Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/2B6B0D2E9FCD11ECAA04441EC4F9AE02.roa
File: 2B6B0D2E9FCD11ECAA04441EC4F9AE02.roa (raw, json)
Hash identifier: SWO+63CZsoTffX8MYt3xHtLWKgjFT7+ioXbFRAsyyBs=
Subject key identifier: DA:CC:24:7E:82:39:6B:4D:32:29:A4:6E:0F:D7:7F:92:76:5E:C2:EF
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 37DB
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/2B6B0D2E9FCD11ECAA04441EC4F9AE02.roa
Signing time: Thu 10 Mar 2022 05:40:11 +0000
ROA not before: Thu 10 Mar 2022 05:40:11 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14299 (0x37db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Mar 10 05:40:11 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=62298f3a-756f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:4d:9a:2c:77:76:9f:f4:4d:bf:9c:d6:32:df:
06:8a:7f:99:b8:78:18:da:a4:c1:af:f6:22:3d:9a:
92:95:89:b2:26:49:05:ee:55:2d:fd:71:d6:04:d4:
50:0f:aa:6c:d9:2f:c6:f5:0a:53:99:f8:22:bc:e0:
0d:12:08:18:17:fa:e7:9b:e2:5a:20:f4:bf:9e:85:
b1:8f:81:46:02:73:da:49:0b:0b:8f:61:8e:bc:ea:
74:93:2e:77:3b:bb:e9:5e:5e:5e:49:b8:27:5e:e3:
1f:e2:d6:57:18:8b:ba:35:05:4c:3e:a7:4a:81:e2:
ce:8f:fb:cb:81:30:46:09:60:7d:b4:92:6e:1f:be:
1d:34:85:c3:c0:92:6c:76:10:3c:1a:61:fd:2c:31:
15:2a:1a:e2:2a:b8:fe:c2:e5:0a:d8:99:b7:a7:8d:
eb:e9:18:c6:ef:de:07:68:33:df:1b:01:6e:a2:36:
b5:e8:2b:7b:70:02:4a:4b:f9:94:73:31:76:a4:48:
49:89:e7:ec:65:eb:68:31:1e:fd:54:d0:96:6a:88:
8c:fa:e0:5c:91:f5:5e:59:96:0d:c1:7b:06:25:9f:
38:86:6b:f6:94:8f:40:3a:f0:25:b1:47:48:00:ae:
41:81:bf:81:c9:72:c3:06:c3:71:00:e5:68:ed:a3:
64:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:CC:24:7E:82:39:6B:4D:32:29:A4:6E:0F:D7:7F:92:76:5E:C2:EF
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/2B6B0D2E9FCD11ECAA04441EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
3a:0c:f1:f8:eb:12:1f:92:f5:89:53:7b:43:76:de:9f:01:21:
e8:ce:fa:88:15:60:68:72:b4:e1:1b:e7:a9:12:70:e6:9c:53:
d1:be:0d:d3:9d:20:d8:31:8f:4a:9a:18:50:3b:7f:ed:a3:d7:
ce:97:6d:4f:b4:ed:4e:b8:64:cb:1a:0c:6b:d7:c6:d7:6e:8d:
ec:a0:f2:f5:8a:71:f9:61:5e:f3:35:67:18:b7:22:ac:9a:c6:
e1:a0:1e:3f:46:41:af:2a:28:c0:5d:b7:6a:81:e1:2f:dc:47:
6e:e3:02:31:12:98:82:e4:17:e5:f1:be:3d:d3:4f:7e:d9:15:
70:f3:e2:38:8e:63:25:70:b0:f3:11:d4:10:9a:6f:21:7c:bc:
04:9b:9a:8c:b3:cf:3e:19:20:fe:22:2d:29:61:13:40:6b:a9:
45:73:e3:7a:0a:f5:00:ca:86:62:65:e5:f9:fd:37:0f:70:91:
fd:29:4e:23:df:49:92:2e:f8:ca:51:46:41:01:ca:9a:18:3b:
da:a5:0d:38:40:c8:44:6f:ac:f1:96:b0:53:b2:f1:c7:1f:0b:
60:05:c6:e1:36:d8:dc:d8:13:cb:86:97:93:3e:32:b0:de:e8:
f0:38:20:b2:3b:46:e3:f2:f7:8e:38:03:f3:15:7b:23:49:db:
d7:11:a2:eb
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICN9swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMzEwMDU0MDExWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjI5OGYzYS03NTZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3E2aLHd2n/RNv5zWMt8Gin+ZuHgY2qTBr/YiPZqSlYmyJkkF7lUt/XHWBNRQ
D6ps2S/G9QpTmfgivOANEggYF/rnm+JaIPS/noWxj4FGAnPaSQsLj2GOvOp0ky53
O7vpXl5eSbgnXuMf4tZXGIu6NQVMPqdKgeLOj/vLgTBGCWB9tJJuH74dNIXDwJJs
dhA8GmH9LDEVKhriKrj+wuUK2Jm3p43r6RjG794HaDPfGwFuoja16Ct7cAJKS/mU
czF2pEhJiefsZetoMR79VNCWaoiM+uBckfVeWZYNwXsGJZ84hmv2lI9AOvAlsUdI
AK5Bgb+ByXLDBsNxAOVo7aNkJwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNrMJH6C
OWtNMimkbg/Xf5J2XsLvMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvMkI2QjBEMkU5
RkNEMTFFQ0FBMDQ0NDFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAOgzx+OsSH5L1iVN7Q3benwEh6M76iBVgaHK04RvnqRJw5pxT0b4N050g
2DGPSpoYUDt/7aPXzpdtT7TtTrhkyxoMa9fG126N7KDy9Ypx+WFe8zVnGLcirJrG
4aAeP0ZBryoowF23aoHhL9xHbuMCMRKYguQX5fG+PdNPftkVcPPiOI5jJXCw8xHU
EJpvIXy8BJuajLPPPhkg/iItKWETQGupRXPjegr1AMqGYmXl+f03D3CR/SlOI99J
ki74ylFGQQHKmhg72qUNOEDIRG+s8ZawU7Lxxx8LYAXG4TbY3NgTy4aXkz4ysN7o
8DggsjtG4/L3jjgD8xV7I0nb1xGi6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org