Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/82685ADC9CA811EC999CE653C4F9AE02.roa
File: 82685ADC9CA811EC999CE653C4F9AE02.roa (raw, json)
Hash identifier: vKnPbysxo6uiVmqmFZRYBRAPg/i9hsuWpSLW1q1GGfI=
Subject key identifier: 22:7F:F3:5D:36:C0:12:9B:3C:90:7C:78:BB:7E:EF:EE:20:D9:02:46
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 37AE
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/82685ADC9CA811EC999CE653C4F9AE02.roa
Signing time: Sun 06 Mar 2022 03:20:09 +0000
ROA not before: Sun 06 Mar 2022 03:20:09 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14254 (0x37ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Mar 6 03:20:09 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=62242869-e117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d6:73:de:15:da:e1:a0:1e:66:36:c5:99:60:
3f:15:2f:95:7e:d2:a0:66:c1:44:00:a9:a5:02:5d:
dd:fc:3e:ea:2e:aa:66:bc:00:e6:69:1f:b5:ae:24:
bc:ab:95:ad:a7:9b:03:75:4d:42:d4:25:7e:1e:3b:
fd:7b:db:e0:99:a4:09:72:bb:a1:bc:de:f8:06:1a:
28:72:9d:fa:99:87:e2:86:02:aa:cf:cf:bb:70:09:
3f:6d:82:4e:a5:16:3c:09:b9:2f:8a:74:ed:b4:d0:
f7:f4:ba:a3:d3:24:1d:48:a1:c6:1e:0f:01:8c:9b:
98:d8:8b:5b:ca:ff:c6:05:4d:a9:60:69:25:0c:c4:
8b:93:1f:60:ee:e0:6a:55:36:68:6f:e2:61:8d:d3:
08:26:fa:57:a4:1b:95:db:8a:f8:1a:d3:30:cb:17:
92:9c:99:69:5d:00:60:4a:e0:bf:75:4d:1e:d9:ca:
77:ad:1a:2c:a3:7b:e8:6b:9f:0c:91:23:8b:5a:dd:
34:17:b5:0b:4e:06:f2:9d:75:e4:4e:9e:1c:59:4e:
f6:e3:ed:c1:ce:b2:84:b6:4a:38:54:a0:5a:5c:b9:
80:22:fa:f8:79:6b:bc:dc:77:53:c0:b2:91:5d:0b:
61:a8:f7:54:47:89:76:71:4d:e8:a6:b8:1a:4c:ec:
89:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:7F:F3:5D:36:C0:12:9B:3C:90:7C:78:BB:7E:EF:EE:20:D9:02:46
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/82685ADC9CA811EC999CE653C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
ca:e9:cf:e2:aa:3d:26:e3:fe:c1:89:97:50:37:f0:5f:f7:6e:
e5:74:66:ed:ee:bb:cb:e7:91:43:61:7d:7a:2c:01:7f:4c:cb:
96:b5:82:84:d5:6a:fb:98:fc:a9:7a:c3:f4:8a:da:3c:ad:61:
4c:72:f0:06:a2:64:2b:57:76:5e:b4:9f:6c:cc:b2:81:c2:fd:
01:35:14:9b:2f:75:a0:54:54:9a:23:80:dc:d8:5a:d5:03:e2:
8b:5c:79:62:c4:40:86:42:e5:65:5c:d6:13:d4:46:9c:56:ce:
96:22:cd:47:4e:05:62:de:a1:73:a2:ce:6e:66:57:43:a4:8c:
b5:91:75:a3:37:58:5a:73:c4:f1:bc:ec:3d:53:62:a7:80:58:
90:b3:ff:fc:f5:89:fd:c9:dc:c0:8d:47:f7:3d:cc:74:07:6f:
98:9b:cd:87:8d:64:da:5d:bc:e2:10:33:78:38:46:32:f9:57:
01:45:dd:0e:1d:8a:65:c6:d7:e3:35:d1:ce:94:30:a0:2a:45:
8c:62:74:2a:cc:52:5a:87:66:de:4d:9f:57:28:28:1a:1f:b3:
6f:10:55:30:21:1d:54:9e:6f:64:78:f4:37:2c:a2:ed:f6:56:
00:3b:b5:78:56:69:f9:7e:a6:39:51:bb:c9:fd:bb:4e:ec:e2:
76:5e:90:9b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICN64wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMzA2MDMyMDA5WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjI0Mjg2OS1lMTE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvdZz3hXa4aAeZjbFmWA/FS+VftKgZsFEAKmlAl3d/D7qLqpmvADmaR+1riS8
q5Wtp5sDdU1C1CV+Hjv9e9vgmaQJcruhvN74Bhoocp36mYfihgKqz8+7cAk/bYJO
pRY8CbkvinTttND39Lqj0yQdSKHGHg8BjJuY2Itbyv/GBU2pYGklDMSLkx9g7uBq
VTZob+JhjdMIJvpXpBuV24r4GtMwyxeSnJlpXQBgSuC/dU0e2cp3rRoso3voa58M
kSOLWt00F7ULTgbynXXkTp4cWU724+3BzrKEtko4VKBaXLmAIvr4eWu83HdTwLKR
XQthqPdUR4l2cU3oprgaTOyJwwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFCJ/8102
wBKbPJB8eLt+7+4g2QJGMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvODI2ODVBREM5
Q0E4MTFFQzk5OUNFNjUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAyunP4qo9JuP+wYmXUDfwX/du5XRm7e67y+eRQ2F9eiwBf0zLlrWChNVq
+5j8qXrD9IraPK1hTHLwBqJkK1d2XrSfbMyygcL9ATUUmy91oFRUmiOA3Nha1QPi
i1x5YsRAhkLlZVzWE9RGnFbOliLNR04FYt6hc6LObmZXQ6SMtZF1ozdYWnPE8bzs
PVNip4BYkLP//PWJ/cncwI1H9z3MdAdvmJvNh41k2l284hAzeDhGMvlXAUXdDh2K
ZcbX4zXRzpQwoCpFjGJ0KsxSWodm3k2fVygoGh+zbxBVMCEdVJ5vZHj0Nyyi7fZW
ADu1eFZp+X6mOVG7yf27Tuzidl6Qmw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org