Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/DD7CC94CE74611ECA4119587C4F9AE02.roa
File: DD7CC94CE74611ECA4119587C4F9AE02.roa (raw, json)
Hash identifier: 9aXMkcjn8ue5kxoeYaxWYrsuIoSB8M7cBXmWAjZ+UB8=
Subject key identifier: 81:F9:D2:16:AB:A9:90:48:F9:9D:72:E7:28:03:8A:70:CE:59:91:74
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3B21
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/DD7CC94CE74611ECA4119587C4F9AE02.roa
Signing time: Thu 09 Jun 2022 03:50:08 +0000
ROA not before: Thu 09 Jun 2022 03:50:08 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15137 (0x3b21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Jun 9 03:50:08 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=62a16df0-e422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:50:82:99:b0:28:79:8b:9c:2c:f4:2a:80:f2:
47:85:d9:26:6d:44:ae:ea:fe:47:24:bb:72:69:41:
9f:fd:11:0a:ab:e8:26:de:d4:7e:1e:a5:1f:fa:b3:
e6:53:26:dd:de:6e:22:8f:33:51:e5:61:0f:e7:5c:
b5:8c:be:01:b1:3a:15:2d:2e:ea:64:4e:70:85:d4:
3d:fc:0e:83:70:3d:69:d0:95:81:31:00:f0:cf:0d:
d4:5f:4f:01:1f:ce:61:2d:d4:18:d6:67:07:09:21:
9f:71:7c:34:65:60:cb:24:8b:bd:43:da:51:75:2f:
7f:55:b0:1c:c2:20:34:ab:46:ba:dd:fc:fa:54:74:
2b:3a:de:aa:0f:db:83:7d:8e:85:cf:ad:5a:d7:1d:
69:cf:6b:26:4c:89:9f:b1:e0:e1:fd:1a:c5:af:f0:
a2:d4:25:12:3a:b3:97:fb:08:b9:59:ac:93:a3:50:
d3:2d:00:c9:45:5b:fa:6a:db:26:06:f2:f5:30:70:
f3:0f:b8:26:f7:28:de:bf:23:49:d5:ed:51:1d:5d:
3a:0f:45:25:23:52:ec:61:27:82:74:fc:a8:07:7d:
dd:01:2f:d3:eb:21:7f:fe:8a:54:c4:0d:96:47:35:
de:9f:db:e2:3b:1c:51:d4:a0:a5:3a:23:63:f4:20:
c9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:F9:D2:16:AB:A9:90:48:F9:9D:72:E7:28:03:8A:70:CE:59:91:74
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/DD7CC94CE74611ECA4119587C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
5e:1e:4d:96:63:16:b6:9c:1f:53:91:a2:ca:95:c3:5c:16:cc:
2d:2d:07:e1:c7:03:f6:11:55:28:4c:70:c5:a6:88:1c:4a:c1:
72:08:cf:5f:ba:3d:1e:84:ef:84:42:8f:ff:98:75:a1:cb:1e:
7f:86:9b:81:06:1b:30:ef:2a:c2:11:5d:c8:ba:a8:c3:65:28:
a7:7c:dc:7c:83:23:21:43:ab:3a:d1:a8:8c:48:96:f2:37:ae:
28:46:fd:02:f4:c5:d9:ce:26:fc:3a:c1:7a:a2:1d:97:b1:30:
2b:17:56:e6:81:ee:a2:eb:ed:f0:e5:2f:1b:4b:4c:a6:52:7b:
31:42:dc:c6:b1:0f:26:a5:17:18:fb:ea:f6:b5:68:33:0d:02:
ad:4a:60:31:33:98:41:46:55:6c:7e:fa:25:f7:e0:b0:5a:f1:
3f:e3:4d:90:bd:73:3c:de:58:aa:52:cf:0d:af:e0:34:b2:62:
f2:ad:d9:8e:c1:5d:c9:dc:18:79:50:8a:0b:cf:83:05:0e:4e:
6e:99:16:55:34:e0:c4:c0:e9:e9:3a:0d:df:08:ce:09:e9:d2:
ee:0d:e5:de:2c:94:2f:0e:38:9d:e6:6d:c9:85:77:2e:87:08:
3a:0e:19:4a:41:51:b4:32:ed:f1:2a:73:0a:9f:64:09:5f:69:
cc:ac:6f:eb
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOyEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNjA5MDM1MDA4WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmExNmRmMC1lNDIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv1CCmbAoeYucLPQqgPJHhdkmbUSu6v5HJLtyaUGf/REKq+gm3tR+HqUf+rPm
Uybd3m4ijzNR5WEP51y1jL4BsToVLS7qZE5whdQ9/A6DcD1p0JWBMQDwzw3UX08B
H85hLdQY1mcHCSGfcXw0ZWDLJIu9Q9pRdS9/VbAcwiA0q0a63fz6VHQrOt6qD9uD
fY6Fz61a1x1pz2smTImfseDh/RrFr/Ci1CUSOrOX+wi5WayTo1DTLQDJRVv6atsm
BvL1MHDzD7gm9yjevyNJ1e1RHV06D0UlI1LsYSeCdPyoB33dAS/T6yF//opUxA2W
RzXen9viOxxR1KClOiNj9CDJpwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFIH50har
qZBI+Z1y5ygDinDOWZF0MB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvREQ3Q0M5NENF
NzQ2MTFFQ0E0MTE5NTg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAXh5NlmMWtpwfU5GiypXDXBbMLS0H4ccD9hFVKExwxaaIHErBcgjPX7o9
HoTvhEKP/5h1ocsef4abgQYbMO8qwhFdyLqow2Uop3zcfIMjIUOrOtGojEiW8jeu
KEb9AvTF2c4m/DrBeqIdl7EwKxdW5oHuouvt8OUvG0tMplJ7MULcxrEPJqUXGPvq
9rVoMw0CrUpgMTOYQUZVbH76JffgsFrxP+NNkL1zPN5YqlLPDa/gNLJi8q3ZjsFd
ydwYeVCKC8+DBQ5ObpkWVTTgxMDp6ToN3wjOCenS7g3l3iyULw44neZtyYV3LocI
Og4ZSkFRtDLt8SpzCp9kCV9pzKxv6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org