Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/080AC7B4A3AD11EC9FE41686C4F9AE02.roa
File: 080AC7B4A3AD11EC9FE41686C4F9AE02.roa (raw, json)
Hash identifier: 3f4UYMge3S7SxKbs0uupe6wQNpOt7U6WIJAgxxg7K4o=
Subject key identifier: 8B:6B:E7:55:92:9A:F1:AB:50:78:C2:3C:FD:A0:EE:17:3B:DC:E1:04
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 380D
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/080AC7B4A3AD11EC9FE41686C4F9AE02.roa
Signing time: Tue 15 Mar 2022 01:20:09 +0000
ROA not before: Tue 15 Mar 2022 01:20:09 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14349 (0x380d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Mar 15 01:20:09 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=622fe9c8-151d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f0:59:0e:04:f1:dc:da:6b:4f:70:7c:60:b0:
ca:89:eb:bf:65:85:42:e5:1b:f3:90:0c:a1:0e:56:
82:dc:83:6b:49:2a:f9:24:43:7f:7d:82:8a:dd:2a:
78:1e:10:ea:7b:78:10:e1:8b:32:85:d9:6d:23:70:
8e:86:60:67:b0:cd:e6:ab:27:47:93:ba:31:aa:e7:
5a:1f:3e:d4:4f:23:c2:b9:8c:f0:35:18:f0:1b:75:
f8:56:0c:eb:62:63:68:bc:46:a0:cd:bc:64:65:ba:
f7:7e:d2:cd:f6:b8:a5:56:30:3c:96:94:7d:00:38:
bd:50:b3:f7:35:cf:2f:f7:b6:75:63:7a:4f:59:83:
ba:bf:d3:79:09:aa:1a:7d:c0:31:62:45:2c:01:64:
14:8e:cd:fa:2d:31:80:7e:b5:84:32:34:02:fc:d2:
9a:c3:51:51:2f:71:5c:bb:f4:3d:4a:68:13:51:79:
90:a9:e4:32:9e:53:52:f1:64:c3:87:52:6d:3e:59:
04:37:0a:3c:85:62:c5:ca:21:8f:8a:2b:db:cd:39:
a7:8f:2d:9e:63:68:c3:4f:e7:6c:5a:90:30:18:52:
c4:d7:20:0a:ae:ed:3c:87:01:bb:e7:c0:1e:36:36:
d8:4c:73:57:4a:52:e2:32:27:ba:86:6e:3f:f4:c6:
e5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:6B:E7:55:92:9A:F1:AB:50:78:C2:3C:FD:A0:EE:17:3B:DC:E1:04
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/080AC7B4A3AD11EC9FE41686C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/24
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
06:90:dc:ff:51:59:3c:20:b0:7b:7d:41:02:88:ae:58:3b:0b:
57:66:60:9f:ee:7b:11:a5:0a:7d:c3:cf:5f:dd:68:7d:8a:6a:
90:f2:00:a3:4a:9e:59:d9:17:60:4a:c1:27:61:bc:b4:bc:66:
93:65:77:6c:51:89:49:aa:f2:b4:23:9e:a2:0b:e7:e5:3b:2a:
15:c1:72:cc:97:fc:60:05:da:8d:e5:94:48:4b:5c:ac:f9:8e:
2e:2b:f0:42:e2:6f:0d:83:68:76:a2:17:1e:7e:53:51:8f:3d:
83:35:32:81:38:33:0a:ed:a5:4c:a6:c5:51:59:0e:5f:9f:51:
52:95:6a:42:d4:95:32:0c:02:2c:be:60:8d:7a:b7:3a:6d:b7:
62:77:6f:95:cd:45:a0:31:0b:20:20:c0:b4:69:0f:b9:43:3b:
7e:53:6b:73:7f:d1:46:4f:c8:04:eb:78:ca:1f:f4:8b:98:a4:
d9:48:59:59:6b:e6:7a:30:92:83:08:ed:b5:64:9b:56:71:38:
57:5c:63:7e:93:c0:65:29:69:b6:9d:86:f8:ed:ad:53:0a:c6:
4d:9e:82:35:9c:1c:53:59:29:ac:22:22:be:42:d8:3a:21:c8:
a2:57:bb:0e:c5:26:74:1a:fe:8d:d8:55:2b:b8:5f:69:db:81:
b5:25:c1:63
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOA0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMzE1MDEyMDA5WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjJmZTljOC0xNTFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy/BZDgTx3NprT3B8YLDKieu/ZYVC5RvzkAyhDlaC3INrSSr5JEN/fYKK3Sp4
HhDqe3gQ4YsyhdltI3COhmBnsM3mqydHk7oxqudaHz7UTyPCuYzwNRjwG3X4Vgzr
YmNovEagzbxkZbr3ftLN9rilVjA8lpR9ADi9ULP3Nc8v97Z1Y3pPWYO6v9N5Caoa
fcAxYkUsAWQUjs36LTGAfrWEMjQC/NKaw1FRL3Fcu/Q9SmgTUXmQqeQynlNS8WTD
h1JtPlkENwo8hWLFyiGPiivbzTmnjy2eY2jDT+dsWpAwGFLE1yAKru08hwG758Ae
NjbYTHNXSlLiMie6hm4/9MblTQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFItr51WS
mvGrUHjCPP2g7hc73OEEMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvMDgwQUM3QjRB
M0FEMTFFQzlGRTQxNjg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEABpDc/1FZPCCwe31BAoiuWDsLV2Zgn+57EaUKfcPPX91ofYpqkPIAo0qe
WdkXYErBJ2G8tLxmk2V3bFGJSarytCOeogvn5TsqFcFyzJf8YAXajeWUSEtcrPmO
LivwQuJvDYNodqIXHn5TUY89gzUygTgzCu2lTKbFUVkOX59RUpVqQtSVMgwCLL5g
jXq3Om23Yndvlc1FoDELICDAtGkPuUM7flNrc3/RRk/IBOt4yh/0i5ik2UhZWWvm
ejCSgwjttWSbVnE4V1xjfpPAZSlptp2G+O2tUwrGTZ6CNZwcU1kprCIivkLYOiHI
ole7DsUmdBr+jdhVK7hfaduBtSXBYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org