Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/8A665E7E4E4511ED9D58E711C4F9AE02.roa
File: 8A665E7E4E4511ED9D58E711C4F9AE02.roa (raw, json)
Hash identifier: ZNQgWaak4guSYZ1oAiP+72ZcIL01lXYtcgZm+tis6ps=
Subject key identifier: 0F:97:75:4A:86:EB:2F:D8:82:5A:6F:8C:53:95:17:24:97:B5:AE:21
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3CC6
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/8A665E7E4E4511ED9D58E711C4F9AE02.roa
Signing time: Tue 18 Oct 2022 06:00:09 +0000
ROA not before: Tue 18 Oct 2022 06:00:09 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15558 (0x3cc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Oct 18 06:00:09 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=634e40e9-3dc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:27:ad:8b:aa:67:08:7b:fd:85:e5:fd:93:de:
87:4b:8a:4c:9c:d7:14:13:4c:df:21:f2:db:28:b2:
6e:f5:ba:ff:20:79:81:24:80:58:d3:f8:ce:16:8b:
f5:4c:14:4c:5c:15:fb:cf:d8:7a:46:9a:f0:05:64:
4c:ff:76:ae:b7:fd:0f:be:6b:db:63:71:cd:83:e6:
b4:5b:b4:0b:fc:30:9a:ff:ae:23:ec:64:92:81:7a:
72:98:04:08:a3:d3:49:eb:28:8e:a3:52:0d:56:2c:
0a:52:e8:31:55:75:0d:3b:e9:4f:49:78:61:5e:f7:
00:be:c8:a3:e5:3b:fb:c4:7b:f3:2c:1c:ee:5a:a2:
81:82:15:5d:f6:01:45:af:73:a1:76:33:49:5c:f4:
aa:62:09:db:4c:eb:7f:84:c4:14:58:ac:ad:a3:d1:
35:0b:43:5f:91:76:bf:f6:2b:fc:74:8c:99:c9:e2:
c4:eb:d0:24:86:b0:18:06:d3:6e:6b:ef:96:7c:93:
7d:f3:25:2a:5b:ae:c0:34:d5:3b:5e:28:f9:d1:b0:
8d:24:14:02:f2:f6:b0:f2:8c:ad:f6:d7:8d:e5:b8:
52:e6:7c:d3:41:da:b6:99:bf:f2:d2:55:b4:9e:db:
82:0e:6e:36:30:bd:b3:3e:55:7a:18:3d:40:53:a2:
1f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:97:75:4A:86:EB:2F:D8:82:5A:6F:8C:53:95:17:24:97:B5:AE:21
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/8A665E7E4E4511ED9D58E711C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
06:93:94:95:33:20:ba:0c:c7:ce:97:c3:2d:25:0c:41:71:47:
2c:a5:70:b7:d7:ae:bd:3d:5f:55:bb:be:35:36:9d:df:e3:38:
ea:a6:63:47:6f:46:b1:9a:e0:84:47:65:a1:05:fb:15:6d:36:
9e:0f:2a:29:e0:d0:fb:88:02:09:ac:24:3a:ec:4e:87:a5:77:
05:c0:43:77:b2:31:43:d8:63:49:dc:f1:87:54:70:71:42:35:
d2:f3:2e:72:bc:cd:24:10:5d:b5:1f:81:5a:fb:00:7c:74:9b:
56:cd:10:3e:6a:0e:d5:21:2a:d4:bd:c5:ef:35:01:06:5c:9a:
fd:10:79:35:74:1a:2f:f4:83:31:f3:e0:36:73:33:a0:de:bc:
08:34:e0:1d:61:86:5a:6b:f4:0e:0d:32:8f:74:fa:94:02:ec:
0d:0e:60:94:38:8f:58:c2:32:a2:84:21:9f:8f:cf:43:96:47:
f1:15:cf:ee:30:29:20:2c:23:77:d0:63:1a:08:15:d2:ed:15:
50:43:4c:ca:0b:89:b6:b2:e7:4c:9a:03:d6:6e:04:6c:e6:a3:
97:ba:c6:94:22:95:e3:a4:f3:8c:eb:48:d5:07:34:28:77:1f:
8a:e1:65:28:1d:a5:6f:3b:7c:f3:9c:c8:31:66:35:52:e1:4c:
f1:5f:26:8b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICPMYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIxMDE4MDYwMDA5WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzRlNDBlOS0zZGMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxyeti6pnCHv9heX9k96HS4pMnNcUE0zfIfLbKLJu9br/IHmBJIBY0/jOFov1
TBRMXBX7z9h6RprwBWRM/3aut/0PvmvbY3HNg+a0W7QL/DCa/64j7GSSgXpymAQI
o9NJ6yiOo1INViwKUugxVXUNO+lPSXhhXvcAvsij5Tv7xHvzLBzuWqKBghVd9gFF
r3OhdjNJXPSqYgnbTOt/hMQUWKyto9E1C0NfkXa/9iv8dIyZyeLE69AkhrAYBtNu
a++WfJN98yUqW67ANNU7Xij50bCNJBQC8vaw8oyt9teN5bhS5nzTQdq2mb/y0lW0
ntuCDm42ML2zPlV6GD1AU6IfrwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFA+XdUqG
6y/YglpvjFOVFySXta4hMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvOEE2NjVFN0U0
RTQ1MTFFRDlENThFNzExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEABpOUlTMgugzHzpfDLSUMQXFHLKVwt9euvT1fVbu+NTad3+M46qZjR29G
sZrghEdloQX7FW02ng8qKeDQ+4gCCawkOuxOh6V3BcBDd7IxQ9hjSdzxh1RwcUI1
0vMucrzNJBBdtR+BWvsAfHSbVs0QPmoO1SEq1L3F7zUBBlya/RB5NXQaL/SDMfPg
NnMzoN68CDTgHWGGWmv0Dg0yj3T6lALsDQ5glDiPWMIyooQhn4/PQ5ZH8RXP7jAp
ICwjd9BjGggV0u0VUENMyguJtrLnTJoD1m4EbOajl7rGlCKV46TzjOtI1Qc0KHcf
iuFlKB2lbzt885zIMWY1UuFM8V8miw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org