Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/908DBA6E01A511EDA86DD226C4F9AE02.roa
File: 908DBA6E01A511EDA86DD226C4F9AE02.roa (raw, json)
Hash identifier: aAqslWYFTrzg4pnrQerBZDfKJ9jZv2pTyM+eOkO/dt4=
Subject key identifier: 62:B1:9E:FC:15:23:81:F5:65:AE:67:E3:DA:51:55:7F:4A:24:44:C8
Certificate issuer: /CN=A91536B7/serialNumber=981FA227A2A435C2B76E06C9C452D3EC751984D3
Certificate serial: 051D
Authority key identifier: 98:1F:A2:27:A2:A4:35:C2:B7:6E:06:C9:C4:52:D3:EC:75:19:84:D3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mB-iJ6KkNcK3bgbJxFLT7HUZhNM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/908DBA6E01A511EDA86DD226C4F9AE02.roa
Signing time: Sat 01 Oct 2022 17:14:06 +0000
ROA not before: Sat 01 Oct 2022 17:14:06 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 24322
IP address blocks: 103.215.15.0/24 maxlen: 24
2407:c280::/32 maxlen: 32
2407:c280:3000::/48 maxlen: 48
2407:c280:3001::/48 maxlen: 48
2407:c280:3002::/48 maxlen: 48
2407:c280:3003::/48 maxlen: 48
2407:c280:3004::/48 maxlen: 48
2407:c280:30ff::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1309 (0x51d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91536B7/serialNumber=981FA227A2A435C2B76E06C9C452D3EC751984D3
Validity
Not Before: Oct 1 17:14:06 2022 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=6338755e-fa31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:13:b4:21:94:e1:ee:d7:c5:49:79:0e:cc:e5:
52:72:92:c2:53:99:94:12:e1:85:b0:87:74:b5:74:
b6:c4:e5:6f:4a:63:d6:6a:d5:ea:c7:e9:6f:b1:62:
6d:4e:e3:47:ca:49:c0:3e:ab:a3:b3:d5:e5:45:67:
ac:70:50:82:75:19:99:1b:1b:6c:da:fd:9f:dd:f5:
a2:b5:6b:4a:c7:3d:dd:8d:81:d4:b6:f4:a2:57:4e:
7b:3c:05:18:41:67:04:85:db:84:07:04:17:59:66:
f1:a1:52:b3:ea:8d:ba:8d:a4:cb:3d:d6:de:ac:4d:
3d:cb:6a:f9:95:c9:c6:a0:a1:fb:58:ab:5b:7e:02:
63:79:c1:ea:7a:19:04:c5:17:02:a5:06:ed:92:bd:
a4:19:37:2a:30:f5:02:6a:0e:4c:b0:ba:e1:fc:5a:
67:f8:1e:f8:d9:b5:2d:2a:4d:73:64:08:34:bc:70:
34:5b:b2:97:1e:14:6f:7f:29:e9:ed:25:18:d6:46:
c4:29:2b:89:42:43:e4:66:ab:de:e3:b1:e9:3b:32:
e6:13:bb:74:ef:31:b8:f1:6b:09:52:42:84:8a:b1:
e5:76:df:3a:af:03:58:f3:d4:08:10:d0:fa:43:3f:
79:8a:e8:2f:c7:bc:25:20:92:50:99:42:c1:dc:52:
56:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B1:9E:FC:15:23:81:F5:65:AE:67:E3:DA:51:55:7F:4A:24:44:C8
X509v3 Authority Key Identifier:
keyid:98:1F:A2:27:A2:A4:35:C2:B7:6E:06:C9:C4:52:D3:EC:75:19:84:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/mB-iJ6KkNcK3bgbJxFLT7HUZhNM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mB-iJ6KkNcK3bgbJxFLT7HUZhNM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/908DBA6E01A511EDA86DD226C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.215.15.0/24
