Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/317C98AE497811ED9BC8BE6CC4F9AE02.roa
File: 317C98AE497811ED9BC8BE6CC4F9AE02.roa (raw, json)
Hash identifier: sxZoEO7iXs5n8gLMvMajEjV/uxvCH0dzi9y5mjOfHk0=
Subject key identifier: B2:4E:AD:1B:D5:0F:F1:5C:A3:0D:3E:1C:F3:FA:BF:E9:2A:0F:14:21
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3C87
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/317C98AE497811ED9BC8BE6CC4F9AE02.roa
Signing time: Wed 12 Oct 2022 05:00:10 +0000
ROA not before: Wed 12 Oct 2022 05:00:10 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15495 (0x3c87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Oct 12 05:00:10 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=634649da-dfc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:41:c4:5a:4c:39:1f:cf:74:e7:15:fd:3f:20:
54:c2:8b:8e:c8:1b:f8:64:32:fc:62:7b:7f:d7:d5:
e7:d5:2d:77:21:02:68:7d:bc:8b:22:03:d6:4c:df:
00:cc:82:f2:13:fc:49:75:e8:35:f2:4d:a4:04:3d:
49:38:a3:a2:9b:f9:ff:68:ce:31:b2:ae:6b:7e:88:
a2:89:c2:66:e5:02:9b:5a:2b:d5:41:c6:bf:a3:23:
c8:ee:c6:b0:99:08:b8:63:d8:a1:c3:13:cb:23:e7:
10:67:7c:76:18:79:ac:51:06:20:97:39:b5:49:5a:
ed:dd:1f:28:eb:c7:e6:65:eb:3b:9b:92:45:f7:2b:
dd:fa:69:e7:51:38:d6:38:b4:e3:b5:d3:24:5c:b6:
ed:08:dc:71:82:d3:18:37:8f:a2:b9:07:dc:f9:27:
f1:09:6b:a6:34:d7:d4:8b:28:bc:62:77:b3:49:cc:
e1:0e:bb:4a:11:0c:18:0a:6e:27:81:62:60:a8:ba:
36:37:df:fd:bf:13:84:1c:77:b5:e9:ca:3a:55:06:
fc:b8:0b:e6:9a:d1:ff:58:4b:91:bc:0e:9d:cd:5b:
76:4d:cb:b8:d5:6d:75:f0:05:8c:25:a8:de:20:0c:
32:15:7a:2e:ff:db:2c:c7:a1:46:ba:c4:7d:ad:f3:
78:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:4E:AD:1B:D5:0F:F1:5C:A3:0D:3E:1C:F3:FA:BF:E9:2A:0F:14:21
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/317C98AE497811ED9BC8BE6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
63:ed:97:67:9d:19:84:39:6b:75:57:10:ff:4b:b5:73:71:f7:
a4:3c:1d:4d:d2:55:d3:86:35:83:71:54:ac:16:a1:d3:a1:62:
04:b6:5b:e8:28:5e:f9:99:66:ce:ff:0c:91:90:17:5e:bb:53:
18:96:4d:26:7e:52:57:ee:3c:20:b3:d5:dc:64:62:81:33:ee:
ca:2b:ff:dd:96:aa:50:e2:df:62:39:25:a4:38:5d:89:27:4b:
84:39:f9:8d:af:60:e9:d0:80:a4:b5:47:44:eb:4c:9f:ae:b7:
7c:c8:c6:ee:53:b4:23:25:95:6d:93:fe:e1:e7:99:86:f8:54:
0f:3b:1a:68:b9:16:2c:2b:f6:70:67:df:4b:a5:31:45:98:85:
5c:43:40:c9:15:08:1f:93:8d:00:e7:de:d2:71:99:ef:e5:15:
61:90:1e:b7:31:a7:e6:dd:54:39:ca:ef:61:61:39:a5:fc:6d:
86:f4:e0:4b:7e:b5:7e:e0:1a:70:9a:6d:1f:31:a9:7c:df:50:
af:3a:19:96:9a:d2:18:01:91:6c:9d:4e:8b:47:6c:b0:cb:8b:
c2:6c:e3:0b:f3:a3:dd:01:de:24:d7:7d:5e:6b:11:40:24:1c:
63:2c:48:e7:c7:cf:1d:bf:da:50:b1:2f:35:b2:6a:42:bb:0e:
17:a1:c2:96
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICPIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIxMDEyMDUwMDEwWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzQ2NDlkYS1kZmM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArEHEWkw5H8905xX9PyBUwouOyBv4ZDL8Ynt/19Xn1S13IQJofbyLIgPWTN8A
zILyE/xJdeg18k2kBD1JOKOim/n/aM4xsq5rfoiiicJm5QKbWivVQca/oyPI7saw
mQi4Y9ihwxPLI+cQZ3x2GHmsUQYglzm1SVrt3R8o68fmZes7m5JF9yvd+mnnUTjW
OLTjtdMkXLbtCNxxgtMYN4+iuQfc+SfxCWumNNfUiyi8YnezSczhDrtKEQwYCm4n
gWJgqLo2N9/9vxOEHHe16co6VQb8uAvmmtH/WEuRvA6dzVt2Tcu41W118AWMJaje
IAwyFXou/9ssx6FGusR9rfN4CQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFLJOrRvV
D/Fcow0+HPP6v+kqDxQhMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvMzE3Qzk4QUU0
OTc4MTFFRDlCQzhCRTZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAY+2XZ50ZhDlrdVcQ/0u1c3H3pDwdTdJV04Y1g3FUrBah06FiBLZb6Che
+Zlmzv8MkZAXXrtTGJZNJn5SV+48ILPV3GRigTPuyiv/3ZaqUOLfYjklpDhdiSdL
hDn5ja9g6dCApLVHROtMn663fMjG7lO0IyWVbZP+4eeZhvhUDzsaaLkWLCv2cGff
S6UxRZiFXENAyRUIH5ONAOfe0nGZ7+UVYZAetzGn5t1UOcrvYWE5pfxthvTgS361
fuAacJptHzGpfN9QrzoZlprSGAGRbJ1Oi0dssMuLwmzjC/Oj3QHeJNd9XmsRQCQc
YyxI58fPHb/aULEvNbJqQrsOF6HClg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org