Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/1423B2C4BC3311EC8B179731C4F9AE02.roa
File: 1423B2C4BC3311EC8B179731C4F9AE02.roa (raw, json)
Hash identifier: 6WCA31RUMpKTTw9w6qP62SSkyIm3iATw2aNwTzStWx4=
Subject key identifier: 8C:4D:71:6E:FA:98:96:69:7E:75:43:DD:E5:E0:3B:E4:7E:15:59:81
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 38DF
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/1423B2C4BC3311EC8B179731C4F9AE02.roa
Signing time: Fri 15 Apr 2022 08:20:09 +0000
ROA not before: Fri 15 Apr 2022 08:20:09 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14559 (0x38df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Apr 15 08:20:09 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=62592ab9-0035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:35:2c:2e:ba:0d:5e:39:42:4d:2f:0a:ac:e0:
26:c9:21:f8:8e:5f:17:65:e5:1f:9c:e7:c7:70:78:
09:05:f6:b2:30:54:8c:38:2a:95:7b:db:2b:40:d3:
a9:75:e9:81:e9:f9:71:49:c3:26:28:70:bc:d0:6b:
c8:c1:60:48:84:33:31:ab:1d:5a:6a:30:d6:e7:6a:
90:09:5e:c7:0e:b8:df:cb:ee:0f:31:23:d1:a2:2b:
dc:14:8e:04:81:6a:86:87:df:99:24:70:dc:33:73:
82:00:6d:a0:7b:32:2b:de:04:ec:12:88:ec:c3:c4:
c0:78:46:68:79:d2:4f:3a:cd:75:bc:9e:c9:0c:09:
44:07:4a:7f:1b:c0:10:bc:d9:7e:8b:a3:4c:a3:8d:
6e:b5:d8:85:63:ba:e4:c9:66:7e:79:45:7b:b1:ca:
22:28:65:ae:d1:b6:df:88:33:41:e9:13:ea:7c:af:
79:6d:43:a1:f7:04:79:c5:e1:f5:0f:a6:86:09:c8:
7c:74:5b:15:02:d9:95:07:70:32:df:bf:27:47:6d:
97:95:16:1a:ee:8d:0f:98:df:d3:da:68:2e:b3:3e:
8b:46:b4:29:6c:e1:9c:6f:24:b1:1a:da:3f:c2:c2:
3a:96:e7:f8:64:99:a8:87:d5:5e:9d:01:96:7c:59:
a7:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:4D:71:6E:FA:98:96:69:7E:75:43:DD:E5:E0:3B:E4:7E:15:59:81
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/1423B2C4BC3311EC8B179731C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
a8:85:d6:90:0e:ed:61:9d:17:08:4b:58:b7:93:b8:05:3c:65:
cd:21:18:2a:6d:ac:47:25:d0:6b:19:94:25:31:8e:7a:ab:7a:
bf:db:46:a3:e1:7a:3f:21:0f:95:0e:e1:f9:91:70:fc:fa:4c:
3e:e9:1b:85:9d:53:97:f2:94:51:5b:8a:d7:6e:4a:f9:15:2b:
31:31:1b:1d:0d:75:8d:7f:62:a7:e5:0c:43:68:22:ef:c2:ff:
34:35:36:89:57:e9:74:b5:56:8a:4d:bd:41:20:e7:8e:f9:c4:
ab:fe:e6:f3:d6:8b:7f:3b:1d:0a:f6:7f:04:96:62:e3:8a:f3:
29:0d:c2:21:3b:da:c3:ad:eb:e8:a1:35:0a:f4:90:f2:c4:3a:
ed:5b:48:13:c6:4b:b7:c1:ce:4a:6f:85:e1:31:7a:24:dc:60:
c7:58:8a:66:23:fd:29:25:c5:c1:0d:94:e1:21:99:54:1d:47:
b5:7e:e7:13:f9:15:79:43:ba:9d:90:8d:5c:e6:60:8d:60:c3:
bf:98:d0:33:65:26:39:88:1e:c0:c1:fa:27:bb:94:92:3a:42:
5f:a7:d2:c9:66:df:ff:24:96:29:93:99:82:fb:6b:c6:63:1f:
11:96:2b:14:74:15:ff:c0:19:ad:d3:56:e4:e2:fd:1e:60:6b:
45:57:ad:dd
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICON8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNDE1MDgyMDA5WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjU5MmFiOS0wMDM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzDUsLroNXjlCTS8KrOAmySH4jl8XZeUfnOfHcHgJBfayMFSMOCqVe9srQNOp
demB6flxScMmKHC80GvIwWBIhDMxqx1aajDW52qQCV7HDrjfy+4PMSPRoivcFI4E
gWqGh9+ZJHDcM3OCAG2gezIr3gTsEojsw8TAeEZoedJPOs11vJ7JDAlEB0p/G8AQ
vNl+i6NMo41utdiFY7rkyWZ+eUV7scoiKGWu0bbfiDNB6RPqfK95bUOh9wR5xeH1
D6aGCch8dFsVAtmVB3Ay378nR22XlRYa7o0PmN/T2mgusz6LRrQpbOGcbySxGto/
wsI6luf4ZJmoh9VenQGWfFmndwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFIxNcW76
mJZpfnVD3eXgO+R+FVmBMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvMTQyM0IyQzRC
QzMzMTFFQzhCMTc5NzMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAqIXWkA7tYZ0XCEtYt5O4BTxlzSEYKm2sRyXQaxmUJTGOeqt6v9tGo+F6
PyEPlQ7h+ZFw/PpMPukbhZ1Tl/KUUVuK125K+RUrMTEbHQ11jX9ip+UMQ2gi78L/
NDU2iVfpdLVWik29QSDnjvnEq/7m89aLfzsdCvZ/BJZi44rzKQ3CITvaw63r6KE1
CvSQ8sQ67VtIE8ZLt8HOSm+F4TF6JNxgx1iKZiP9KSXFwQ2U4SGZVB1HtX7nE/kV
eUO6nZCNXOZgjWDDv5jQM2UmOYgewMH6J7uUkjpCX6fSyWbf/ySWKZOZgvtrxmMf
EZYrFHQV/8AZrdNW5OL9HmBrRVet3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org