Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/81469C54C7B911ECA398E513C4F9AE02.roa
File: 81469C54C7B911ECA398E513C4F9AE02.roa (raw, json)
Hash identifier: Ppj1A4vlwIk48EOz8YfPAZkizlKpTl/U8r76Ofxa5Yc=
Subject key identifier: 07:C3:4B:73:CC:34:5D:F4:52:15:73:4B:7B:0F:08:14:E5:2C:37:32
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3985
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/81469C54C7B911ECA398E513C4F9AE02.roa
Signing time: Fri 29 Apr 2022 12:40:10 +0000
ROA not before: Fri 29 Apr 2022 12:40:10 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14725 (0x3985)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Apr 29 12:40:10 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=626bdca9-19ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d2:48:c4:82:44:e3:3a:8e:6f:55:a9:b7:3c:
e5:65:78:b9:fe:b1:9f:3e:eb:8d:aa:d9:40:e9:a7:
e7:58:8f:60:bf:5d:72:d7:a8:d8:3c:d2:27:72:7b:
b2:e2:b4:43:d5:7e:b7:4b:2c:94:0d:48:db:aa:ce:
58:aa:43:ac:3c:ac:1c:4b:f1:26:4c:13:f4:ee:59:
6b:ce:84:ff:2c:ab:17:66:fa:48:3c:f4:a8:d4:32:
db:dc:15:f3:91:8d:b9:d0:95:70:62:69:90:42:58:
41:66:f9:13:2a:6d:c6:2a:b3:66:0c:86:00:75:7a:
1f:5b:23:2c:38:b4:6d:ac:6b:cb:ec:a4:f1:63:2f:
75:8f:cd:4b:a6:83:b5:35:ca:72:f7:76:56:c0:69:
76:41:16:17:a9:b0:21:b0:03:81:2d:47:ea:9d:1d:
e1:0d:f4:9b:4b:d2:8a:d4:ab:ec:fe:55:1f:20:f9:
64:fd:a7:72:89:7d:83:83:c5:75:4c:60:82:3c:d2:
c1:cb:b7:fe:8e:77:7a:b4:9b:cb:52:1e:a9:d6:95:
00:8d:f4:54:00:b8:61:b1:64:35:95:2c:4a:c1:db:
51:18:79:81:0c:d7:e4:23:30:c5:10:95:66:ac:3f:
13:ef:ab:8f:21:4c:ff:b4:8d:e7:83:19:47:66:96:
0f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:C3:4B:73:CC:34:5D:F4:52:15:73:4B:7B:0F:08:14:E5:2C:37:32
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/81469C54C7B911ECA398E513C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/24
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
68:b9:d6:3a:61:79:1d:3a:8a:4a:2b:17:93:ce:c8:ee:45:25:
d9:84:a2:87:0f:57:e7:ab:14:40:d7:9b:9c:3b:b2:c8:1b:3f:
be:43:5d:ad:6c:a0:cc:e9:bb:f1:14:55:bd:06:9e:63:d2:6e:
6e:b2:28:d9:07:7a:96:4c:06:34:a5:35:81:d0:e6:13:5e:50:
2f:d9:3d:d1:04:be:df:4a:99:9e:f6:7f:97:c0:7b:89:f4:fa:
a6:2b:2c:35:b2:62:76:28:7c:7e:52:89:bd:65:c9:bf:b6:e0:
61:2b:48:ac:8e:b9:26:9e:7c:76:9f:78:db:7e:02:6c:ce:af:
57:7f:05:63:84:55:a6:24:b1:c6:5a:df:7d:04:63:c6:fc:ba:
dd:a0:74:f3:b1:eb:e3:fa:de:bd:f0:4c:41:4d:92:fa:ad:40:
ec:65:a5:5f:d9:bb:d7:93:39:70:3e:5a:73:97:34:a1:f0:5c:
68:91:c7:24:52:9f:bc:23:29:f8:a7:67:a4:19:7a:01:35:d5:
f3:8b:b2:3f:0d:75:c8:9f:d5:c0:da:1f:ed:75:1f:2d:67:15:
b3:df:ca:f7:35:4c:50:1b:73:77:f8:c9:e5:eb:12:7e:23:f7:
c0:7f:38:3e:83:f6:d1:52:84:a4:0e:26:18:a7:d7:bc:5a:f4:
d2:98:ba:26
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOYUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNDI5MTI0MDEwWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjZiZGNhOS0xOWVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwdJIxIJE4zqOb1WptzzlZXi5/rGfPuuNqtlA6afnWI9gv11y16jYPNIncnuy
4rRD1X63SyyUDUjbqs5YqkOsPKwcS/EmTBP07llrzoT/LKsXZvpIPPSo1DLb3BXz
kY250JVwYmmQQlhBZvkTKm3GKrNmDIYAdXofWyMsOLRtrGvL7KTxYy91j81LpoO1
Ncpy93ZWwGl2QRYXqbAhsAOBLUfqnR3hDfSbS9KK1Kvs/lUfIPlk/adyiX2Dg8V1
TGCCPNLBy7f+jnd6tJvLUh6p1pUAjfRUALhhsWQ1lSxKwdtRGHmBDNfkIzDFEJVm
rD8T76uPIUz/tI3ngxlHZpYP0QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFAfDS3PM
NF30UhVzS3sPCBTlLDcyMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvODE0NjlDNTRD
N0I5MTFFQ0EzOThFNTEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAaLnWOmF5HTqKSisXk87I7kUl2YSihw9X56sUQNebnDuyyBs/vkNdrWyg
zOm78RRVvQaeY9JubrIo2Qd6lkwGNKU1gdDmE15QL9k90QS+30qZnvZ/l8B7ifT6
pissNbJidih8flKJvWXJv7bgYStIrI65Jp58dp94234CbM6vV38FY4RVpiSxxlrf
fQRjxvy63aB087Hr4/revfBMQU2S+q1A7GWlX9m715M5cD5ac5c0ofBcaJHHJFKf
vCMp+KdnpBl6ATXV84uyPw11yJ/VwNof7XUfLWcVs9/K9zVMUBtzd/jJ5esSfiP3
wH84PoP20VKEpA4mGKfXvFr00pi6Jg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org