Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/17816F2ECC0211EFA2F67C21C4F9AE02.roa
File: 17816F2ECC0211EFA2F67C21C4F9AE02.roa (raw, json)
Hash identifier: VPINkPDfkb7KbqESVcrAhqe9im/fDOjg/KRhYMZpv78=
Subject key identifier: A1:5B:7C:B0:33:72:15:BD:F7:A8:97:55:E1:A7:6F:A8:9B:1E:6C:0E
Certificate issuer: /CN=A91DB4FE/serialNumber=7F6BE1D5A2730FC227FAFC896D13433241783179
Certificate serial: 07C4
Authority key identifier: 7F:6B:E1:D5:A2:73:0F:C2:27:FA:FC:89:6D:13:43:32:41:78:31:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/17816F2ECC0211EFA2F67C21C4F9AE02.roa
Signing time: Mon 06 Jan 2025 07:44:43 +0000
ROA not before: Mon 06 Jan 2025 07:44:43 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 9723
IP address blocks: 1.178.2.0/23 maxlen: 24
1.178.64.0/20 maxlen: 24
1.178.80.0/20 maxlen: 24
1.178.96.0/20 maxlen: 24
1.178.144.0/20 maxlen: 20
1.178.144.0/21 maxlen: 24
1.178.160.0/20 maxlen: 24
1.178.176.0/20 maxlen: 24
1.178.192.0/20 maxlen: 20
1.178.192.0/21 maxlen: 24
1.179.0.0/20 maxlen: 24
1.179.16.0/20 maxlen: 24
1.179.32.0/21 maxlen: 21
1.179.48.0/20 maxlen: 24
1.179.64.0/21 maxlen: 21
1.179.80.0/21 maxlen: 21
1.179.96.0/20 maxlen: 24
58.87.0.0/20 maxlen: 20
58.87.0.0/23 maxlen: 23
58.87.2.0/23 maxlen: 23
58.87.6.0/23 maxlen: 23
58.87.8.0/23 maxlen: 23
58.87.10.0/23 maxlen: 23
58.87.12.0/23 maxlen: 23
58.87.14.0/24 maxlen: 24
58.87.15.0/24 maxlen: 24
110.238.2.0/23 maxlen: 23
110.238.4.0/22 maxlen: 22
110.238.4.0/23 maxlen: 23
110.238.6.0/23 maxlen: 23
110.238.8.0/23 maxlen: 23
110.238.10.0/23 maxlen: 23
110.238.12.0/23 maxlen: 23
110.238.14.0/23 maxlen: 23
110.238.16.0/20 maxlen: 20
110.238.16.0/24 maxlen: 24
110.238.18.0/24 maxlen: 24
110.238.21.0/24 maxlen: 24
110.238.24.0/24 maxlen: 24
110.238.25.0/24 maxlen: 24
110.238.128.0/20 maxlen: 20
110.238.128.0/21 maxlen: 24
110.238.144.0/20 maxlen: 20
110.238.144.0/22 maxlen: 24
110.238.152.0/21 maxlen: 21
110.238.224.0/20 maxlen: 20
110.238.224.0/21 maxlen: 24
110.238.240.0/20 maxlen: 20
110.238.240.0/23 maxlen: 24
110.239.0.0/20 maxlen: 20
110.239.16.0/20 maxlen: 20
110.239.32.0/20 maxlen: 20
110.239.32.0/22 maxlen: 24
110.239.128.0/20 maxlen: 20
110.239.128.0/21 maxlen: 21
110.239.144.0/20 maxlen: 20
110.239.176.0/21 maxlen: 21
110.239.176.0/24 maxlen: 24
110.239.178.0/24 maxlen: 24
110.239.224.0/20 maxlen: 20
110.239.240.0/20 maxlen: 20
119.12.0.0/20 maxlen: 20
119.12.80.0/20 maxlen: 20
119.12.80.0/21 maxlen: 24
119.12.96.0/21 maxlen: 21
119.12.112.0/20 maxlen: 20
119.12.112.0/21 maxlen: 24
119.12.144.0/21 maxlen: 24
119.13.0.0/23 maxlen: 23
119.13.2.0/24 maxlen: 24
119.13.3.0/24 maxlen: 24
119.13.4.0/23 maxlen: 23
119.13.6.0/23 maxlen: 23
119.13.8.0/23 maxlen: 23
119.13.10.0/24 maxlen: 24
119.13.16.0/21 maxlen: 24
119.13.48.0/21 maxlen: 21
119.13.48.0/24 maxlen: 24
119.13.49.0/24 maxlen: 24
