Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/88ECE59AC35311EC82222022C4F9AE02.roa
File: 88ECE59AC35311EC82222022C4F9AE02.roa (raw, json)
Hash identifier: uuVxHsJTnXtjphT7zUR5Kk3E3y5hLMxkXuDeRKFzrD8=
Subject key identifier: 95:C1:60:E0:8F:F7:4A:91:F3:F6:98:97:8C:F6:FE:7E:55:E0:45:C7
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 393E
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/88ECE59AC35311EC82222022C4F9AE02.roa
Signing time: Sat 23 Apr 2022 22:20:09 +0000
ROA not before: Sat 23 Apr 2022 22:20:09 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14654 (0x393e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Apr 23 22:20:09 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=62647b99-07fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:01:a0:0d:69:a6:34:6c:e3:7c:fd:39:0b:80:
e2:a4:23:6e:1b:16:95:37:45:d6:c5:b2:0c:f0:5c:
32:0f:f3:dd:fe:d8:ba:69:57:a0:13:52:b0:21:1d:
cb:9b:c0:9b:f9:27:1b:e3:34:37:c7:81:c0:b4:88:
08:e8:b3:f9:1d:39:f5:3a:27:12:eb:eb:5c:24:15:
e2:ee:9d:9c:6b:ee:6f:a9:4c:dc:98:c2:3f:25:ff:
5d:35:22:82:f5:f4:6b:3c:25:5a:e5:3d:02:0e:b2:
5d:49:10:c5:e0:03:4d:13:cb:ac:e8:c8:59:d8:df:
a3:cf:c3:e7:31:d3:a7:54:55:31:20:57:cf:6f:86:
7e:05:4b:2e:82:e1:f2:a8:2d:b7:b0:9b:a7:50:0b:
97:bf:f7:d6:8f:0d:ca:81:bd:9d:24:a1:9b:aa:6a:
a0:5e:34:15:06:90:a1:5f:c5:2a:a0:8a:21:87:21:
e6:f0:e6:02:a9:82:1f:6c:10:14:24:0d:d2:89:22:
15:f7:62:0b:e9:eb:49:e6:f0:d8:3d:29:12:05:6c:
de:f6:66:3d:43:42:5b:39:f3:08:c3:53:a0:34:99:
c3:71:bd:f2:64:45:f2:27:43:d8:8a:b9:39:a0:84:
c4:db:74:70:0d:78:99:67:27:d6:be:ec:6a:15:c0:
a5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C1:60:E0:8F:F7:4A:91:F3:F6:98:97:8C:F6:FE:7E:55:E0:45:C7
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/88ECE59AC35311EC82222022C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/48
Signature Algorithm: sha256WithRSAEncryption
74:be:35:27:54:c1:a6:eb:7a:00:cc:5c:c7:c1:ae:72:2d:ba:
5e:a2:36:04:fe:a7:1c:92:67:80:9a:33:69:75:45:a9:ed:a2:
cc:c8:58:af:ee:d9:27:ac:69:5d:51:c5:4c:74:3d:f7:73:18:
62:94:73:f0:51:0c:30:33:47:e1:b4:af:4d:6d:96:73:47:e0:
12:32:8e:bf:6d:46:ea:67:83:3e:e3:de:c4:5f:34:59:78:d0:
ea:07:8e:fa:a6:34:da:41:25:bb:a6:6c:b6:73:b7:75:72:35:
7e:e3:aa:f6:67:56:f7:b9:bd:4b:d7:53:e1:a0:f3:1c:74:57:
42:53:73:43:2b:67:6c:82:c1:e0:d6:cd:0b:3b:ac:45:db:0f:
f1:b1:25:9f:17:45:c4:b8:71:4d:48:8a:f0:29:36:bc:13:d4:
19:b2:a4:23:e2:20:83:4d:d1:46:98:f6:41:bc:28:bb:71:3a:
4f:2e:ef:74:da:42:17:d5:12:89:d0:3b:fd:d4:0a:43:2f:00:
5b:c8:a2:70:92:6f:71:be:49:19:c9:d6:b9:05:95:e0:4a:ac:
27:d9:5c:f6:4f:ad:7a:b1:ee:79:70:a9:c4:83:f6:54:a0:47:
87:c7:8c:49:dd:b5:55:33:79:be:dc:20:ed:fa:99:0c:d9:70:
55:b3:f6:d2
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOT4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNDIzMjIyMDA5WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjY0N2I5OS0wN2ZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwwGgDWmmNGzjfP05C4DipCNuGxaVN0XWxbIM8FwyD/Pd/ti6aVegE1KwIR3L
m8Cb+Scb4zQ3x4HAtIgI6LP5HTn1OicS6+tcJBXi7p2ca+5vqUzcmMI/Jf9dNSKC
9fRrPCVa5T0CDrJdSRDF4ANNE8us6MhZ2N+jz8PnMdOnVFUxIFfPb4Z+BUsuguHy
qC23sJunUAuXv/fWjw3Kgb2dJKGbqmqgXjQVBpChX8UqoIohhyHm8OYCqYIfbBAU
JA3SiSIV92IL6etJ5vDYPSkSBWze9mY9Q0JbOfMIw1OgNJnDcb3yZEXyJ0PYirk5
oITE23RwDXiZZyfWvuxqFcClaQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFJXBYOCP
90qR8/aYl4z2/n5V4EXHMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvODhFQ0U1OUFD
MzUzMTFFQzgyMjIyMDIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHACABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAdL41J1TBput6AMxcx8Guci26XqI2BP6nHJJngJozaXVFqe2izMhYr+7Z
J6xpXVHFTHQ993MYYpRz8FEMMDNH4bSvTW2Wc0fgEjKOv21G6meDPuPexF80WXjQ
6geO+qY02kElu6ZstnO3dXI1fuOq9mdW97m9S9dT4aDzHHRXQlNzQytnbILB4NbN
CzusRdsP8bElnxdFxLhxTUiK8Ck2vBPUGbKkI+Igg03RRpj2Qbwou3E6Ty7vdNpC
F9USidA7/dQKQy8AW8iicJJvcb5JGcnWuQWV4EqsJ9lc9k+terHueXCpxIP2VKBH
h8eMSd21VTN5vtwg7fqZDNlwVbP20g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org