Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/11F2430ED52D11ECA2F31A54C4F9AE02.roa
File: 11F2430ED52D11ECA2F31A54C4F9AE02.roa (raw, json)
Hash identifier: K0TuVVY5d1nkPJmJFsqT7Q9uxhTa4PBHT6tFc539sE8=
Subject key identifier: 1D:F2:7A:CA:4D:4F:81:57:AA:C8:45:79:6E:08:C4:E8:E9:4A:EB:4C
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3A55
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/11F2430ED52D11ECA2F31A54C4F9AE02.roa
Signing time: Tue 17 May 2022 03:30:10 +0000
ROA not before: Tue 17 May 2022 03:30:09 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14933 (0x3a55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: May 17 03:30:09 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=628316c1-b327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ad:a6:fa:13:63:c2:c5:a0:e0:ed:5b:82:1a:
32:d6:fa:ca:e0:fa:06:4d:93:72:bc:32:f3:2f:85:
5a:70:df:a2:2b:5d:19:4f:2c:45:6a:78:6d:b3:7e:
18:86:65:cc:f1:35:c0:d9:f2:41:10:08:ba:7c:97:
1e:0d:f9:95:19:13:b3:05:52:99:f3:ac:30:d8:0b:
46:cb:9c:85:01:79:ff:4c:45:4e:eb:5f:5c:e2:73:
da:0a:16:8b:c1:9f:55:b1:44:00:42:f9:44:16:6d:
1d:d3:bf:4d:d1:05:df:2c:0e:69:3e:98:ac:fe:81:
d4:7f:ef:af:13:8d:3e:20:4f:4d:9f:39:f6:37:f4:
ff:8f:07:94:4c:78:cb:f1:55:d6:37:78:8c:62:9d:
49:a8:0f:2c:0a:fe:1f:02:82:a5:ff:2e:6b:72:58:
c0:3e:6b:b3:1f:c4:f4:1a:06:f9:de:8b:b8:d3:25:
9f:ad:69:85:da:41:f1:93:c2:e6:dd:3a:63:55:94:
39:6e:fc:e8:55:e6:93:e0:f8:7a:a5:a5:3f:8b:6a:
97:2c:aa:fd:11:bf:be:92:b7:d1:bf:62:87:3d:32:
5e:34:4d:23:38:84:5c:b9:ef:67:51:2a:2b:4a:09:
be:29:0b:8d:1a:a7:2d:4f:1b:73:69:f9:26:f6:bf:
32:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:F2:7A:CA:4D:4F:81:57:AA:C8:45:79:6E:08:C4:E8:E9:4A:EB:4C
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/11F2430ED52D11ECA2F31A54C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
7f:75:b7:2a:55:b4:1c:a9:13:fc:16:6e:84:2d:3f:0c:21:9d:
f5:14:7b:97:6f:30:46:65:a6:59:66:8a:da:1f:e0:75:c1:92:
30:2e:fd:96:f0:3f:df:15:61:ec:ae:08:ec:3a:31:ad:7a:4a:
b3:7a:bc:b3:1e:c9:f2:57:40:2b:4c:83:1c:05:59:73:f5:d6:
9c:5e:1c:03:ea:f3:4d:b3:94:94:eb:5a:78:4d:0b:73:d1:79:
70:30:19:00:f9:d2:2f:2f:f9:c7:46:e4:58:9e:53:8a:de:03:
15:dd:03:b1:9e:e5:86:0e:bc:1c:c9:0f:48:7e:5e:86:71:60:
cf:e1:79:18:d1:9b:cf:d2:ae:7e:66:e2:ce:c7:e3:b2:01:bc:
5c:2a:30:96:90:02:d5:3d:1e:99:8a:75:bd:15:54:26:e4:40:
01:0e:c7:fe:e7:b1:60:d0:65:5d:78:a5:38:dd:5e:e7:cd:71:
0f:b6:9b:0d:c8:a8:e4:ff:f4:8b:4b:be:9a:f6:a5:eb:2d:16:
b9:a4:88:8e:2b:c7:c8:ad:05:45:28:d9:e2:d8:3d:a0:11:ed:
f0:c7:62:80:76:1a:0f:c1:af:93:65:df:88:00:fd:e3:74:0a:
9b:eb:7b:fb:6f:2e:a9:2e:3c:dd:8e:65:e5:d1:3b:d7:d9:e9:
f8:a5:c8:1e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOlUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNTE3MDMzMDA5WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgzMTZjMS1iMzI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArK2m+hNjwsWg4O1bghoy1vrK4PoGTZNyvDLzL4VacN+iK10ZTyxFanhts34Y
hmXM8TXA2fJBEAi6fJceDfmVGROzBVKZ86ww2AtGy5yFAXn/TEVO619c4nPaChaL
wZ9VsUQAQvlEFm0d079N0QXfLA5pPpis/oHUf++vE40+IE9Nnzn2N/T/jweUTHjL
8VXWN3iMYp1JqA8sCv4fAoKl/y5rcljAPmuzH8T0Ggb53ou40yWfrWmF2kHxk8Lm
3TpjVZQ5bvzoVeaT4Ph6paU/i2qXLKr9Eb++krfRv2KHPTJeNE0jOIRcue9nUSor
Sgm+KQuNGqctTxtzafkm9r8yVwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFB3yespN
T4FXqshFeW4IxOjpSutMMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvMTFGMjQzMEVE
NTJEMTFFQ0EyRjMxQTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAf3W3KlW0HKkT/BZuhC0/DCGd9RR7l28wRmWmWWaK2h/gdcGSMC79lvA/
3xVh7K4I7DoxrXpKs3q8sx7J8ldAK0yDHAVZc/XWnF4cA+rzTbOUlOtaeE0Lc9F5
cDAZAPnSLy/5x0bkWJ5Tit4DFd0DsZ7lhg68HMkPSH5ehnFgz+F5GNGbz9Kufmbi
zsfjsgG8XCowlpAC1T0emYp1vRVUJuRAAQ7H/uexYNBlXXilON1e581xD7abDcio
5P/0i0u+mval6y0WuaSIjivHyK0FRSjZ4tg9oBHt8MdigHYaD8Gvk2XfiAD943QK
m+t7+28uqS483Y5l5dE719np+KXIHg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org