Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/576786728B3D11EC89533A7BC4F9AE02.roa
File: 576786728B3D11EC89533A7BC4F9AE02.roa (raw, json)
Hash identifier: 0yUGITwIMY2jZkSQV3SUM9EaWvrMPlYXOCSPoqsHbvk=
Subject key identifier: C5:48:C6:A3:40:F1:AF:1E:3E:E5:9A:BC:EA:8A:19:DB:32:FD:78:3D
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 36AF
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/576786728B3D11EC89533A7BC4F9AE02.roa
Signing time: Fri 11 Feb 2022 13:20:12 +0000
ROA not before: Fri 11 Feb 2022 13:20:12 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13999 (0x36af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Feb 11 13:20:12 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=6206628c-8537
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:6d:bf:15:3d:56:6e:14:2d:49:99:1f:bf:66:
da:2a:3e:8e:39:f2:f8:d4:00:87:35:b2:94:32:9a:
f8:aa:01:c8:54:14:5c:e6:48:75:a7:b7:d1:59:34:
4d:f7:c2:3f:32:a9:20:3c:14:3c:d3:f0:0a:e1:2d:
c8:1b:56:90:10:07:ce:b9:1b:65:f3:85:19:95:b7:
e7:8f:7e:8e:87:4f:f6:db:13:f8:cf:f1:b4:45:f8:
59:49:2f:b8:f3:6c:fe:e8:ff:39:0a:05:1d:a6:37:
cb:4b:d6:ce:fc:ef:e1:60:f2:ab:03:c2:f2:ba:45:
db:b8:41:2a:39:a4:2a:7b:3e:0b:9f:b5:bc:4d:2a:
b4:62:e6:b4:d1:41:3a:89:95:f9:bb:df:c4:e0:93:
7b:e8:4a:9a:bf:a0:69:ab:3a:84:fb:47:74:02:85:
14:b5:21:12:a0:4b:83:71:33:5c:f9:57:71:43:d2:
f2:ec:21:d4:5f:f1:1e:d5:99:c3:08:8d:6e:e4:1e:
c1:6c:22:34:d9:85:00:4b:aa:0a:a8:63:7c:f2:0b:
f3:ae:ca:cd:ff:f7:52:af:8b:c4:56:fb:57:37:f9:
aa:a0:34:15:54:ce:e0:dc:68:2a:8f:fb:9f:74:3d:
9a:71:80:ce:a3:56:3f:fc:26:5a:d9:1e:78:8c:ee:
7f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:48:C6:A3:40:F1:AF:1E:3E:E5:9A:BC:EA:8A:19:DB:32:FD:78:3D
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/576786728B3D11EC89533A7BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/24
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
7d:19:97:c0:2f:1c:48:df:43:b6:aa:f3:fa:73:d1:22:02:05:
d3:59:72:55:c3:d3:dc:0d:7a:eb:f1:91:ae:28:a7:be:0b:8d:
93:87:47:d6:32:fb:7c:11:f6:80:e7:0a:46:d3:44:20:d1:52:
d4:60:45:5c:26:f3:dd:53:a4:e0:a1:f6:5f:7d:ed:2e:81:23:
c5:40:68:31:6c:b0:24:6c:ad:37:d9:e7:da:99:55:25:fc:53:
84:1b:6c:48:81:c9:d6:22:a0:29:99:04:c6:d5:8b:18:e4:6e:
90:2a:00:e6:df:91:36:66:0c:3b:f2:9b:6d:64:24:74:65:16:
d7:c3:33:6c:e3:fb:bf:0a:64:29:93:2b:8e:3f:dc:e5:4d:0b:
1b:82:1f:83:27:6d:84:c6:c3:ca:bf:53:bc:da:db:ec:0b:a6:
25:34:a1:0f:ab:b9:58:52:95:7c:a7:c4:bc:41:35:9e:64:ca:
7d:ce:1c:b5:0f:42:a1:e9:14:62:99:60:cb:18:c1:00:8a:92:
8b:2b:1b:6e:5a:53:53:c2:23:86:90:82:84:30:49:d9:40:43:
ee:de:c0:fd:cf:4f:72:a6:38:20:82:f9:a6:13:da:4d:83:28:
50:a3:6a:62:9e:91:38:df:05:4d:d3:1a:86:aa:e8:8c:3c:49:
54:62:e1:c5
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICNq8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMjExMTMyMDEyWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjA2NjI4Yy04NTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6m2/FT1WbhQtSZkfv2baKj6OOfL41ACHNbKUMpr4qgHIVBRc5kh1p7fRWTRN
98I/MqkgPBQ80/AK4S3IG1aQEAfOuRtl84UZlbfnj36Oh0/22xP4z/G0RfhZSS+4
82z+6P85CgUdpjfLS9bO/O/hYPKrA8LyukXbuEEqOaQqez4Ln7W8TSq0Yua00UE6
iZX5u9/E4JN76Eqav6BpqzqE+0d0AoUUtSESoEuDcTNc+VdxQ9Ly7CHUX/Ee1ZnD
CI1u5B7BbCI02YUAS6oKqGN88gvzrsrN//dSr4vEVvtXN/mqoDQVVM7g3Ggqj/uf
dD2acYDOo1Y//CZa2R54jO5/dQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFMVIxqNA
8a8ePuWavOqKGdsy/Xg9MB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvNTc2Nzg2NzI4
QjNEMTFFQzg5NTMzQTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAfRmXwC8cSN9Dtqrz+nPRIgIF01lyVcPT3A166/GRriinvguNk4dH1jL7
fBH2gOcKRtNEINFS1GBFXCbz3VOk4KH2X33tLoEjxUBoMWywJGytN9nn2plVJfxT
hBtsSIHJ1iKgKZkExtWLGORukCoA5t+RNmYMO/KbbWQkdGUW18MzbOP7vwpkKZMr
jj/c5U0LG4IfgydthMbDyr9TvNrb7AumJTShD6u5WFKVfKfEvEE1nmTKfc4ctQ9C
oekUYplgyxjBAIqSiysbblpTU8IjhpCChDBJ2UBD7t7A/c9PcqY4IIL5phPaTYMo
UKNqYp6RON8FTdMahqrojDxJVGLhxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org