Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/408BB6F6964311ECACFB7176C4F9AE02.roa
File: 408BB6F6964311ECACFB7176C4F9AE02.roa (raw, json)
Hash identifier: nDsQhMbwBBVnGFv2b/VBNV8ml1eVUjuBjGjXc12gG7U=
Subject key identifier: 04:A5:ED:80:FA:C3:DB:18:0B:4B:76:B7:42:39:A4:EA:68:0A:BA:DD
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3753
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/408BB6F6964311ECACFB7176C4F9AE02.roa
Signing time: Sat 26 Feb 2022 05:40:09 +0000
ROA not before: Sat 26 Feb 2022 05:40:09 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14163 (0x3753)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Feb 26 05:40:09 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=6219bd39-4362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:53:91:e5:03:27:c9:47:cb:ee:e1:40:9f:0f:
3d:70:8d:d9:98:c8:09:37:f8:ea:63:e5:9c:23:eb:
4f:64:42:f9:d7:ef:35:f1:ab:fb:d9:e8:0f:b2:8e:
ae:9e:24:a2:15:9a:26:29:81:c1:f2:cb:01:e6:73:
15:be:12:67:0b:a4:58:68:af:d9:9c:35:09:67:e5:
f4:c7:4e:4d:69:7d:a7:e9:d1:74:d7:7a:bc:a7:f5:
e3:ce:05:fa:ee:b4:51:ee:64:aa:1c:fd:a1:c0:83:
3b:9c:d2:ff:f1:1c:62:5c:2f:3c:d8:36:13:d7:4d:
c6:36:87:de:48:1a:67:e1:c8:38:36:a5:4d:6c:68:
26:5b:f6:60:06:54:8d:09:6e:a8:e1:e3:f6:f9:94:
b6:ea:08:17:56:cb:91:62:35:1f:49:07:24:e5:49:
41:52:a5:9c:a4:c4:e6:61:f5:1d:b0:83:ac:e1:31:
d3:79:cb:3d:ba:fc:ad:c7:5c:00:13:d0:28:cc:75:
75:d4:dc:3f:dd:ae:a2:1f:48:b4:9d:d7:03:0f:11:
90:b1:75:c7:64:7c:6e:d7:53:5a:e6:de:82:0d:22:
95:e0:37:dd:35:a8:d1:d1:13:19:64:0a:14:04:74:
b2:ae:26:a7:07:6c:1a:18:a1:8d:d6:cf:a6:04:3b:
7a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:A5:ED:80:FA:C3:DB:18:0B:4B:76:B7:42:39:A4:EA:68:0A:BA:DD
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/408BB6F6964311ECACFB7176C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
a6:98:69:83:8b:1e:0f:f6:db:9a:90:e9:9e:b5:da:c9:92:51:
dc:41:e1:76:4b:f0:5a:64:13:92:99:af:56:a3:61:05:f1:93:
ba:a7:95:c0:9d:65:96:74:2c:64:e3:46:60:8f:09:47:f8:8f:
c0:6e:9f:9a:02:9f:73:f8:4a:2a:11:80:62:16:0a:ca:84:fe:
87:1c:40:25:f1:53:c7:1f:23:26:f4:5e:16:d1:40:ee:c9:91:
cf:62:21:22:8c:1d:d7:30:25:4b:8a:da:a1:e0:a1:02:36:cf:
86:83:89:9f:75:33:95:e1:24:5d:bd:2d:4a:a6:58:0d:9b:03:
6a:d7:14:32:93:2b:ca:02:a2:d6:04:69:06:c7:62:3e:51:f0:
95:6c:e6:01:06:38:ae:78:60:4f:18:98:39:d5:e6:fd:b1:3d:
0f:f1:31:9a:06:9a:25:b3:e9:6d:91:eb:0f:29:6c:9f:29:f8:
09:32:5b:f5:6a:40:2e:32:91:0d:c0:db:cf:05:61:08:7f:0a:
c0:01:3d:66:68:9f:bd:17:86:f7:04:c2:eb:47:89:2d:e5:6a:
4a:a2:cc:a8:35:87:5f:59:95:26:d0:41:01:6f:69:3a:7d:1e:
0e:7d:2a:2f:8d:e8:78:bb:5d:a0:37:3d:27:83:d2:0e:95:4c:
76:08:a9:f2
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICN1MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMjI2MDU0MDA5WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjE5YmQzOS00MzYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA71OR5QMnyUfL7uFAnw89cI3ZmMgJN/jqY+WcI+tPZEL51+818av72egPso6u
niSiFZomKYHB8ssB5nMVvhJnC6RYaK/ZnDUJZ+X0x05NaX2n6dF013q8p/XjzgX6
7rRR7mSqHP2hwIM7nNL/8RxiXC882DYT103GNofeSBpn4cg4NqVNbGgmW/ZgBlSN
CW6o4eP2+ZS26ggXVsuRYjUfSQck5UlBUqWcpMTmYfUdsIOs4THTecs9uvytx1wA
E9AozHV11Nw/3a6iH0i0ndcDDxGQsXXHZHxu11Na5t6CDSKV4DfdNajR0RMZZAoU
BHSyrianB2waGKGN1s+mBDt6qQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFASl7YD6
w9sYC0t2t0I5pOpoCrrdMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvNDA4QkI2RjY5
NjQzMTFFQ0FDRkI3MTc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEApphpg4seD/bbmpDpnrXayZJR3EHhdkvwWmQTkpmvVqNhBfGTuqeVwJ1l
lnQsZONGYI8JR/iPwG6fmgKfc/hKKhGAYhYKyoT+hxxAJfFTxx8jJvReFtFA7smR
z2IhIowd1zAlS4raoeChAjbPhoOJn3UzleEkXb0tSqZYDZsDatcUMpMrygKi1gRp
BsdiPlHwlWzmAQY4rnhgTxiYOdXm/bE9D/ExmgaaJbPpbZHrDylsnyn4CTJb9WpA
LjKRDcDbzwVhCH8KwAE9ZmifvReG9wTC60eJLeVqSqLMqDWHX1mVJtBBAW9pOn0e
Dn0qL43oeLtdoDc9J4PSDpVMdgip8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org