Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/E555312CCFB311ECA667C268C4F9AE02.roa
File: E555312CCFB311ECA667C268C4F9AE02.roa (raw, json)
Hash identifier: MOmvC9X51LAi8rdwPHxmJoMbIqLvZPjJgu2w5lgtgZg=
Subject key identifier: 3D:35:13:7B:83:53:79:B2:90:DF:CC:7F:B6:9B:D2:67:FC:03:F1:CD
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 39FC
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/E555312CCFB311ECA667C268C4F9AE02.roa
Signing time: Mon 09 May 2022 16:20:10 +0000
ROA not before: Mon 09 May 2022 16:20:10 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14844 (0x39fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: May 9 16:20:10 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=62793f39-17a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:03:ee:e1:ed:de:29:89:a1:06:bf:69:1e:1a:
e8:1d:a5:e9:eb:2b:4c:f8:8f:0a:65:d2:3d:06:88:
ba:76:32:14:40:fe:13:c7:94:e1:57:34:be:72:16:
9c:1c:8b:4c:9b:0b:92:98:74:76:9d:cd:69:93:c1:
ad:6e:ab:33:ba:28:9d:bb:1e:af:f9:e8:06:97:a2:
31:7a:d1:6b:60:b7:1e:f8:e8:7a:79:d8:73:ef:b2:
f2:fc:32:14:fc:12:3a:16:b3:6e:84:d7:e6:d1:44:
01:2d:f3:8e:72:ca:14:a4:06:a9:30:c2:d4:4e:1f:
fa:52:57:d3:78:bb:76:43:a2:7e:e8:71:29:cd:77:
52:a7:fc:db:53:66:12:f9:74:01:98:dd:98:74:3e:
d1:2e:46:57:9c:c3:04:82:44:7c:b5:c4:d2:2a:79:
44:dc:41:d1:8c:50:16:84:1f:f1:7d:33:9d:fa:7e:
9c:42:2c:20:05:d2:4d:04:ee:72:57:8b:f5:79:8e:
60:11:90:b9:99:73:dc:7e:d4:39:62:f3:51:f0:20:
3b:4e:52:79:33:3f:b8:f3:8a:99:84:62:7b:11:50:
6f:16:da:86:86:ab:fd:87:bc:b1:0d:b8:72:7a:13:
32:98:fa:a8:9b:9b:0f:51:73:3e:22:bc:b8:c2:33:
7c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:35:13:7B:83:53:79:B2:90:DF:CC:7F:B6:9B:D2:67:FC:03:F1:CD
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/E555312CCFB311ECA667C268C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/24
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
43:65:44:42:45:1a:60:68:58:2d:b4:b9:f5:50:12:5a:79:e6:
2a:ca:08:73:e9:bc:02:a0:ca:ad:77:f3:66:6a:55:da:58:a6:
61:8b:0a:48:9c:02:49:21:af:d4:95:2a:99:9a:1a:dd:de:99:
08:74:5a:bb:21:c6:12:bc:9e:44:dc:36:e0:5c:68:4f:0a:b5:
2e:dd:a6:74:af:3b:b1:6f:0e:45:8e:49:3e:68:d8:ae:3a:60:
65:12:b0:c0:3b:4e:de:2c:98:9a:f8:49:b9:1c:97:00:79:2e:
93:5a:85:a5:b6:56:20:18:87:a0:b1:ee:da:0f:e5:b7:c2:da:
da:1b:43:0b:5b:cc:5c:6e:d6:bc:3c:82:b2:c8:60:f3:84:02:
1a:14:0c:d4:b0:39:43:1d:11:bb:c5:9e:5c:35:35:17:8a:a0:
ef:55:6f:96:62:65:fb:00:39:e8:84:80:5b:01:6d:8e:5e:c8:
0e:5c:44:45:02:49:e9:e3:66:5d:69:35:f7:2c:43:ff:3e:03:
28:40:9f:e3:1b:d4:1c:25:6a:48:e6:f3:ba:4f:11:50:5a:9e:
36:48:fa:2b:e6:b4:b2:54:50:73:ad:2a:db:87:69:98:2f:70:
c8:45:62:64:eb:5f:f1:8d:2e:4a:8f:ec:0a:ad:9f:c3:4e:4a:
fb:ee:49:64
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOfwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNTA5MTYyMDEwWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjc5M2YzOS0xN2E5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtQPu4e3eKYmhBr9pHhroHaXp6ytM+I8KZdI9Boi6djIUQP4Tx5ThVzS+chac
HItMmwuSmHR2nc1pk8Gtbqszuiidux6v+egGl6IxetFrYLce+Oh6edhz77Ly/DIU
/BI6FrNuhNfm0UQBLfOOcsoUpAapMMLUTh/6UlfTeLt2Q6J+6HEpzXdSp/zbU2YS
+XQBmN2YdD7RLkZXnMMEgkR8tcTSKnlE3EHRjFAWhB/xfTOd+n6cQiwgBdJNBO5y
V4v1eY5gEZC5mXPcftQ5YvNR8CA7TlJ5Mz+484qZhGJ7EVBvFtqGhqv9h7yxDbhy
ehMymPqom5sPUXM+Iry4wjN83QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFD01E3uD
U3mykN/Mf7ab0mf8A/HNMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvRTU1NTMxMkND
RkIzMTFFQ0E2NjdDMjY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAQ2VEQkUaYGhYLbS59VASWnnmKsoIc+m8AqDKrXfzZmpV2limYYsKSJwC
SSGv1JUqmZoa3d6ZCHRauyHGEryeRNw24FxoTwq1Lt2mdK87sW8ORY5JPmjYrjpg
ZRKwwDtO3iyYmvhJuRyXAHkuk1qFpbZWIBiHoLHu2g/lt8La2htDC1vMXG7WvDyC
sshg84QCGhQM1LA5Qx0Ru8WeXDU1F4qg71VvlmJl+wA56ISAWwFtjl7IDlxERQJJ
6eNmXWk19yxD/z4DKECf4xvUHCVqSObzuk8RUFqeNkj6K+a0slRQc60q24dpmC9w
yEViZOtf8Y0uSo/sCq2fw05K++5JZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org