Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/03776A86A52911EC9D2DAE83C4F9AE02.roa
File: 03776A86A52911EC9D2DAE83C4F9AE02.roa (raw, json)
Hash identifier: 4O2FoDGaBOvMJGq3s4dbo+R73eFD5jzg4KDrK+auDog=
Subject key identifier: 5A:D0:2D:F9:46:0C:1D:69:58:0A:2E:EE:15:EC:5B:2B:E1:4F:66:88
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 381B
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/03776A86A52911EC9D2DAE83C4F9AE02.roa
Signing time: Wed 16 Mar 2022 13:00:11 +0000
ROA not before: Wed 16 Mar 2022 13:00:11 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14363 (0x381b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Mar 16 13:00:11 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=6231df5b-2ac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:56:89:d7:3e:8b:e1:0d:96:1d:aa:fe:e7:2e:
c1:be:53:66:1a:02:fc:85:5f:3f:f1:a1:c4:6c:b0:
bd:87:fb:3a:b8:2f:65:02:f9:a6:f2:d8:fe:e1:4c:
24:88:29:50:46:12:3a:aa:81:a1:8c:c0:94:7b:9c:
7c:fb:e6:f4:9c:7d:44:a1:7b:8f:50:83:e2:b0:ba:
cc:03:85:34:ec:e9:02:da:22:a8:d6:97:b2:e9:8e:
f9:82:94:2c:bb:36:e1:3a:ea:8d:9c:dd:93:f1:81:
22:c7:99:a3:01:e1:af:9a:a8:18:02:ea:46:b8:59:
f1:76:1c:d1:93:d7:29:ff:19:4a:7f:73:49:ec:e2:
c2:9a:d6:1a:bc:1b:78:82:22:24:43:cf:40:16:9c:
31:37:aa:d8:25:e9:97:a9:b0:12:ab:a2:aa:53:6a:
92:da:a9:e3:71:2e:d7:4a:a6:c2:90:0c:88:bb:04:
f5:bd:ff:ef:7e:3a:97:24:14:8f:9b:4e:b6:9e:0d:
53:88:30:3e:d4:e9:c8:bf:9b:a4:22:f4:ac:27:7e:
68:d8:19:61:74:f3:40:85:0e:0d:c0:f2:5e:47:ac:
7a:56:cf:f7:a7:a8:22:61:b8:e2:0a:e5:36:58:c0:
65:34:9b:62:e9:6c:c0:b4:0d:de:79:75:a0:51:bd:
20:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D0:2D:F9:46:0C:1D:69:58:0A:2E:EE:15:EC:5B:2B:E1:4F:66:88
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/03776A86A52911EC9D2DAE83C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/24
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
8a:7a:4a:bd:4b:5c:ec:5f:3a:c0:cc:ab:ec:c9:87:c7:f0:56:
e4:0b:35:61:ce:bc:e2:4d:ad:c9:09:8d:d6:cb:59:8b:c7:e1:
a5:90:4d:e5:d1:bd:27:cc:97:36:9c:4a:ed:20:32:2d:ad:3e:
6a:be:04:2e:bb:4d:18:0b:8b:8c:6b:3a:f7:eb:f6:bf:30:88:
7b:c8:59:17:ca:81:eb:c2:9e:92:a3:a5:25:cf:e2:a6:b6:a4:
7f:40:5a:01:57:8e:c6:5d:55:f3:37:bb:47:a7:e6:58:3f:77:
e0:6e:29:ee:8f:a9:9a:4c:cf:c4:68:05:13:e8:fc:60:ca:e5:
c9:15:51:41:35:10:14:8b:17:37:7c:b6:22:08:49:b7:56:a9:
b9:3e:83:30:2e:2b:91:4d:b5:35:cb:57:f4:2d:fb:cc:6e:aa:
1d:c8:64:59:cf:42:3b:55:36:66:f6:eb:33:15:88:c4:78:b4:
b7:17:01:3c:8a:e8:ac:3e:43:42:d1:90:7a:7f:a9:41:ba:27:
f9:3b:0d:64:9b:18:8e:68:dd:0e:bb:28:78:1f:b4:ed:e9:14:
11:17:f0:06:b3:f0:19:e6:13:db:9b:f9:0f:9c:99:4d:ee:67:
fe:49:0f:53:2d:75:5c:b6:08:1b:1d:59:b3:31:cd:d8:0c:96:
55:d3:2c:dc
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOBswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMzE2MTMwMDExWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjMxZGY1Yi0yYWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5laJ1z6L4Q2WHar+5y7BvlNmGgL8hV8/8aHEbLC9h/s6uC9lAvmm8tj+4Uwk
iClQRhI6qoGhjMCUe5x8++b0nH1EoXuPUIPisLrMA4U07OkC2iKo1pey6Y75gpQs
uzbhOuqNnN2T8YEix5mjAeGvmqgYAupGuFnxdhzRk9cp/xlKf3NJ7OLCmtYavBt4
giIkQ89AFpwxN6rYJemXqbASq6KqU2qS2qnjcS7XSqbCkAyIuwT1vf/vfjqXJBSP
m062ng1TiDA+1OnIv5ukIvSsJ35o2BlhdPNAhQ4NwPJeR6x6Vs/3p6giYbjiCuU2
WMBlNJti6WzAtA3eeXWgUb0gSwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFFrQLflG
DB1pWAou7hXsWyvhT2aIMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvMDM3NzZBODZB
NTI5MTFFQzlEMkRBRTgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAinpKvUtc7F86wMyr7MmHx/BW5As1Yc684k2tyQmN1stZi8fhpZBN5dG9
J8yXNpxK7SAyLa0+ar4ELrtNGAuLjGs69+v2vzCIe8hZF8qB68KekqOlJc/iprak
f0BaAVeOxl1V8ze7R6fmWD934G4p7o+pmkzPxGgFE+j8YMrlyRVRQTUQFIsXN3y2
IghJt1apuT6DMC4rkU21NctX9C37zG6qHchkWc9CO1U2ZvbrMxWIxHi0txcBPIro
rD5DQtGQen+pQbon+TsNZJsYjmjdDrsoeB+07ekUERfwBrPwGeYT25v5D5yZTe5n
/kkPUy11XLYIGx1ZszHN2AyWVdMs3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org