Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/57EB32CA546D11ED9AA03E5BC4F9AE02.roa
File: 57EB32CA546D11ED9AA03E5BC4F9AE02.roa (raw, json)
Hash identifier: MenmHEG/+sLbhG/fweXchCkyoJWpOmVKANFIiloJWE4=
Subject key identifier: F8:4D:22:89:07:F7:83:E0:91:C2:BB:2B:69:FF:90:A1:61:CB:48:79
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3D12
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/57EB32CA546D11ED9AA03E5BC4F9AE02.roa
Signing time: Tue 25 Oct 2022 14:00:12 +0000
ROA not before: Tue 25 Oct 2022 14:00:12 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15634 (0x3d12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Oct 25 14:00:12 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=6357ebec-a30e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4d:85:1a:11:ba:1d:b6:7d:c6:c4:a0:1a:90:
12:98:21:33:9f:e8:e9:3f:30:25:47:d5:7b:dd:3c:
0f:bb:da:4a:ed:4a:2c:6d:14:49:87:db:92:f3:9a:
40:79:f0:54:8d:db:9a:97:cd:c6:a0:e9:b0:73:f2:
21:23:be:8f:9f:6f:da:c6:c1:f8:a6:24:c3:3c:74:
99:17:00:33:0e:b7:ea:7d:17:f7:4b:34:60:5c:bd:
81:fa:6c:da:25:f2:61:ea:05:f7:82:98:74:57:a5:
46:28:1e:34:c7:db:77:d3:c2:ea:b7:e2:20:c5:80:
37:3e:2f:46:23:12:a3:8b:a7:aa:de:1e:3b:9e:d4:
4d:22:43:83:62:d7:d4:50:b3:ed:10:d9:ce:85:8e:
1e:3b:12:d2:9e:4e:15:38:9b:36:8e:42:e5:b4:16:
cd:32:43:fa:af:18:8a:f2:29:1e:60:f9:2b:eb:16:
fe:8c:59:f1:43:94:31:92:8d:c3:6d:a3:5a:57:11:
4e:15:17:87:f9:86:c4:26:e1:a7:1c:a4:24:75:0b:
e2:a9:45:0a:64:68:66:f0:0b:44:83:d1:da:91:bc:
d4:c1:20:8f:29:55:63:4c:b8:a4:51:8c:28:d0:6a:
f7:9c:0d:13:7b:8c:5e:86:98:50:f3:ef:88:ea:27:
e1:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:4D:22:89:07:F7:83:E0:91:C2:BB:2B:69:FF:90:A1:61:CB:48:79
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/57EB32CA546D11ED9AA03E5BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/24
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
6a:db:2f:05:07:35:64:40:a5:8b:22:16:ea:38:aa:10:2e:bc:
60:e2:34:83:73:51:13:fa:b5:92:a9:17:29:6a:19:3f:f3:75:
d8:3a:f1:0a:69:ae:76:e3:7b:8f:ed:b7:33:f5:cd:fe:62:62:
09:a1:99:01:0a:26:64:17:f9:de:f1:e4:2a:2c:e3:f2:d0:93:
9d:39:94:6f:46:6f:35:26:d0:16:62:f7:08:32:fe:72:62:74:
20:07:a1:6c:ab:ef:18:37:2a:7b:e5:c7:8b:e9:74:81:b4:1b:
da:1e:dd:4f:43:e1:c2:94:bb:fb:6d:f6:2b:a2:68:49:af:fa:
7b:1f:14:f0:f8:65:ef:66:d7:69:2f:2f:47:19:e6:13:e2:24:
f7:f1:f9:45:e9:0a:c2:f3:9f:93:c9:44:30:11:46:1a:d3:75:
65:42:5e:6d:56:f1:9e:e5:d4:b4:d4:3b:a5:22:95:17:6e:21:
21:87:8a:ef:fa:bd:d0:16:35:aa:94:09:fd:82:e1:c4:c5:be:
6b:38:0a:b1:8f:12:4a:ef:98:2d:a9:55:67:cc:88:a3:66:2c:
28:37:b5:4b:18:98:d6:3b:71:f4:3c:2a:ea:ac:5f:1a:c1:92:
f7:8e:ce:45:2b:06:bc:5f:67:c2:ff:b2:f6:19:cd:09:2b:e7:
cd:c1:51:e3
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICPRIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIxMDI1MTQwMDEyWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzU3ZWJlYy1hMzBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxk2FGhG6HbZ9xsSgGpASmCEzn+jpPzAlR9V73TwPu9pK7UosbRRJh9uS85pA
efBUjdual83GoOmwc/IhI76Pn2/axsH4piTDPHSZFwAzDrfqfRf3SzRgXL2B+mza
JfJh6gX3gph0V6VGKB40x9t308Lqt+IgxYA3Pi9GIxKji6eq3h47ntRNIkODYtfU
ULPtENnOhY4eOxLSnk4VOJs2jkLltBbNMkP6rxiK8ikeYPkr6xb+jFnxQ5Qxko3D
baNaVxFOFReH+YbEJuGnHKQkdQviqUUKZGhm8AtEg9HakbzUwSCPKVVjTLikUYwo
0Gr3nA0Te4xehphQ8++I6ifhAQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFPhNIokH
94PgkcK7K2n/kKFhy0h5MB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvNTdFQjMyQ0E1
NDZEMTFFRDlBQTAzRTVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAatsvBQc1ZECliyIW6jiqEC68YOI0g3NRE/q1kqkXKWoZP/N12DrxCmmu
duN7j+23M/XN/mJiCaGZAQomZBf53vHkKizj8tCTnTmUb0ZvNSbQFmL3CDL+cmJ0
IAehbKvvGDcqe+XHi+l0gbQb2h7dT0PhwpS7+232K6JoSa/6ex8U8Phl72bXaS8v
RxnmE+Ik9/H5RekKwvOfk8lEMBFGGtN1ZUJebVbxnuXUtNQ7pSKVF24hIYeK7/q9
0BY1qpQJ/YLhxMW+azgKsY8SSu+YLalVZ8yIo2YsKDe1SxiY1jtx9Dwq6qxfGsGS
947ORSsGvF9nwv+y9hnNCSvnzcFR4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org