Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/4D057F964C8911ED8A58161DC4F9AE02.roa
File: 4D057F964C8911ED8A58161DC4F9AE02.roa (raw, json)
Hash identifier: V6JZDQuBwaFn9iUCTrRZ5KUYQWYYPapyeZPo/a7g5sg=
Subject key identifier: F4:5A:FA:A9:BA:D2:07:58:E6:14:52:80:12:85:E6:23:54:5C:E7:C5
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3CAA
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/4D057F964C8911ED8A58161DC4F9AE02.roa
Signing time: Sat 15 Oct 2022 13:00:11 +0000
ROA not before: Sat 15 Oct 2022 13:00:11 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15530 (0x3caa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Oct 15 13:00:11 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=634aaeda-201d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:7a:e9:05:87:1f:92:93:24:a7:23:f4:9f:9d:
b9:92:d9:e4:98:b2:01:de:c9:6f:9c:f0:d3:84:76:
8a:6e:9d:24:2e:8e:56:4c:3f:74:08:42:b1:a9:2e:
af:7e:2f:e4:a5:40:cd:9e:05:bf:77:48:fe:9e:4a:
81:e3:d9:9e:10:0f:1f:2a:f8:c5:c8:2e:dd:16:33:
b7:a2:4f:9b:ba:30:fc:05:ad:c4:78:da:5c:32:49:
62:9e:78:66:e0:74:9e:58:6c:20:63:84:d3:af:1f:
58:ba:80:8e:fc:85:5d:80:60:85:b8:a0:fe:ab:45:
43:f4:fc:11:d3:54:12:3a:6f:5e:fc:38:18:c1:d8:
99:5f:cf:e9:00:8f:47:16:dd:e9:4f:a7:73:09:a2:
b5:ad:75:28:ba:b8:b8:be:b2:ad:21:de:20:fe:73:
99:4f:ea:3d:47:99:78:e8:18:7d:b8:39:6f:69:d5:
33:f7:ea:63:a4:20:e9:9d:00:4f:5f:8b:6e:07:75:
f4:3e:19:e5:ab:3c:2c:a7:6b:b1:55:00:e9:ec:af:
95:dd:48:f1:37:ad:be:6a:1e:08:1b:4a:07:57:09:
17:1d:0b:4a:de:b7:f5:77:4c:05:5b:4a:1c:a4:f7:
d1:95:df:c7:48:ea:37:47:44:21:13:2f:11:b9:7d:
29:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:5A:FA:A9:BA:D2:07:58:E6:14:52:80:12:85:E6:23:54:5C:E7:C5
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/4D057F964C8911ED8A58161DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/48
Signature Algorithm: sha256WithRSAEncryption
7b:f2:ae:6a:ed:94:b5:14:9d:3e:a2:81:d6:7f:b3:87:89:5a:
c9:ec:a4:c4:77:49:58:66:4f:b0:9e:48:5c:11:95:24:29:46:
95:89:85:a7:83:bf:b9:49:17:4a:19:dd:e7:71:bf:43:94:2b:
d4:f9:87:ea:8c:12:93:a1:b5:8e:3f:d2:a9:0a:ca:ff:32:2d:
95:1f:4b:36:74:f5:23:22:19:55:f4:c1:33:96:b6:82:2c:bf:
1a:3d:c9:30:e1:75:93:19:10:fe:9c:41:4f:b0:52:03:bf:f2:
59:c3:fa:79:93:ec:ad:14:31:dc:cd:29:64:6a:ff:af:59:1b:
d6:9b:c7:7d:25:c2:53:0c:ea:fc:e2:d2:fd:9c:73:8b:30:f5:
07:fd:06:1e:1a:f4:94:c9:9c:fa:a8:56:1a:b9:38:d5:7d:9e:
f0:19:a1:55:c8:4a:f1:f9:4e:10:35:ee:28:d2:0f:cc:3b:f2:
af:3f:be:1f:b2:6d:c2:49:4c:46:dd:68:1f:39:ce:89:45:4c:
86:25:a3:9c:6d:1a:61:cf:9a:f8:d6:2b:7a:8a:f2:dd:3a:34:
4f:68:87:e0:f9:91:79:a3:83:bb:83:ac:07:3c:67:f7:08:0f:
a0:66:be:11:f7:74:42:6d:f9:13:d5:97:2f:dd:b8:c0:16:fc:
b8:63:54:e4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICPKowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIxMDE1MTMwMDExWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzRhYWVkYS0yMDFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyXrpBYcfkpMkpyP0n525ktnkmLIB3slvnPDThHaKbp0kLo5WTD90CEKxqS6v
fi/kpUDNngW/d0j+nkqB49meEA8fKvjFyC7dFjO3ok+bujD8Ba3EeNpcMklinnhm
4HSeWGwgY4TTrx9YuoCO/IVdgGCFuKD+q0VD9PwR01QSOm9e/DgYwdiZX8/pAI9H
Ft3pT6dzCaK1rXUouri4vrKtId4g/nOZT+o9R5l46Bh9uDlvadUz9+pjpCDpnQBP
X4tuB3X0Phnlqzwsp2uxVQDp7K+V3UjxN62+ah4IG0oHVwkXHQtK3rf1d0wFW0oc
pPfRld/HSOo3R0QhEy8RuX0puQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFPRa+qm6
0gdY5hRSgBKF5iNUXOfFMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvNEQwNTdGOTY0
Qzg5MTFFRDhBNTgxNjFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHACABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAe/Kuau2UtRSdPqKB1n+zh4layeykxHdJWGZPsJ5IXBGVJClGlYmFp4O/
uUkXShnd53G/Q5Qr1PmH6owSk6G1jj/SqQrK/zItlR9LNnT1IyIZVfTBM5a2giy/
Gj3JMOF1kxkQ/pxBT7BSA7/yWcP6eZPsrRQx3M0pZGr/r1kb1pvHfSXCUwzq/OLS
/ZxzizD1B/0GHhr0lMmc+qhWGrk41X2e8BmhVchK8flOEDXuKNIPzDvyrz++H7Jt
wklMRt1oHznOiUVMhiWjnG0aYc+a+NYreory3To0T2iH4PmReaODu4OsBzxn9wgP
oGa+Efd0Qm35E9WXL924wBb8uGNU5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org