Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/1D8C5B8C829E11EC9F68A71DC4F9AE02.roa
File: 1D8C5B8C829E11EC9F68A71DC4F9AE02.roa (raw, json)
Hash identifier: pcIWd7PmZ8t+/Qp9L1XINhl1f4jByK9v3y+d7ImXgyQ=
Subject key identifier: 85:C9:24:F3:FC:BA:66:58:C4:7E:A9:6A:E4:B7:7C:6C:95:FC:C6:72
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3634
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/1D8C5B8C829E11EC9F68A71DC4F9AE02.roa
Signing time: Mon 31 Jan 2022 14:00:16 +0000
ROA not before: Mon 31 Jan 2022 14:00:15 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13876 (0x3634)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Jan 31 14:00:15 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=61f7eb6f-1bf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:cf:58:bd:0f:00:22:c7:c7:04:b6:9d:bb:59:
b8:e5:da:38:c3:59:8d:82:23:0f:2c:91:f0:cb:ef:
a5:ef:cd:98:a3:54:ed:c2:a9:4a:30:22:95:a2:1f:
4d:5f:79:ea:fa:f3:f0:7a:51:89:5a:db:6f:85:df:
e4:dc:10:1a:55:e4:79:3d:4a:29:c9:80:2f:72:3f:
32:43:78:11:2b:ae:75:0a:c9:2a:92:4b:8b:39:12:
6f:cf:41:f0:37:3b:c3:04:60:fd:7b:0f:b8:cc:4c:
fd:59:44:21:04:2d:79:95:9f:7e:68:90:0d:af:19:
82:5a:e4:54:ed:95:a3:0e:cf:15:c5:f3:d2:8e:66:
f2:bc:7f:37:47:24:8f:09:ec:66:b6:74:31:40:ec:
27:ad:f1:18:ad:42:3a:cf:9b:eb:4c:26:1c:63:00:
37:7a:0f:03:a4:fc:66:ed:b7:13:2a:b3:5a:2f:b8:
92:6a:c5:32:f1:a0:62:ac:ad:68:d3:98:76:cf:c5:
43:0d:f6:ad:e4:b8:23:83:95:05:c3:e7:8a:22:0a:
1e:61:6a:48:5c:3d:a5:3d:0e:c7:81:15:f2:db:58:
05:94:20:f7:61:65:bb:87:50:d2:1b:57:63:9b:d8:
96:32:a5:07:38:32:fc:b1:56:ba:e6:01:c9:a0:65:
48:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:C9:24:F3:FC:BA:66:58:C4:7E:A9:6A:E4:B7:7C:6C:95:FC:C6:72
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/1D8C5B8C829E11EC9F68A71DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/48
Signature Algorithm: sha256WithRSAEncryption
9f:db:5c:d4:5e:af:92:23:7f:0a:81:51:9a:d4:5d:18:ea:67:
74:a0:45:45:ac:6c:88:68:e8:f9:fe:ce:4c:ab:ab:56:49:e9:
a4:5f:44:3b:f1:0c:c7:42:ec:6a:1d:03:c0:2a:e7:c4:cf:33:
a7:ec:a2:33:ea:89:89:ff:ae:db:25:41:86:d9:7b:6d:c8:42:
13:08:b6:04:96:90:9e:ff:8d:75:13:1a:cb:b8:d1:24:1f:92:
90:ea:60:9e:8a:4b:60:53:cc:23:05:c7:d3:3a:c4:87:9c:91:
0e:9b:f7:c0:c6:69:da:33:a8:01:7a:60:25:ed:33:5a:18:24:
6f:c0:dd:75:25:62:a6:79:d7:04:28:1a:4f:2d:7c:b8:9a:5d:
94:df:95:b8:4b:4f:8b:62:cd:a2:02:14:b8:82:a4:aa:1d:1b:
9e:87:cd:55:4f:21:cb:eb:16:44:fd:60:ee:3f:c8:c0:04:26:
dc:12:1b:39:d4:b3:08:2c:cb:e0:cf:85:27:2d:98:b4:5a:95:
14:5d:d4:6c:31:d0:20:ba:a8:b6:5f:6e:59:0c:8e:46:cd:c1:
0e:45:25:25:e6:09:15:1d:1e:a4:a9:3b:c6:c4:93:64:1e:e6:
35:a2:1c:20:7b:a0:fa:b4:80:4e:65:25:ea:a0:ae:44:83:9d:
90:fb:ac:8e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICNjQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMTMxMTQwMDE1WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWY3ZWI2Zi0xYmYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqs9YvQ8AIsfHBLadu1m45do4w1mNgiMPLJHwy++l782Yo1TtwqlKMCKVoh9N
X3nq+vPwelGJWttvhd/k3BAaVeR5PUopyYAvcj8yQ3gRK651CskqkkuLORJvz0Hw
NzvDBGD9ew+4zEz9WUQhBC15lZ9+aJANrxmCWuRU7ZWjDs8VxfPSjmbyvH83RySP
CexmtnQxQOwnrfEYrUI6z5vrTCYcYwA3eg8DpPxm7bcTKrNaL7iSasUy8aBirK1o
05h2z8VDDfat5Lgjg5UFw+eKIgoeYWpIXD2lPQ7HgRXy21gFlCD3YWW7h1DSG1dj
m9iWMqUHODL8sVa65gHJoGVIAQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFIXJJPP8
umZYxH6pauS3fGyV/MZyMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvMUQ4QzVCOEM4
MjlFMTFFQzlGNjhBNzFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHACABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAn9tc1F6vkiN/CoFRmtRdGOpndKBFRaxsiGjo+f7OTKurVknppF9EO/EM
x0Lsah0DwCrnxM8zp+yiM+qJif+u2yVBhtl7bchCEwi2BJaQnv+NdRMay7jRJB+S
kOpgnopLYFPMIwXH0zrEh5yRDpv3wMZp2jOoAXpgJe0zWhgkb8DddSVipnnXBCga
Ty18uJpdlN+VuEtPi2LNogIUuIKkqh0bnofNVU8hy+sWRP1g7j/IwAQm3BIbOdSz
CCzL4M+FJy2YtFqVFF3UbDHQILqotl9uWQyORs3BDkUlJeYJFR0epKk7xsSTZB7m
NaIcIHug+rSATmUl6qCuRIOdkPusjg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org