Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/E085A8C0D12F11EC9A405152C4F9AE02.roa
File: E085A8C0D12F11EC9A405152C4F9AE02.roa (raw, json)
Hash identifier: kdQKDlGpS/Pq2lpNbi1NsjNj2Bjaev6A2B5LyS76eYo=
Subject key identifier: 0E:D9:A1:58:FC:B0:7F:A1:DB:C6:4D:5D:5B:71:5F:F1:4B:0B:C5:29
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3A10
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/E085A8C0D12F11EC9A405152C4F9AE02.roa
Signing time: Wed 11 May 2022 13:40:11 +0000
ROA not before: Wed 11 May 2022 13:40:11 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14864 (0x3a10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: May 11 13:40:11 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=627bbcba-a76d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:06:00:39:99:cd:46:68:82:82:86:fe:c9:08:
33:85:8e:63:dd:e3:04:1f:25:d1:9c:a5:19:1a:68:
1c:c2:ce:eb:f6:40:37:cd:f1:00:73:70:08:45:d0:
74:9e:15:ca:40:73:a2:39:97:21:89:68:30:aa:24:
3d:5e:21:a4:45:1f:a9:f5:1c:aa:c7:e0:fb:43:f4:
2b:15:a3:ee:44:db:e0:9f:3f:a1:ad:06:10:4a:32:
7b:16:ba:b8:49:09:d8:38:79:a6:b3:d2:ea:87:05:
a5:44:4e:c3:06:5a:e5:3e:27:c8:3b:41:47:9c:53:
12:5d:2d:9f:c5:e0:15:0e:4e:52:e3:79:ac:dc:62:
ad:6f:cb:30:38:c7:c6:11:c5:75:d5:b3:f2:ef:f5:
01:0a:cb:30:85:6f:f6:47:7c:03:00:74:ee:9e:8e:
33:d8:12:39:31:d4:13:8c:53:9f:87:b1:55:8f:be:
3b:63:d0:79:3f:71:da:71:59:93:10:d1:d8:1d:3a:
00:fe:77:e8:a3:e9:c7:31:c6:27:65:10:cb:86:cc:
fb:05:d2:11:7d:d5:2a:27:f1:d2:44:88:1d:71:98:
c8:61:af:ec:eb:42:d7:b2:7f:99:ad:d4:6c:82:bd:
fb:88:e9:3a:dc:37:82:cc:f9:cf:41:56:06:7d:92:
b9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:D9:A1:58:FC:B0:7F:A1:DB:C6:4D:5D:5B:71:5F:F1:4B:0B:C5:29
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/E085A8C0D12F11EC9A405152C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/24
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
46:97:0f:e3:03:b6:df:6b:6a:1a:53:ba:36:f9:b0:0b:96:d8:
dc:02:5c:aa:13:b7:a7:64:a1:90:4c:45:46:b7:a8:40:d8:b9:
21:8e:fb:12:7f:b2:a4:37:a8:3f:6a:93:be:91:8b:3d:25:e8:
ea:42:02:e1:60:2e:14:52:1a:19:31:3b:32:73:ea:ff:e2:ed:
44:32:43:35:d8:66:27:ac:88:63:f0:7f:50:6d:d9:78:a3:e7:
bf:b4:77:00:9c:57:5b:9a:06:e4:25:be:d5:82:39:0d:7d:7c:
58:50:7c:fe:9e:9a:0d:af:48:25:3b:d4:cb:25:0a:da:70:99:
4c:94:0a:b6:d9:22:91:7d:bd:b5:db:56:de:e2:10:0a:96:74:
86:f9:d7:0d:c6:98:5b:bc:2b:df:df:28:39:b9:06:40:57:b0:
a4:b2:11:92:b3:ce:1d:69:7b:ff:bb:3e:d3:74:6f:e9:5d:8d:
a9:dd:7b:f1:15:e4:43:29:74:d6:c8:6d:3e:1d:20:5a:c3:57:
a5:6b:c9:12:85:73:e2:d1:5b:22:b1:a8:6a:1e:cc:4e:ee:ca:
1d:29:bb:46:6e:c7:94:07:e6:b0:65:af:41:83:34:bb:86:c1:
71:c1:a9:4d:6b:20:a8:d9:f5:e4:e6:65:9f:0d:7f:9e:e8:d4:
4b:ba:49:e0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOhAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNTExMTM0MDExWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjdiYmNiYS1hNzZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlQYAOZnNRmiCgob+yQgzhY5j3eMEHyXRnKUZGmgcws7r9kA3zfEAc3AIRdB0
nhXKQHOiOZchiWgwqiQ9XiGkRR+p9Ryqx+D7Q/QrFaPuRNvgnz+hrQYQSjJ7Frq4
SQnYOHmms9LqhwWlRE7DBlrlPifIO0FHnFMSXS2fxeAVDk5S43ms3GKtb8swOMfG
EcV11bPy7/UBCsswhW/2R3wDAHTuno4z2BI5MdQTjFOfh7FVj747Y9B5P3HacVmT
ENHYHToA/nfoo+nHMcYnZRDLhsz7BdIRfdUqJ/HSRIgdcZjIYa/s60LXsn+ZrdRs
gr37iOk63DeCzPnPQVYGfZK5gwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFA7ZoVj8
sH+h28ZNXVtxX/FLC8UpMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvRTA4NUE4QzBE
MTJGMTFFQzlBNDA1MTUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEARpcP4wO232tqGlO6NvmwC5bY3AJcqhO3p2ShkExFRreoQNi5IY77En+y
pDeoP2qTvpGLPSXo6kIC4WAuFFIaGTE7MnPq/+LtRDJDNdhmJ6yIY/B/UG3ZeKPn
v7R3AJxXW5oG5CW+1YI5DX18WFB8/p6aDa9IJTvUyyUK2nCZTJQKttkikX29tdtW
3uIQCpZ0hvnXDcaYW7wr398oObkGQFewpLIRkrPOHWl7/7s+03Rv6V2Nqd178RXk
Qyl01shtPh0gWsNXpWvJEoVz4tFbIrGoah7MTu7KHSm7Rm7HlAfmsGWvQYM0u4bB
ccGpTWsgqNn15OZlnw1/nujUS7pJ4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:52 2024 by rpki-client on console-ams.rpki-client.org