Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/34668758CC9D11EC9F508167C4F9AE02.roa
File: 34668758CC9D11EC9F508167C4F9AE02.roa (raw, json)
Hash identifier: 4rcCTBdLh6Nf8MaltbDr4snsDDLnnHYIg/VUR9h48tU=
Subject key identifier: A9:50:22:15:D3:E3:4D:41:EE:32:0A:A9:AF:F8:A5:68:E1:BD:B0:12
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 39D5
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/34668758CC9D11EC9F508167C4F9AE02.roa
Signing time: Fri 06 May 2022 04:40:09 +0000
ROA not before: Fri 06 May 2022 04:40:09 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14805 (0x39d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: May 6 04:40:09 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=6274a6a9-7de0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:74:d3:a8:d7:8c:14:8e:2c:34:04:86:89:4a:
7b:26:c6:b1:32:cf:9e:16:96:47:89:4b:7b:b8:f0:
7e:95:c4:ff:60:50:00:9a:e4:a6:6a:e1:e7:7c:d4:
4e:5c:6b:5c:06:2c:f0:6b:a3:11:86:9e:d6:6e:6b:
ed:95:ea:d9:af:4c:30:df:dc:12:45:38:c6:bb:33:
0f:3a:0b:05:c2:87:34:9d:5a:b1:ec:8d:ed:cb:09:
82:37:50:18:57:9b:72:13:3d:08:1c:d7:5a:8d:b6:
f3:7a:0f:7a:f4:95:c9:34:e0:6f:ef:02:15:52:f2:
6c:12:12:71:11:20:99:e1:bc:0a:8a:37:12:01:da:
76:6c:ad:90:ac:c8:45:27:f0:9d:d6:d7:9d:57:5f:
05:9f:07:ec:0d:1d:fd:91:a0:d1:de:45:0c:68:c3:
10:06:a7:fe:94:a1:f7:52:ec:4c:23:19:29:24:65:
06:58:20:71:54:5a:5f:e7:fd:47:a4:04:b2:97:e1:
0f:2c:85:ef:e8:a7:54:14:cf:0e:09:c0:64:eb:32:
f0:c2:e1:36:69:4d:9e:f3:5f:b3:f4:43:86:a8:08:
03:80:f2:d7:c6:e4:cc:99:63:bf:d2:b9:f5:56:94:
3c:79:4e:71:9d:2a:e2:b8:54:a9:61:68:2a:f0:91:
89:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:50:22:15:D3:E3:4D:41:EE:32:0A:A9:AF:F8:A5:68:E1:BD:B0:12
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/34668758CC9D11EC9F508167C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
86:7e:b5:3b:cf:13:e6:b6:fd:af:23:2b:86:50:22:c0:ec:dd:
8d:41:15:72:24:1e:fb:4a:b0:d7:aa:c8:69:c7:56:01:c8:28:
bf:e8:b1:17:c7:91:62:57:aa:db:57:7c:78:9d:e3:fa:1b:6f:
8a:01:02:50:17:10:a9:c5:64:1b:68:d6:d7:5e:5f:9c:3e:68:
1c:10:78:9f:dd:cc:fd:5c:9a:cd:34:3d:cb:cb:b9:65:6b:29:
08:ae:c2:16:54:44:98:fb:b6:88:08:65:dd:4a:fa:7c:44:99:
57:d1:79:71:dc:27:9c:91:b5:7f:42:46:5d:00:f1:2d:42:46:
54:d4:53:1a:96:32:6a:9a:42:6c:46:c9:df:48:f2:be:39:d0:
d8:d8:7b:97:32:03:68:7f:5c:58:f5:59:87:6f:61:0d:7b:70:
0e:fa:6d:45:2c:67:22:29:13:dc:62:7b:cc:4f:2d:ea:c5:0e:
7b:0e:de:61:5e:94:ee:1d:bb:9c:c6:07:20:87:7f:87:fd:51:
6b:c7:78:0a:4e:05:13:87:09:8a:df:0d:c0:99:fe:e0:d9:83:
96:69:8a:a9:9e:7f:f9:0f:3f:b5:54:a1:41:f8:0c:61:8d:3e:
e3:5a:11:33:05:ce:a0:62:28:8d:35:c9:dc:5d:5c:8c:63:84:
c3:f6:b5:27
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOdUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNTA2MDQ0MDA5WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjc0YTZhOS03ZGUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6HTTqNeMFI4sNASGiUp7JsaxMs+eFpZHiUt7uPB+lcT/YFAAmuSmauHnfNRO
XGtcBizwa6MRhp7WbmvtlerZr0ww39wSRTjGuzMPOgsFwoc0nVqx7I3tywmCN1AY
V5tyEz0IHNdajbbzeg969JXJNOBv7wIVUvJsEhJxESCZ4bwKijcSAdp2bK2QrMhF
J/Cd1tedV18FnwfsDR39kaDR3kUMaMMQBqf+lKH3UuxMIxkpJGUGWCBxVFpf5/1H
pASyl+EPLIXv6KdUFM8OCcBk6zLwwuE2aU2e81+z9EOGqAgDgPLXxuTMmWO/0rn1
VpQ8eU5xnSriuFSpYWgq8JGJZQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFKlQIhXT
401B7jIKqa/4pWjhvbASMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvMzQ2Njg3NThD
QzlEMTFFQzlGNTA4MTY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAhn61O88T5rb9ryMrhlAiwOzdjUEVciQe+0qw16rIacdWAcgov+ixF8eR
Yleq21d8eJ3j+htvigECUBcQqcVkG2jW115fnD5oHBB4n93M/VyazTQ9y8u5ZWsp
CK7CFlREmPu2iAhl3Ur6fESZV9F5cdwnnJG1f0JGXQDxLUJGVNRTGpYyappCbEbJ
30jyvjnQ2Nh7lzIDaH9cWPVZh29hDXtwDvptRSxnIikT3GJ7zE8t6sUOew7eYV6U
7h27nMYHIId/h/1Ra8d4Ck4FE4cJit8NwJn+4NmDlmmKqZ5/+Q8/tVShQfgMYY0+
41oRMwXOoGIojTXJ3F1cjGOEw/a1Jw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org