Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/46F6682C82A911EC8F2C7911C4F9AE02.roa
File: 46F6682C82A911EC8F2C7911C4F9AE02.roa (raw, json)
Hash identifier: 145RVsBrBjWUcMfZGNSIS/FCOAR4VDJHHqEHxtez/Wg=
Subject key identifier: 18:32:C4:FE:A8:4E:56:93:0F:B8:C0:F2:FD:1D:0A:BC:2A:05:5A:5D
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 363D
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/46F6682C82A911EC8F2C7911C4F9AE02.roa
Signing time: Tue 01 Feb 2022 03:00:09 +0000
ROA not before: Tue 01 Feb 2022 03:00:09 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13885 (0x363d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Feb 1 03:00:09 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=61f8a239-8091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a7:32:a3:a7:90:ba:e6:a3:0b:20:ea:5c:38:
ba:9d:f4:42:c6:1f:2e:8b:4b:99:01:b4:e5:ff:80:
92:c1:4e:31:bd:f4:0a:de:ca:8d:c2:1f:65:5a:01:
50:32:d8:5a:5d:34:b0:a6:a5:3f:15:29:1d:ed:6f:
d2:c8:16:98:1a:9f:2b:4c:e4:ad:eb:7c:59:35:6d:
35:82:40:b8:d5:2f:be:cc:fc:5f:ac:ff:df:1f:3f:
31:71:b1:d1:32:68:b7:21:dd:34:da:22:a2:3a:26:
94:7c:25:9d:70:25:81:34:5c:1e:60:5c:a1:8b:0d:
c7:61:9e:1d:e2:b4:5b:4d:69:fb:0a:c2:c4:bb:34:
d0:eb:95:00:39:91:3d:f0:86:5f:8e:fd:8b:f9:7b:
8c:ce:39:80:f5:de:ed:f8:68:6c:91:cb:3e:c3:ce:
01:e1:3d:0e:4c:9c:db:8b:54:ca:28:34:60:44:b2:
82:ae:60:7a:85:d2:d1:ae:e1:98:e2:d7:5d:ae:b7:
45:6c:4a:ce:2e:f1:d0:30:f2:43:3c:5a:c9:a3:84:
be:8c:db:0a:87:59:5b:a3:e7:32:9d:f3:20:60:fa:
13:d9:6e:14:23:f6:a8:cd:2a:0f:28:17:78:4c:34:
d1:93:43:e6:b5:d5:9e:d9:e3:07:41:8c:30:b1:a0:
66:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:32:C4:FE:A8:4E:56:93:0F:B8:C0:F2:FD:1D:0A:BC:2A:05:5A:5D
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/46F6682C82A911EC8F2C7911C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
4b:85:f5:e8:c4:d8:b2:80:15:c0:22:f6:a4:6b:83:e7:bc:7f:
c8:60:c0:90:f8:60:ef:ef:92:33:21:af:c6:3a:46:19:16:89:
e5:3f:f5:32:cc:a3:bb:2b:15:4e:31:48:55:83:25:e3:32:3f:
5d:36:97:ad:83:7a:e2:a6:7c:ac:c6:2c:1c:fe:9e:58:42:9c:
89:8c:1b:ba:1a:99:8d:d0:40:82:24:6c:d9:90:dd:22:9a:b6:
89:5f:3a:ce:ae:2c:71:ff:df:ea:1a:0f:1d:21:f2:15:3f:ef:
b0:bf:8b:ff:4e:20:34:e2:55:30:99:12:04:fc:20:9b:b8:49:
cd:c9:86:1d:47:5c:6f:0e:1d:30:cb:81:8d:81:ec:b0:d1:f2:
88:69:91:bd:0a:6f:01:a6:b8:2f:c3:66:77:e7:fa:d6:32:44:
36:e2:f8:a9:9a:99:dc:75:a1:5c:97:f3:39:b6:eb:a2:e7:da:
9d:07:d2:c2:20:ba:00:ce:2e:0b:fc:74:4a:15:4e:d7:3f:98:
56:b7:52:69:5f:c2:db:64:b8:00:0f:61:ae:c6:ad:d8:13:90:
50:b3:87:18:74:be:a0:43:34:f6:9d:2b:ba:0c:ee:3c:15:de:
0d:6a:b6:7c:19:9a:1c:26:87:38:bd:b0:2d:b1:9a:ff:3f:79:
f9:20:96:35
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICNj0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMjAxMDMwMDA5WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWY4YTIzOS04MDkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo6cyo6eQuuajCyDqXDi6nfRCxh8ui0uZAbTl/4CSwU4xvfQK3sqNwh9lWgFQ
MthaXTSwpqU/FSkd7W/SyBaYGp8rTOSt63xZNW01gkC41S++zPxfrP/fHz8xcbHR
Mmi3Id002iKiOiaUfCWdcCWBNFweYFyhiw3HYZ4d4rRbTWn7CsLEuzTQ65UAOZE9
8IZfjv2L+XuMzjmA9d7t+Ghskcs+w84B4T0OTJzbi1TKKDRgRLKCrmB6hdLRruGY
4tddrrdFbErOLvHQMPJDPFrJo4S+jNsKh1lbo+cynfMgYPoT2W4UI/aozSoPKBd4
TDTRk0PmtdWe2eMHQYwwsaBmiwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFBgyxP6o
TlaTD7jA8v0dCrwqBVpdMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvNDZGNjY4MkM4
MkE5MTFFQzhGMkM3OTExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAS4X16MTYsoAVwCL2pGuD57x/yGDAkPhg7++SMyGvxjpGGRaJ5T/1Msyj
uysVTjFIVYMl4zI/XTaXrYN64qZ8rMYsHP6eWEKciYwbuhqZjdBAgiRs2ZDdIpq2
iV86zq4scf/f6hoPHSHyFT/vsL+L/04gNOJVMJkSBPwgm7hJzcmGHUdcbw4dMMuB
jYHssNHyiGmRvQpvAaa4L8Nmd+f61jJENuL4qZqZ3HWhXJfzObbroufanQfSwiC6
AM4uC/x0ShVO1z+YVrdSaV/C22S4AA9hrsat2BOQULOHGHS+oEM09p0rugzuPBXe
DWq2fBmaHCaHOL2wLbGa/z95+SCWNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org