Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/16CDD4A2CC7611ECBCD2FF81C4F9AE02.roa
File: 16CDD4A2CC7611ECBCD2FF81C4F9AE02.roa (raw, json)
Hash identifier: SAHaS0HoWl7gO7UckeUM71fwbjaQhtEfIrD9mvLuBGA=
Subject key identifier: 61:F9:BF:22:F0:F6:DE:14:6D:F4:67:1A:A4:B5:D1:52:06:80:DC:FC
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 39CC
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/16CDD4A2CC7611ECBCD2FF81C4F9AE02.roa
Signing time: Thu 05 May 2022 13:20:10 +0000
ROA not before: Thu 05 May 2022 13:20:10 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14796 (0x39cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: May 5 13:20:10 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=6273cf0a-5f90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1a:94:0d:dc:99:a7:82:2e:64:51:72:8e:26:
5b:67:dc:c9:4c:ec:95:8c:55:49:18:0e:31:db:23:
c0:41:e1:b3:eb:68:11:9f:2a:3d:64:eb:9e:6e:9c:
d4:8f:bc:6c:c1:b3:ef:ac:6a:b6:63:4b:77:ca:39:
25:0a:4a:88:8a:8f:5f:8a:19:89:aa:3a:8d:9a:2b:
11:1c:a6:b7:90:05:83:c9:fb:43:1a:de:b8:5e:08:
f6:0b:13:ad:c2:a0:eb:e4:39:40:b7:1f:85:f8:f8:
c8:7f:db:55:f8:f3:d6:b7:bc:7d:ec:e9:0f:6b:c2:
5a:02:b2:12:67:db:ef:bb:cd:b0:8a:6b:ee:54:ba:
e6:d1:54:8f:04:24:d5:0e:a2:4c:f2:37:f0:89:e8:
23:e8:15:15:00:9c:65:04:aa:4e:33:36:14:50:a1:
7e:54:9f:80:03:9d:85:f9:82:d8:15:1e:87:70:10:
e0:b4:f4:eb:7b:e3:9b:01:14:86:f8:21:41:d1:c2:
79:1a:02:e4:eb:3a:eb:57:9d:b7:28:be:2c:c3:46:
9f:76:91:82:7a:58:c7:dc:3b:6b:5a:97:55:c9:22:
f2:76:7d:fc:75:ac:fa:11:6d:05:57:8c:67:51:42:
52:cd:b5:a7:c6:4d:1f:5b:99:96:a3:f3:6f:0d:b3:
92:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F9:BF:22:F0:F6:DE:14:6D:F4:67:1A:A4:B5:D1:52:06:80:DC:FC
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/16CDD4A2CC7611ECBCD2FF81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/48
Signature Algorithm: sha256WithRSAEncryption
8c:a8:d7:d1:31:64:79:6e:3d:72:8e:a4:61:4f:c6:de:11:83:
cc:2f:c8:f8:aa:2e:c2:12:76:3a:cf:0c:8d:fd:1d:81:f6:c7:
ff:73:fa:c1:8f:d8:a4:bb:d1:4a:37:c4:ed:7c:a1:a8:b5:c6:
bf:6c:3b:58:07:f6:0f:dc:77:ac:fd:da:b0:e8:16:d6:65:67:
c4:8a:13:94:6f:dc:53:e7:84:8e:f0:23:34:59:00:d9:d5:15:
d7:0a:e6:73:07:b9:e2:b0:9b:44:4a:64:13:97:bd:cf:65:9f:
d0:fe:06:96:43:6f:dc:44:77:5a:14:a8:e5:5b:d1:c7:1f:c2:
d6:a4:34:31:48:05:fd:d2:62:e6:65:a6:a4:f2:bd:75:0a:44:
af:05:12:d4:0c:7d:98:35:05:a5:1b:78:b1:c8:18:9a:9e:a9:
ca:19:67:91:53:e9:78:52:cd:53:36:b8:9b:07:d5:e6:61:38:
f4:38:9c:84:6a:79:af:25:07:30:9a:53:e1:15:65:5b:be:6a:
d4:a2:f2:be:3a:18:d6:78:39:f8:15:c6:d8:40:40:0d:23:ea:
30:96:41:5e:b2:6d:b3:16:88:7a:7c:ad:a4:48:71:f7:06:61:
1b:c9:53:0c:af:31:cc:e8:04:8a:e3:e9:05:37:72:9c:33:c7:
a6:5f:9c:6b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOcwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNTA1MTMyMDEwWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjczY2YwYS01ZjkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxRqUDdyZp4IuZFFyjiZbZ9zJTOyVjFVJGA4x2yPAQeGz62gRnyo9ZOuebpzU
j7xswbPvrGq2Y0t3yjklCkqIio9fihmJqjqNmisRHKa3kAWDyftDGt64Xgj2CxOt
wqDr5DlAtx+F+PjIf9tV+PPWt7x97OkPa8JaArISZ9vvu82wimvuVLrm0VSPBCTV
DqJM8jfwiegj6BUVAJxlBKpOMzYUUKF+VJ+AA52F+YLYFR6HcBDgtPTre+ObARSG
+CFB0cJ5GgLk6zrrV523KL4sw0afdpGCeljH3DtrWpdVySLydn38daz6EW0FV4xn
UUJSzbWnxk0fW5mWo/NvDbOSzwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFGH5vyLw
9t4UbfRnGqS10VIGgNz8MB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvMTZDREQ0QTJD
Qzc2MTFFQ0JDRDJGRjgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHACABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAjKjX0TFkeW49co6kYU/G3hGDzC/I+KouwhJ2Os8Mjf0dgfbH/3P6wY/Y
pLvRSjfE7XyhqLXGv2w7WAf2D9x3rP3asOgW1mVnxIoTlG/cU+eEjvAjNFkA2dUV
1wrmcwe54rCbREpkE5e9z2Wf0P4GlkNv3ER3WhSo5VvRxx/C1qQ0MUgF/dJi5mWm
pPK9dQpErwUS1Ax9mDUFpRt4scgYmp6pyhlnkVPpeFLNUza4mwfV5mE49DichGp5
ryUHMJpT4RVlW75q1KLyvjoY1ng5+BXG2EBADSPqMJZBXrJtsxaIenytpEhx9wZh
G8lTDK8xzOgEiuPpBTdynDPHpl+caw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org