Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/CFF7E4FAA07411EC8918302FC4F9AE02.roa
File: CFF7E4FAA07411EC8918302FC4F9AE02.roa (raw, json)
Hash identifier: mLXCV9g10tQLydGAYZezJ4yvWnSOqS4CMADjM2x8Awk=
Subject key identifier: B4:F3:4F:D8:BD:08:08:D5:0C:46:41:12:01:8D:91:A4:01:96:00:FC
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 37DE
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/CFF7E4FAA07411EC8918302FC4F9AE02.roa
Signing time: Thu 10 Mar 2022 13:20:11 +0000
ROA not before: Thu 10 Mar 2022 13:20:11 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14302 (0x37de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Mar 10 13:20:11 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=6229fb0b-d648
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:90:91:b7:9d:6d:df:88:b4:f8:43:10:47:0d:
0a:c2:81:b7:b5:70:9a:03:be:7c:af:26:a8:df:12:
55:80:2f:86:82:ef:86:39:5b:45:50:cb:d2:96:d6:
e3:3a:ab:fd:2f:3b:26:b6:01:c6:cc:74:2a:ff:93:
eb:84:9c:d9:03:67:8f:de:bf:a9:0b:22:6a:35:7e:
da:fb:41:06:13:93:63:a5:d9:a8:0e:01:4e:db:08:
02:ef:99:87:56:61:76:86:a3:2a:85:5d:9f:dc:fd:
da:8a:2b:4a:73:a4:ff:66:05:dc:7d:fa:4d:f8:93:
b8:65:b2:3b:87:93:0c:b3:0b:a5:78:97:3a:c7:62:
8e:e8:96:b2:6c:05:be:43:b5:c7:d5:4b:14:29:68:
19:17:71:0b:39:f4:fc:fc:fa:c3:3d:7e:d3:a5:22:
ec:9a:54:76:d6:fa:96:5a:a6:c4:ab:a0:f8:6c:2e:
83:a9:b7:cf:35:0d:8a:bb:c0:8c:f9:a6:ed:02:4d:
d6:24:56:c4:d6:93:39:20:49:19:e6:e3:78:28:c7:
86:50:c6:37:58:2d:b4:7c:94:1c:8a:d1:f3:d3:43:
52:13:17:36:47:b9:1d:cf:e8:ef:81:25:bf:75:13:
6d:16:44:4d:e0:bf:22:f1:58:ca:a4:a2:39:e2:1b:
cc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F3:4F:D8:BD:08:08:D5:0C:46:41:12:01:8D:91:A4:01:96:00:FC
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/CFF7E4FAA07411EC8918302FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/48
Signature Algorithm: sha256WithRSAEncryption
4a:a1:b9:fc:00:35:17:26:fd:65:00:e1:61:27:3d:d6:4d:f3:
8d:24:be:87:fd:d4:ad:d6:0b:c2:ec:2f:ce:7d:60:07:96:28:
10:85:ec:ae:ac:50:89:64:86:42:65:d7:80:4a:29:aa:bc:e1:
03:e9:c3:0e:32:3b:c8:78:a6:66:b5:6f:52:68:c4:f5:dc:1a:
a5:fa:df:12:a9:2f:2d:0c:c7:47:c8:cf:83:13:e0:ea:a6:50:
0f:b3:43:06:e1:0b:95:c1:12:36:49:73:f9:52:8f:6a:b5:6a:
7d:c4:da:ec:6d:b7:a4:52:28:58:22:6e:37:20:35:29:54:18:
7a:ba:45:df:eb:64:f2:fc:47:c8:a9:29:2a:9f:f8:11:49:4c:
f5:aa:df:70:a5:df:b0:98:d2:a2:75:0b:7c:ed:fb:d7:63:12:
0d:6f:b2:6c:84:0c:14:b9:51:c0:48:df:54:0e:95:51:2c:87:
cb:ab:73:ff:0a:2c:52:29:5f:be:de:99:da:4e:24:07:ed:9c:
88:95:9e:2d:f5:14:e8:d9:c5:6b:70:03:c9:e9:4f:82:f5:88:
14:58:92:c4:28:b4:fd:b1:f8:3b:e2:c9:33:da:1e:2b:58:6e:
bc:18:e4:51:17:d5:e3:38:2e:5d:b7:69:0d:3d:f8:7a:41:41:
0b:63:42:69
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICN94wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMzEwMTMyMDExWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjI5ZmIwYi1kNjQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs5CRt51t34i0+EMQRw0KwoG3tXCaA758ryao3xJVgC+Ggu+GOVtFUMvSltbj
Oqv9LzsmtgHGzHQq/5PrhJzZA2eP3r+pCyJqNX7a+0EGE5NjpdmoDgFO2wgC75mH
VmF2hqMqhV2f3P3aiitKc6T/ZgXcffpN+JO4ZbI7h5MMswuleJc6x2KO6JaybAW+
Q7XH1UsUKWgZF3ELOfT8/PrDPX7TpSLsmlR21vqWWqbEq6D4bC6DqbfPNQ2Ku8CM
+abtAk3WJFbE1pM5IEkZ5uN4KMeGUMY3WC20fJQcitHz00NSExc2R7kdz+jvgSW/
dRNtFkRN4L8i8VjKpKI54hvMTQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFLTzT9i9
CAjVDEZBEgGNkaQBlgD8MB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvQ0ZGN0U0RkFB
MDc0MTFFQzg5MTgzMDJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHACABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEASqG5/AA1Fyb9ZQDhYSc91k3zjSS+h/3UrdYLwuwvzn1gB5YoEIXsrqxQ
iWSGQmXXgEopqrzhA+nDDjI7yHimZrVvUmjE9dwapfrfEqkvLQzHR8jPgxPg6qZQ
D7NDBuELlcESNklz+VKParVqfcTa7G23pFIoWCJuNyA1KVQYerpF3+tk8vxHyKkp
Kp/4EUlM9arfcKXfsJjSonULfO3712MSDW+ybIQMFLlRwEjfVA6VUSyHy6tz/wos
Uilfvt6Z2k4kB+2ciJWeLfUU6NnFa3ADyelPgvWIFFiSxCi0/bH4O+LJM9oeK1hu
vBjkURfV4zguXbdpDT34ekFBC2NCaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org