Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/1D591F5C4B1011ED97C5BE29C4F9AE02.roa
File: 1D591F5C4B1011ED97C5BE29C4F9AE02.roa (raw, json)
Hash identifier: RPkaKTYQglgPEKV2zkkOcwornfPZq10FNbiZjg9EeAM=
Subject key identifier: B4:53:73:53:51:D1:71:32:FE:56:52:F7:53:EA:6E:6B:C8:B4:75:5E
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3C9C
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/1D591F5C4B1011ED97C5BE29C4F9AE02.roa
Signing time: Fri 14 Oct 2022 05:40:08 +0000
ROA not before: Fri 14 Oct 2022 05:40:08 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15516 (0x3c9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Oct 14 05:40:08 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=6348f638-dbe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d9:83:e1:7e:cc:ca:0c:43:51:e4:ea:99:16:
9b:16:1a:72:cb:e1:1d:a0:78:0e:fd:24:53:d7:f0:
a3:b1:0c:b1:f6:8a:17:05:c4:87:54:92:37:b6:9f:
54:2d:05:04:f5:17:21:c7:6a:61:d2:cc:15:dc:db:
6f:bd:de:f4:7a:cc:6f:1d:a4:70:df:9a:f9:4b:3c:
b8:e5:8d:57:bf:02:86:f0:bf:2e:25:b6:b7:20:f3:
ff:ff:e8:b3:76:62:af:5d:a1:94:8b:1f:e3:27:da:
b9:f8:9e:2b:46:3c:31:64:a4:ff:4a:23:4c:4b:5b:
8d:15:a3:46:ed:9e:d1:47:c7:84:a8:55:fa:eb:4b:
29:52:b7:2e:d5:93:30:4f:98:7d:83:99:87:6b:01:
ba:18:db:df:3f:ef:d3:c0:05:07:32:a7:53:64:5a:
f4:7b:db:06:c2:5d:8f:9c:75:93:de:98:3b:93:3a:
c0:0a:c6:33:3e:de:13:b0:36:d6:12:b9:3e:0b:ad:
af:c8:d5:a7:af:f6:44:e2:22:b0:2c:68:73:87:68:
97:fb:0b:ea:60:db:3a:dc:c0:31:2c:a5:b6:02:b9:
8e:1b:0d:6c:b3:62:3b:46:b7:23:cc:ab:01:df:cb:
14:01:2a:e9:b7:1b:eb:5e:1a:c3:2a:c7:b0:99:46:
1a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:53:73:53:51:D1:71:32:FE:56:52:F7:53:EA:6E:6B:C8:B4:75:5E
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/1D591F5C4B1011ED97C5BE29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
76:06:9e:d7:6b:e3:1b:b1:52:88:09:f1:fd:53:23:13:b0:f8:
50:3e:05:65:0d:57:46:e4:19:83:69:fe:2b:e8:10:86:e4:53:
ec:00:bf:08:18:68:fd:ff:0f:c8:c0:47:18:6b:6e:83:b9:6a:
7c:d5:08:35:2d:d0:e4:42:91:ae:7e:a8:8b:ee:fe:e7:dd:a9:
95:88:41:c1:1e:11:c0:01:b5:88:f8:09:9e:96:8f:70:d5:84:
6e:d1:fd:af:69:39:14:3f:ce:c6:be:c6:eb:77:0e:0b:c3:7a:
9c:95:f1:46:b9:ee:9f:d0:dd:62:05:34:7f:54:c4:6c:58:8e:
3b:33:f4:c7:18:ca:9b:8c:f9:67:df:26:fc:f3:af:1d:9f:79:
7d:24:77:13:74:fa:9e:ed:87:88:3c:95:28:b2:9b:ca:b1:d6:
b8:a5:30:9e:5b:b9:8c:05:d6:2c:95:22:f4:b9:16:07:14:b0:
d4:7f:0b:5f:96:97:72:87:37:6d:21:f5:8c:90:0a:35:fe:06:
b3:7c:70:a0:cf:8e:a0:e2:b0:3e:18:b2:12:d0:86:b4:a7:91:
c0:58:e7:e0:b9:67:01:28:70:4c:db:9e:88:25:21:8c:48:54:
9a:14:b7:28:02:de:52:c4:36:e1:7e:db:c3:5c:df:90:ec:15:
9d:91:45:9c
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICPJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIxMDE0MDU0MDA4WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzQ4ZjYzOC1kYmU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0NmD4X7MygxDUeTqmRabFhpyy+EdoHgO/SRT1/CjsQyx9ooXBcSHVJI3tp9U
LQUE9Rchx2ph0swV3Ntvvd70esxvHaRw35r5Szy45Y1XvwKG8L8uJba3IPP//+iz
dmKvXaGUix/jJ9q5+J4rRjwxZKT/SiNMS1uNFaNG7Z7RR8eEqFX660spUrcu1ZMw
T5h9g5mHawG6GNvfP+/TwAUHMqdTZFr0e9sGwl2PnHWT3pg7kzrACsYzPt4TsDbW
Erk+C62vyNWnr/ZE4iKwLGhzh2iX+wvqYNs63MAxLKW2ArmOGw1ss2I7RrcjzKsB
38sUASrptxvrXhrDKsewmUYapwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFLRTc1NR
0XEy/lZS91PqbmvItHVeMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvMUQ1OTFGNUM0
QjEwMTFFRDk3QzVCRTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAdgae12vjG7FSiAnx/VMjE7D4UD4FZQ1XRuQZg2n+K+gQhuRT7AC/CBho
/f8PyMBHGGtug7lqfNUINS3Q5EKRrn6oi+7+592plYhBwR4RwAG1iPgJnpaPcNWE
btH9r2k5FD/Oxr7G63cOC8N6nJXxRrnun9DdYgU0f1TEbFiOOzP0xxjKm4z5Z98m
/POvHZ95fSR3E3T6nu2HiDyVKLKbyrHWuKUwnlu5jAXWLJUi9LkWBxSw1H8LX5aX
coc3bSH1jJAKNf4Gs3xwoM+OoOKwPhiyEtCGtKeRwFjn4LlnAShwTNueiCUhjEhU
mhS3KALeUsQ24X7bw1zfkOwVnZFFnA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org