Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/DDFDD1B49A3311EC9620FF81C4F9AE02.roa
File: DDFDD1B49A3311EC9620FF81C4F9AE02.roa (raw, json)
Hash identifier: XeRz7YSpQ+BEBQhMb3F/ZFOWNOttwPUuRyVaCvzW270=
Subject key identifier: 97:B8:6A:C2:E9:28:DC:75:57:DC:29:3D:04:B7:B8:4B:39:D7:D3:F4
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3781
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/DDFDD1B49A3311EC9620FF81C4F9AE02.roa
Signing time: Wed 02 Mar 2022 14:20:10 +0000
ROA not before: Wed 02 Mar 2022 14:20:10 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14209 (0x3781)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Mar 2 14:20:10 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=621f7d1a-e92c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:1b:3c:c3:16:d2:0d:1c:98:8b:0c:08:6d:43:
51:84:cc:54:5e:d8:e6:55:57:60:ba:18:43:93:eb:
56:6b:94:35:92:98:f5:dd:02:6e:17:65:5c:1a:ba:
ea:d3:b7:0f:75:72:8a:1f:23:d6:21:5c:2b:92:b1:
78:8a:10:4f:e2:a9:ce:7a:64:13:9e:de:2f:f1:11:
90:84:a6:9e:69:f7:08:39:b2:bd:fc:d1:1b:da:11:
e7:75:eb:fb:99:5b:33:af:c5:e8:78:4e:f3:be:34:
14:17:93:9f:67:4f:04:0a:9a:4f:2b:67:23:e6:d4:
c5:1f:fe:85:78:a7:53:e1:a7:1e:81:06:3e:da:33:
55:df:09:d1:25:d2:ef:2a:32:81:e7:fc:27:13:ec:
b7:66:96:cb:46:f6:e2:30:41:da:5e:fa:94:25:28:
c5:ac:77:89:ba:b5:54:10:4b:eb:65:5f:fc:7f:07:
2a:98:37:93:e3:1a:7b:07:72:19:95:d8:0a:da:2e:
7c:37:02:52:f7:62:e0:e5:ca:6f:d9:23:11:33:4c:
fa:d5:64:9f:b5:3e:17:bd:90:61:36:5c:1b:c2:bd:
4e:ac:ec:f5:64:62:5e:b5:ef:24:ac:fb:91:2c:e3:
9e:04:f6:33:6b:45:ae:ca:9d:39:fb:7a:e6:3d:11:
cb:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B8:6A:C2:E9:28:DC:75:57:DC:29:3D:04:B7:B8:4B:39:D7:D3:F4
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/DDFDD1B49A3311EC9620FF81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/24
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
6e:df:e3:d7:cb:d3:77:23:64:56:17:49:66:4a:a6:37:4c:72:
a1:fc:02:04:65:6f:bd:10:ed:77:9f:f6:f0:53:b3:57:b0:2f:
04:81:7a:83:35:03:73:22:04:f1:6f:2d:f9:a2:f6:75:1e:d7:
a1:13:d5:cf:81:a2:92:10:f9:7f:7e:4f:f6:d1:c3:09:37:42:
13:74:ac:66:b7:4f:f0:31:3f:5b:3c:e5:f7:ed:19:08:34:a9:
17:b3:34:d1:ba:cc:69:c5:e7:52:d5:7d:17:b6:28:a1:a5:85:
96:c3:e6:a8:c2:fb:89:78:d1:c0:b9:19:51:8a:a7:ad:d4:80:
52:a0:4e:b2:a3:8a:e1:95:2b:4d:2c:ee:cf:46:1e:5b:78:51:
74:f2:d1:a6:8c:e1:84:cf:e9:54:a2:68:1c:68:a9:73:d6:14:
04:ad:19:5e:7e:32:6c:77:58:0e:3e:9f:e8:61:00:7f:1c:5c:
3b:1b:b6:cf:b2:46:e1:58:52:0e:54:02:de:cd:23:f2:f9:72:
45:c4:ca:d6:6a:da:36:a6:70:dd:cc:ef:cf:63:68:c5:a8:aa:
6c:06:cd:81:f9:8f:16:87:59:be:fd:9b:23:24:68:2f:2a:a4:
0d:61:b4:e6:f4:bf:a9:28:f6:cd:15:ba:c4:7d:a3:fd:8b:70:
fc:bd:af:3d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICN4EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMzAyMTQyMDEwWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjFmN2QxYS1lOTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5Rs8wxbSDRyYiwwIbUNRhMxUXtjmVVdguhhDk+tWa5Q1kpj13QJuF2VcGrrq
07cPdXKKHyPWIVwrkrF4ihBP4qnOemQTnt4v8RGQhKaeafcIObK9/NEb2hHndev7
mVszr8XoeE7zvjQUF5OfZ08ECppPK2cj5tTFH/6FeKdT4acegQY+2jNV3wnRJdLv
KjKB5/wnE+y3ZpbLRvbiMEHaXvqUJSjFrHeJurVUEEvrZV/8fwcqmDeT4xp7B3IZ
ldgK2i58NwJS92Lg5cpv2SMRM0z61WSftT4XvZBhNlwbwr1OrOz1ZGJete8krPuR
LOOeBPYza0Wuyp05+3rmPRHL3wIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFJe4asLp
KNx1V9wpPQS3uEs519P0MB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvRERGREQxQjQ5
QTMzMTFFQzk2MjBGRjgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAbt/j18vTdyNkVhdJZkqmN0xyofwCBGVvvRDtd5/28FOzV7AvBIF6gzUD
cyIE8W8t+aL2dR7XoRPVz4GikhD5f35P9tHDCTdCE3SsZrdP8DE/Wzzl9+0ZCDSp
F7M00brMacXnUtV9F7YooaWFlsPmqML7iXjRwLkZUYqnrdSAUqBOsqOK4ZUrTSzu
z0YeW3hRdPLRpozhhM/pVKJoHGipc9YUBK0ZXn4ybHdYDj6f6GEAfxxcOxu2z7JG
4VhSDlQC3s0j8vlyRcTK1mraNqZw3czvz2NoxaiqbAbNgfmPFodZvv2bIyRoLyqk
DWG05vS/qSj2zRW6xH2j/Ytw/L2vPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org