Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/1B01F278587711EDA7F9CA29C4F9AE02.roa
File: 1B01F278587711EDA7F9CA29C4F9AE02.roa (raw, json)
Hash identifier: Gevnnn6yFCjlWUpjW3gcCfYdeaEhNRb2EurG9Liz4ts=
Subject key identifier: E4:0D:3A:19:C9:38:31:3F:05:0E:EC:6F:2B:5B:5D:97:8D:14:76:A1
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3D4B
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/1B01F278587711EDA7F9CA29C4F9AE02.roa
Signing time: Mon 31 Oct 2022 05:00:09 +0000
ROA not before: Mon 31 Oct 2022 05:00:09 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15691 (0x3d4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Oct 31 05:00:09 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=635f5659-b4ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d2:ce:be:36:65:59:c6:2d:c4:4d:1b:ab:fe:
8a:5b:99:9f:14:2c:7e:1e:d4:6e:94:16:f2:ea:59:
73:2a:6a:6a:9b:1d:05:4b:34:4a:f6:e2:73:48:a1:
ac:bb:27:4e:a2:b9:ab:ea:6d:15:42:38:26:f5:6e:
8b:74:2e:4b:8b:82:67:c4:8a:3b:2a:dd:0f:a8:b0:
3f:c3:11:bd:c6:80:46:7c:04:2e:62:27:0a:4b:fb:
86:88:f3:84:91:78:27:94:b1:91:95:68:72:e8:7a:
fe:f4:07:75:5b:01:07:e7:c8:62:28:42:75:4b:39:
b7:0b:9c:5c:dc:16:a9:e9:0d:a6:1b:f6:c1:44:38:
20:8d:9f:6f:e2:91:5d:3b:74:66:c5:06:83:2b:c0:
50:e3:6b:bb:fa:69:2d:ca:12:ad:30:16:31:0e:cd:
ed:96:cb:8b:f6:c0:6d:f7:6a:0c:13:f9:83:03:71:
df:07:2d:46:73:f5:4d:7a:bc:12:f0:9d:cb:54:16:
8a:4b:79:3d:57:90:5f:3c:4f:40:53:6a:d2:b0:1b:
71:eb:41:1e:93:ae:15:46:8b:8c:08:d8:33:0d:3c:
a0:2c:97:f2:26:d1:d7:9b:64:0e:b4:30:8d:e8:f5:
7d:0d:3b:83:20:8c:53:87:16:3f:44:23:d7:16:12:
8f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:0D:3A:19:C9:38:31:3F:05:0E:EC:6F:2B:5B:5D:97:8D:14:76:A1
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/1B01F278587711EDA7F9CA29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
34:bd:47:3f:1b:ca:a7:4e:48:40:12:2c:f9:3a:ac:53:38:b0:
e0:6c:7d:f9:5c:a5:42:20:5a:22:8c:e1:ef:33:bb:f9:b7:09:
14:4c:32:4e:40:58:e0:21:00:7a:dd:a6:cc:08:2d:55:1d:9a:
41:a7:c4:61:ce:d9:0a:82:3f:2b:1a:cc:d1:71:4e:41:da:23:
83:d0:c6:62:54:31:fb:3d:df:60:5c:aa:3e:23:29:14:f5:ca:
f4:25:3a:c1:5d:fd:62:c6:17:ac:a8:a2:20:60:ba:14:93:28:
2c:78:8a:10:84:c7:ad:65:c7:c4:bb:85:49:78:e5:72:4b:6b:
a8:0f:bf:a1:99:a1:78:4b:e3:35:c5:d0:ba:2e:1c:77:d8:b9:
6f:f5:0f:85:10:22:87:ff:ba:6c:ba:35:5b:dc:3e:3a:69:d0:
24:98:38:66:bb:c4:62:c1:b1:39:0d:64:8f:4b:fe:2a:2c:c2:
ea:50:55:99:89:9c:8e:4d:b8:d8:da:ba:c6:f6:c9:5f:53:58:
ad:e3:d1:89:ad:ce:33:c8:b5:d5:8d:a6:1c:16:a5:39:ea:69:
e1:93:a9:14:87:08:94:99:f1:8d:a5:5e:39:9b:4c:e9:52:26:
c3:ad:b7:c4:02:c1:e3:26:e0:56:55:42:86:a3:41:29:2c:02:
50:42:13:37
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICPUswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIxMDMxMDUwMDA5WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzVmNTY1OS1iNGJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmNLOvjZlWcYtxE0bq/6KW5mfFCx+HtRulBby6llzKmpqmx0FSzRK9uJzSKGs
uydOormr6m0VQjgm9W6LdC5Li4JnxIo7Kt0PqLA/wxG9xoBGfAQuYicKS/uGiPOE
kXgnlLGRlWhy6Hr+9Ad1WwEH58hiKEJ1Szm3C5xc3Bap6Q2mG/bBRDggjZ9v4pFd
O3RmxQaDK8BQ42u7+mktyhKtMBYxDs3tlsuL9sBt92oME/mDA3HfBy1Gc/VNerwS
8J3LVBaKS3k9V5BfPE9AU2rSsBtx60Eek64VRouMCNgzDTygLJfyJtHXm2QOtDCN
6PV9DTuDIIxThxY/RCPXFhKPUwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFOQNOhnJ
ODE/BQ7sbytbXZeNFHahMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvMUIwMUYyNzg1
ODc3MTFFREE3RjlDQTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEANL1HPxvKp05IQBIs+TqsUziw4Gx9+VylQiBaIozh7zO7+bcJFEwyTkBY
4CEAet2mzAgtVR2aQafEYc7ZCoI/KxrM0XFOQdojg9DGYlQx+z3fYFyqPiMpFPXK
9CU6wV39YsYXrKiiIGC6FJMoLHiKEITHrWXHxLuFSXjlcktrqA+/oZmheEvjNcXQ
ui4cd9i5b/UPhRAih/+6bLo1W9w+OmnQJJg4ZrvEYsGxOQ1kj0v+KizC6lBVmYmc
jk242Nq6xvbJX1NYrePRia3OM8i11Y2mHBalOepp4ZOpFIcIlJnxjaVeOZtM6VIm
w623xALB4ybgVlVChqNBKSwCUEITNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org