Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/A3D55FA64D5D11ED96367574C4F9AE02.roa
File: A3D55FA64D5D11ED96367574C4F9AE02.roa (raw, json)
Hash identifier: 3pMLx5S6y/QoEX1d+E6IVyzw1MCsXl2AYdiA8S79/N8=
Subject key identifier: 6D:8D:3A:B2:43:B6:BC:F9:F2:15:3F:F9:0C:DF:3B:37:ED:AA:B1:06
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3CB4
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/A3D55FA64D5D11ED96367574C4F9AE02.roa
Signing time: Sun 16 Oct 2022 14:20:10 +0000
ROA not before: Sun 16 Oct 2022 14:20:10 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15540 (0x3cb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Oct 16 14:20:10 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=634c1319-c196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:39:cf:c3:88:ce:a6:60:4d:4c:67:48:af:cf:
9a:3b:88:e0:9d:64:f5:94:d6:2a:dd:eb:f0:92:90:
4b:86:3d:7c:a5:41:63:dc:1d:70:2f:75:6e:95:91:
f0:bb:6f:80:d8:b4:ea:2c:d0:04:05:ee:81:bf:bd:
a6:07:34:e3:e6:67:44:3e:a1:b9:9f:81:f6:07:4a:
65:4e:21:23:d9:d4:55:63:c6:12:32:db:5b:e0:81:
34:f3:c8:0b:cb:7e:8a:e4:8f:d5:17:37:34:a1:61:
ed:60:45:76:f0:d2:30:40:21:b5:2d:8d:f7:6f:9e:
45:fa:ae:dd:25:df:37:e6:99:21:62:52:9b:83:3f:
55:47:5f:3d:97:be:f1:f3:8e:92:1e:12:d6:ff:07:
16:ac:e8:ff:29:7b:78:2c:db:ff:b7:37:d9:2b:17:
50:db:4f:9e:e7:d3:f4:4a:54:92:c1:95:29:33:de:
99:68:d3:22:f7:6e:27:58:d8:df:50:e7:15:c0:9b:
50:52:5e:f8:1b:ec:f0:a2:3c:43:58:7f:92:3d:c1:
1f:e5:e7:0e:8c:8a:0c:d1:c2:cc:5c:ce:e4:ef:f4:
43:3f:6a:ac:93:28:dd:7b:93:c4:bd:e1:be:5c:86:
d4:f3:fa:d3:e9:6a:7a:0d:da:8b:29:ee:07:be:8c:
34:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8D:3A:B2:43:B6:BC:F9:F2:15:3F:F9:0C:DF:3B:37:ED:AA:B1:06
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/A3D55FA64D5D11ED96367574C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/24
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
2a:76:ad:62:ae:66:38:32:8e:fa:95:16:52:9d:31:26:0d:5a:
27:b7:9c:22:f1:ec:7c:da:56:ec:3a:25:84:9b:8f:9a:08:a5:
1f:c1:a8:53:28:ed:c0:76:6a:f7:b9:f6:f7:ed:56:f1:51:60:
10:f5:3a:66:5e:6e:c2:19:d7:6e:f5:57:ff:82:82:fc:77:1f:
fb:20:8f:19:29:6d:32:0a:77:39:c2:79:a4:bf:95:f6:12:06:
54:83:fc:78:5d:62:65:4c:3e:61:31:59:aa:24:09:54:bc:be:
e9:8c:ad:60:c4:74:6d:d1:7d:8d:3f:ec:17:9e:a8:28:3e:c8:
1a:6a:29:c0:d8:03:7b:5f:11:5a:b3:91:d1:a7:d6:7e:a2:3c:
f0:22:74:8e:6d:6b:9d:18:08:e8:80:f9:82:f5:36:4f:a6:c4:
6d:91:4e:3d:64:f0:08:94:b3:8a:af:38:78:d9:96:1f:8c:20:
4a:ae:e1:a4:9d:19:8a:bc:89:f8:78:d4:f4:71:20:74:3b:e2:
1b:79:da:e7:67:ab:6d:95:f8:e7:fd:46:a4:cf:68:e1:c3:df:
c0:28:aa:0b:59:ab:d8:fa:92:f6:49:27:65:76:cd:fe:4f:cb:
e5:92:89:74:14:d1:42:38:92:0e:08:92:6f:cf:79:39:d9:33:
5c:18:42:5f
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICPLQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIxMDE2MTQyMDEwWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzRjMTMxOS1jMTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2DnPw4jOpmBNTGdIr8+aO4jgnWT1lNYq3evwkpBLhj18pUFj3B1wL3VulZHw
u2+A2LTqLNAEBe6Bv72mBzTj5mdEPqG5n4H2B0plTiEj2dRVY8YSMttb4IE088gL
y36K5I/VFzc0oWHtYEV28NIwQCG1LY33b55F+q7dJd835pkhYlKbgz9VR189l77x
846SHhLW/wcWrOj/KXt4LNv/tzfZKxdQ20+e59P0SlSSwZUpM96ZaNMi924nWNjf
UOcVwJtQUl74G+zwojxDWH+SPcEf5ecOjIoM0cLMXM7k7/RDP2qskyjde5PEveG+
XIbU8/rT6Wp6DdqLKe4Hvow0GwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFG2NOrJD
trz58hU/+QzfOzftqrEGMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvQTNENTVGQTY0
RDVEMTFFRDk2MzY3NTc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAKnatYq5mODKO+pUWUp0xJg1aJ7ecIvHsfNpW7DolhJuPmgilH8GoUyjt
wHZq97n29+1W8VFgEPU6Zl5uwhnXbvVX/4KC/Hcf+yCPGSltMgp3OcJ5pL+V9hIG
VIP8eF1iZUw+YTFZqiQJVLy+6YytYMR0bdF9jT/sF56oKD7IGmopwNgDe18RWrOR
0afWfqI88CJ0jm1rnRgI6ID5gvU2T6bEbZFOPWTwCJSziq84eNmWH4wgSq7hpJ0Z
iryJ+HjU9HEgdDviG3na52erbZX45/1GpM9o4cPfwCiqC1mr2PqS9kknZXbN/k/L
5ZKJdBTRQjiSDgiSb895OdkzXBhCXw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org