Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/0EE146C490D111EC8C25C019C4F9AE02.roa
File: 0EE146C490D111EC8C25C019C4F9AE02.roa (raw, json)
Hash identifier: dOg0cwebtLC5W37j8qc4RFtjR1pHLmq0gRu3pKKfYPE=
Subject key identifier: 80:FC:98:AD:66:75:44:E7:86:21:42:C4:BD:3A:5B:D8:CB:11:9A:AF
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3705
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/0EE146C490D111EC8C25C019C4F9AE02.roa
Signing time: Sat 19 Feb 2022 05:40:09 +0000
ROA not before: Sat 19 Feb 2022 05:40:09 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14085 (0x3705)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Feb 19 05:40:09 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=621082b9-c7d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a7:a1:c8:d6:14:7a:da:a6:77:5e:6f:83:11:
40:ce:28:b1:d6:c5:16:d6:57:9c:6e:31:f9:aa:19:
57:e9:14:12:e0:35:08:a1:71:7b:c2:95:e5:8f:59:
f9:a0:45:e7:e8:73:1d:c4:5e:5a:9c:cf:92:8d:81:
74:bd:e5:87:49:0c:63:71:44:b5:6b:91:1e:47:22:
e3:b4:c6:7c:75:49:e0:c1:e8:53:8c:dc:6c:f8:93:
d2:67:f9:c0:fa:a5:93:14:84:54:01:25:1d:ab:7e:
2d:57:21:95:b8:5b:e5:32:f5:e0:ec:6c:04:ca:3a:
4c:53:63:a3:75:2c:bd:c3:c8:dd:42:2f:94:72:98:
83:e8:07:c4:c1:a3:13:c1:6b:a0:01:85:f0:f8:25:
27:58:af:c2:ea:e6:e9:8e:95:eb:1c:68:34:11:09:
2c:12:db:6e:15:9a:ac:54:89:db:fa:ea:43:7b:3c:
62:72:06:cc:fb:23:b0:e1:b1:83:e8:a7:10:d3:05:
e9:e5:9c:d2:1c:71:0b:3f:c2:c3:81:bd:2f:ce:a5:
41:d7:14:ad:f4:ba:b6:06:b2:23:a2:4c:35:4d:1f:
66:f6:ac:cd:f7:34:68:e5:53:42:bb:b5:54:7e:e8:
9c:37:6e:20:01:44:b0:3f:f4:dd:72:99:17:0c:e6:
fc:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:FC:98:AD:66:75:44:E7:86:21:42:C4:BD:3A:5B:D8:CB:11:9A:AF
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/0EE146C490D111EC8C25C019C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
40:b0:f4:4c:db:61:99:c3:fb:11:fd:1a:82:f5:a5:a4:04:25:
bc:04:84:20:6a:ce:ea:e4:b5:93:4c:5d:49:58:8c:6f:e3:04:
10:b0:a2:73:29:ad:39:94:07:63:73:5e:b8:06:fd:75:7c:23:
b4:32:08:7d:0e:c5:8f:bb:9e:14:3a:6a:7f:d8:c7:d1:81:b5:
70:7b:67:1e:db:df:7e:93:5b:55:c8:02:19:bd:af:d9:31:90:
7b:95:12:32:f9:65:80:5d:29:ce:45:f0:bb:88:f9:d5:66:f4:
fb:b9:82:28:a3:e5:f3:40:a8:8c:c8:0f:e9:f7:d4:43:3b:4b:
fb:3d:40:eb:d4:ff:55:4c:15:6e:29:d1:18:88:9d:8a:2e:c4:
43:d0:b0:e1:aa:78:34:ae:07:37:98:3a:d6:89:0e:f9:a7:01:
62:eb:8d:3d:2e:69:5c:21:f6:78:3d:47:17:c4:21:ee:07:16:
fa:e8:ba:36:58:78:2d:24:cf:c4:48:05:c9:23:b1:09:e5:cf:
69:d5:89:28:d9:a5:d9:3c:44:91:4f:12:c6:8a:3a:6f:b1:81:
86:77:74:8f:94:a9:78:b6:70:a4:fd:84:dc:a4:a4:a9:e6:41:
11:30:c7:22:c8:ba:d9:b6:f5:94:27:e9:48:2f:83:83:61:b0:
f3:78:3c:3c
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICNwUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMjE5MDU0MDA5WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjEwODJiOS1jN2QzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz6ehyNYUetqmd15vgxFAziix1sUW1lecbjH5qhlX6RQS4DUIoXF7wpXlj1n5
oEXn6HMdxF5anM+SjYF0veWHSQxjcUS1a5EeRyLjtMZ8dUngwehTjNxs+JPSZ/nA
+qWTFIRUASUdq34tVyGVuFvlMvXg7GwEyjpMU2OjdSy9w8jdQi+UcpiD6AfEwaMT
wWugAYXw+CUnWK/C6ubpjpXrHGg0EQksEttuFZqsVInb+upDezxicgbM+yOw4bGD
6KcQ0wXp5ZzSHHELP8LDgb0vzqVB1xSt9Lq2BrIjokw1TR9m9qzN9zRo5VNCu7VU
fuicN24gAUSwP/TdcpkXDOb8OQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFID8mK1m
dUTnhiFCxL06W9jLEZqvMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvMEVFMTQ2QzQ5
MEQxMTFFQzhDMjVDMDE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAQLD0TNthmcP7Ef0agvWlpAQlvASEIGrO6uS1k0xdSViMb+MEELCicymt
OZQHY3NeuAb9dXwjtDIIfQ7Fj7ueFDpqf9jH0YG1cHtnHtvffpNbVcgCGb2v2TGQ
e5USMvllgF0pzkXwu4j51Wb0+7mCKKPl80CojMgP6ffUQztL+z1A69T/VUwVbinR
GIidii7EQ9Cw4ap4NK4HN5g61okO+acBYuuNPS5pXCH2eD1HF8Qh7gcW+ui6Nlh4
LSTPxEgFySOxCeXPadWJKNml2TxEkU8Sxoo6b7GBhnd0j5SpeLZwpP2E3KSkqeZB
ETDHIsi62bb1lCfpSC+Dg2Gw83g8PA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org