Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/5A7049C44EF811ED9D39C67FC4F9AE02.roa
File: 5A7049C44EF811ED9D39C67FC4F9AE02.roa (raw, json)
Hash identifier: byGi2hqowlvd6Tq6L0JxLgSd9b5oKJCakZ+jB4wsnxM=
Subject key identifier: 3C:35:00:85:96:FD:F4:0E:70:0E:49:0A:07:38:5B:19:C7:76:0D:C7
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3CCA
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/5A7049C44EF811ED9D39C67FC4F9AE02.roa
Signing time: Tue 18 Oct 2022 15:20:09 +0000
ROA not before: Tue 18 Oct 2022 15:20:09 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15562 (0x3cca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Oct 18 15:20:09 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=634ec429-f344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:21:72:b9:04:02:52:b4:b7:a5:d9:c4:2b:85:
f4:bc:3a:59:5b:39:4f:b2:81:db:2c:2f:bc:a3:a4:
2a:0b:e8:1d:1d:55:48:f0:0f:45:d8:6c:2c:b9:8d:
79:2b:0d:77:22:5d:cd:f5:9f:d0:da:ff:d4:26:3c:
6d:5c:2d:ea:bf:5b:2d:ef:67:3f:01:47:9a:08:c3:
9b:61:ec:f8:f0:df:13:30:0a:93:fc:61:5f:0c:f2:
89:5b:14:25:75:ab:5a:57:02:1a:93:82:b4:46:6e:
1b:6a:1a:a6:ef:48:a8:78:ad:b2:7f:cd:5a:7f:c1:
d2:36:a8:94:7b:c8:df:7d:ec:b8:e0:10:79:22:96:
fd:54:c4:79:80:68:82:3c:c0:ec:46:eb:20:46:3b:
c8:b2:c8:0f:4f:71:09:cc:66:4f:75:41:c7:7c:e7:
f5:ca:87:66:e9:19:0d:80:4a:ea:17:94:c6:c7:e2:
19:62:98:d6:3a:27:4a:51:f8:ec:17:6d:bc:54:07:
c5:6d:e6:9f:e8:58:b4:5c:5d:82:ef:f6:ce:cf:b7:
16:c5:c4:38:6e:7c:3f:98:bb:d1:07:02:2d:54:92:
5b:42:d5:91:92:3d:da:08:6e:85:08:7b:2d:c8:b1:
7b:32:8f:52:8f:50:44:29:33:9b:af:b4:c1:6b:3a:
48:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:35:00:85:96:FD:F4:0E:70:0E:49:0A:07:38:5B:19:C7:76:0D:C7
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/5A7049C44EF811ED9D39C67FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/48
Signature Algorithm: sha256WithRSAEncryption
07:77:a0:25:f2:19:b0:49:bc:e4:02:e1:ed:46:6d:d9:e1:67:
24:28:6e:47:9a:b0:1a:14:37:4a:59:9e:26:24:76:f1:62:ec:
f7:19:63:5e:58:4a:75:b0:ed:76:2e:b2:40:24:19:42:ac:48:
48:de:f8:e2:4b:de:0b:c1:57:47:07:99:c5:41:3e:cd:c0:b9:
53:b2:04:eb:9e:0b:28:67:6f:c4:8f:ae:a9:1e:7a:82:32:55:
0b:db:ba:17:6f:75:36:b0:a7:43:37:40:0f:88:a3:b1:ce:b1:
37:13:5f:23:24:70:ab:64:44:7e:a6:9e:32:19:d4:e4:b8:4d:
90:04:a8:b6:09:90:a6:24:20:c2:be:4a:23:d7:fb:94:27:cf:
e4:09:c4:c3:81:24:5f:fe:2a:4e:e2:ff:f2:13:2a:9d:48:c0:
5d:35:22:3a:6e:3a:d9:6b:08:60:25:47:55:ad:48:a0:07:da:
ce:cb:61:1c:8c:84:5b:41:af:01:0b:cf:70:7f:8c:61:63:22:
bd:8f:a6:d3:f0:e6:1e:31:05:29:23:05:31:ba:54:9d:ff:2e:
43:93:ee:67:4a:ee:41:14:96:27:e3:b8:b8:cb:8c:f8:ed:68:
d1:c6:a4:37:a0:16:15:d5:c0:e6:56:ba:c9:03:29:d7:d2:28:
b9:39:7b:b8
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICPMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIxMDE4MTUyMDA5WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzRlYzQyOS1mMzQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyyFyuQQCUrS3pdnEK4X0vDpZWzlPsoHbLC+8o6QqC+gdHVVI8A9F2GwsuY15
Kw13Il3N9Z/Q2v/UJjxtXC3qv1st72c/AUeaCMObYez48N8TMAqT/GFfDPKJWxQl
dataVwIak4K0Rm4bahqm70ioeK2yf81af8HSNqiUe8jffey44BB5Ipb9VMR5gGiC
PMDsRusgRjvIssgPT3EJzGZPdUHHfOf1yodm6RkNgErqF5TGx+IZYpjWOidKUfjs
F228VAfFbeaf6Fi0XF2C7/bOz7cWxcQ4bnw/mLvRBwItVJJbQtWRkj3aCG6FCHst
yLF7Mo9Sj1BEKTObr7TBazpI1wIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDw1AIWW
/fQOcA5JCgc4WxnHdg3HMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvNUE3MDQ5QzQ0
RUY4MTFFRDlEMzlDNjdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHACABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAB3egJfIZsEm85ALh7UZt2eFnJChuR5qwGhQ3SlmeJiR28WLs9xljXlhK
dbDtdi6yQCQZQqxISN744kveC8FXRweZxUE+zcC5U7IE654LKGdvxI+uqR56gjJV
C9u6F291NrCnQzdAD4ijsc6xNxNfIyRwq2REfqaeMhnU5LhNkASotgmQpiQgwr5K
I9f7lCfP5AnEw4EkX/4qTuL/8hMqnUjAXTUiOm462WsIYCVHVa1IoAfazsthHIyE
W0GvAQvPcH+MYWMivY+m0/DmHjEFKSMFMbpUnf8uQ5PuZ0ruQRSWJ+O4uMuM+O1o
0cakN6AWFdXA5la6yQMp19IouTl7uA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org