Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/4699391E8CD511EC8C4ADD0BC4F9AE02.roa
File: 4699391E8CD511EC8C4ADD0BC4F9AE02.roa (raw, json)
Hash identifier: nbL4SLWijC2VYEhtEh/YRxLpGfUrXxeKoBKnmQ+oc5I=
Subject key identifier: 0B:BF:E9:EE:44:FC:01:B5:D7:C8:C3:91:73:85:83:C2:A0:F5:BE:E4
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 36D0
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/4699391E8CD511EC8C4ADD0BC4F9AE02.roa
Signing time: Mon 14 Feb 2022 05:00:13 +0000
ROA not before: Mon 14 Feb 2022 05:00:13 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14032 (0x36d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Feb 14 05:00:13 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=6209e1dc-776b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:c9:c3:ce:0b:9a:19:da:3a:d1:7b:bc:4e:ad:
46:be:fe:bc:4c:f1:22:01:cc:be:b3:12:9e:e1:66:
84:20:aa:62:7c:09:3b:1e:99:d5:c9:c1:2c:84:e6:
52:42:37:4a:54:78:86:a6:64:a7:5f:fe:e8:39:ff:
d5:1c:69:e5:63:3e:50:22:63:8c:6e:28:fe:79:5a:
67:ff:01:0a:90:67:e5:f8:a6:50:73:2a:57:91:33:
57:c5:4f:eb:a9:4a:5a:eb:fd:a8:d8:84:1f:46:9e:
d1:00:16:e2:81:59:6d:21:df:08:c1:14:8b:70:30:
08:db:9f:72:4b:79:3c:ca:f0:10:b5:03:3c:38:12:
cd:ee:58:26:41:12:24:39:f7:88:04:62:0c:97:f4:
da:a2:00:2e:8d:b7:59:79:8a:58:6f:89:78:fe:11:
81:f1:3b:87:9c:82:bf:8c:7e:5d:4a:4c:6d:f5:74:
b1:c9:3f:94:e0:50:2a:c0:b5:31:be:b6:8e:ad:0f:
b6:d0:49:9b:e9:3e:dd:4c:c4:63:42:ca:89:25:27:
98:e1:36:86:ae:3a:8b:2d:c2:0a:8e:5a:b9:3d:a0:
f5:26:7d:fc:8f:91:97:d7:52:c3:6d:d1:16:47:88:
d3:26:bf:22:69:13:60:04:73:81:e7:da:59:6f:6e:
d4:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:BF:E9:EE:44:FC:01:B5:D7:C8:C3:91:73:85:83:C2:A0:F5:BE:E4
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/4699391E8CD511EC8C4ADD0BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
64:b6:23:14:5c:bf:2b:8d:8b:16:c8:32:6c:14:b3:fb:5f:77:
20:4c:95:a0:f9:c7:bc:04:4c:94:64:1e:3c:2d:07:b8:8a:82:
85:cb:e0:0b:5d:31:2c:19:66:d8:76:51:15:c0:fd:b7:49:20:
f2:76:b9:68:22:83:33:4a:af:15:ac:dd:18:27:f6:8e:31:df:
f5:2c:ac:56:40:46:e8:6b:2f:c1:47:47:f6:62:05:42:8a:ee:
3c:cd:c9:04:45:15:00:62:69:b0:a8:4a:c5:a6:0e:23:f5:a8:
c1:f5:95:d7:92:64:f7:f3:c2:9d:96:68:f3:a2:cb:f1:12:35:
01:cb:78:81:e4:2f:ae:7f:39:6c:b8:15:44:6a:2e:4c:75:41:
4a:00:8d:4f:82:52:c1:3b:39:17:67:14:e1:3b:a4:c0:9c:a8:
01:8b:8d:ac:48:08:18:5c:8d:48:56:1b:f1:f0:f0:d4:17:37:
8d:bd:39:ee:52:57:8d:c5:a8:91:90:eb:64:18:68:a4:13:76:
63:7f:1d:c2:e5:6e:19:a7:44:51:a1:68:c1:68:17:32:53:61:
5d:e2:3f:12:b8:7a:1a:66:fe:61:df:f6:7e:41:dd:b5:b0:5a:
e7:68:ca:36:6c:8b:8a:c3:4d:10:c6:a0:77:3b:f6:64:6b:67:
b8:11:df:d5
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICNtAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMjE0MDUwMDEzWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjA5ZTFkYy03NzZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7MnDzguaGdo60Xu8Tq1Gvv68TPEiAcy+sxKe4WaEIKpifAk7HpnVycEshOZS
QjdKVHiGpmSnX/7oOf/VHGnlYz5QImOMbij+eVpn/wEKkGfl+KZQcypXkTNXxU/r
qUpa6/2o2IQfRp7RABbigVltId8IwRSLcDAI259yS3k8yvAQtQM8OBLN7lgmQRIk
OfeIBGIMl/TaogAujbdZeYpYb4l4/hGB8TuHnIK/jH5dSkxt9XSxyT+U4FAqwLUx
vraOrQ+20Emb6T7dTMRjQsqJJSeY4TaGrjqLLcIKjlq5PaD1Jn38j5GX11LDbdEW
R4jTJr8iaRNgBHOB59pZb27UfwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFAu/6e5E
/AG118jDkXOFg8Kg9b7kMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvNDY5OTM5MUU4
Q0Q1MTFFQzhDNEFERDBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAZLYjFFy/K42LFsgybBSz+193IEyVoPnHvARMlGQePC0HuIqChcvgC10x
LBlm2HZRFcD9t0kg8na5aCKDM0qvFazdGCf2jjHf9SysVkBG6GsvwUdH9mIFQoru
PM3JBEUVAGJpsKhKxaYOI/WowfWV15Jk9/PCnZZo86LL8RI1Act4geQvrn85bLgV
RGouTHVBSgCNT4JSwTs5F2cU4TukwJyoAYuNrEgIGFyNSFYb8fDw1Bc3jb057lJX
jcWokZDrZBhopBN2Y38dwuVuGadEUaFowWgXMlNhXeI/Erh6Gmb+Yd/2fkHdtbBa
52jKNmyLisNNEMagdzv2ZGtnuBHf1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org