119.13.128.0/20 maxlen: 20
119.13.144.0/21 maxlen: 24
119.13.176.0/21 maxlen: 23
119.13.176.0/23 maxlen: 24
119.13.178.0/24 maxlen: 24
119.13.180.0/22 maxlen: 24
119.13.240.0/21 maxlen: 24
121.91.16.0/20 maxlen: 20
121.91.96.0/21 maxlen: 24
121.91.112.0/20 maxlen: 20
121.91.128.0/21 maxlen: 24
121.91.144.0/21 maxlen: 21
121.91.160.0/21 maxlen: 21
121.91.192.0/21 maxlen: 24
123.200.128.0/20 maxlen: 20
123.200.133.0/24 maxlen: 24
123.200.136.0/22 maxlen: 22
123.200.140.0/22 maxlen: 22
123.200.144.0/22 maxlen: 22
123.200.148.0/22 maxlen: 22
123.200.152.0/21 maxlen: 21
123.200.160.0/23 maxlen: 23
123.200.162.0/23 maxlen: 23
123.200.164.0/23 maxlen: 23
123.200.165.0/24 maxlen: 24
123.200.166.0/23 maxlen: 23
123.200.168.0/23 maxlen: 23
123.200.170.0/23 maxlen: 23
123.200.172.0/24 maxlen: 24
123.200.174.0/24 maxlen: 24
123.200.175.0/24 maxlen: 24
123.200.176.0/23 maxlen: 23
123.200.179.0/24 maxlen: 24
123.200.180.0/23 maxlen: 23
123.200.182.0/23 maxlen: 23
123.200.184.0/22 maxlen: 22
123.200.187.0/24 maxlen: 24
123.200.188.0/23 maxlen: 23
123.200.192.0/21 maxlen: 21
123.200.200.0/21 maxlen: 24
123.200.208.0/21 maxlen: 21
123.200.216.0/21 maxlen: 21
123.200.224.0/21 maxlen: 21
123.200.240.0/21 maxlen: 24
202.83.64.0/19 maxlen: 19
202.83.64.0/22 maxlen: 22
202.83.68.0/23 maxlen: 23
202.83.70.0/23 maxlen: 23
202.83.72.0/24 maxlen: 24
202.83.73.0/24 maxlen: 24
202.83.74.0/23 maxlen: 23
202.83.76.0/22 maxlen: 22
202.83.80.0/23 maxlen: 23
202.83.82.0/24 maxlen: 24
202.83.83.0/24 maxlen: 24
202.83.84.0/22 maxlen: 22
202.83.88.0/23 maxlen: 23
202.83.90.0/23 maxlen: 23
202.83.92.0/23 maxlen: 23
202.83.94.0/24 maxlen: 24
202.83.95.0/24 maxlen: 24
202.183.96.0/20 maxlen: 20
202.183.96.0/24 maxlen: 24
202.183.97.0/24 maxlen: 24
202.183.98.0/24 maxlen: 24
202.183.100.0/23 maxlen: 23
202.183.102.0/23 maxlen: 23
202.183.102.0/24 maxlen: 24
202.183.104.0/22 maxlen: 22
202.183.108.0/24 maxlen: 24
202.183.110.0/24 maxlen: 24
202.183.111.0/24 maxlen: 24
202.183.112.0/20 maxlen: 20
202.183.112.0/23 maxlen: 23
202.183.114.0/23 maxlen: 23
202.183.116.0/23 maxlen: 23
202.183.118.0/24 maxlen: 24
202.183.119.0/24 maxlen: 24
202.183.120.0/22 maxlen: 22
202.183.124.0/23 maxlen: 23
202.183.126.0/24 maxlen: 24
202.183.127.0/24 maxlen: 24
210.56.64.0/24 maxlen: 24
210.56.68.0/23 maxlen: 24
210.56.70.0/23 maxlen: 24
220.157.64.0/24 maxlen: 24
220.157.69.0/24 maxlen: 24
220.157.70.0/24 maxlen: 24
220.157.71.0/24 maxlen: 24
220.157.74.0/23 maxlen: 24
220.157.79.0/24 maxlen: 24
220.157.80.0/23 maxlen: 24
220.157.82.0/23 maxlen: 24
220.157.84.0/23 maxlen: 24
220.157.86.0/23 maxlen: 24
220.157.88.0/23 maxlen: 23
220.157.90.0/24 maxlen: 24
220.157.91.0/24 maxlen: 24
220.157.92.0/24 maxlen: 24
220.157.93.0/24 maxlen: 24
220.157.94.0/24 maxlen: 24
220.157.95.0/24 maxlen: 24
2407:6800::/32 maxlen: 32
