Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/45B1F106D07A11ECA9851085C4F9AE02.roa
File: 45B1F106D07A11ECA9851085C4F9AE02.roa (raw, json)
Hash identifier: girKf90WiiTtQiuAHAWJlscMBpEoySql6ZGj0b1vcV0=
Subject key identifier: E1:BC:71:6E:7B:6B:D9:A2:1B:40:8C:B8:25:61:CF:51:73:A1:85:1E
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3A0D
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/45B1F106D07A11ECA9851085C4F9AE02.roa
Signing time: Wed 11 May 2022 05:00:12 +0000
ROA not before: Wed 11 May 2022 05:00:12 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14861 (0x3a0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: May 11 05:00:12 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=627b42db-187f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:79:c3:5c:a8:a4:7c:46:c3:6f:4b:f2:8a:de:
68:4b:68:79:3e:02:f1:4d:f9:54:cf:23:6a:55:ba:
3b:67:a1:f1:72:5e:eb:58:bc:56:d7:aa:0a:82:0d:
48:08:bc:a5:f5:07:e6:c3:75:c7:6f:e7:93:74:45:
c4:6b:a0:7d:13:4d:9c:a4:04:61:88:88:28:b6:2a:
b0:17:1f:40:32:70:77:ca:1a:e9:ef:a4:96:fb:c1:
2b:b1:9f:75:ea:4a:37:09:cb:67:46:fe:cd:23:47:
37:12:63:8b:e4:ff:3f:ec:05:0f:d3:be:fe:4c:a8:
4e:a4:a1:b4:bc:98:d7:f1:b0:66:e1:84:6b:34:51:
38:f5:3b:6f:40:08:58:1a:31:4a:85:0e:c2:69:7b:
db:e6:4e:18:c6:51:60:a2:5f:36:d7:1f:d2:cb:b9:
a6:8b:87:df:a1:98:b8:ac:13:83:52:92:92:a7:e3:
d8:e3:c0:0b:1a:f0:c0:df:49:67:8e:6d:a7:91:fd:
cb:d0:11:91:6a:4f:c5:ef:55:ae:a6:e1:3b:bb:b7:
be:bd:82:fc:f9:ba:f8:81:19:f7:d3:5f:33:64:36:
50:5b:a2:02:0f:44:1a:7a:82:2b:31:12:38:d3:f7:
52:b9:0f:b8:8a:ce:31:69:6b:dd:ef:11:d1:46:06:
bb:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:BC:71:6E:7B:6B:D9:A2:1B:40:8C:B8:25:61:CF:51:73:A1:85:1E
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/45B1F106D07A11ECA9851085C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
10:c7:fb:a7:9a:7f:8e:f3:88:df:3d:9a:ec:43:34:e6:f3:51:
16:b9:c6:b0:8a:49:09:a2:6a:be:d3:1d:84:a9:dd:4c:8e:29:
cc:c1:85:71:ed:f0:09:28:48:ee:f0:c9:3d:c2:57:0c:49:31:
42:aa:85:fd:ee:0a:66:d3:ef:40:ef:5b:a9:55:cc:6c:e5:c9:
4a:8e:38:18:77:cf:8a:6d:f1:71:82:63:7e:75:ee:00:f4:f2:
29:74:42:b2:39:b1:28:c3:8d:8a:de:39:19:5d:dc:18:a0:f4:
5f:71:02:76:d2:2e:10:76:df:78:82:7b:0c:63:9c:f8:68:1b:
f4:53:37:2b:8a:83:1c:4c:ea:2c:c8:2f:7a:c4:18:63:e5:2a:
eb:69:12:3f:0a:a9:a3:a8:95:ef:23:92:1a:dc:0d:7e:e4:fc:
2b:fb:96:e9:9d:bf:60:52:6d:12:7b:5d:f7:51:9f:98:40:46:
3b:2c:dd:38:0c:38:40:05:a8:8f:45:1e:3d:21:02:b9:70:c5:
9f:a3:65:c8:a1:ef:31:a5:21:68:c2:b1:bf:40:22:b1:77:09:
9d:e3:49:48:0b:38:ba:d8:70:66:a1:d6:88:e1:c7:84:0a:dc:
5f:90:43:45:5d:95:08:b2:35:89:9d:30:12:3d:43:32:8a:4a:
64:a9:91:c9
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOg0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNTExMDUwMDEyWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjdiNDJkYi0xODdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw3nDXKikfEbDb0vyit5oS2h5PgLxTflUzyNqVbo7Z6Hxcl7rWLxW16oKgg1I
CLyl9Qfmw3XHb+eTdEXEa6B9E02cpARhiIgotiqwFx9AMnB3yhrp76SW+8ErsZ91
6ko3CctnRv7NI0c3EmOL5P8/7AUP077+TKhOpKG0vJjX8bBm4YRrNFE49TtvQAhY
GjFKhQ7CaXvb5k4YxlFgol821x/Sy7mmi4ffoZi4rBODUpKSp+PY48ALGvDA30ln
jm2nkf3L0BGRak/F71WupuE7u7e+vYL8+br4gRn3018zZDZQW6ICD0QaeoIrMRI4
0/dSuQ+4is4xaWvd7xHRRga7XQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFOG8cW57
a9miG0CMuCVhz1FzoYUeMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvNDVCMUYxMDZE
MDdBMTFFQ0E5ODUxMDg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAEMf7p5p/jvOI3z2a7EM05vNRFrnGsIpJCaJqvtMdhKndTI4pzMGFce3w
CShI7vDJPcJXDEkxQqqF/e4KZtPvQO9bqVXMbOXJSo44GHfPim3xcYJjfnXuAPTy
KXRCsjmxKMONit45GV3cGKD0X3ECdtIuEHbfeIJ7DGOc+Ggb9FM3K4qDHEzqLMgv
esQYY+Uq62kSPwqpo6iV7yOSGtwNfuT8K/uW6Z2/YFJtEntd91GfmEBGOyzdOAw4
QAWoj0UePSECuXDFn6NlyKHvMaUhaMKxv0AisXcJneNJSAs4uthwZqHWiOHHhArc
X5BDRV2VCLI1iZ0wEj1DMopKZKmRyQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org