Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/88D55F3089CC11EC9F52FE85C4F9AE02.roa
File: 88D55F3089CC11EC9F52FE85C4F9AE02.roa (raw, json)
Hash identifier: p04dpvDBeXpj13YFcVG6qBxXNg3Sp0xFYD92TJRL6yQ=
Subject key identifier: 8C:DA:61:22:EC:F4:9C:B9:ED:88:3B:E2:A0:EF:FB:99:64:10:3F:AE
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 36A3
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/88D55F3089CC11EC9F52FE85C4F9AE02.roa
Signing time: Thu 10 Feb 2022 04:40:09 +0000
ROA not before: Thu 10 Feb 2022 04:40:09 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13987 (0x36a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Feb 10 04:40:09 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=62049728-005a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:69:76:fa:0a:f4:6d:ea:cc:2a:4f:ee:7b:cb:
19:a7:00:bd:b2:8a:ae:43:bb:74:f5:0c:33:0f:6f:
83:6c:5c:0f:4d:30:1c:18:de:50:33:16:c4:53:68:
d7:d8:b9:7c:bc:cf:69:39:6c:70:f0:4e:e5:25:22:
89:f9:19:3e:4f:3f:d9:91:d6:88:81:50:b5:ce:f0:
56:3d:f9:13:ce:5c:4a:f7:aa:06:a1:6f:fc:d8:79:
6e:fc:a1:10:cd:fe:72:08:30:5c:a7:f6:89:50:cd:
1d:7a:73:b1:5e:f1:e7:62:67:a1:78:85:67:13:2d:
a8:fd:77:de:16:5b:06:6e:56:7a:a4:4d:37:c8:57:
b9:b6:55:69:25:22:74:d6:54:70:4b:8d:20:11:dc:
b9:80:fd:d1:41:1f:16:c9:49:2e:7a:7e:c2:7d:ae:
20:13:26:56:ca:6e:d1:da:be:ac:b0:36:72:2a:96:
55:a1:c3:c4:53:4d:3c:1e:af:9f:83:6a:91:88:bf:
b2:13:0b:70:a4:70:f1:e8:75:11:4b:f1:2b:6e:8d:
5a:0c:a7:0a:0b:8b:ba:f8:8c:d4:d4:12:45:a0:61:
ab:79:02:1f:bf:c9:c1:1e:b3:ce:f4:15:57:5f:0a:
94:4f:b4:79:91:d6:00:73:23:10:81:54:01:68:f6:
ca:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:DA:61:22:EC:F4:9C:B9:ED:88:3B:E2:A0:EF:FB:99:64:10:3F:AE
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/88D55F3089CC11EC9F52FE85C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
c3:bd:23:25:c6:63:d3:e7:21:8e:07:17:a4:3a:c6:a1:e7:eb:
e7:38:b3:c0:e5:6e:3b:17:f6:e7:e0:81:19:9c:76:80:a5:43:
6b:21:bd:00:26:6c:9c:f9:bd:50:83:2c:81:a2:6d:3a:f5:6a:
50:9e:d0:be:5f:00:2f:a2:dc:75:ad:2c:89:1b:fc:34:18:3e:
31:a9:99:c9:af:1f:b1:75:a8:0c:c9:42:6f:37:9d:44:c7:63:
63:0a:9b:f5:48:b8:fa:5d:dc:5a:b6:ed:e2:70:e1:34:ee:e2:
9c:08:6a:44:2d:6e:77:26:38:29:f8:c9:a8:31:59:da:ee:64:
e0:da:77:7c:44:46:7d:36:d1:39:6e:5e:e1:19:05:94:bb:59:
73:1c:17:db:dd:37:80:78:86:0c:93:c7:66:9a:64:79:f7:89:
9f:6c:8f:23:77:e1:ac:b4:73:0c:4a:df:d2:af:9a:32:d8:5d:
83:3f:05:8b:8a:f7:3b:df:5a:1f:1b:9d:17:6c:6a:2f:fc:fb:
ce:aa:e9:66:e6:9c:88:1f:ea:e8:c3:ff:85:0a:ab:0e:a2:a2:
4f:9e:b4:52:e2:25:a8:12:ae:d4:43:31:4a:72:ad:09:c0:1b:
2e:33:26:8b:df:ac:4c:0a:65:24:80:5c:20:67:ad:00:88:d8:
f0:27:03:80
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICNqMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMjEwMDQ0MDA5WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjA0OTcyOC0wMDVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy2l2+gr0berMKk/ue8sZpwC9soquQ7t09QwzD2+DbFwPTTAcGN5QMxbEU2jX
2Ll8vM9pOWxw8E7lJSKJ+Rk+Tz/ZkdaIgVC1zvBWPfkTzlxK96oGoW/82Hlu/KEQ
zf5yCDBcp/aJUM0denOxXvHnYmeheIVnEy2o/XfeFlsGblZ6pE03yFe5tlVpJSJ0
1lRwS40gEdy5gP3RQR8WyUkuen7Cfa4gEyZWym7R2r6ssDZyKpZVocPEU008Hq+f
g2qRiL+yEwtwpHDx6HURS/Erbo1aDKcKC4u6+IzU1BJFoGGreQIfv8nBHrPO9BVX
XwqUT7R5kdYAcyMQgVQBaPbKjQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFIzaYSLs
9Jy57Yg74qDv+5lkED+uMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvODhENTVGMzA4
OUNDMTFFQzlGNTJGRTg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAw70jJcZj0+chjgcXpDrGoefr5zizwOVuOxf25+CBGZx2gKVDayG9ACZs
nPm9UIMsgaJtOvVqUJ7Qvl8AL6Lcda0siRv8NBg+MamZya8fsXWoDMlCbzedRMdj
Ywqb9Ui4+l3cWrbt4nDhNO7inAhqRC1udyY4KfjJqDFZ2u5k4Np3fERGfTbROW5e
4RkFlLtZcxwX2903gHiGDJPHZppkefeJn2yPI3fhrLRzDErf0q+aMthdgz8Fi4r3
O99aHxudF2xqL/z7zqrpZuaciB/q6MP/hQqrDqKiT560UuIlqBKu1EMxSnKtCcAb
LjMmi9+sTAplJIBcIGetAIjY8CcDgA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org