Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/7AB3C6E0EBF511ECA5209279C4F9AE02.roa
File: 7AB3C6E0EBF511ECA5209279C4F9AE02.roa (raw, json)
Hash identifier: hVCofI4CGgBLJWD2pTyqhXnScCv4ZEVsPBt2JYOTEXY=
Subject key identifier: 74:63:95:79:F7:41:96:29:C1:B1:58:B4:F8:40:9A:DE:03:9E:5D:E4
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3B41
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/7AB3C6E0EBF511ECA5209279C4F9AE02.roa
Signing time: Wed 15 Jun 2022 03:50:08 +0000
ROA not before: Wed 15 Jun 2022 03:50:08 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15169 (0x3b41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Jun 15 03:50:08 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=62a956f0-24ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:c4:22:4c:50:f3:58:a2:85:bd:ef:67:7d:6f:
5b:12:80:35:5b:4d:d0:c6:dd:75:ff:df:57:72:11:
18:a6:cd:33:17:2b:91:cf:c9:03:04:6a:3c:21:2d:
29:69:67:20:bb:0c:85:59:6d:4d:52:46:79:d6:42:
3c:02:10:ce:7f:b6:8b:ec:63:17:19:b0:5b:dd:bb:
20:07:2d:a1:41:f3:ee:15:f8:02:68:9c:4e:df:3e:
e6:34:36:31:7f:22:0d:96:04:bd:fb:b3:69:40:62:
45:92:b3:70:39:08:4b:c7:cc:df:a5:cd:aa:c3:23:
e8:59:f1:fb:23:0d:c8:b2:06:fc:6c:1d:64:50:85:
0f:32:35:08:78:5f:70:b1:3e:b1:d3:97:cc:db:a5:
15:6a:04:81:ff:d4:7c:89:61:9a:56:31:6b:06:ef:
32:5c:ba:a9:20:42:12:f7:ca:e2:2f:8d:0a:21:8a:
c8:36:a0:2e:1d:d7:c2:93:c5:42:02:46:35:71:31:
2e:53:74:fa:98:16:1c:d2:56:ab:a1:ba:33:54:83:
c8:06:a8:be:43:39:83:a7:ab:ed:7c:86:4a:7d:a3:
43:f2:76:78:a7:10:06:14:61:59:b0:e3:0e:a7:0d:
13:8c:fc:94:07:93:e3:58:c2:21:d0:31:ec:28:22:
ea:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:63:95:79:F7:41:96:29:C1:B1:58:B4:F8:40:9A:DE:03:9E:5D:E4
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/7AB3C6E0EBF511ECA5209279C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
d3:84:36:22:32:9b:4e:12:be:b4:6f:6f:66:49:8b:72:85:a9:
9b:cc:53:c1:aa:a0:5e:fd:e9:53:49:9b:bf:5f:c0:c3:3f:41:
0d:7e:07:3c:22:b2:92:03:86:e3:24:d5:30:26:6a:c8:01:c5:
43:fe:1f:ca:ea:41:d3:b9:38:74:3f:07:2a:9a:5c:3f:05:73:
5e:78:63:75:a5:f8:de:d2:64:95:f1:bc:8a:88:4a:f2:5f:7d:
d5:e8:ff:1c:11:f5:b1:08:2e:30:11:42:88:c6:1e:b9:bf:d7:
df:34:51:51:fb:07:cd:0d:2f:99:db:30:bb:75:cc:04:e8:90:
f2:e4:b4:fa:da:c3:cb:2e:0a:94:8e:4e:73:6b:b0:19:b2:97:
40:98:61:7b:b3:1d:80:d7:7b:43:9f:a2:26:fe:d7:fa:1c:b0:
f1:02:28:98:28:45:af:18:c9:11:6a:20:ec:24:ce:57:8d:11:
df:09:db:33:83:f9:57:91:bf:e1:02:cf:37:4e:98:56:54:0a:
8f:a2:22:16:a5:97:2f:82:75:5c:41:5e:fa:91:94:09:88:73:
d4:c6:3b:c6:eb:71:4b:78:06:93:2e:07:91:ee:07:ba:05:d7:
ce:7f:9c:63:d6:d4:c4:8d:42:fb:9e:5f:f9:4b:a4:7c:19:7a:
41:e9:95:16
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICO0EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNjE1MDM1MDA4WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmE5NTZmMC0yNGZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA/MQiTFDzWKKFve9nfW9bEoA1W03Qxt11/99XchEYps0zFyuRz8kDBGo8IS0p
aWcguwyFWW1NUkZ51kI8AhDOf7aL7GMXGbBb3bsgBy2hQfPuFfgCaJxO3z7mNDYx
fyINlgS9+7NpQGJFkrNwOQhLx8zfpc2qwyPoWfH7Iw3Isgb8bB1kUIUPMjUIeF9w
sT6x05fM26UVagSB/9R8iWGaVjFrBu8yXLqpIEIS98riL40KIYrINqAuHdfCk8VC
AkY1cTEuU3T6mBYc0larobozVIPIBqi+QzmDp6vtfIZKfaND8nZ4pxAGFGFZsOMO
pw0TjPyUB5PjWMIh0DHsKCLqbwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFHRjlXn3
QZYpwbFYtPhAmt4Dnl3kMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvN0FCM0M2RTBF
QkY1MTFFQ0E1MjA5Mjc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEA04Q2IjKbThK+tG9vZkmLcoWpm8xTwaqgXv3pU0mbv1/Awz9BDX4HPCKy
kgOG4yTVMCZqyAHFQ/4fyupB07k4dD8HKppcPwVzXnhjdaX43tJklfG8iohK8l99
1ej/HBH1sQguMBFCiMYeub/X3zRRUfsHzQ0vmdswu3XMBOiQ8uS0+trDyy4KlI5O
c2uwGbKXQJhhe7MdgNd7Q5+iJv7X+hyw8QIomChFrxjJEWog7CTOV40R3wnbM4P5
V5G/4QLPN06YVlQKj6IiFqWXL4J1XEFe+pGUCYhz1MY7xutxS3gGky4Hke4HugXX
zn+cY9bUxI1C+55f+UukfBl6QemVFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org