2407:6800:0:200::/56 maxlen: 56
2407:6800:0:300::/56 maxlen: 56
2407:6800:0:400::/56 maxlen: 56
2407:6800:0:500::/56 maxlen: 56
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1988 (0x7c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DB4FE, serialNumber=7F6BE1D5A2730FC227FAFC896D13433241783179
Validity
Not Before: Jan 6 07:44:43 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=677b89eb-2946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:22:24:d9:11:f6:f5:32:74:3c:0f:19:b1:a9:
65:88:13:25:40:be:53:4f:32:d5:66:80:61:e3:e4:
f3:eb:67:31:59:ed:eb:da:98:dd:a5:6b:90:86:8e:
74:9e:9a:ce:cf:c2:2f:50:39:25:a4:c1:35:e9:1f:
09:1b:4b:ec:ae:78:2b:b6:4a:bc:49:e6:15:a5:6a:
74:7d:81:15:65:dd:2f:05:9a:9a:9d:b3:67:2a:f6:
1b:90:23:66:72:c8:7b:47:ac:40:22:75:20:dc:b5:
3a:25:ab:17:2c:e0:ca:c3:18:0b:b1:0f:40:06:2c:
29:93:cd:ca:b5:c4:7f:02:57:4d:a9:2a:4b:90:b0:
46:fc:77:b2:fb:23:a9:7d:30:e0:9d:26:ff:b1:23:
18:61:8b:cf:ec:28:be:fa:c1:5e:19:a8:4b:2a:3b:
af:52:a3:c6:18:77:f1:f7:7d:eb:4c:30:ec:02:fc:
98:2b:71:c6:cc:71:86:23:3f:09:d0:f1:64:c7:fa:
9d:66:14:a6:76:7b:d7:29:24:80:3d:ed:5f:a7:fb:
78:72:28:50:1d:0b:23:40:bb:8d:f0:f3:b8:90:52:
88:f6:fd:27:d9:85:2d:b7:59:2a:f4:e8:64:0d:4d:
49:b7:b4:46:6e:49:ef:16:99:b0:c4:15:48:df:12:
e4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:5B:7C:B0:33:72:15:BD:F7:A8:97:55:E1:A7:6F:A8:9B:1E:6C:0E
X509v3 Authority Key Identifier:
keyid:7F:6B:E1:D5:A2:73:0F:C2:27:FA:FC:89:6D:13:43:32:41:78:31:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/f2vh1aJzD8In-vyJbRNDMkF4MXk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/17816F2ECC0211EFA2F67C21C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.178.2.0/23
1.178.64.0-1.178.111.255
1.178.144.0-1.178.207.255
1.179.0.0-1.179.39.255
1.179.48.0-1.179.71.255
1.179.80.0/21
1.179.96.0/20
58.87.0.0/20
110.238.2.0-110.238.31.255
110.238.128.0/19
110.238.224.0-110.239.47.255
110.239.128.0/19
110.239.176.0/21
110.239.224.0/19
119.12.0.0/20
119.12.80.0-119.12.103.255
119.12.112.0/20
119.12.144.0/21
119.13.0.0-119.13.10.255
119.13.16.0/21
119.13.48.0/21
119.13.128.0-119.13.151.255
119.13.176.0/21
119.13.240.0/21
121.91.16.0/20
121.91.96.0/21
121.91.112.0-121.91.135.255
121.91.144.0/21
121.91.160.0/21
121.91.192.0/21
123.200.128.0-123.200.172.255
123.200.174.0-123.200.177.255
123.200.179.0-123.200.189.255
123.200.192.0-123.200.231.255
123.200.240.0/21
202.83.64.0/19
202.183.96.0/19
210.56.64.0/24
210.56.68.0/22
220.157.64.0/24
220.157.69.0-220.157.71.255
220.157.74.0/23
220.157.79.0-220.157.95.255
IPv6:
2407:6800::/32
Signature Algorithm: sha256WithRSAEncryption
18:79:52:e6:0e:56:b7:0b:45:f6:e8:d1:30:c8:ea:01:67:58:
57:59:fa:32:63:48:4d:05:e3:89:cd:f1:93:d6:f9:9b:73:14:
9b:c0:37:39:d3:c5:bc:4a:3a:53:b1:18:7d:1a:16:f6:bc:61:
88:d2:6f:36:b4:74:be:e4:29:a5:26:51:e7:b2:ae:a4:fa:11:
