Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/C4AE4058B92411EC870E3F42C4F9AE02.roa
File: C4AE4058B92411EC870E3F42C4F9AE02.roa (raw, json)
Hash identifier: it6zdT325ctT9veQskU9MEUz0x5KHUNVXGCvagEFMxA=
Subject key identifier: 3B:0F:35:2E:D3:CF:67:C1:05:20:4D:60:32:AE:E0:69:7F:47:A9:D5
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 38B0
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/C4AE4058B92411EC870E3F42C4F9AE02.roa
Signing time: Mon 11 Apr 2022 11:20:09 +0000
ROA not before: Mon 11 Apr 2022 11:20:09 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14512 (0x38b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Apr 11 11:20:09 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=62540ee8-aa97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ee:b3:56:8e:15:a6:0c:eb:e3:28:58:eb:58:
13:9c:9f:b8:df:c9:7c:57:c0:f0:90:10:81:15:fe:
5b:50:13:c8:9a:8b:73:ec:5a:24:ff:92:5b:dd:94:
99:2e:c7:5c:33:a7:de:c3:46:31:24:76:2c:ab:b2:
31:eb:b3:f8:1d:c0:62:0d:07:fd:0f:32:cb:56:6b:
65:55:cb:5e:79:bd:0a:2d:68:9d:8e:2c:e6:7e:22:
ba:b0:58:c2:0a:3a:cb:fa:e1:a9:41:2e:6c:f5:aa:
c8:63:d2:1e:9a:89:f9:33:d6:65:4d:e8:f4:2d:ed:
40:57:b0:9f:c3:a8:7f:06:78:ad:0b:48:04:84:89:
01:1f:e2:0d:d4:5d:99:fd:5e:32:11:2a:0f:da:6d:
46:f1:a1:e2:d2:59:08:a3:86:a5:a3:f6:cb:e7:40:
6d:47:c8:bc:62:37:55:87:07:ab:ef:17:6b:da:be:
70:3e:7d:2b:83:22:4b:2c:33:21:ba:35:02:db:1e:
b1:ec:c7:61:44:ea:a4:26:46:98:37:8a:66:e5:de:
30:5e:3a:dc:81:48:4f:aa:56:f0:bb:68:63:c2:c1:
c5:99:9f:05:ed:2c:1b:51:a3:ce:38:61:85:09:95:
bf:7e:bc:14:93:bd:35:e4:b6:ca:e6:f3:c1:cc:eb:
e6:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:0F:35:2E:D3:CF:67:C1:05:20:4D:60:32:AE:E0:69:7F:47:A9:D5
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/C4AE4058B92411EC870E3F42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
26:d8:8a:d9:21:24:b7:e9:0a:76:20:3f:f3:e1:8a:bd:cc:ad:
c3:55:15:ee:3b:ec:5b:6f:af:a9:3c:69:34:97:01:3b:d3:b6:
cb:fe:b8:2f:01:80:f5:bf:9f:a6:db:d1:69:c4:83:66:ed:20:
65:0a:43:54:35:92:1a:3e:ad:08:0c:75:94:16:65:4c:89:9c:
9d:e1:ea:2c:6e:c7:80:38:96:d0:c5:cc:62:a4:68:5f:6e:31:
5e:6d:32:82:56:5c:0b:e7:fc:df:af:b8:5f:5c:60:cd:0e:fe:
d9:39:6f:96:1f:ea:2e:74:3e:c6:13:bb:1d:dd:f6:c1:04:c3:
7c:2e:01:76:d4:77:a2:b8:aa:1b:b7:d4:05:78:eb:e1:19:fc:
01:3b:d3:78:40:36:a3:ef:8b:e9:3d:83:49:60:d3:2c:38:08:
db:ab:11:a9:32:fb:40:78:ca:8b:7d:64:c7:e2:95:39:6b:ed:
e6:40:fe:ff:f7:0e:85:84:79:e5:71:2b:4c:7d:bd:7b:50:98:
9a:93:0e:ad:9e:cb:17:85:b2:24:f5:cf:3a:aa:05:d9:5d:dc:
cb:01:95:1f:f2:77:46:7d:6f:25:21:09:95:5f:f6:5d:b0:da:
bc:24:39:a6:34:61:97:0b:01:2c:50:1d:b4:72:ae:23:f3:fb:
81:7d:ff:22
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOLAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNDExMTEyMDA5WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjU0MGVlOC1hYTk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwe6zVo4Vpgzr4yhY61gTnJ+438l8V8DwkBCBFf5bUBPImotz7Fok/5Jb3ZSZ
LsdcM6few0YxJHYsq7Ix67P4HcBiDQf9DzLLVmtlVcteeb0KLWidjizmfiK6sFjC
CjrL+uGpQS5s9arIY9Iemon5M9ZlTej0Le1AV7Cfw6h/BnitC0gEhIkBH+IN1F2Z
/V4yESoP2m1G8aHi0lkIo4alo/bL50BtR8i8YjdVhwer7xdr2r5wPn0rgyJLLDMh
ujUC2x6x7MdhROqkJkaYN4pm5d4wXjrcgUhPqlbwu2hjwsHFmZ8F7SwbUaPOOGGF
CZW/frwUk7015LbK5vPBzOvmYQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDsPNS7T
z2fBBSBNYDKu4Gl/R6nVMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvQzRBRTQwNThC
OTI0MTFFQzg3MEUzRjQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAJtiK2SEkt+kKdiA/8+GKvcytw1UV7jvsW2+vqTxpNJcBO9O2y/64LwGA
9b+fptvRacSDZu0gZQpDVDWSGj6tCAx1lBZlTImcneHqLG7HgDiW0MXMYqRoX24x
Xm0yglZcC+f836+4X1xgzQ7+2Tlvlh/qLnQ+xhO7Hd32wQTDfC4BdtR3oriqG7fU
BXjr4Rn8ATvTeEA2o++L6T2DSWDTLDgI26sRqTL7QHjKi31kx+KVOWvt5kD+//cO
hYR55XErTH29e1CYmpMOrZ7LF4WyJPXPOqoF2V3cywGVH/J3Rn1vJSEJlV/2XbDa
vCQ5pjRhlwsBLFAdtHKuI/P7gX3/Ig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:52 2024 by rpki-client on console-ams.rpki-client.org