Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/A915E5B839CA11EDA4396718C4F9AE02.roa
File: A915E5B839CA11EDA4396718C4F9AE02.roa (raw, json)
Hash identifier: L7u5QHrhWGUfLqDMfVhj4xtwGlfjOnxCOIkEsHwd3r0=
Subject key identifier: AF:34:78:B4:0A:D0:4A:7B:52:7B:D6:85:27:51:89:14:4A:0D:A1:86
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3C3B
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/A915E5B839CA11EDA4396718C4F9AE02.roa
Signing time: Thu 22 Sep 2022 03:50:10 +0000
ROA not before: Thu 22 Sep 2022 03:50:10 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15419 (0x3c3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Sep 22 03:50:10 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=632bdb72-f93e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e4:fd:ad:f9:b1:57:b5:24:a7:6c:16:c5:f0:
a7:78:11:81:5b:93:ad:f1:6e:a9:a2:67:5d:82:1c:
60:31:59:64:1a:de:d8:41:ab:69:c1:5d:63:79:de:
81:1a:40:16:d7:6e:09:b3:48:bd:93:20:1b:aa:e9:
26:ef:bd:92:5d:1d:4a:6a:f5:8b:c7:db:c7:86:47:
0f:13:11:36:13:d4:e8:18:5e:e4:1b:ca:5f:13:24:
ec:93:f8:b1:7f:49:db:a1:ac:ef:a2:83:df:34:cc:
01:30:20:62:24:23:f0:2a:ad:9a:f1:69:b8:67:a7:
ae:09:a1:de:a4:72:e2:8b:7f:e3:8f:43:80:55:be:
03:57:ba:c6:19:68:4e:52:31:1a:66:2d:3d:e6:73:
94:33:3c:be:7f:f5:ba:0e:c1:d7:4a:d2:c1:15:36:
5b:5e:c8:1a:e1:85:21:cd:0e:fe:f3:0b:27:3a:c1:
00:c3:34:c7:e7:fb:c4:c7:f3:41:78:95:f1:e7:14:
1a:91:a4:af:c8:bf:82:02:9d:54:6f:f8:cf:f6:ef:
ab:e8:7b:0f:1c:8d:aa:76:5a:13:31:1b:4b:42:2f:
31:99:a2:d6:91:04:e1:44:b5:c0:c5:d0:b8:fa:38:
7e:14:91:85:cb:97:8f:c0:55:6d:0e:1a:b4:ac:9f:
a5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:34:78:B4:0A:D0:4A:7B:52:7B:D6:85:27:51:89:14:4A:0D:A1:86
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/A915E5B839CA11EDA4396718C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
52:19:9a:11:42:b3:e7:e1:4b:36:38:fb:41:7d:de:87:c8:18:
f2:89:0d:36:96:02:35:41:fc:17:b8:ac:72:7d:a9:dd:24:dc:
ed:8b:17:78:ce:37:7c:13:89:b0:80:71:8d:9d:45:22:fe:76:
0f:46:92:e5:b7:02:6d:27:c2:38:b3:f1:37:0e:71:46:fa:97:
b4:24:5d:8b:b2:74:be:7e:bf:a0:80:0a:f8:06:b0:e9:4c:dd:
72:41:d9:d1:75:fd:66:58:20:10:74:19:4e:12:56:37:cb:1d:
e4:c0:f0:ed:db:83:0a:b3:06:c8:eb:44:42:e0:bb:53:03:dc:
98:5c:63:ef:5a:6a:6f:fe:0f:94:f7:d9:59:12:4b:7b:6e:ca:
2b:f8:69:d6:6a:98:69:14:22:c1:05:a1:2a:b6:80:f1:13:ba:
b8:9b:2d:08:0b:dd:de:7c:f2:97:18:e8:a6:82:23:53:89:7d:
71:55:c7:60:e5:39:66:5a:ed:af:28:18:02:11:c7:cb:41:f6:
53:ea:2b:22:1f:6a:0f:a1:7d:89:94:26:ee:69:31:54:e9:ad:
05:8c:d6:7c:78:d5:58:31:4a:52:b2:27:f7:f9:0a:88:2c:e0:
d3:67:6d:43:55:59:dd:c7:f7:11:4f:b5:46:ea:ac:a7:f9:a1:
70:94:e4:ec
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICPDswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwOTIyMDM1MDEwWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzJiZGI3Mi1mOTNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1OT9rfmxV7Ukp2wWxfCneBGBW5Ot8W6pomddghxgMVlkGt7YQatpwV1jed6B
GkAW124Js0i9kyAbqukm772SXR1KavWLx9vHhkcPExE2E9ToGF7kG8pfEyTsk/ix
f0nboazvooPfNMwBMCBiJCPwKq2a8Wm4Z6euCaHepHLii3/jj0OAVb4DV7rGGWhO
UjEaZi095nOUMzy+f/W6DsHXStLBFTZbXsga4YUhzQ7+8wsnOsEAwzTH5/vEx/NB
eJXx5xQakaSvyL+CAp1Ub/jP9u+r6HsPHI2qdloTMRtLQi8xmaLWkQThRLXAxdC4
+jh+FJGFy5ePwFVtDhq0rJ+lawIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFK80eLQK
0Ep7UnvWhSdRiRRKDaGGMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvQTkxNUU1Qjgz
OUNBMTFFREE0Mzk2NzE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAUhmaEUKz5+FLNjj7QX3eh8gY8okNNpYCNUH8F7iscn2p3STc7YsXeM43
fBOJsIBxjZ1FIv52D0aS5bcCbSfCOLPxNw5xRvqXtCRdi7J0vn6/oIAK+Aaw6Uzd
ckHZ0XX9ZlggEHQZThJWN8sd5MDw7duDCrMGyOtEQuC7UwPcmFxj71pqb/4PlPfZ
WRJLe27KK/hp1mqYaRQiwQWhKraA8RO6uJstCAvd3nzylxjopoIjU4l9cVXHYOU5
ZlrtrygYAhHHy0H2U+orIh9qD6F9iZQm7mkxVOmtBYzWfHjVWDFKUrIn9/kKiCzg
02dtQ1VZ3cf3EU+1Ruqsp/mhcJTk7A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org