Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/761C94DC958211EC85725979C4F9AE02.roa
File: 761C94DC958211EC85725979C4F9AE02.roa (raw, json)
Hash identifier: 36Ns+a57aIjg7zurgdEc+TsuCnPsT4ph+znZfgGXrWY=
Subject key identifier: 5A:8B:51:D4:7A:E9:BC:9D:B8:A7:05:81:C3:FB:93:7B:3F:99:EF:D0
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3747
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/761C94DC958211EC85725979C4F9AE02.roa
Signing time: Fri 25 Feb 2022 05:00:11 +0000
ROA not before: Fri 25 Feb 2022 05:00:11 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14151 (0x3747)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Feb 25 05:00:11 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=6218625b-0e60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8d:16:62:cf:88:04:6e:dc:05:b9:04:80:47:
69:c5:98:0c:81:ab:c7:a7:d5:5b:ab:cd:20:23:2a:
98:3c:72:dc:76:48:1c:e2:42:f3:f8:a6:01:d6:c8:
94:80:b7:5f:ec:41:7f:97:6b:d8:c6:aa:9d:ec:a4:
da:a4:11:f7:b2:3d:a3:ec:d3:9f:0a:50:cf:06:e3:
53:c9:ae:ac:b1:d7:c9:9d:93:a0:52:e0:e2:98:c5:
08:7b:16:de:5f:09:4a:0f:8f:4f:ee:4f:2a:f6:b0:
17:13:d3:4d:a1:aa:35:54:39:4e:f2:f9:1e:97:18:
95:8a:24:32:89:4d:13:73:54:db:22:de:f6:2e:11:
ae:3e:18:72:5a:8d:ef:22:90:d8:20:d2:8e:de:21:
f8:66:0f:5f:c4:7a:80:3d:4d:8e:f0:c2:98:ce:6a:
57:df:f3:fd:b1:08:bd:6a:70:78:12:7e:9d:2d:0c:
0a:69:75:33:fb:5f:2e:43:fa:59:9f:b5:57:61:7a:
b5:77:67:04:df:b5:5e:2d:dd:af:82:9b:38:f5:87:
a7:68:60:1c:e8:ce:3f:41:ec:94:92:0d:39:3b:b9:
31:e5:5a:a9:cd:60:cb:c5:d8:72:b2:33:0c:d9:c8:
7d:7d:d9:33:71:a6:fc:cc:c0:66:36:91:45:8a:0f:
63:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:8B:51:D4:7A:E9:BC:9D:B8:A7:05:81:C3:FB:93:7B:3F:99:EF:D0
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/761C94DC958211EC85725979C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
2d:75:43:6c:c4:77:32:05:fc:29:61:51:c5:19:29:70:ca:c3:
18:a0:31:6f:0d:3d:91:8d:16:44:61:02:2b:87:57:92:b0:7e:
f2:c1:c3:f8:a1:b8:78:6b:d3:c0:50:72:00:22:80:d1:0d:59:
ed:13:b6:f8:01:fd:b4:2c:79:2e:51:bc:91:6e:9f:6e:5a:f0:
59:aa:4c:e5:41:41:eb:be:42:6b:00:c9:37:9c:e5:82:42:fe:
0e:d8:c8:d1:51:69:70:7b:e8:7a:1c:af:47:8c:5f:00:6e:2a:
ce:96:45:55:cc:72:76:92:b9:42:60:d3:97:cb:b8:c8:9c:5c:
44:b2:68:8d:f6:5b:fa:c4:51:77:76:e4:e6:4b:4b:d1:d9:c0:
fc:0b:2b:84:f8:29:8e:4d:61:d7:8b:5f:9a:88:1b:5a:5d:05:
c1:89:55:ef:3e:14:75:08:e1:5d:fe:80:b8:df:17:66:e7:72:
22:a4:c8:22:cb:c0:a6:be:3a:f0:f3:ef:28:1a:82:49:25:a5:
c3:d4:fa:94:ed:f1:fb:1c:cc:51:bb:7d:0b:cb:ba:56:d9:38:
bb:f4:e6:92:77:75:a9:d1:8a:a1:45:25:39:97:b8:cb:19:60:
48:25:f2:8b:2c:a2:40:83:46:a3:a3:2b:eb:15:95:c7:fb:87:
60:21:72:e2
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICN0cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMjI1MDUwMDExWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjE4NjI1Yi0wZTYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0I0WYs+IBG7cBbkEgEdpxZgMgavHp9Vbq80gIyqYPHLcdkgc4kLz+KYB1siU
gLdf7EF/l2vYxqqd7KTapBH3sj2j7NOfClDPBuNTya6ssdfJnZOgUuDimMUIexbe
XwlKD49P7k8q9rAXE9NNoao1VDlO8vkelxiViiQyiU0Tc1TbIt72LhGuPhhyWo3v
IpDYINKO3iH4Zg9fxHqAPU2O8MKYzmpX3/P9sQi9anB4En6dLQwKaXUz+18uQ/pZ
n7VXYXq1d2cE37VeLd2vgps49YenaGAc6M4/QeyUkg05O7kx5VqpzWDLxdhysjMM
2ch9fdkzcab8zMBmNpFFig9j0QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFFqLUdR6
6byduKcFgcP7k3s/me/QMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvNzYxQzk0REM5
NTgyMTFFQzg1NzI1OTc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEALXVDbMR3MgX8KWFRxRkpcMrDGKAxbw09kY0WRGECK4dXkrB+8sHD+KG4
eGvTwFByACKA0Q1Z7RO2+AH9tCx5LlG8kW6fblrwWapM5UFB675CawDJN5zlgkL+
DtjI0VFpcHvoehyvR4xfAG4qzpZFVcxydpK5QmDTl8u4yJxcRLJojfZb+sRRd3bk
5ktL0dnA/AsrhPgpjk1h14tfmogbWl0FwYlV7z4UdQjhXf6AuN8XZudyIqTIIsvA
pr468PPvKBqCSSWlw9T6lO3x+xzMUbt9C8u6Vtk4u/Tmknd1qdGKoUUlOZe4yxlg
SCXyiyyiQINGo6Mr6xWVx/uHYCFy4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org