Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/96E0375AC1C911ECA5350013C4F9AE02.roa
File: 96E0375AC1C911ECA5350013C4F9AE02.roa (raw, json)
Hash identifier: wpV7tFboQRga+wEppo5MpiebW/kxxQvIoZyjXejsSuw=
Subject key identifier: 86:24:B1:84:4B:AA:6D:B8:CB:36:7A:8F:1E:2E:1C:E8:9B:D2:63:F9
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 392E
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/96E0375AC1C911ECA5350013C4F9AE02.roa
Signing time: Fri 22 Apr 2022 10:20:09 +0000
ROA not before: Fri 22 Apr 2022 10:20:09 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14638 (0x392e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Apr 22 10:20:09 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=62628159-1c8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:00:53:99:7d:45:3a:59:5f:48:56:ed:82:ca:
87:0e:25:11:3e:89:c5:7c:7f:86:b5:3c:40:fa:1c:
48:3d:41:a4:a4:e0:4f:fa:f5:74:f5:ab:10:44:86:
e4:db:f8:43:1a:1f:a9:5f:c9:35:7d:58:1a:fb:cb:
ac:5e:e4:c1:b5:a5:44:d6:b2:75:eb:08:fe:72:53:
8a:e3:fe:6f:b9:a5:7d:1b:36:33:0d:2b:54:44:01:
c0:e1:ee:7e:3a:c6:ec:3d:33:72:38:e3:8c:2d:bd:
9d:0d:f3:e1:be:02:31:3e:e3:ca:f2:c5:f0:cb:b8:
9d:3f:5e:2d:c6:a5:8d:bd:ba:7f:7b:69:2f:13:75:
1d:6c:c2:97:5a:45:47:47:18:6f:cf:41:3a:25:5d:
1c:6b:31:0b:9f:7b:67:5b:47:cb:78:9e:45:49:1b:
98:f9:1f:bd:9e:a6:b1:43:20:a0:f0:fe:de:78:e9:
d3:4e:1d:d0:2e:45:21:32:c6:73:a5:78:66:bf:68:
2d:b1:3d:19:51:1f:d1:46:e2:bd:62:78:70:9f:6d:
6d:2d:14:02:0e:cb:85:70:f4:cb:73:73:fb:e7:3c:
30:2e:2b:12:4f:aa:bd:48:3a:58:f0:d3:fa:2b:c0:
f1:4a:49:a0:bb:1c:48:8f:48:4f:f1:c9:b0:a8:a2:
89:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:24:B1:84:4B:AA:6D:B8:CB:36:7A:8F:1E:2E:1C:E8:9B:D2:63:F9
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/96E0375AC1C911ECA5350013C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
3e:0f:2a:f7:15:9a:77:95:41:be:f2:6f:99:49:f1:2a:15:da:
cb:a4:32:fd:67:d0:da:c1:9f:b3:4d:c1:fe:4e:8f:30:8a:20:
46:31:40:da:a3:c5:2c:e3:29:cf:26:a7:3c:17:13:a6:70:40:
7a:a0:a3:38:3c:25:29:8c:de:d4:c0:f3:0e:9d:ed:da:0a:05:
60:a7:b4:61:30:be:f5:38:5f:69:e1:1b:dc:95:2d:43:62:04:
b6:1d:71:47:ff:26:87:d3:1e:97:a2:d0:fe:ec:69:d5:82:a8:
b3:8a:f0:9a:09:45:2c:19:d7:dc:bf:02:85:39:ff:be:47:80:
3c:45:18:2c:67:ab:e9:b6:d2:2c:e0:f5:b3:5b:f9:c5:f4:00:
3c:72:27:bf:42:7b:fe:e5:7d:93:ca:34:40:1b:4e:2f:ea:ec:
81:29:86:0e:f9:87:6d:84:c7:7b:6d:ff:43:ab:05:80:69:cc:
9d:81:74:ff:96:c5:c8:c7:05:06:64:6b:ef:9a:2b:a5:08:3f:
e2:c6:19:73:dd:1b:3b:55:4c:35:c2:ec:32:f1:d7:9a:eb:95:
11:fc:6b:99:e8:86:3c:16:d5:0e:33:66:43:e8:ce:8c:06:f7:
0e:44:98:6d:33:8c:44:f3:4e:5a:4f:5d:d7:ab:05:a5:20:f8:
45:e5:ce:72
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOS4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNDIyMTAyMDA5WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjYyODE1OS0xYzhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6gBTmX1FOllfSFbtgsqHDiURPonFfH+GtTxA+hxIPUGkpOBP+vV09asQRIbk
2/hDGh+pX8k1fVga+8usXuTBtaVE1rJ16wj+clOK4/5vuaV9GzYzDStURAHA4e5+
OsbsPTNyOOOMLb2dDfPhvgIxPuPK8sXwy7idP14txqWNvbp/e2kvE3UdbMKXWkVH
Rxhvz0E6JV0cazELn3tnW0fLeJ5FSRuY+R+9nqaxQyCg8P7eeOnTTh3QLkUhMsZz
pXhmv2gtsT0ZUR/RRuK9Ynhwn21tLRQCDsuFcPTLc3P75zwwLisST6q9SDpY8NP6
K8DxSkmguxxIj0hP8cmwqKKJFwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFIYksYRL
qm24yzZ6jx4uHOib0mP5MB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvOTZFMDM3NUFD
MUM5MTFFQ0E1MzUwMDEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAPg8q9xWad5VBvvJvmUnxKhXay6Qy/WfQ2sGfs03B/k6PMIogRjFA2qPF
LOMpzyanPBcTpnBAeqCjODwlKYze1MDzDp3t2goFYKe0YTC+9ThfaeEb3JUtQ2IE
th1xR/8mh9Mel6LQ/uxp1YKos4rwmglFLBnX3L8ChTn/vkeAPEUYLGer6bbSLOD1
s1v5xfQAPHInv0J7/uV9k8o0QBtOL+rsgSmGDvmHbYTHe23/Q6sFgGnMnYF0/5bF
yMcFBmRr75orpQg/4sYZc90bO1VMNcLsMvHXmuuVEfxrmeiGPBbVDjNmQ+jOjAb3
DkSYbTOMRPNOWk9d16sFpSD4ReXOcg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org