Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/17496C2EA39111EC9F103085C4F9AE02.roa
File: 17496C2EA39111EC9F103085C4F9AE02.roa (raw, json)
Hash identifier: qvENP0X1zBQOneQKJ91C3wz+I9Jvc/DoHlbejRAs4D4=
Subject key identifier: E3:1B:3D:7D:12:1C:91:E1:4F:13:3C:C4:D3:7B:5B:BB:55:90:8F:3D
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3808
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/17496C2EA39111EC9F103085C4F9AE02.roa
Signing time: Mon 14 Mar 2022 12:20:10 +0000
ROA not before: Mon 14 Mar 2022 12:20:10 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14344 (0x3808)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Mar 14 12:20:10 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=622f32fa-41c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:3b:98:2b:d2:d2:7e:74:70:9f:de:d3:c4:d1:
b2:e1:b7:b8:97:0b:22:bd:91:63:1e:45:5b:01:b1:
e7:a5:ac:8d:24:c4:04:fe:e7:39:ea:8d:35:3a:81:
0b:9b:44:57:cd:e3:01:a3:5c:0e:0b:f0:42:cf:10:
a8:ff:c8:d5:4b:9e:18:79:55:60:e1:8e:a0:e2:eb:
2f:5b:49:7b:ef:ea:ed:98:47:3e:c8:22:fc:75:7b:
1a:cf:3a:78:48:48:8b:ea:86:6f:23:31:10:ac:77:
75:7b:ec:64:05:15:77:9a:15:78:2e:e3:e8:b2:2c:
ff:e0:e8:33:40:f5:b6:58:29:c0:e6:18:94:14:40:
69:cf:f9:4e:cf:bb:32:a8:e7:08:3b:a8:86:29:02:
b2:fa:3e:ab:71:b2:1b:a0:6d:fd:11:a8:94:bd:ee:
0b:0b:24:d3:93:f8:1c:9e:b3:79:a2:66:fe:ca:94:
f8:03:c0:56:b8:75:6c:02:5c:c4:3f:b0:fc:c4:64:
07:45:44:45:a1:16:7c:3f:3f:7b:c7:8f:3b:03:67:
92:8c:cf:a4:2c:d5:00:75:0e:61:d2:f9:45:b4:10:
f1:f9:c4:8d:6f:8e:3b:53:6b:01:81:70:50:af:63:
3a:3a:c0:7b:63:c2:ab:ba:67:2c:43:56:6c:bc:c5:
8d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:1B:3D:7D:12:1C:91:E1:4F:13:3C:C4:D3:7B:5B:BB:55:90:8F:3D
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/17496C2EA39111EC9F103085C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/48
Signature Algorithm: sha256WithRSAEncryption
2b:bc:3f:cc:5a:e6:0c:ea:32:f2:e4:8c:d6:40:90:ed:bc:e6:
62:aa:33:07:c2:a3:da:97:23:50:59:a5:81:c5:ae:fc:fb:db:
5e:b1:ba:1c:27:34:11:c8:e2:49:a1:76:af:11:0d:11:c4:8e:
fb:f0:2b:0f:8c:9b:c8:c2:bb:19:62:40:3c:3e:0c:13:3a:bb:
05:94:d6:7d:02:c1:68:99:0d:db:1e:be:18:cf:ae:68:61:87:
1c:1b:68:26:ad:8b:30:5c:ac:85:12:1e:dd:01:6a:32:4e:4e:
a1:a9:17:01:ac:3b:81:13:e1:1f:78:1c:33:f6:69:32:88:89:
a2:03:5e:15:8c:f6:35:a6:79:df:71:8a:63:92:c0:45:da:0b:
6f:ca:ff:e6:10:27:73:67:fa:45:09:67:92:f8:06:10:57:a6:
4d:86:61:14:64:a8:67:42:fe:bf:0c:34:45:b9:32:33:33:08:
8d:6d:67:56:04:66:83:d1:fb:eb:57:50:96:c9:75:2e:e5:b5:
32:22:46:21:fa:10:03:13:d8:7a:7a:e2:a5:60:45:9b:e2:bf:
c6:6a:76:7c:3b:b4:17:9a:e9:fc:da:0b:0b:5e:a9:32:86:98:
33:c8:6b:9c:cf:e9:3b:98:08:bd:ce:32:0d:c7:88:d0:11:1b:
0d:bc:47:ba
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOAgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMzE0MTIyMDEwWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjJmMzJmYS00MWMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7DuYK9LSfnRwn97TxNGy4be4lwsivZFjHkVbAbHnpayNJMQE/uc56o01OoEL
m0RXzeMBo1wOC/BCzxCo/8jVS54YeVVg4Y6g4usvW0l77+rtmEc+yCL8dXsazzp4
SEiL6oZvIzEQrHd1e+xkBRV3mhV4LuPosiz/4OgzQPW2WCnA5hiUFEBpz/lOz7sy
qOcIO6iGKQKy+j6rcbIboG39EaiUve4LCyTTk/gcnrN5omb+ypT4A8BWuHVsAlzE
P7D8xGQHRURFoRZ8Pz97x487A2eSjM+kLNUAdQ5h0vlFtBDx+cSNb447U2sBgXBQ
r2M6OsB7Y8KrumcsQ1ZsvMWNFwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFOMbPX0S
HJHhTxM8xNN7W7tVkI89MB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvMTc0OTZDMkVB
MzkxMTFFQzlGMTAzMDg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHACABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAK7w/zFrmDOoy8uSM1kCQ7bzmYqozB8Kj2pcjUFmlgcWu/PvbXrG6HCc0
EcjiSaF2rxENEcSO+/ArD4ybyMK7GWJAPD4MEzq7BZTWfQLBaJkN2x6+GM+uaGGH
HBtoJq2LMFyshRIe3QFqMk5OoakXAaw7gRPhH3gcM/ZpMoiJogNeFYz2NaZ533GK
Y5LARdoLb8r/5hAnc2f6RQlnkvgGEFemTYZhFGSoZ0L+vww0RbkyMzMIjW1nVgRm
g9H761dQlsl1LuW1MiJGIfoQAxPYenripWBFm+K/xmp2fDu0F5rp/NoLC16pMoaY
M8hrnM/pO5gIvc4yDceI0BEbDbxHug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org