen: 24
2400:1c00:1::/48 maxlen: 48
2400:1c00:2::/48 maxlen: 48
2400:1c00:3::/48 maxlen: 48
2400:1c00:4::/48 maxlen: 48
2400:1c00:b::/48 maxlen: 48
2400:1c00:c::/48 maxlen: 48
2400:1c00:1a::/48 maxlen: 48
2400:1c00:1b::/48 maxlen: 48
2400:1c00:1c::/48 maxlen: 48
2400:1c00:1e::/48 maxlen: 48
2400:1c00:1f::/48 maxlen: 48
2400:1c00:20::/44 maxlen: 44
2400:1c00:30::/44 maxlen: 44
2400:1c00:40::/44 maxlen: 44
2400:1c00:50::/44 maxlen: 44
2400:1c00:64::/48 maxlen: 48
2400:1c00:66::/48 maxlen: 48
2400:1c00:70::/44 maxlen: 44
2400:1c00:80::/43 maxlen: 43
2400:1c00:a0::/43 maxlen: 43
2400:1c00:f0::/44 maxlen: 44
2400:1c00:100::/44 maxlen: 44
2400:1c00:110::/44 maxlen: 44
2400:1c00:120::/44 maxlen: 44
2400:1c00:130::/44 maxlen: 44
2400:1c00:140::/44 maxlen: 44
2400:1c00:150::/44 maxlen: 44
2400:1c00:160::/44 maxlen: 44
2400:1c00:190::/44 maxlen: 44
2400:1c00:1a0::/44 maxlen: 44
2400:1c00:1b0::/44 maxlen: 44
2400:1c00:1d0::/44 maxlen: 44
2400:1c00:1e0::/44 maxlen: 44
2400:1c00:220::/44 maxlen: 44
2400:1c00:230::/44 maxlen: 44
2400:1c00:310::/45 maxlen: 45
2400:1c00:318::/45 maxlen: 45
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13309 (0x33fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AA48F, serialNumber=BE0E7A890F7281C654632E8BE80EBBF9FFB56503
Validity
Not Before: Jun 3 06:52:16 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=665d6820-88ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:5b:ad:be:58:0c:0e:3e:59:2b:14:bc:d7:a3:
f7:26:29:a7:f2:c3:96:a8:91:4b:e9:24:c2:5c:de:
0e:09:60:5d:5b:56:6a:5c:77:09:da:cb:79:06:9f:
8c:70:60:b1:c1:14:25:e0:a1:43:b3:a9:60:dd:bf:
2d:a2:a0:87:1c:aa:79:78:0a:c0:03:33:b8:1f:db:
27:31:fd:84:d7:d3:4b:4d:7c:22:f1:a0:91:65:c3:
16:2c:99:aa:ab:68:1c:64:0c:64:29:75:11:af:e5:
e0:0e:9f:05:33:39:2d:a7:27:f6:22:22:5c:40:a1:
22:5b:f2:cf:f8:48:1f:da:f2:62:6f:e6:59:e7:be:
34:47:35:04:2a:ae:15:55:4c:73:4d:1c:44:1b:c3:
b5:42:3e:3c:95:8c:1d:27:e3:49:e9:59:e4:b2:3a:
fa:6c:46:b1:4c:74:c3:f6:31:e5:13:e7:ee:2c:fb:
97:20:51:49:c2:7a:af:8d:ee:2a:a9:b7:33:87:d0:
67:48:8d:8d:9f:e0:08:14:68:04:72:a9:1f:57:f2:
a5:a7:49:bc:22:98:44:bf:4b:d0:2d:59:9f:56:58:
22:06:ce:b5:33:64:c2:47:16:32:53:fb:9f:ac:af:
25:3e:a7:29:3f:d2:32:19:03:39:04:b1:b5:3e:9a:
f7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:64:F4:BD:4E:79:59:2B:9F:A1:1B:DC:99:DB:3A:81:DF:58:90:C6
X509v3 Authority Key Identifier:
keyid:BE:0E:7A:89:0F:72:81:C6:54:63:2E:8B:E8:0E:BB:F9:FF:B5:65:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/D01AE368217511EF92339C27C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.100.128.0/17
111.65.31.0-111.65.79.255
119.234.0.0/16
180.255.128.0/17
202.78.56.0-202.78.58.255
IPv6:
2400:1c00:1::-2400:1c00:4:ffff:ffff:ffff:ffff:ffff
2400:1c00:b::-2400:1c00:c:ffff:ffff:ffff:ffff:ffff
2400:1c00:1a::-2400:1c00:1c:ffff:ffff:ffff:ffff:ffff
2400:1c00:1e::-2400:1c00:5f:ffff:ffff:ffff:ffff:ffff
2400:1c00:64::/48
2400:1c00:66::/48
2400:1c00:70::-2400:1c00:bf:ffff:ffff:ffff:ffff:ffff
2400:1c00:f0::-2400:1c00:16f:ffff:ffff:ffff:ffff:ffff
