Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/475289A8CFBC11ECB396B381C4F9AE02.roa
File: 475289A8CFBC11ECB396B381C4F9AE02.roa (raw, json)
Hash identifier: bWZAbSjNdssY/BHTEeYe/f5WQpLRWN+OcYSR+1T0AIw=
Subject key identifier: 5D:66:E5:A0:B7:BA:BF:F2:29:DD:55:94:36:94:1B:CA:98:21:29:9B
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3A00
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/475289A8CFBC11ECB396B381C4F9AE02.roa
Signing time: Tue 10 May 2022 01:00:11 +0000
ROA not before: Tue 10 May 2022 01:00:11 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14848 (0x3a00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: May 10 01:00:11 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=6279b91b-119b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8f:0d:1b:e5:a6:9d:46:f0:da:04:ba:77:eb:
fe:2d:54:29:d8:dc:7d:83:85:e6:f3:b8:14:8a:b2:
f5:e0:28:b3:2f:4b:b2:59:44:8f:5c:21:71:11:95:
ca:0b:6b:85:63:1d:f8:64:38:d0:00:87:41:9e:71:
af:9a:93:52:bf:79:1d:aa:28:be:07:5f:d8:cd:f3:
b7:c9:6b:73:b4:3e:91:67:ab:41:19:d0:5e:47:52:
ae:05:1a:06:a8:47:ab:8c:97:72:69:99:8b:88:9c:
81:0c:37:40:db:fc:82:07:e7:9b:54:42:f9:7e:cb:
85:b0:29:b7:cf:71:f5:14:34:fc:56:c7:ff:d3:13:
73:9f:16:d3:3b:7e:40:57:a5:47:0b:70:da:72:91:
9e:5b:80:c7:ba:86:40:92:bf:70:2d:e9:c3:f4:30:
61:26:aa:ae:04:04:17:05:c5:a3:f4:d7:02:a2:ed:
a9:7f:cd:c0:20:b4:8b:4c:58:9b:df:40:74:b1:90:
dd:e6:db:5b:36:7d:03:63:8f:45:1e:96:2f:19:0f:
ea:cb:b1:5e:09:bc:a1:9b:37:0c:72:47:5b:ed:ca:
e1:28:64:a5:c1:41:fc:df:e8:9f:c6:71:49:b4:3f:
23:61:c7:a2:cf:bc:dd:01:45:e8:18:a9:26:7b:36:
ea:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:66:E5:A0:B7:BA:BF:F2:29:DD:55:94:36:94:1B:CA:98:21:29:9B
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/475289A8CFBC11ECB396B381C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
46:5b:af:11:31:35:0b:3b:7b:ef:35:07:47:6a:e0:c2:fc:2d:
21:30:58:fa:65:68:33:0e:48:04:05:e4:dd:f0:02:e2:af:7b:
ec:79:eb:7d:59:e2:bf:d5:c5:f7:47:24:ef:66:e6:48:58:90:
c5:83:10:ec:92:cc:1c:03:26:82:52:7b:e3:35:0d:7b:2d:cc:
ec:5b:37:16:b0:7a:7e:1a:96:17:2b:69:d4:cf:f9:9e:a3:dd:
51:dd:17:8c:0e:0c:3d:f6:9c:c7:3b:2f:d5:3d:98:8e:a6:6b:
6f:17:1e:ca:c8:02:9f:24:f8:71:b5:93:46:b2:b7:d7:5c:c8:
e6:be:b0:9f:6f:db:b2:6e:be:de:96:f4:c2:61:a5:85:cb:8a:
01:35:49:1a:24:6f:cc:7b:29:d8:ca:1a:5e:18:bb:9e:6a:90:
fc:0f:85:0c:a9:ea:68:21:be:f5:8a:4d:71:5a:ef:14:06:72:
47:e7:a3:19:aa:7c:80:51:69:f6:5d:b4:6d:44:dc:8f:7c:35:
b4:af:00:1f:55:73:a8:f2:81:19:dc:d1:b4:95:aa:29:63:fe:
a7:f2:be:6d:39:f6:9b:39:92:d1:5b:e0:1e:2f:1d:41:03:c5:
8a:b1:cd:dd:6e:30:82:b3:57:08:5e:23:7b:cd:61:04:59:f0:
be:02:3d:75
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOgAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNTEwMDEwMDExWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjc5YjkxYi0xMTliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxo8NG+WmnUbw2gS6d+v+LVQp2Nx9g4Xm87gUirL14CizL0uyWUSPXCFxEZXK
C2uFYx34ZDjQAIdBnnGvmpNSv3kdqii+B1/YzfO3yWtztD6RZ6tBGdBeR1KuBRoG
qEerjJdyaZmLiJyBDDdA2/yCB+ebVEL5fsuFsCm3z3H1FDT8Vsf/0xNznxbTO35A
V6VHC3DacpGeW4DHuoZAkr9wLenD9DBhJqquBAQXBcWj9NcCou2pf83AILSLTFib
30B0sZDd5ttbNn0DY49FHpYvGQ/qy7FeCbyhmzcMckdb7crhKGSlwUH83+ifxnFJ
tD8jYceiz7zdAUXoGKkmezbqJwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFF1m5aC3
ur/yKd1VlDaUG8qYISmbMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvNDc1Mjg5QThD
RkJDMTFFQ0IzOTZCMzgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEARluvETE1Czt77zUHR2rgwvwtITBY+mVoMw5IBAXk3fAC4q977HnrfVni
v9XF90ck72bmSFiQxYMQ7JLMHAMmglJ74zUNey3M7Fs3FrB6fhqWFytp1M/5nqPd
Ud0XjA4MPfacxzsv1T2YjqZrbxceysgCnyT4cbWTRrK311zI5r6wn2/bsm6+3pb0
wmGlhcuKATVJGiRvzHsp2MoaXhi7nmqQ/A+FDKnqaCG+9YpNcVrvFAZyR+ejGap8
gFFp9l20bUTcj3w1tK8AH1VzqPKBGdzRtJWqKWP+p/K+bTn2mzmS0VvgHi8dQQPF
irHN3W4wgrNXCF4je81hBFnwvgI9dQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org