Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/B0F6BCD2A2D811ECA5856154C4F9AE02.roa
File: B0F6BCD2A2D811ECA5856154C4F9AE02.roa (raw, json)
Hash identifier: RBhxE9EvBiS05mnYD+CKP49nqZtS7vePDw9PLEpnn1s=
Subject key identifier: DA:68:F8:81:03:8E:57:BE:5F:BF:85:27:1E:EC:63:B5:41:9F:63:D8
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 37FC
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/B0F6BCD2A2D811ECA5856154C4F9AE02.roa
Signing time: Sun 13 Mar 2022 14:20:11 +0000
ROA not before: Sun 13 Mar 2022 14:20:11 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14332 (0x37fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Mar 13 14:20:11 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=622dfd9b-a746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:10:e9:5e:76:c8:6d:fd:9e:09:36:84:bc:a9:
0b:26:38:75:95:1c:34:21:ba:35:24:2d:f0:cc:0e:
1d:c1:85:6b:80:39:9c:13:bf:f6:05:95:65:08:63:
49:b3:1a:89:b8:da:0a:bb:35:af:d3:95:31:28:5b:
a1:f5:3c:50:1a:3b:e0:bc:98:94:20:c0:e0:81:fa:
12:f0:5b:80:1f:6f:cb:77:25:07:ba:72:9f:4c:a0:
41:c6:d4:03:4d:4f:92:8a:b5:c7:9f:7a:bb:50:b0:
a1:d7:a7:8c:5b:62:d4:bb:01:d3:5d:d8:33:7c:32:
4b:00:0e:8d:77:d0:82:2d:7a:bd:28:03:54:ea:34:
a5:93:75:9b:61:96:11:4b:43:c1:e9:53:73:a7:31:
ab:db:9a:9f:3c:c9:0d:d3:25:5b:5e:88:a5:9a:93:
6a:67:ee:40:71:cc:39:ee:c1:f1:4f:06:11:40:2c:
6e:3b:10:e1:a4:ce:80:b0:c9:a2:2d:2f:27:ca:53:
c7:d9:fa:87:d7:63:9a:47:52:1e:1a:ee:ab:08:0e:
59:3b:83:fb:8f:02:0d:86:ab:f8:71:79:c4:76:ab:
61:5a:0f:5a:c6:aa:31:c7:49:7f:dd:dd:e6:60:94:
70:46:ad:52:23:56:11:fa:b0:7f:24:c2:57:d3:ed:
92:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:68:F8:81:03:8E:57:BE:5F:BF:85:27:1E:EC:63:B5:41:9F:63:D8
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/B0F6BCD2A2D811ECA5856154C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/24
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
3b:f0:42:e9:0e:18:6d:bb:d6:97:94:64:24:12:40:8d:b9:d1:
34:a0:74:7a:e9:45:19:f5:88:18:a0:f5:e2:66:67:f6:22:48:
43:64:49:4e:87:07:dd:bc:e8:89:af:dc:2a:59:8f:0e:a7:be:
0d:4f:6c:b1:82:35:bd:f2:ea:18:df:bb:f5:9e:63:9a:14:3b:
78:93:a9:c4:7a:ee:bc:3b:bc:a2:27:51:5a:c1:a7:8a:af:86:
4e:47:c3:d2:6c:61:47:e1:87:b4:f4:22:25:24:95:1b:0b:8d:
0e:23:46:3e:d9:02:bd:3a:8b:d1:e7:49:e5:21:02:ab:28:cf:
ea:a1:b6:14:ef:25:48:20:24:22:86:12:c2:80:8b:e4:83:a2:
a3:32:71:70:0d:d7:1f:b9:81:23:24:d1:ca:a6:c6:fc:cd:f9:
c0:e6:18:e7:31:5d:ee:7c:0b:f1:9a:24:9c:85:d6:b0:dc:0e:
f7:e9:4b:f3:65:a3:e9:93:00:74:90:fb:7c:fe:68:af:06:2b:
4e:e9:e9:ba:2f:dc:ad:c4:a7:ba:64:f3:7c:95:f7:22:9e:52:
22:27:5d:03:80:bf:05:ec:11:bd:0b:e9:01:ae:a8:d7:57:81:
bf:85:c9:fa:43:64:03:bc:5d:25:59:b6:64:84:6a:69:1c:e8:
8e:4f:ca:b5
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICN/wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMzEzMTQyMDExWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjJkZmQ5Yi1hNzQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuxDpXnbIbf2eCTaEvKkLJjh1lRw0Ibo1JC3wzA4dwYVrgDmcE7/2BZVlCGNJ
sxqJuNoKuzWv05UxKFuh9TxQGjvgvJiUIMDggfoS8FuAH2/LdyUHunKfTKBBxtQD
TU+SirXHn3q7ULCh16eMW2LUuwHTXdgzfDJLAA6Nd9CCLXq9KANU6jSlk3WbYZYR
S0PB6VNzpzGr25qfPMkN0yVbXoilmpNqZ+5Accw57sHxTwYRQCxuOxDhpM6AsMmi
LS8nylPH2fqH12OaR1IeGu6rCA5ZO4P7jwINhqv4cXnEdqthWg9axqoxx0l/3d3m
YJRwRq1SI1YR+rB/JMJX0+2SOwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNpo+IED
jle+X7+FJx7sY7VBn2PYMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvQjBGNkJDRDJB
MkQ4MTFFQ0E1ODU2MTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAO/BC6Q4YbbvWl5RkJBJAjbnRNKB0eulFGfWIGKD14mZn9iJIQ2RJTocH
3bzoia/cKlmPDqe+DU9ssYI1vfLqGN+79Z5jmhQ7eJOpxHruvDu8oidRWsGniq+G
TkfD0mxhR+GHtPQiJSSVGwuNDiNGPtkCvTqL0edJ5SECqyjP6qG2FO8lSCAkIoYS
woCL5IOiozJxcA3XH7mBIyTRyqbG/M35wOYY5zFd7nwL8ZoknIXWsNwO9+lL82Wj
6ZMAdJD7fP5orwYrTunpui/crcSnumTzfJX3Ip5SIiddA4C/BewRvQvpAa6o11eB
v4XJ+kNkA7xdJVm2ZIRqaRzojk/KtQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org