Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/3CCD7C1AB90311EC9450AD20C4F9AE02.roa
File: 3CCD7C1AB90311EC9450AD20C4F9AE02.roa (raw, json)
Hash identifier: RUUdioq4PuaARtT2WtJWNoFXYKmMnmGuXJFDDWk/cdE=
Subject key identifier: 1A:8E:3C:CF:5A:36:A8:98:BD:21:FB:7C:34:FD:2D:06:91:75:2E:7E
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 38AB
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/3CCD7C1AB90311EC9450AD20C4F9AE02.roa
Signing time: Sun 10 Apr 2022 19:20:10 +0000
ROA not before: Sun 10 Apr 2022 19:20:10 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14507 (0x38ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Apr 10 19:20:10 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=62532dea-c5c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a8:12:be:f1:74:ac:44:a1:1c:72:0f:f4:87:
58:7b:16:83:d3:44:da:29:20:8d:67:13:d7:84:79:
ab:69:4e:1a:6d:88:dc:ea:2d:93:a0:7c:90:07:bc:
dd:60:0f:dd:0f:3d:86:66:a5:06:93:74:62:9d:7f:
b0:a4:7d:37:0f:ad:98:bf:d6:71:a8:d7:2a:f5:da:
5d:2c:e5:49:09:db:35:63:52:dc:96:a4:a8:fd:44:
8d:3d:33:a4:64:7e:e9:95:ec:07:de:8b:b4:d8:7f:
56:db:1f:3c:6a:79:60:3c:b4:6b:5a:85:4e:69:51:
25:5d:77:b4:53:ac:01:a1:eb:69:33:a2:1e:4d:eb:
5c:28:25:27:00:95:5a:79:1e:1d:15:c0:61:3d:f2:
f5:36:b6:64:31:83:ae:0b:dd:86:7a:97:55:4b:19:
e7:7c:c8:22:51:b0:60:2d:b7:a9:f2:e9:d8:d5:86:
28:23:e6:e7:87:9b:63:df:25:ca:c2:30:9d:28:d3:
ea:90:a9:b4:ff:72:e4:03:0f:d0:fb:1e:73:c8:86:
05:b3:34:e4:12:4a:66:ad:c9:e9:7f:51:7e:b1:5f:
1c:57:57:b9:83:8c:f5:cb:a5:9f:04:e5:f2:65:9c:
b6:ba:11:e3:d1:41:fb:ea:88:8c:43:d0:bf:a9:41:
b8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:8E:3C:CF:5A:36:A8:98:BD:21:FB:7C:34:FD:2D:06:91:75:2E:7E
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/3CCD7C1AB90311EC9450AD20C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/24
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
34:02:bf:46:a4:ba:34:e3:cd:11:ac:95:6c:07:4c:e4:f8:ff:
ed:e6:42:08:09:d2:b9:e8:ca:1e:df:36:8d:c1:d7:ad:06:3e:
56:01:d6:15:f9:08:b0:ba:37:56:53:7e:88:33:a9:74:d3:f1:
a0:0a:53:74:22:3a:a7:2f:fd:a4:4a:c5:ce:bb:6f:c7:68:24:
dd:f0:f5:b7:76:68:36:7b:65:87:f6:90:9f:c3:87:76:08:4b:
4c:2b:35:9b:a8:d5:9a:fe:98:2b:10:cd:31:e1:3c:a1:aa:2a:
74:73:7d:17:6e:f6:4f:c3:43:05:14:b4:79:ef:6b:bf:8e:74:
79:a8:d5:ff:6a:77:d6:a9:22:04:98:b8:33:47:49:f3:c0:81:
ed:54:9f:73:cd:c0:33:e1:3c:30:5c:65:84:ba:b9:5a:21:f0:
78:3b:b1:c4:7c:f3:f2:1c:48:63:4b:4b:33:80:52:a5:a6:ac:
c7:21:de:5f:2d:55:83:a9:f3:c7:7e:f9:fa:60:a8:b4:23:87:
c3:e0:72:c7:4f:6c:a8:2c:a8:d4:4a:1d:b2:19:b0:51:b0:31:
58:40:a1:f5:6f:1f:8d:0f:b7:f2:a9:61:b5:a2:65:e9:32:c2:
f6:cb:79:ea:f0:d5:cd:12:b3:e8:46:5f:33:f1:f3:24:2a:bb:
55:7b:23:9e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOKswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNDEwMTkyMDEwWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjUzMmRlYS1jNWM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA46gSvvF0rEShHHIP9IdYexaD00TaKSCNZxPXhHmraU4abYjc6i2ToHyQB7zd
YA/dDz2GZqUGk3RinX+wpH03D62Yv9ZxqNcq9dpdLOVJCds1Y1LclqSo/USNPTOk
ZH7plewH3ou02H9W2x88anlgPLRrWoVOaVElXXe0U6wBoetpM6IeTetcKCUnAJVa
eR4dFcBhPfL1NrZkMYOuC92GepdVSxnnfMgiUbBgLbep8unY1YYoI+bnh5tj3yXK
wjCdKNPqkKm0/3LkAw/Q+x5zyIYFszTkEkpmrcnpf1F+sV8cV1e5g4z1y6WfBOXy
ZZy2uhHj0UH76oiMQ9C/qUG4uwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFBqOPM9a
NqiYvSH7fDT9LQaRdS5+MB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvM0NDRDdDMUFC
OTAzMTFFQzk0NTBBRDIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEANAK/RqS6NOPNEayVbAdM5Pj/7eZCCAnSuejKHt82jcHXrQY+VgHWFfkI
sLo3VlN+iDOpdNPxoApTdCI6py/9pErFzrtvx2gk3fD1t3ZoNntlh/aQn8OHdghL
TCs1m6jVmv6YKxDNMeE8oaoqdHN9F272T8NDBRS0ee9rv450eajV/2p31qkiBJi4
M0dJ88CB7VSfc83AM+E8MFxlhLq5WiHweDuxxHzz8hxIY0tLM4BSpaasxyHeXy1V
g6nzx375+mCotCOHw+Byx09sqCyo1EodshmwUbAxWECh9W8fjQ+38qlhtaJl6TLC
9st56vDVzRKz6EZfM/HzJCq7VXsjng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org