Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/171F25CA9D6C11EC917DBC7AC4F9AE02.roa
File: 171F25CA9D6C11EC917DBC7AC4F9AE02.roa (raw, json)
Hash identifier: d1xkO9NJ65KmmM5iWv8wMYIf92JRR7DYBxhinwgDGFE=
Subject key identifier: 66:2C:69:0B:AF:40:F6:D0:80:7B:FD:CA:24:4E:49:40:81:AF:DC:9A
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 37B7
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/171F25CA9D6C11EC917DBC7AC4F9AE02.roa
Signing time: Mon 07 Mar 2022 03:40:09 +0000
ROA not before: Mon 07 Mar 2022 03:40:09 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14263 (0x37b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Mar 7 03:40:09 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=62257e99-e975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9a:9c:86:fa:2d:34:e4:2b:11:49:0c:33:ac:
21:f0:87:79:ca:de:5e:0b:14:99:0a:d8:7e:90:0a:
2b:0d:7b:43:2f:55:4d:c0:9c:41:38:f6:e4:62:94:
f7:85:1d:e6:fc:04:7c:db:b7:06:95:ae:f9:e5:c9:
3b:9f:5f:a3:e8:16:91:e5:e9:76:10:dc:c1:1c:1d:
98:e0:b0:07:24:5b:eb:68:0f:b2:7e:8f:24:4b:b0:
ef:65:97:c4:94:40:df:14:e6:44:9e:7f:43:52:e7:
cf:43:26:d1:6b:62:02:8a:f4:bf:f4:54:a9:bf:73:
5f:4a:20:77:0f:71:ce:d0:69:90:2f:e8:fb:79:73:
1f:aa:fb:5c:49:5d:95:02:65:04:9f:ee:ca:3a:00:
d0:07:e2:31:0b:c8:00:79:47:8e:38:a9:9e:29:65:
4b:53:7d:49:14:4b:4d:5a:b7:72:8a:23:f6:7c:42:
d7:4a:1b:a7:2c:d0:91:f8:fd:6f:22:a7:83:09:b3:
10:39:3a:36:cb:fd:b9:5f:e2:28:34:ac:c7:21:7f:
9b:8b:9b:04:d6:dc:54:94:1f:fe:ef:38:f9:2e:44:
25:4f:6b:27:09:55:df:a9:43:42:b6:7d:6b:88:6e:
da:d8:43:6e:86:3b:96:13:52:42:68:f0:c4:76:ec:
99:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:2C:69:0B:AF:40:F6:D0:80:7B:FD:CA:24:4E:49:40:81:AF:DC:9A
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/171F25CA9D6C11EC917DBC7AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
23:22:d1:af:71:6c:de:c4:01:d3:cc:86:00:3d:1c:b8:71:ab:
c5:25:78:f8:8e:50:45:f3:35:de:cf:a9:b5:6c:59:3b:80:3f:
a8:98:e3:a7:27:fb:63:01:df:5b:39:27:51:6d:61:11:36:84:
4c:14:64:fc:76:61:69:5c:78:77:5a:7e:2f:43:1c:5a:5d:ee:
51:c8:26:01:47:26:ca:9c:ed:5d:8f:4e:5c:00:e2:3a:47:42:
1f:ea:6a:35:44:9f:5b:ee:2e:a6:1e:cf:e3:6c:10:96:af:ef:
bd:a6:59:37:c8:8e:58:50:7b:9b:28:79:c1:46:bc:36:88:cf:
2a:80:7e:55:23:70:bd:e7:e9:b3:fe:b8:0a:6e:70:5a:85:79:
fe:2c:ad:a6:21:ca:70:61:fe:45:7c:7d:a6:8a:05:00:26:91:
e0:3d:d9:5c:af:b3:27:83:fd:e2:cb:15:d9:c4:f9:e8:86:64:
59:99:33:50:f4:60:92:bd:84:62:8f:81:1b:ce:08:fb:2d:58:
fc:0a:59:36:3a:6e:e0:aa:cb:42:58:c4:01:ca:2b:6b:f1:12:
94:43:f4:c5:1e:fc:2e:a4:e4:15:70:79:5b:37:5a:8a:0e:ba:
24:6e:33:5b:be:aa:f3:d5:bf:54:5d:d6:44:64:77:2c:cc:9b:
ef:d5:24:0d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICN7cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMzA3MDM0MDA5WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjI1N2U5OS1lOTc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwZqchvotNOQrEUkMM6wh8Id5yt5eCxSZCth+kAorDXtDL1VNwJxBOPbkYpT3
hR3m/AR827cGla755ck7n1+j6BaR5el2ENzBHB2Y4LAHJFvraA+yfo8kS7DvZZfE
lEDfFOZEnn9DUufPQybRa2ICivS/9FSpv3NfSiB3D3HO0GmQL+j7eXMfqvtcSV2V
AmUEn+7KOgDQB+IxC8gAeUeOOKmeKWVLU31JFEtNWrdyiiP2fELXShunLNCR+P1v
IqeDCbMQOTo2y/25X+IoNKzHIX+bi5sE1txUlB/+7zj5LkQlT2snCVXfqUNCtn1r
iG7a2ENuhjuWE1JCaPDEduyZCwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFGYsaQuv
QPbQgHv9yiROSUCBr9yaMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvMTcxRjI1Q0E5
RDZDMTFFQzkxN0RCQzdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAIyLRr3Fs3sQB08yGAD0cuHGrxSV4+I5QRfM13s+ptWxZO4A/qJjjpyf7
YwHfWzknUW1hETaETBRk/HZhaVx4d1p+L0McWl3uUcgmAUcmypztXY9OXADiOkdC
H+pqNUSfW+4uph7P42wQlq/vvaZZN8iOWFB7myh5wUa8NojPKoB+VSNwvefps/64
Cm5wWoV5/iytpiHKcGH+RXx9pooFACaR4D3ZXK+zJ4P94ssV2cT56IZkWZkzUPRg
kr2EYo+BG84I+y1Y/ApZNjpu4KrLQljEAcora/ESlEP0xR78LqTkFXB5Wzdaig66
JG4zW76q89W/VF3WRGR3LMyb79UkDQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org