18:14:4a:23:5a:f0:01:3c:08:9a:c3:7d:b1:33:fb:87:aa:65:
f8:14:42:2e:77:1d:c4:89:0e:55:1e:db:ec:4c:e8:55:76:f7:
5e:65:dd:ee:dd:2d:76:4b:81:19:7c:35:95:ae:3f:9b:2d:ed:
bb:5f:4f:f3:f5:1d:ae:86:8d:e3:09:1f:fe:c1:8a:56:75:fd:
8c:36:31:d3:9c:8e:13:4a:f8:38:d9:a8:50:44:7b:06:78:89:
20:10:ab:60:11:6b:8e:be:81:a2:c4:af:9b:48:c1:75:2d:94:
d9:56:d1:93:0f:9a:ca:67:dd:91:43:c5:3e:03:9d:e7:70:7e:
f1:40:76:b5:24:2c:b4:67:a0:77:1c:66:a3:04:9c:65:92:ae:
a6:c1:26:39:ed:b9:78:7f:cf:32:b3:3d:9b:20:d4:14:0f:74:
72:11:1e:0b:36:2a:48:ef:d1:29:a4:3b:e6:22:3b:58:15:22:
8a:2c:8e:89
-----BEGIN CERTIFICATE-----
MIIHBDCCBeygAwIBAgICB8QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REI0RkUxMTAvBgNVBAUTKDdGNkJFMUQ1QTI3MzBGQzIyN0ZBRkM4OTZEMTM0MzMy
NDE3ODMxNzkwHhcNMjUwMTA2MDc0NDQzWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdiODllYi0yOTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8CIk2RH29TJ0PA8ZsalliBMlQL5TTzLVZoBh4+Tz62cxWe3r2pjdpWuQho50
nprOz8IvUDklpME16R8JG0vsrngrtkq8SeYVpWp0fYEVZd0vBZqanbNnKvYbkCNm
csh7R6xAInUg3LU6JasXLODKwxgLsQ9ABiwpk83KtcR/AldNqSpLkLBG/Hey+yOp
fTDgnSb/sSMYYYvP7Ci++sFeGahLKjuvUqPGGHfx933rTDDsAvyYK3HGzHGGIz8J
0PFkx/qdZhSmdnvXKSSAPe1fp/t4cihQHQsjQLuN8PO4kFKI9v0n2YUtt1kq9Ohk
DU1Jt7RGbknvFpmwxBVI3xLkJwIDAQABo4IEKDCCBCQwHQYDVR0OBBYEFKFbfLAz
chW996iXVeGnb6ibHmwOMB8GA1UdIwQYMBaAFH9r4dWicw/CJ/r8iW0TQzJBeDF5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQjRGRS9DRjRBMTBFQTg1
RTExMUVCQUZCNTFFODRDNEY5QUUwMi9mMnZoMWFKekQ4SW4tdnlKYlJORE1rRjRN
WGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2YydmgxYUp6RDhJbi12eUpiUk5ETWtGNE1Yay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REI0RkUvQ0Y0QTEwRUE4NUUxMTFFQkFGQjUxRTg0QzRGOUFFMDIvMTc4MTZGMkVD
QzAyMTFFRkEyRjY3QzIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggGwBggrBgEFBQcBBwEB
/wSCAZ8wggGbMIIBiAQCAAEwggGAAwQBAbICMAwDBAYBskADBAQBsmAwDAMEBAGy
kAMEBAGywDALAwMAAbMDBAMBsyAwDAMEBAGzMAMEAwGzQAMEAwGzUAMEBAGzYAME
BDpXADAMAwQBbu4CAwQFbu4AAwQFbu6AMAwDBAVu7uADBARu7yADBAVu74ADBANu
77ADBAVu7+ADBAR3DAAwDAMEBHcMUAMEA3cMYAMEBHcMcAMEA3cMkDALAwMAdw0D
BAB3DQoDBAN3DRADBAN3DTAwDAMEB3cNgAMEA3cNkAMEA3cNsAMEA3cN8AMEBHlb
EAMEA3lbYDAMAwQEeVtwAwQDeVuAAwQDeVuQAwQDeVugAwQDeVvAMAwDBAd7yIAD
BAB7yKwwDAMEAXvIrgMEAXvIsDAMAwQAe8izAwQBe8i8MAwDBAZ7yMADBAN7yOAD
BAN7yPADBAXKU0ADBAXKt2ADBADSOEADBALSOEQDBADcnUAwDAMEANydRQMEA9yd
QAMEAdydSjAMAwQA3J1PAwQF3J1AMA0EAgACMAcDBQAkB2gAMA0GCSqGSIb3DQEB
CwUAA4IBAQAYeVLmDla3C0X26NEwyOoBZ1hXWfoyY0hNBeOJzfGT1vmbcxSbwDc5
08W8SjpTsRh9Ghb2vGGI0m82tHS+5CmlJlHnsq6k+hEYFEojWvABPAiaw32xM/uH
qmX4FEIudx3EiQ5VHtvsTOhVdvdeZd3u3S12S4EZfDWVrj+bLe27X0/z9R2uho3j
CR/+wYpWdf2MNjHTnI4TSvg42ahQRHsGeIkgEKtgEWuOvoGixK+bSMF1LZTZVtGT
D5rKZ92RQ8U+A53ncH7xQHa1JCy0Z6B3HGajBJxlkq6mwSY57bl4f88ysz2bINQU
D3RyER4LNipI79EppDvmIjtYFSKKLI6J
-----END CERTIFICATE-----
Generated at Wed May 14 00:30:01 2025 by rpki-client