Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/5A46003EB6FE11ECBAB2A42BC4F9AE02.roa
File: 5A46003EB6FE11ECBAB2A42BC4F9AE02.roa (raw, json)
Hash identifier: ab7yTooRRh+77M5cogHMryUXLq+K7AvRUqQYscGrbi0=
Subject key identifier: CC:74:AE:2E:7F:1A:AD:ED:64:ED:82:09:61:FC:E0:ED:DA:3C:E1:1E
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 388F
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/5A46003EB6FE11ECBAB2A42BC4F9AE02.roa
Signing time: Fri 08 Apr 2022 11:20:09 +0000
ROA not before: Fri 08 Apr 2022 11:20:09 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14479 (0x388f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Apr 8 11:20:09 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=62501a69-ffd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:5a:50:1d:e2:ea:33:d2:bc:dd:f2:0b:f1:23:
6a:9a:2f:c7:38:d1:a1:2c:e5:9f:e2:b7:63:7d:27:
36:19:2a:fc:63:91:fc:11:c1:bc:c3:ad:c3:8c:32:
cc:01:3a:3b:da:2e:9d:b6:3e:68:f9:53:f6:dc:b9:
bf:b8:39:c4:82:06:64:af:11:c6:c5:7c:b3:dd:4c:
52:af:e6:c8:30:a4:a7:8d:ac:f0:ec:da:87:0d:c8:
a2:58:78:a8:2c:2a:02:43:fd:7c:2b:49:85:36:8f:
a3:ed:7b:4d:67:17:e7:38:51:25:d5:a8:0a:b9:4c:
8f:14:07:65:94:77:5c:04:49:86:c6:65:08:b5:1d:
41:88:6a:cd:2c:4b:d7:a8:1e:f8:ab:af:52:8f:95:
99:f5:3d:8a:92:af:0f:bc:0c:82:88:41:6a:2f:6a:
9a:1a:96:43:84:92:bc:87:9b:5f:fb:1a:ae:ac:13:
0b:5e:fd:7a:27:5a:8a:fc:eb:72:a8:77:95:f0:1e:
e0:25:e6:ed:77:13:46:c6:17:6d:61:3f:d5:3f:92:
91:c1:fb:0d:f5:6e:1f:44:2d:26:4c:6d:18:dd:80:
fa:33:19:9c:39:01:b9:42:16:70:03:c2:86:49:17:
ea:dc:37:be:f8:28:81:2b:bd:bb:63:06:5d:31:6c:
12:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:74:AE:2E:7F:1A:AD:ED:64:ED:82:09:61:FC:E0:ED:DA:3C:E1:1E
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/5A46003EB6FE11ECBAB2A42BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
ae:30:a4:70:01:26:23:8e:67:8d:6a:3d:6b:0c:d8:51:69:ed:
c4:58:dd:a1:ed:cf:21:7f:35:7d:3f:47:02:22:46:5e:73:1b:
79:89:59:9a:f4:1d:69:d1:da:52:78:5c:d0:84:f5:7d:2b:54:
87:53:51:0b:31:b5:15:ab:87:81:dc:69:f6:ea:5f:b2:b0:49:
1d:49:3a:8f:55:a7:e0:09:17:53:d6:17:26:1e:c8:cb:e1:48:
dd:b3:a4:60:1d:a0:b2:a3:7f:83:c2:7e:57:13:bf:4c:9e:d2:
be:13:7e:8a:7b:83:71:32:4c:23:62:cc:53:de:38:7c:59:e2:
e3:f3:3f:77:a9:c5:fb:f8:ef:bd:75:17:53:61:46:db:bb:3a:
82:46:1d:e5:8d:2c:18:11:d4:75:4f:45:d0:3b:af:9f:ea:4b:
82:e7:ea:d7:a4:c6:39:17:69:57:23:0e:62:cd:48:7a:f4:1d:
00:6b:1b:9b:1f:58:92:a9:27:da:fb:6b:da:29:4f:2a:8b:6e:
2d:13:96:57:d6:82:86:15:6b:e9:f3:83:4b:46:bc:a4:18:f3:
93:72:2d:5d:ad:73:1b:e7:8a:50:14:df:2d:0c:14:02:58:b7:
c0:56:96:e9:0d:84:19:f6:78:e4:16:f8:94:08:82:43:4f:df:
af:53:51:c4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNDA4MTEyMDA5WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjUwMWE2OS1mZmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1lpQHeLqM9K83fIL8SNqmi/HONGhLOWf4rdjfSc2GSr8Y5H8EcG8w63DjDLM
ATo72i6dtj5o+VP23Lm/uDnEggZkrxHGxXyz3UxSr+bIMKSnjazw7NqHDciiWHio
LCoCQ/18K0mFNo+j7XtNZxfnOFEl1agKuUyPFAdllHdcBEmGxmUItR1BiGrNLEvX
qB74q69Sj5WZ9T2Kkq8PvAyCiEFqL2qaGpZDhJK8h5tf+xqurBMLXv16J1qK/Oty
qHeV8B7gJebtdxNGxhdtYT/VP5KRwfsN9W4fRC0mTG0Y3YD6MxmcOQG5QhZwA8KG
SRfq3De++CiBK727YwZdMWwSnQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFMx0ri5/
Gq3tZO2CCWH84O3aPOEeMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvNUE0NjAwM0VC
NkZFMTFFQ0JBQjJBNDJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEArjCkcAEmI45njWo9awzYUWntxFjdoe3PIX81fT9HAiJGXnMbeYlZmvQd
adHaUnhc0IT1fStUh1NRCzG1FauHgdxp9upfsrBJHUk6j1Wn4AkXU9YXJh7Iy+FI
3bOkYB2gsqN/g8J+VxO/TJ7SvhN+inuDcTJMI2LMU944fFni4/M/d6nF+/jvvXUX
U2FG27s6gkYd5Y0sGBHUdU9F0Duvn+pLgufq16TGORdpVyMOYs1IevQdAGsbmx9Y
kqkn2vtr2ilPKotuLROWV9aChhVr6fODS0a8pBjzk3ItXa1zG+eKUBTfLQwUAli3
wFaW6Q2EGfZ45Bb4lAiCQ0/fr1NRxA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org