Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/2A35ED52C62E11EC84069485C4F9AE02.roa
File: 2A35ED52C62E11EC84069485C4F9AE02.roa (raw, json)
Hash identifier: DocOeeVxm0ITbyK3lmE/dd0mxm5rzFB9BCEGk01Sz+w=
Subject key identifier: 40:C8:38:74:C5:09:81:7D:09:90:E4:76:D0:64:D5:22:5D:73:EB:EA
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 396D
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/2A35ED52C62E11EC84069485C4F9AE02.roa
Signing time: Wed 27 Apr 2022 13:30:12 +0000
ROA not before: Wed 27 Apr 2022 13:30:12 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14701 (0x396d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Apr 27 13:30:12 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=62694564-4f51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6b:15:61:dd:a8:ff:3e:03:9b:92:d7:ab:49:
f4:b6:33:77:ca:3c:b1:51:d9:e0:a9:31:ef:78:ea:
31:ec:57:cb:99:57:20:40:a9:64:61:cf:32:ea:15:
ab:00:80:31:41:a9:b7:90:c9:18:7d:d6:d5:a5:61:
21:9c:d7:78:cf:c2:08:7c:2c:16:11:d7:f9:c7:5c:
8b:27:43:97:9a:41:39:f4:7e:12:b1:d1:76:fb:3d:
50:6b:be:79:40:ad:26:14:be:cf:8e:77:f7:98:6b:
13:47:31:0f:8e:8f:b2:c8:1e:37:e7:5e:85:10:87:
56:7e:f5:96:e1:e7:03:c7:3f:43:3c:08:1c:7b:8d:
79:e3:e5:c3:ae:04:83:7c:b1:e5:a5:8a:a7:99:95:
6a:8b:37:b7:19:e2:72:78:65:0e:e7:71:3d:df:f1:
46:34:1f:96:ba:05:86:90:bf:04:90:c7:9a:3b:44:
36:34:d9:d2:bc:f0:9f:6d:bb:1a:73:8e:ce:03:05:
9e:d9:06:13:9a:45:b0:6e:58:7e:b7:f4:3d:f9:8c:
14:17:de:58:68:d3:7c:5e:1e:53:ec:0a:86:e8:9b:
fa:05:b8:3e:c1:ab:ac:46:55:5e:d5:d9:23:04:ea:
d7:2c:b1:d3:4f:8a:74:37:f6:d4:09:35:61:42:3f:
9e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C8:38:74:C5:09:81:7D:09:90:E4:76:D0:64:D5:22:5D:73:EB:EA
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/2A35ED52C62E11EC84069485C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/48
Signature Algorithm: sha256WithRSAEncryption
80:fc:6b:0f:d6:a2:95:e7:b5:56:76:dc:31:84:56:fa:f1:87:
c3:0c:51:94:00:e7:e8:79:31:40:d5:73:dc:68:ca:fc:a2:f7:
06:20:7b:b3:0d:da:63:04:e4:ec:08:73:84:77:24:db:e6:78:
0a:52:c2:4a:67:79:11:94:e2:70:94:83:ee:d3:56:f3:e3:49:
fc:d0:5d:5e:6a:f7:f4:ca:fd:ec:80:47:2b:70:19:b3:6a:3e:
3d:30:ee:56:8e:b3:bd:bc:aa:f9:04:4e:27:be:23:2e:24:c4:
3b:80:d6:f5:1a:af:e9:f0:21:09:8e:39:e4:53:3c:a6:dd:8c:
8a:9d:d8:14:b5:4f:91:5b:5a:8e:5e:e6:66:1e:d7:40:73:b5:
43:e8:e8:9c:9c:b5:d9:2e:60:97:b8:d9:c5:c3:53:11:b8:cb:
ca:c0:46:69:6d:7d:f5:c5:fc:4b:3a:6f:9e:c3:f8:b1:21:c6:
ff:26:47:b5:38:35:e6:4b:ae:da:fd:d7:eb:44:73:27:01:37:
94:c8:c3:52:fb:b6:9b:d7:c2:59:d3:8b:47:f3:30:55:bd:d8:
2a:a3:92:dc:2b:c3:07:d5:2c:d7:5b:e2:47:8b:5f:23:64:f2:
2c:ed:71:dc:d0:51:48:18:eb:64:70:e3:11:82:0e:4e:a5:d3:
64:6c:fe:38
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOW0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNDI3MTMzMDEyWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjY5NDU2NC00ZjUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAumsVYd2o/z4Dm5LXq0n0tjN3yjyxUdngqTHveOox7FfLmVcgQKlkYc8y6hWr
AIAxQam3kMkYfdbVpWEhnNd4z8IIfCwWEdf5x1yLJ0OXmkE59H4SsdF2+z1Qa755
QK0mFL7Pjnf3mGsTRzEPjo+yyB43516FEIdWfvWW4ecDxz9DPAgce4154+XDrgSD
fLHlpYqnmZVqize3GeJyeGUO53E93/FGNB+WugWGkL8EkMeaO0Q2NNnSvPCfbbsa
c47OAwWe2QYTmkWwblh+t/Q9+YwUF95YaNN8Xh5T7AqG6Jv6Bbg+wausRlVe1dkj
BOrXLLHTT4p0N/bUCTVhQj+e5wIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFEDIOHTF
CYF9CZDkdtBk1SJdc+vqMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvMkEzNUVENTJD
NjJFMTFFQzg0MDY5NDg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHACABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAgPxrD9ailee1VnbcMYRW+vGHwwxRlADn6HkxQNVz3GjK/KL3BiB7sw3a
YwTk7AhzhHck2+Z4ClLCSmd5EZTicJSD7tNW8+NJ/NBdXmr39Mr97IBHK3AZs2o+
PTDuVo6zvbyq+QROJ74jLiTEO4DW9Rqv6fAhCY455FM8pt2Mip3YFLVPkVtajl7m
Zh7XQHO1Q+jonJy12S5gl7jZxcNTEbjLysBGaW199cX8SzpvnsP4sSHG/yZHtTg1
5kuu2v3X60RzJwE3lMjDUvu2m9fCWdOLR/MwVb3YKqOS3CvDB9Us11viR4tfI2Ty
LO1x3NBRSBjrZHDjEYIOTqXTZGz+OA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org