Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/72C3F6E04CA211EDBD23C615C4F9AE02.roa
File: 72C3F6E04CA211EDBD23C615C4F9AE02.roa (raw, json)
Hash identifier: Fd9e08V+buCou+uD7wHRbcDzrP8PnFf2iNbO2YF0sa4=
Subject key identifier: 33:8A:F9:C9:09:61:79:35:D6:47:35:2F:6C:2D:F9:53:D1:51:26:1D
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3CB1
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/72C3F6E04CA211EDBD23C615C4F9AE02.roa
Signing time: Sun 16 Oct 2022 04:20:09 +0000
ROA not before: Sun 16 Oct 2022 04:20:09 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15537 (0x3cb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Oct 16 04:20:09 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=634b8679-e9a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:25:e3:61:1e:cc:6e:a9:1f:a1:d4:52:3d:4a:
70:69:36:3a:d1:be:6b:d9:e2:25:b5:cb:27:8d:22:
b8:2a:d1:35:87:42:ca:31:eb:64:39:0d:50:97:43:
81:c7:7b:b2:c8:a2:e0:3f:73:1d:38:ab:53:dc:37:
84:09:b2:eb:b1:1d:41:09:0c:5d:91:44:ff:a7:ef:
8f:25:2b:59:31:fc:a5:57:ce:1c:32:a4:1a:1d:8d:
c6:2b:12:b5:69:6a:dd:52:8b:42:7a:97:e6:61:50:
7a:77:3e:3a:cf:f5:09:ef:a0:22:51:22:5b:13:9b:
18:eb:d7:63:b6:a8:c3:15:7d:d6:10:93:ce:ea:d4:
89:e0:9f:17:12:38:1a:99:0f:5f:55:a7:40:53:11:
b8:0d:1c:2e:06:84:09:23:68:71:32:7a:00:e7:5b:
9e:ef:26:8d:cd:53:b7:1a:23:8f:6e:1b:80:11:83:
00:d0:2b:1a:ab:40:11:3a:d4:03:87:57:6a:ab:49:
fb:7c:57:26:28:8e:33:3d:1e:c9:28:bc:4e:55:5c:
43:97:a3:6a:02:01:c7:e6:44:b5:84:8a:10:0b:8f:
f8:a0:92:c9:de:d8:4b:04:b5:9f:52:8b:53:d1:2a:
0e:33:e2:68:5c:ba:04:3d:b9:74:c6:96:d4:70:1e:
f8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:8A:F9:C9:09:61:79:35:D6:47:35:2F:6C:2D:F9:53:D1:51:26:1D
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/72C3F6E04CA211EDBD23C615C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
d2:a0:a6:f7:fd:72:b0:81:dc:1e:75:91:5b:2c:59:39:7a:0c:
ce:f1:94:f0:cf:e3:42:0b:ff:1e:38:ab:8c:ee:d6:d0:f2:c1:
14:bd:b6:03:d7:6b:82:3e:db:b5:e9:45:ff:9c:de:91:c7:24:
47:65:83:38:24:a6:09:bc:39:bc:ce:40:98:fd:62:22:62:ba:
52:1b:1d:c0:c4:6b:0a:c1:e2:55:2b:53:42:01:c7:dd:5f:b3:
22:c8:49:b2:1b:f6:21:aa:83:76:cf:84:78:de:fa:0e:64:85:
1b:93:fa:7c:56:4a:af:5e:a1:03:63:b7:e5:ff:c9:8b:c8:7b:
80:2a:35:78:7d:39:24:90:2c:da:62:4f:8f:75:1f:75:30:b0:
7a:af:d4:95:8d:b3:5c:d3:48:79:a5:81:4e:25:81:3b:e6:e0:
c3:d1:27:be:ac:22:37:10:e8:5f:07:9f:77:05:61:33:11:8b:
53:31:f4:5c:55:62:c8:2c:f3:01:64:90:12:05:64:0b:c6:7d:
0b:9d:1d:42:96:2f:cc:df:bf:aa:e1:0e:06:d4:e8:bb:ef:7a:
69:70:9f:3f:5a:cb:9c:f7:c6:67:42:2a:c5:d7:fb:43:98:12:
36:21:4a:72:33:81:04:b6:4e:3a:0d:fc:e3:80:6f:9d:0a:5d:
ed:86:f2:a0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICPLEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIxMDE2MDQyMDA5WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzRiODY3OS1lOWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvyXjYR7MbqkfodRSPUpwaTY60b5r2eIltcsnjSK4KtE1h0LKMetkOQ1Ql0OB
x3uyyKLgP3MdOKtT3DeECbLrsR1BCQxdkUT/p++PJStZMfylV84cMqQaHY3GKxK1
aWrdUotCepfmYVB6dz46z/UJ76AiUSJbE5sY69djtqjDFX3WEJPO6tSJ4J8XEjga
mQ9fVadAUxG4DRwuBoQJI2hxMnoA51ue7yaNzVO3GiOPbhuAEYMA0Csaq0AROtQD
h1dqq0n7fFcmKI4zPR7JKLxOVVxDl6NqAgHH5kS1hIoQC4/4oJLJ3thLBLWfUotT
0SoOM+JoXLoEPbl0xpbUcB748wIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDOK+ckJ
YXk11kc1L2wt+VPRUSYdMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvNzJDM0Y2RTA0
Q0EyMTFFREJEMjNDNjE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEA0qCm9/1ysIHcHnWRWyxZOXoMzvGU8M/jQgv/HjirjO7W0PLBFL22A9dr
gj7btelF/5zekcckR2WDOCSmCbw5vM5AmP1iImK6UhsdwMRrCsHiVStTQgHH3V+z
IshJshv2IaqDds+EeN76DmSFG5P6fFZKr16hA2O35f/Ji8h7gCo1eH05JJAs2mJP
j3UfdTCweq/UlY2zXNNIeaWBTiWBO+bgw9EnvqwiNxDoXwefdwVhMxGLUzH0XFVi
yCzzAWSQEgVkC8Z9C50dQpYvzN+/quEOBtTou+96aXCfP1rLnPfGZ0Iqxdf7Q5gS
NiFKcjOBBLZOOg3844BvnQpd7YbyoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org