Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/C5FB3EAC8DB411EC88B5A709C4F9AE02.roa
File: C5FB3EAC8DB411EC88B5A709C4F9AE02.roa (raw, json)
Hash identifier: T2VuGzWll5AhoQgCw6YwWmR1nolIcfq9IYIGYpsUy2w=
Subject key identifier: EE:59:44:60:54:9E:39:AF:A1:8E:CC:9B:5F:51:5B:E0:1F:2A:8A:D2
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 36D4
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/C5FB3EAC8DB411EC88B5A709C4F9AE02.roa
Signing time: Mon 14 Feb 2022 16:40:10 +0000
ROA not before: Mon 14 Feb 2022 16:40:10 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14036 (0x36d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Feb 14 16:40:10 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=620a85ea-4418
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8c:9c:58:ca:14:52:c1:4b:93:6f:68:6d:55:
ba:72:94:da:03:4d:9d:e1:88:a5:10:d7:f4:b0:60:
7b:a4:4b:cc:f3:15:95:b7:ab:ba:c2:f9:39:ea:ef:
1d:6e:11:93:86:b0:91:c2:4f:f1:91:93:b6:cb:b3:
8b:9b:e1:d1:17:85:31:db:4f:4d:c2:39:64:d5:8f:
a8:20:31:e9:f2:82:16:6f:b5:be:eb:1d:40:02:30:
7a:31:5f:15:dd:63:89:ba:08:ce:01:ed:59:89:65:
21:ca:43:86:15:6c:3b:ca:fe:2e:d0:58:29:f6:b4:
97:55:0f:ba:20:30:e0:33:16:1b:83:f7:f1:c2:b7:
5a:d0:9c:33:a1:63:67:b9:f6:cc:27:b0:39:fc:57:
9a:f4:10:d5:fe:09:e7:71:eb:e1:92:7f:c5:49:fe:
88:65:77:df:91:90:b6:83:bb:e2:b0:92:4e:f0:63:
4b:95:9c:ca:fa:1d:0b:8b:3f:f1:97:9b:4f:76:39:
b1:c9:b5:db:b9:55:7a:d8:9d:56:5d:b6:21:69:0d:
6f:f1:d1:5e:00:11:30:02:14:de:04:15:08:78:f2:
d3:02:93:39:82:26:bd:70:d0:f0:1c:97:d4:1e:d9:
1e:50:5f:58:20:ad:5e:2c:d4:c5:ab:cf:99:27:b8:
f6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:59:44:60:54:9E:39:AF:A1:8E:CC:9B:5F:51:5B:E0:1F:2A:8A:D2
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/C5FB3EAC8DB411EC88B5A709C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/24
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
a5:56:1a:1b:22:e9:e7:a2:a1:86:e3:14:9b:8c:c2:df:2b:42:
e1:f9:85:66:f5:17:25:ba:77:40:5f:eb:0a:b1:6e:41:b8:af:
ed:ce:96:83:41:8f:c8:53:cb:79:c9:a1:43:aa:ec:97:36:e8:
ee:af:10:29:81:5a:bf:5d:d2:ed:46:11:ef:85:98:17:77:75:
e7:17:9b:99:08:87:c1:d2:32:1f:d8:3d:d1:44:6a:f9:91:89:
2e:17:2b:f0:27:e3:26:de:e6:9b:9e:0a:e6:ac:89:4b:52:f6:
39:b3:c9:2a:64:e5:b1:9f:1a:e7:10:6b:67:f1:f8:00:7e:dd:
47:4a:fe:9b:fb:00:bb:68:e6:46:35:0b:28:8a:28:f4:81:ad:
df:9d:76:77:79:17:ca:c2:76:df:33:0d:eb:ac:fa:6b:aa:8b:
da:c9:85:56:34:0a:bf:25:c6:79:c4:d7:6c:b1:97:ea:49:45:
1d:ae:03:ec:cb:88:f6:e6:e7:43:2c:fb:19:cc:f9:4a:51:56:
80:b7:a9:8e:97:83:9a:f7:18:68:91:60:c2:78:70:f0:9f:45:
a8:a0:1f:99:d7:12:7c:2f:ae:83:56:10:bb:eb:14:13:76:51:
aa:7e:f1:92:3f:d7:78:32:ae:fb:27:d9:06:2f:78:de:52:54:
83:d9:f2:ce
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICNtQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMjE0MTY0MDEwWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjBhODVlYS00NDE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx4ycWMoUUsFLk29obVW6cpTaA02d4YilENf0sGB7pEvM8xWVt6u6wvk56u8d
bhGThrCRwk/xkZO2y7OLm+HRF4Ux209Nwjlk1Y+oIDHp8oIWb7W+6x1AAjB6MV8V
3WOJugjOAe1ZiWUhykOGFWw7yv4u0Fgp9rSXVQ+6IDDgMxYbg/fxwrda0JwzoWNn
ufbMJ7A5/Fea9BDV/gnncevhkn/FSf6IZXffkZC2g7visJJO8GNLlZzK+h0Liz/x
l5tPdjmxybXbuVV62J1WXbYhaQ1v8dFeABEwAhTeBBUIePLTApM5gia9cNDwHJfU
HtkeUF9YIK1eLNTFq8+ZJ7j2kwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFO5ZRGBU
njmvoY7Mm19RW+AfKorSMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvQzVGQjNFQUM4
REI0MTFFQzg4QjVBNzA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEApVYaGyLp56KhhuMUm4zC3ytC4fmFZvUXJbp3QF/rCrFuQbiv7c6Wg0GP
yFPLecmhQ6rslzbo7q8QKYFav13S7UYR74WYF3d15xebmQiHwdIyH9g90URq+ZGJ
Lhcr8CfjJt7mm54K5qyJS1L2ObPJKmTlsZ8a5xBrZ/H4AH7dR0r+m/sAu2jmRjUL
KIoo9IGt3512d3kXysJ23zMN66z6a6qL2smFVjQKvyXGecTXbLGX6klFHa4D7MuI
9ubnQyz7Gcz5SlFWgLepjpeDmvcYaJFgwnhw8J9FqKAfmdcSfC+ug1YQu+sUE3ZR
qn7xkj/XeDKu+yfZBi943lJUg9nyzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:52 2024 by rpki-client on console-ams.rpki-client.org