Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/881E948457B311EDB34D002BC4F9AE02.roa
File: 881E948457B311EDB34D002BC4F9AE02.roa (raw, json)
Hash identifier: 0KwD1didGCKqo70254w0SbYP5HBWat9BU7Yv3Q7y9Ak=
Subject key identifier: E4:76:64:80:11:0F:23:C4:B2:17:DE:7A:3E:39:73:53:3C:F2:A8:2D
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3D40
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/881E948457B311EDB34D002BC4F9AE02.roa
Signing time: Sun 30 Oct 2022 03:00:09 +0000
ROA not before: Sun 30 Oct 2022 03:00:09 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15680 (0x3d40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Oct 30 03:00:09 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=635de8b9-9f09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a3:c9:bb:00:cb:6b:03:d2:88:d3:80:e7:48:
23:a2:87:5f:fc:60:76:22:5f:fc:89:b0:79:6b:51:
bb:ab:e2:4d:1c:4c:4c:f7:52:6b:b5:f3:f3:86:62:
89:84:e6:7f:1f:e4:d4:5e:ca:06:61:c0:2a:5f:0f:
cf:7f:dd:13:83:85:38:94:c9:e0:71:db:da:f4:31:
14:05:55:dd:8a:5e:52:6a:ba:e4:cc:9b:57:e5:5f:
5b:90:3f:24:db:be:51:c3:bd:01:23:a8:86:de:44:
e0:ae:8f:59:7e:6a:86:6a:69:0d:32:65:7e:30:f6:
37:e9:75:99:5d:9b:5c:46:8c:85:fa:f3:93:9a:17:
67:86:47:1d:05:a0:9c:95:99:66:84:b2:8c:a2:dd:
0b:1e:f2:9a:10:61:eb:b3:26:0c:56:ab:95:1e:7c:
fa:d0:46:d7:e8:df:0f:85:c5:c0:01:41:33:cd:de:
03:84:5b:59:b1:c3:c3:cb:a0:c0:77:f5:91:df:f6:
98:22:74:de:62:59:6a:c3:6f:53:59:fd:00:2e:ef:
a1:41:44:1b:21:55:62:ef:44:10:55:ec:da:95:bc:
f1:de:87:31:17:a6:7d:e8:59:f0:f6:20:87:16:bf:
b5:79:a0:a2:64:2c:36:39:97:58:1d:5e:04:ef:ed:
5c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:76:64:80:11:0F:23:C4:B2:17:DE:7A:3E:39:73:53:3C:F2:A8:2D
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/881E948457B311EDB34D002BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
6a:01:77:b6:a3:e3:48:14:91:0c:11:7b:e4:76:0b:e2:7d:7c:
34:a7:92:2e:42:2e:bf:61:3b:89:68:34:1f:16:f3:17:e4:a1:
0c:a6:71:d3:98:72:b8:d1:b3:03:c3:2e:9a:df:8d:dd:02:10:
cb:f6:78:ae:80:86:64:d9:e3:fc:67:95:24:20:2e:b8:e4:68:
2b:4b:7c:c2:1b:9c:26:1d:cc:92:1c:b6:b8:b0:91:d5:08:c0:
05:a9:ff:52:28:10:56:82:dc:96:a1:65:d3:4a:97:f6:7f:cd:
1e:1f:7c:33:0b:c3:5a:dd:cd:c3:be:50:9d:96:f6:03:03:54:
6a:c4:dd:ec:ef:66:bc:1a:03:ff:65:94:6c:df:bd:10:f8:28:
21:e3:ea:12:7f:fd:36:0e:07:72:9e:13:6f:4f:05:ee:08:9b:
1b:00:6b:20:46:aa:e0:b5:2b:ee:89:0c:21:45:47:32:b3:27:
a9:b5:4c:1a:3f:66:0a:bf:ef:d1:45:33:76:d6:d4:6c:0e:f5:
f2:b6:1f:e9:99:e7:6b:25:46:9f:6e:d1:95:3d:f5:54:92:e0:
63:7b:09:eb:29:84:8f:7e:fb:29:7c:25:bc:d1:b7:be:1b:55:
3f:3e:10:f7:5f:61:b6:32:a0:23:56:b3:5a:17:1f:59:af:ad:
00:ad:b3:28
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICPUAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIxMDMwMDMwMDA5WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzVkZThiOS05ZjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1aPJuwDLawPSiNOA50gjoodf/GB2Il/8ibB5a1G7q+JNHExM91JrtfPzhmKJ
hOZ/H+TUXsoGYcAqXw/Pf90Tg4U4lMngcdva9DEUBVXdil5SarrkzJtX5V9bkD8k
275Rw70BI6iG3kTgro9ZfmqGamkNMmV+MPY36XWZXZtcRoyF+vOTmhdnhkcdBaCc
lZlmhLKMot0LHvKaEGHrsyYMVquVHnz60EbX6N8PhcXAAUEzzd4DhFtZscPDy6DA
d/WR3/aYInTeYllqw29TWf0ALu+hQUQbIVVi70QQVezalbzx3ocxF6Z96Fnw9iCH
Fr+1eaCiZCw2OZdYHV4E7+1cPQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFOR2ZIAR
DyPEshfeej45c1M88qgtMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvODgxRTk0ODQ1
N0IzMTFFREIzNEQwMDJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAagF3tqPjSBSRDBF75HYL4n18NKeSLkIuv2E7iWg0HxbzF+ShDKZx05hy
uNGzA8Mumt+N3QIQy/Z4roCGZNnj/GeVJCAuuORoK0t8whucJh3Mkhy2uLCR1QjA
Ban/UigQVoLclqFl00qX9n/NHh98MwvDWt3Nw75QnZb2AwNUasTd7O9mvBoD/2WU
bN+9EPgoIePqEn/9Ng4Hcp4Tb08F7gibGwBrIEaq4LUr7okMIUVHMrMnqbVMGj9m
Cr/v0UUzdtbUbA718rYf6ZnnayVGn27RlT31VJLgY3sJ6ymEj377KXwlvNG3vhtV
Pz4Q919htjKgI1azWhcfWa+tAK2zKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org