IPv6:
2407:c280::/32
Signature Algorithm: sha256WithRSAEncryption
5a:ed:be:45:b8:e9:fa:31:7d:d9:ca:9b:b2:9d:8b:89:ec:50:
4b:b4:e6:f4:e2:76:69:6b:c8:ed:58:64:e8:72:4c:b7:c9:68:
cd:da:c7:62:43:e6:a3:ad:a9:22:56:e3:05:a4:36:0d:72:07:
85:00:3b:69:e0:c4:63:9d:2f:b5:96:48:09:2f:89:5d:64:1a:
f9:5c:08:87:89:3f:ea:ed:e8:34:d5:d3:14:1c:a1:e7:b3:37:
68:92:2e:13:d3:da:01:af:6a:b3:e4:ae:a4:dd:06:a4:4f:08:
41:03:3c:9d:cc:8d:d9:0b:9f:72:9a:ae:92:10:71:46:96:92:
cf:9d:3e:5e:00:93:7a:25:38:0d:78:38:3d:1e:63:0f:4f:56:
86:d6:6c:e9:e5:ef:ee:38:2e:0c:9e:48:6d:7a:f5:62:e8:b6:
61:6e:a8:89:3b:01:3f:60:88:5d:34:70:ca:5e:ad:bb:f8:88:
dd:d4:36:49:54:9a:f9:fe:a9:c5:db:bb:53:0c:94:b4:29:fa:
c2:3f:b1:84:79:8c:60:9a:ba:6a:03:a8:ee:fa:09:0e:34:f7:
2d:51:74:35:7e:3c:18:1d:f4:8c:bc:ad:9a:d2:5d:38:6a:5e:
0a:ee:c3:ec:ee:1d:7d:8b:a4:43:24:80:71:d3:b4:69:70:6c:
77:fb:74:fd
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBR0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM2QjcxMTAvBgNVBAUTKDk4MUZBMjI3QTJBNDM1QzJCNzZFMDZDOUM0NTJEM0VD
NzUxOTg0RDMwHhcNMjIxMDAxMTcxNDA2WhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzM4NzU1ZS1mYTMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvxO0IZTh7tfFSXkOzOVScpLCU5mUEuGFsId0tXS2xOVvSmPWatXqx+lvsWJt
TuNHyknAPqujs9XlRWescFCCdRmZGxts2v2f3fWitWtKxz3djYHUtvSiV057PAUY
QWcEhduEBwQXWWbxoVKz6o26jaTLPdberE09y2r5lcnGoKH7WKtbfgJjecHqehkE
xRcCpQbtkr2kGTcqMPUCag5MsLrh/Fpn+B742bUtKk1zZAg0vHA0W7KXHhRvfynp
7SUY1kbEKSuJQkPkZqve47HpOzLmE7t07zG48WsJUkKEirHldt86rwNY89QIEND6
Qz95iugvx7wlIJJQmULB3FJWFwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFGKxnvwV
I4H1Za5n49pRVX9KJETIMB8GA1UdIwQYMBaAFJgfoieipDXCt24GycRS0+x1GYTT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzZCNy9GMUNEMjdCNDcz
QUQxMUU3QUNCRDAyNUVDNEY5QUUwMi9tQi1pSjZLa05jSzNiZ2JKeEZMVDdIVVpo
Tk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21CLWlKNktrTmNLM2JnYkp4RkxUN0hVWmhOTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM2QjcvRjFDRDI3QjQ3M0FEMTFFN0FDQkQwMjVFQzRGOUFFMDIvOTA4REJBNkUw
MUE1MTFFREE4NkREMjI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABn1w8wDQQCAAIwBwMFACQHwoAwDQYJKoZIhvcNAQELBQAD
ggEBAFrtvkW46foxfdnKm7Kdi4nsUEu05vTidmlryO1YZOhyTLfJaM3ax2JD5qOt
qSJW4wWkNg1yB4UAO2ngxGOdL7WWSAkviV1kGvlcCIeJP+rt6DTV0xQcoeezN2iS
LhPT2gGvarPkrqTdBqRPCEEDPJ3MjdkLn3KarpIQcUaWks+dPl4Ak3olOA14OD0e
Yw9PVobWbOnl7+44LgyeSG169WLotmFuqIk7AT9giF00cMperbv4iN3UNklUmvn+
qcXbu1MMlLQp+sI/sYR5jGCaumoDqO76CQ409y1RdDV+PBgd9Iy8rZrSXThqXgru
w+zuHX2LpEMkgHHTtGlwbHf7dP0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:42 2023 by rpki-client on console-fra.rpki-client.org