Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/3F21B1944BE711EDB4D0860BC4F9AE02.roa
File: 3F21B1944BE711EDB4D0860BC4F9AE02.roa (raw, json)
Hash identifier: DDbbwEs7A64skrxGLwG/EE9WdbF29f8T0xXa3ZPRX6I=
Subject key identifier: 41:7A:70:38:9C:A1:AE:FA:37:D8:32:06:C0:AB:BF:F1:1D:22:64:8B
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3CA7
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/3F21B1944BE711EDB4D0860BC4F9AE02.roa
Signing time: Sat 15 Oct 2022 05:00:11 +0000
ROA not before: Sat 15 Oct 2022 05:00:11 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15527 (0x3ca7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Oct 15 05:00:11 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=634a3e59-c98a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d6:43:27:a6:0d:14:09:9b:af:a3:a5:88:09:
76:9c:c9:08:3e:ab:ee:09:f1:7b:b9:fa:09:de:fa:
f9:f9:e3:73:32:cd:2e:fb:57:90:3d:33:92:6c:6e:
d0:75:84:a6:00:4b:83:c3:9c:e6:9c:78:ab:0d:3c:
93:3a:96:98:89:e4:94:75:1e:14:98:c3:1a:70:3f:
5f:61:59:57:0c:9d:30:b2:71:dd:bf:e2:45:17:dc:
19:c9:d0:2d:ce:8e:8c:38:ce:ec:25:ac:62:f4:36:
12:e7:22:a8:a8:b2:b6:15:09:21:e2:68:3c:31:47:
c3:80:93:1f:d7:fd:68:b3:8b:da:51:c4:8d:50:49:
40:19:83:15:9f:55:b6:d0:2b:13:7b:3c:d5:63:ba:
61:48:fd:ab:11:4e:27:a5:e1:10:30:45:cc:5b:e3:
07:af:59:4d:a1:ef:9e:6b:b9:e3:a1:c7:05:10:a8:
b8:7e:12:ce:11:dd:7c:14:67:d9:49:09:ae:65:47:
e6:74:98:89:92:55:32:b6:71:8c:dd:1c:9b:89:5a:
10:94:c2:05:0a:ee:8f:06:f0:31:e6:c9:f3:83:3d:
a5:78:54:ec:74:93:c6:6f:ed:20:b0:a9:f5:94:9a:
70:21:56:30:37:d0:9f:ea:18:b2:0d:22:10:35:e5:
f3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:7A:70:38:9C:A1:AE:FA:37:D8:32:06:C0:AB:BF:F1:1D:22:64:8B
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/3F21B1944BE711EDB4D0860BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
2a:a4:c6:40:72:5e:30:8c:1f:11:68:8d:c8:f3:f6:42:37:ca:
47:c8:2d:88:29:e6:2f:a5:fc:e6:a5:cb:74:4a:0b:19:74:a5:
bc:71:8c:88:66:77:fe:fe:0d:25:f1:a0:2c:b7:57:b3:de:ca:
6e:f9:c4:ab:da:7d:c8:3a:52:b7:7c:7e:29:a1:5c:47:9a:5e:
6a:da:63:f1:6a:b3:05:b2:0f:f8:f9:f6:a0:8c:d1:5b:19:ea:
23:fc:af:33:34:af:99:8d:af:b9:75:2c:52:12:91:30:3c:54:
5a:a7:5e:55:be:f2:4f:82:1a:af:5e:5a:42:72:4e:17:58:7e:
78:65:e0:b8:eb:95:29:6e:62:2b:4b:05:81:9e:c2:1f:6f:57:
5d:93:c0:bc:27:ff:7b:04:be:7e:20:b6:02:a5:c0:10:02:c8:
ed:d5:28:25:2c:e3:8f:5a:31:83:9e:93:45:8f:f1:8f:fe:07:
5a:a3:c3:1f:1d:04:7f:ef:e1:84:f1:c1:01:dc:e5:9b:e0:80:
b8:83:33:c2:bc:fd:4c:a8:65:dd:ef:f9:a7:a6:df:9e:aa:cc:
e2:2b:d5:e8:86:dc:02:81:ff:f8:82:e0:df:83:85:2d:13:91:
49:40:6e:37:44:0c:ac:d9:34:5a:63:a0:08:27:9f:2b:5a:e5:
07:70:4a:ef
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICPKcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIxMDE1MDUwMDExWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzRhM2U1OS1jOThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqNZDJ6YNFAmbr6OliAl2nMkIPqvuCfF7ufoJ3vr5+eNzMs0u+1eQPTOSbG7Q
dYSmAEuDw5zmnHirDTyTOpaYieSUdR4UmMMacD9fYVlXDJ0wsnHdv+JFF9wZydAt
zo6MOM7sJaxi9DYS5yKoqLK2FQkh4mg8MUfDgJMf1/1os4vaUcSNUElAGYMVn1W2
0CsTezzVY7phSP2rEU4npeEQMEXMW+MHr1lNoe+ea7njoccFEKi4fhLOEd18FGfZ
SQmuZUfmdJiJklUytnGM3RybiVoQlMIFCu6PBvAx5snzgz2leFTsdJPGb+0gsKn1
lJpwIVYwN9Cf6hiyDSIQNeXzqwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFEF6cDic
oa76N9gyBsCrv/EdImSLMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvM0YyMUIxOTQ0
QkU3MTFFREI0RDA4NjBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAKqTGQHJeMIwfEWiNyPP2QjfKR8gtiCnmL6X85qXLdEoLGXSlvHGMiGZ3
/v4NJfGgLLdXs97KbvnEq9p9yDpSt3x+KaFcR5peatpj8WqzBbIP+Pn2oIzRWxnq
I/yvMzSvmY2vuXUsUhKRMDxUWqdeVb7yT4Iar15aQnJOF1h+eGXguOuVKW5iK0sF
gZ7CH29XXZPAvCf/ewS+fiC2AqXAEALI7dUoJSzjj1oxg56TRY/xj/4HWqPDHx0E
f+/hhPHBAdzlm+CAuIMzwrz9TKhl3e/5p6bfnqrM4ivV6IbcAoH/+ILg34OFLROR
SUBuN0QMrNk0WmOgCCefK1rlB3BK7w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org