Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/1C05553A8A9011ECAB91F420C4F9AE02.roa
File: 1C05553A8A9011ECAB91F420C4F9AE02.roa (raw, json)
Hash identifier: 90piw76tA95eDejL1KSZfZY08CtFvQTDpg49lDkzG8s=
Subject key identifier: 34:BA:85:12:E5:3C:9D:AC:25:EA:3E:6B:97:A5:A7:17:27:7E:95:77
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 36AC
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/1C05553A8A9011ECAB91F420C4F9AE02.roa
Signing time: Fri 11 Feb 2022 04:20:10 +0000
ROA not before: Fri 11 Feb 2022 04:20:10 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13996 (0x36ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Feb 11 04:20:10 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=6205e3f9-cdf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:52:f9:c4:76:8b:da:66:4b:e2:94:14:04:38:
be:10:1a:ac:c1:03:62:a3:f0:0d:c6:49:e9:07:08:
2c:ad:6b:21:84:29:8e:97:31:62:58:b8:c4:67:5b:
9e:2b:a1:5e:61:f6:a2:49:c0:c8:bb:a7:14:15:30:
48:44:c0:f9:ed:3b:55:8a:bb:8f:3a:9d:71:9c:4b:
c8:53:46:09:54:e7:a7:d5:b8:e6:3d:8d:d0:97:f4:
e8:f5:df:f8:12:b4:9b:be:79:8d:20:f7:38:0d:28:
9f:b7:9e:02:4b:14:31:2e:5f:bc:8d:66:fe:4d:5c:
2c:9d:f9:19:a5:f7:ca:64:8d:78:d9:aa:14:73:36:
fb:ba:1b:9b:73:19:23:dd:a1:1b:a9:af:58:32:79:
6e:2c:6a:4d:16:85:27:a2:6c:ea:8d:17:00:2f:72:
7b:f8:92:d9:8e:d1:7a:d5:c8:6a:7c:db:ac:8f:0a:
23:76:f2:c4:27:e9:e2:45:6e:c5:b7:85:d0:34:af:
df:84:f5:b1:08:74:d4:90:59:63:9c:3a:b0:4a:b6:
66:8b:56:b3:40:d0:c1:48:d3:38:e0:d5:4b:98:0b:
55:3a:b1:1b:ca:4e:b2:42:f2:11:d6:1d:b9:df:9c:
8f:35:2a:7c:88:b4:13:5d:82:47:20:bf:62:dc:50:
0e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:BA:85:12:E5:3C:9D:AC:25:EA:3E:6B:97:A5:A7:17:27:7E:95:77
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/1C05553A8A9011ECAB91F420C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
af:f5:23:b5:2a:a1:6d:27:4e:08:f7:06:b0:79:b7:6e:82:67:
ba:5f:ac:91:bc:af:23:2e:9d:68:a8:7e:97:79:7b:87:d7:74:
a4:23:56:36:3c:56:b9:e5:68:56:af:fd:83:4c:8a:b7:50:6f:
1f:71:81:ba:b1:5d:f2:27:9b:ed:e3:66:7f:fd:2e:77:c4:25:
f1:b0:42:fb:4b:8b:4d:d1:a4:1c:8d:ef:ba:18:05:fa:4e:d9:
f9:eb:c6:74:16:ad:46:e5:d6:d6:3e:03:7c:fb:02:99:96:6a:
b2:93:f8:2c:ec:00:6c:e7:b4:c5:07:63:4d:2d:40:64:7d:78:
db:b2:15:a9:e8:0c:e7:b0:ad:d9:47:7b:9d:22:0a:8c:10:02:
f5:bd:36:e1:5a:92:96:cc:1d:d4:50:e3:2a:cd:22:11:75:5f:
06:92:44:68:74:67:b1:a2:e0:cc:ef:ae:0d:06:7f:c2:07:40:
85:cb:9f:9d:16:4d:4c:f5:64:81:24:ef:33:e0:14:02:0b:ab:
60:45:e9:a6:91:cc:03:85:57:5d:59:2c:59:dc:5b:ff:fc:a5:
02:46:db:44:91:29:d8:02:20:e1:7b:28:ee:c9:2b:4d:c7:84:
ca:10:23:6f:fb:16:29:b7:8c:91:0f:f1:34:99:f0:90:e3:a4:
2b:f7:f3:32
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICNqwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMjExMDQyMDEwWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjA1ZTNmOS1jZGY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwlL5xHaL2mZL4pQUBDi+EBqswQNio/ANxknpBwgsrWshhCmOlzFiWLjEZ1ue
K6FeYfaiScDIu6cUFTBIRMD57TtViruPOp1xnEvIU0YJVOen1bjmPY3Ql/To9d/4
ErSbvnmNIPc4DSift54CSxQxLl+8jWb+TVwsnfkZpffKZI142aoUczb7uhubcxkj
3aEbqa9YMnluLGpNFoUnomzqjRcAL3J7+JLZjtF61chqfNusjwojdvLEJ+niRW7F
t4XQNK/fhPWxCHTUkFljnDqwSrZmi1azQNDBSNM44NVLmAtVOrEbyk6yQvIR1h25
35yPNSp8iLQTXYJHIL9i3FAOCQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDS6hRLl
PJ2sJeo+a5elpxcnfpV3MB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvMUMwNTU1M0E4
QTkwMTFFQ0FCOTFGNDIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAr/UjtSqhbSdOCPcGsHm3boJnul+skbyvIy6daKh+l3l7h9d0pCNWNjxW
ueVoVq/9g0yKt1BvH3GBurFd8ieb7eNmf/0ud8Ql8bBC+0uLTdGkHI3vuhgF+k7Z
+evGdBatRuXW1j4DfPsCmZZqspP4LOwAbOe0xQdjTS1AZH1427IVqegM57Ct2Ud7
nSIKjBAC9b024VqSlswd1FDjKs0iEXVfBpJEaHRnsaLgzO+uDQZ/wgdAhcufnRZN
TPVkgSTvM+AUAgurYEXpppHMA4VXXVksWdxb//ylAkbbRJEp2AIg4Xso7skrTceE
yhAjb/sWKbeMkQ/xNJnwkOOkK/fzMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org