Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/F6765298B35B11EC937CA07AC4F9AE02.roa
File: F6765298B35B11EC937CA07AC4F9AE02.roa (raw, json)
Hash identifier: /FHRb24r8C0IlvOqL9AJIze7bcafoo2aPssrd64tpVE=
Subject key identifier: EE:9E:66:58:38:4A:0A:FE:B0:D2:19:47:60:E9:F8:45:60:60:B8:35
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3857
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/F6765298B35B11EC937CA07AC4F9AE02.roa
Signing time: Mon 04 Apr 2022 05:40:08 +0000
ROA not before: Mon 04 Apr 2022 05:40:08 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14423 (0x3857)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Apr 4 05:40:08 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=624a84b8-c8e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:f5:a8:35:cb:31:0d:75:86:1d:43:ee:98:6e:
3d:c4:f1:fd:fe:27:3c:de:f4:04:97:6a:c6:52:90:
51:24:34:fd:ce:a5:82:56:9c:be:1a:0b:e4:5b:49:
81:aa:92:8d:9b:c2:a6:35:22:e0:c7:21:1b:fd:17:
c8:83:f5:32:8f:12:22:6f:3e:c3:30:e6:55:ea:2a:
8a:05:19:ea:96:e7:7b:b0:dd:48:6d:a2:08:b8:4a:
50:f8:9a:06:02:b9:10:82:22:c8:ad:fe:b5:be:92:
9f:51:36:a0:a5:64:7d:0e:14:7d:77:71:9e:a0:1f:
21:9e:e7:03:9f:ee:6a:d8:33:7d:5a:2b:8c:c7:cb:
94:b3:d5:21:67:c4:72:6f:f2:f8:de:41:e1:c9:62:
c0:c4:5a:8f:dd:6f:0f:41:94:83:e4:e4:31:cf:f5:
7c:24:83:f2:a7:9d:ca:fb:a0:dc:ce:c4:e2:aa:bf:
87:5a:55:1c:5a:3a:d6:12:be:1b:52:29:93:2e:36:
65:c9:36:81:ac:67:04:e1:3d:cb:4f:67:25:66:02:
a5:b0:f0:c2:fc:8d:71:e7:ac:95:d2:e9:19:74:21:
1a:e4:4d:05:db:0d:26:f4:00:e6:50:66:f4:a0:31:
8d:7e:64:c4:4b:8b:cf:c6:de:36:37:4c:4d:c7:d1:
bd:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:9E:66:58:38:4A:0A:FE:B0:D2:19:47:60:E9:F8:45:60:60:B8:35
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/F6765298B35B11EC937CA07AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
27:d9:26:0d:9a:b8:40:d1:ae:06:c8:10:ed:94:8b:af:6f:b5:
fe:d9:b1:b3:62:a1:41:b0:9d:fc:7b:3f:b0:0d:20:8a:c1:db:
17:2a:78:66:5b:ab:d1:c6:69:89:3b:5f:9f:10:b6:31:4d:c0:
ce:a4:7b:9d:42:ed:7f:e1:79:25:f3:63:74:37:31:81:ce:50:
01:03:89:59:a4:58:04:c7:5e:d9:6f:23:11:64:4d:91:05:9c:
68:a4:92:01:86:cb:8c:36:77:f9:42:26:38:92:59:9b:fc:ed:
70:ee:05:ab:31:15:18:aa:5c:7b:2f:0f:ef:8a:5b:32:0c:e0:
76:c4:5f:aa:10:00:00:c5:9f:62:23:a3:bc:aa:b8:18:7a:28:
fd:f4:04:56:88:8d:b1:3b:6c:25:81:a1:f1:11:34:aa:da:1a:
d5:65:8c:bf:14:85:90:f9:0d:ef:a6:e3:ea:c6:29:5a:ad:57:
87:78:fb:f4:68:ac:c0:aa:00:d8:24:9d:7b:5b:56:89:a3:5a:
f2:e4:77:9c:14:1d:8d:44:46:db:cc:3e:1c:61:09:92:0c:af:
87:70:70:55:e7:7a:0d:db:8e:61:28:da:9b:c4:ec:4c:d3:6b:
48:97:5f:0d:1a:0f:00:0a:d6:cf:ed:6a:f4:46:fb:5e:43:41:
27:44:d0:45
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOFcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNDA0MDU0MDA4WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjRhODRiOC1jOGUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9/WoNcsxDXWGHUPumG49xPH9/ic83vQEl2rGUpBRJDT9zqWCVpy+GgvkW0mB
qpKNm8KmNSLgxyEb/RfIg/UyjxIibz7DMOZV6iqKBRnqlud7sN1IbaIIuEpQ+JoG
ArkQgiLIrf61vpKfUTagpWR9DhR9d3GeoB8hnucDn+5q2DN9WiuMx8uUs9UhZ8Ry
b/L43kHhyWLAxFqP3W8PQZSD5OQxz/V8JIPyp53K+6DczsTiqr+HWlUcWjrWEr4b
UimTLjZlyTaBrGcE4T3LT2clZgKlsPDC/I1x56yV0ukZdCEa5E0F2w0m9ADmUGb0
oDGNfmTES4vPxt42N0xNx9G9kwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFO6eZlg4
Sgr+sNIZR2Dp+EVgYLg1MB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvRjY3NjUyOThC
MzVCMTFFQzkzN0NBMDdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAJ9kmDZq4QNGuBsgQ7ZSLr2+1/tmxs2KhQbCd/Hs/sA0gisHbFyp4Zlur
0cZpiTtfnxC2MU3AzqR7nULtf+F5JfNjdDcxgc5QAQOJWaRYBMde2W8jEWRNkQWc
aKSSAYbLjDZ3+UImOJJZm/ztcO4FqzEVGKpcey8P74pbMgzgdsRfqhAAAMWfYiOj
vKq4GHoo/fQEVoiNsTtsJYGh8RE0qtoa1WWMvxSFkPkN76bj6sYpWq1Xh3j79Gis
wKoA2CSde1tWiaNa8uR3nBQdjURG28w+HGEJkgyvh3BwVed6DduOYSjam8TsTNNr
SJdfDRoPAArWz+1q9Eb7XkNBJ0TQRQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org