2400:1c00:190::-2400:1c00:1bf:ffff:ffff:ffff:ffff:ffff
2400:1c00:1d0::-2400:1c00:1ef:ffff:ffff:ffff:ffff:ffff
2400:1c00:220::/43
2400:1c00:310::/44
Signature Algorithm: sha256WithRSAEncryption
75:f1:45:ac:22:b8:af:2d:d5:19:c3:27:38:71:73:46:ef:32:
85:d5:27:95:7f:e0:32:ca:e1:10:5a:2b:42:73:9e:97:c5:43:
4b:37:ab:51:ba:23:ab:00:1e:0b:12:81:e8:78:3d:4c:fa:e1:
ad:8e:42:76:71:67:79:d6:8c:68:68:a0:7f:bf:ee:dd:28:99:
83:b3:08:92:08:b1:bc:ca:76:41:22:10:84:e3:9d:66:7c:e6:
ec:65:b7:d9:3f:db:a5:2e:e1:74:81:9a:2a:9e:6a:7a:7a:3c:
6f:42:c2:c2:bf:cd:35:5f:f7:0f:0b:63:08:fe:c9:33:ab:14:
2d:5d:07:de:a8:cc:98:30:8d:29:ec:0a:c0:d2:2a:dd:f4:34:
32:0e:65:74:3e:de:7b:05:5c:59:b6:ce:87:af:79:51:2a:d4:
be:84:b3:f0:b2:e4:54:0b:8d:6a:85:b9:2e:56:56:16:30:7a:
5a:93:f4:92:2e:cb:df:d0:0a:3e:5c:40:a0:9c:70:65:bb:a9:
b5:d1:89:25:69:77:95:60:a0:70:e1:fe:c4:e4:7b:d6:9e:d4:
dd:e7:ec:93:72:37:c0:cf:f0:f7:06:80:01:69:1c:f1:2d:0a:
7e:36:6c:33:ea:e9:cc:d8:1b:ca:d0:0a:af:f9:c3:1b:5d:e0:
71:f3:7f:69
-----BEGIN CERTIFICATE-----
MIIGbDCCBVSgAwIBAgICM/0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUE0OEYxMTAvBgNVBAUTKEJFMEU3QTg5MEY3MjgxQzY1NDYzMkU4QkU4MEVCQkY5
RkZCNTY1MDMwHhcNMjQwNjAzMDY1MjE2WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVkNjgyMC04OGJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2FutvlgMDj5ZKxS816P3Jimn8sOWqJFL6STCXN4OCWBdW1ZqXHcJ2st5Bp+M
cGCxwRQl4KFDs6lg3b8toqCHHKp5eArAAzO4H9snMf2E19NLTXwi8aCRZcMWLJmq
q2gcZAxkKXURr+XgDp8FMzktpyf2IiJcQKEiW/LP+Egf2vJib+ZZ5740RzUEKq4V
VUxzTRxEG8O1Qj48lYwdJ+NJ6Vnksjr6bEaxTHTD9jHlE+fuLPuXIFFJwnqvje4q
qbczh9BnSI2Nn+AIFGgEcqkfV/Klp0m8IphEv0vQLVmfVlgiBs61M2TCRxYyU/uf
rK8lPqcpP9IyGQM5BLG1Ppr3cQIDAQABo4IDkDCCA4wwHQYDVR0OBBYEFBFk9L1O
eVkrn6Eb3JnbOoHfWJDGMB8GA1UdIwQYMBaAFL4OeokPcoHGVGMui+gOu/n/tWUD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTQ4Ri84QzgxQTg1NjFE
OEQxMUUyODY2QzUwRUIwOEIwMkNEMi92ZzU2aVE5eWdjWlVZeTZMNkE2Ny1mLTFa
UU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZnNTZpUTl5Z2NaVVl5Nkw2QTY3LWYtMVpRTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUE0OEYvOEM4MUE4NTYxRDhEMTFFMjg2NkM1MEVCMDhCMDJDRDIvRDAxQUUzNjgy
MTc1MTFFRjkyMzM5QzI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEYBggrBgEFBQcBBwEB
/wSCAQcwggEDMDMEAgABMC0DBAcOZIAwDAMEAG9BHwMEBG9BQAMDAHfqAwQHtP+A
MAwDBAPKTjgDBADKTjowgcsEAgACMIHEMBIDBwAkABwAAAEDBwAkABwAAAQwEgMH
ACQAHAAACwMHACQAHAAADDASAwcBJAAcAAAaAwcAJAAcAAAcMBIDBwEkABwAAB4D
BwUkABwAAEADBwAkABwAAGQDBwAkABwAAGYwEgMHBCQAHAAAcAMHBiQAHAAAgDAS
AwcEJAAcAADwAwcEJAAcAAFgMBIDBwQkABwAAZADBwYkABwAAYAwEgMHBCQAHAAB
0AMHBCQAHAAB4AMHBSQAHAACIAMHBCQAHAADEDANBgkqhkiG9w0BAQsFAAOCAQEA
dfFFrCK4ry3VGcMnOHFzRu8yhdUnlX/gMsrhEForQnOel8VDSzerUbojqwAeCxKB
6Hg9TPrhrY5CdnFnedaMaGigf7/u3SiZg7MIkgixvMp2QSIQhOOdZnzm7GW32T/b
pS7hdIGaKp5qeno8b0LCwr/NNV/3DwtjCP7JM6sULV0H3qjMmDCNKewKwNIq3fQ0
Mg5ldD7eewVcWbbOh695USrUvoSz8LLkVAuNaoW5LlZWFjB6WpP0ki7L39AKPlxA
oJxwZbuptdGJJWl3lWCgcOH+xOR71p7U3efsk3I3wM/w9waAAWkc8S0KfjZsM+rp
zNgbytAKr/nDG13gcfN/aQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:36:45 2025 by rpki-client