Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/7044C3FA9FAE11EC922CE017C4F9AE02.roa
File: 7044C3FA9FAE11EC922CE017C4F9AE02.roa (raw, json)
Hash identifier: R3cF6v00gCVKJJ8Bbbg3+m1eFe7W3zLUMlr5hfXzxTI=
Subject key identifier: 61:45:27:A7:BC:90:98:26:61:75:1E:70:0D:23:ED:79:96:38:43:95
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 37D2
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/7044C3FA9FAE11EC922CE017C4F9AE02.roa
Signing time: Wed 09 Mar 2022 13:40:10 +0000
ROA not before: Wed 09 Mar 2022 13:40:10 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14290 (0x37d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Mar 9 13:40:10 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=6228ae3a-7386
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:64:c1:97:4d:8a:09:c5:55:bd:0b:fd:c1:4d:
08:64:a4:f2:b3:fc:86:f8:96:1f:4c:70:62:81:0c:
d2:1b:30:d9:5e:ad:ea:fb:c8:0b:f2:b6:89:b5:93:
8f:30:10:7b:22:ed:ae:f7:dc:91:5f:fb:28:10:fe:
e6:bf:8d:07:6c:21:f9:51:7e:60:39:e8:49:bb:d4:
f2:26:76:ad:68:cb:df:83:72:10:1f:e4:4d:bd:93:
aa:5a:91:86:80:4c:67:38:d7:12:03:02:d3:c5:24:
b3:08:fb:72:d1:c4:64:35:ea:93:35:b1:f3:b1:d3:
a4:d6:49:6f:f1:db:84:aa:f2:02:c4:02:f5:2c:fd:
52:8b:52:0d:e2:48:47:05:5e:d1:34:b3:33:c6:51:
16:06:be:78:34:5f:22:7c:09:66:f2:b0:81:6e:8a:
53:e3:d3:41:15:86:f3:3c:b9:ef:32:f3:29:12:d3:
7e:19:58:b9:aa:ff:34:a5:e9:05:3b:7d:d3:5d:47:
d0:fa:b0:9f:65:0e:f1:f1:95:2a:fb:88:f0:8c:cd:
29:08:d0:ea:fa:12:de:d6:82:5b:dc:90:c3:c5:29:
43:ba:e4:08:87:bd:9d:f0:e7:95:03:9d:41:a5:fe:
00:ee:dc:7a:51:28:ec:42:c4:e8:cb:83:53:68:f8:
89:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:45:27:A7:BC:90:98:26:61:75:1E:70:0D:23:ED:79:96:38:43:95
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/7044C3FA9FAE11EC922CE017C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/24
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
a3:41:ce:41:8f:e3:b8:39:b4:57:a4:6e:ba:9f:71:69:d5:c5:
f2:68:6c:2b:2d:37:e0:91:ed:47:ee:3c:37:05:ad:96:ba:4b:
15:e2:f6:ca:c9:2b:99:bf:14:b9:05:28:a7:14:29:68:20:11:
b5:14:13:78:53:7b:dd:f4:4f:f0:15:0d:cf:eb:24:72:24:5f:
24:eb:66:ed:95:45:5a:3a:bc:da:c5:91:51:9b:3c:f3:ac:59:
71:22:47:93:2d:7c:f6:05:39:86:ed:c2:c4:b6:c7:c2:2d:e2:
48:50:b3:af:97:11:99:63:6c:da:c4:c7:30:50:c2:5e:7b:e4:
47:26:f5:7f:dd:36:e7:9c:65:db:e5:24:2e:a0:f1:cd:06:6a:
26:22:62:df:62:ed:44:1a:3a:0a:2a:ba:0f:56:d6:5d:c9:fe:
04:89:66:53:6d:68:70:84:f2:0e:59:42:9c:b8:c0:f8:33:4c:
d0:56:18:6b:b5:52:0a:e1:f5:6d:f5:0d:ed:5e:d1:7f:75:43:
79:8f:e8:4f:7d:e5:d5:73:e1:63:ef:e1:4d:1e:0b:c0:15:97:
e4:17:9d:73:c4:b8:fc:4b:fe:60:9d:f0:13:04:f7:9a:07:9d:
88:8b:ab:44:7e:d2:d6:f8:16:89:30:f7:6b:51:85:2a:d0:db:
a4:72:60:6b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICN9IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMzA5MTM0MDEwWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjI4YWUzYS03Mzg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnGTBl02KCcVVvQv9wU0IZKTys/yG+JYfTHBigQzSGzDZXq3q+8gL8raJtZOP
MBB7Iu2u99yRX/soEP7mv40HbCH5UX5gOehJu9TyJnataMvfg3IQH+RNvZOqWpGG
gExnONcSAwLTxSSzCPty0cRkNeqTNbHzsdOk1klv8duEqvICxAL1LP1Si1IN4khH
BV7RNLMzxlEWBr54NF8ifAlm8rCBbopT49NBFYbzPLnvMvMpEtN+GVi5qv80pekF
O33TXUfQ+rCfZQ7x8ZUq+4jwjM0pCNDq+hLe1oJb3JDDxSlDuuQIh72d8OeVA51B
pf4A7tx6USjsQsToy4NTaPiJIwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFGFFJ6e8
kJgmYXUecA0j7XmWOEOVMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvNzA0NEMzRkE5
RkFFMTFFQzkyMkNFMDE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAo0HOQY/juDm0V6Ruup9xadXF8mhsKy034JHtR+48NwWtlrpLFeL2yskr
mb8UuQUopxQpaCARtRQTeFN73fRP8BUNz+skciRfJOtm7ZVFWjq82sWRUZs886xZ
cSJHky189gU5hu3CxLbHwi3iSFCzr5cRmWNs2sTHMFDCXnvkRyb1f90255xl2+Uk
LqDxzQZqJiJi32LtRBo6Ciq6D1bWXcn+BIlmU21ocITyDllCnLjA+DNM0FYYa7VS
CuH1bfUN7V7Rf3VDeY/oT33l1XPhY+/hTR4LwBWX5Bedc8S4/Ev+YJ3wEwT3mged
iIurRH7S1vgWiTD3a1GFKtDbpHJgaw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org