Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/87D4E576E10411ECAF80BA61C4F9AE02.roa
File: 87D4E576E10411ECAF80BA61C4F9AE02.roa (raw, json)
Hash identifier: E0f9IZr6x76Eut/IUF23dAmOYAMUfqQjZyoFhER2zxE=
Subject key identifier: 3F:CB:BA:B7:21:56:11:2C:61:63:AD:AD:38:C6:FB:AE:EA:23:DF:C4
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3AF8
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/87D4E576E10411ECAF80BA61C4F9AE02.roa
Signing time: Wed 01 Jun 2022 02:40:10 +0000
ROA not before: Wed 01 Jun 2022 02:40:09 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15096 (0x3af8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Jun 1 02:40:09 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=6296d189-ca3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b3:b4:20:e0:18:a4:93:36:4c:9f:f0:56:51:
9f:50:3a:22:2a:7f:07:f5:a4:0b:3d:91:b6:c1:76:
34:04:18:1c:46:ad:c1:0e:68:19:ee:ba:4c:3a:78:
e6:a9:74:76:3f:aa:3c:0b:81:47:0b:c3:f1:f1:5a:
34:9a:f4:28:3e:97:a2:98:e8:dc:36:0e:76:4e:1b:
74:c1:cd:a4:25:9d:0e:7d:b1:7e:d6:c2:18:cf:11:
7f:6e:e7:cc:fe:ef:ce:c8:a2:7a:33:e0:55:fa:b1:
b0:ad:8a:88:7e:29:45:a8:9e:ae:49:e3:77:a0:ad:
4b:c0:df:10:0b:9a:5b:56:ad:be:88:b1:0d:11:a7:
e0:27:72:4f:c5:bb:16:96:92:f2:8f:46:b0:fd:cc:
bc:8c:d9:ca:97:d5:b5:3f:3a:2a:91:7d:03:e5:a0:
77:78:b7:70:de:01:48:72:0e:61:72:fe:99:d1:32:
f8:e4:83:e5:ad:e3:a3:53:e6:b0:0d:c8:fc:f9:96:
6f:04:16:71:b6:8e:3f:95:80:13:95:2f:90:9c:dc:
bf:57:09:bc:f3:83:a8:94:5c:5b:53:0a:a9:64:b1:
0e:84:64:59:b9:b5:1e:da:48:f6:e5:5d:cf:5f:b1:
c0:88:c0:fa:82:f0:ca:16:28:0a:54:8c:89:ea:06:
cd:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:CB:BA:B7:21:56:11:2C:61:63:AD:AD:38:C6:FB:AE:EA:23:DF:C4
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/87D4E576E10411ECAF80BA61C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
43:5e:ae:1d:bc:e3:92:7a:33:27:f2:70:05:92:50:2c:67:d4:
5a:0a:43:c9:19:2f:fd:60:3e:5a:fa:e7:c7:f3:0f:52:69:75:
8b:86:44:25:6b:83:16:c6:10:6f:1b:b9:e8:82:bb:fe:47:23:
a1:b2:63:42:f6:17:c8:9a:09:26:1d:19:2f:6c:22:90:70:a9:
47:aa:0f:4a:a6:b0:fc:53:c3:b2:82:96:c0:9f:5c:0e:e0:d4:
35:d0:1b:b6:ca:0e:c7:9b:f6:55:af:87:8a:07:05:e8:db:5e:
c4:62:bc:8d:32:74:e8:b3:d3:b9:5d:b7:04:df:ee:58:27:ab:
fa:4e:d7:a8:21:0e:12:4c:19:2a:02:f6:4b:7c:1f:dd:ec:b6:
3f:b2:e1:b1:22:88:80:6a:45:45:56:5c:a6:12:72:e1:41:27:
f7:24:12:7f:98:55:bf:db:0e:14:4e:bf:aa:34:04:0e:48:d7:
2f:e6:45:65:16:76:2e:09:ea:38:a4:8a:62:71:af:5d:55:ef:
4b:ae:fb:d7:bb:27:a4:90:dc:06:b1:0b:ca:2e:1c:f1:05:f2:
4a:e2:b8:82:f7:8c:18:ad:64:ae:51:dc:b6:a6:43:ef:dc:07:
f3:91:3b:4d:ef:30:c5:ea:1c:ef:09:96:fd:b5:3b:57:cc:9a:
af:75:4f:2f
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOvgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNjAxMDI0MDA5WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk2ZDE4OS1jYTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAybO0IOAYpJM2TJ/wVlGfUDoiKn8H9aQLPZG2wXY0BBgcRq3BDmgZ7rpMOnjm
qXR2P6o8C4FHC8Px8Vo0mvQoPpeimOjcNg52Tht0wc2kJZ0OfbF+1sIYzxF/bufM
/u/OyKJ6M+BV+rGwrYqIfilFqJ6uSeN3oK1LwN8QC5pbVq2+iLENEafgJ3JPxbsW
lpLyj0aw/cy8jNnKl9W1PzoqkX0D5aB3eLdw3gFIcg5hcv6Z0TL45IPlreOjU+aw
Dcj8+ZZvBBZxto4/lYATlS+QnNy/Vwm884OolFxbUwqpZLEOhGRZubUe2kj25V3P
X7HAiMD6gvDKFigKVIyJ6gbNgQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFD/Lurch
VhEsYWOtrTjG+67qI9/EMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvODdENEU1NzZF
MTA0MTFFQ0FGODBCQTYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAQ16uHbzjknozJ/JwBZJQLGfUWgpDyRkv/WA+Wvrnx/MPUml1i4ZEJWuD
FsYQbxu56IK7/kcjobJjQvYXyJoJJh0ZL2wikHCpR6oPSqaw/FPDsoKWwJ9cDuDU
NdAbtsoOx5v2Va+HigcF6NtexGK8jTJ06LPTuV23BN/uWCer+k7XqCEOEkwZKgL2
S3wf3ey2P7LhsSKIgGpFRVZcphJy4UEn9yQSf5hVv9sOFE6/qjQEDkjXL+ZFZRZ2
LgnqOKSKYnGvXVXvS67717snpJDcBrELyi4c8QXySuK4gveMGK1krlHctqZD79wH
85E7Te8wxeoc7wmW/bU7V8yar3VPLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org