Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/EBC6D082A55211ECA8DEF181C4F9AE02.roa
File: EBC6D082A55211ECA8DEF181C4F9AE02.roa (raw, json)
Hash identifier: sgCn4oGtULg6jzoXK4YCf9HDiMvVsu4Un32QWBun4I0=
Subject key identifier: 4E:C7:2A:38:9D:E7:5B:66:13:0B:A2:D5:88:37:B9:A5:73:7D:EC:E5
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3824
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/EBC6D082A55211ECA8DEF181C4F9AE02.roa
Signing time: Thu 17 Mar 2022 05:40:10 +0000
ROA not before: Thu 17 Mar 2022 05:40:10 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14372 (0x3824)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Mar 17 05:40:10 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=6232c9ba-9d87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:0e:12:30:8a:0d:82:1b:73:46:4e:6b:5c:49:
89:7c:c1:5f:f5:46:7c:5e:fb:f1:a0:b5:1e:e5:94:
f7:bc:fb:f0:5a:4b:64:e7:22:34:e1:4b:eb:ab:45:
56:ee:32:57:c7:db:3c:06:8e:88:16:2f:ba:d4:ab:
68:58:69:13:87:10:3f:27:e2:59:90:0c:56:72:61:
eb:6b:45:9e:3e:00:c2:5f:03:4e:68:f4:a6:12:25:
34:d6:db:4c:60:17:d8:0c:25:02:3f:7c:45:9b:94:
20:22:4f:d9:ba:a5:e6:45:89:46:e8:81:7b:23:4c:
ff:b6:58:35:8d:8d:c7:2f:0d:68:d0:1a:71:65:21:
db:94:7a:5e:5a:74:56:76:99:12:f7:b7:9f:79:1b:
1e:fa:5d:76:3c:9f:a2:28:68:39:d1:d4:58:bf:2c:
76:7b:ae:37:e8:c9:d7:3e:ff:18:b3:ba:c7:d1:25:
0e:a7:84:21:ad:17:60:b2:c3:73:1a:7b:40:54:f5:
0f:c0:f8:4e:b1:26:d9:ab:c9:f6:c7:74:93:c8:3e:
21:98:69:96:36:ab:12:58:f2:e4:e7:c2:cf:19:af:
05:80:76:8e:20:de:99:2b:f9:86:35:ce:00:2a:68:
f7:ee:32:6d:cd:57:50:f4:37:f1:c4:90:34:0e:51:
f1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:C7:2A:38:9D:E7:5B:66:13:0B:A2:D5:88:37:B9:A5:73:7D:EC:E5
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/EBC6D082A55211ECA8DEF181C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
15:51:e6:2f:d3:75:f3:a1:15:ba:37:0e:34:a8:9f:f0:db:ab:
80:e5:53:49:ad:2f:c3:34:ef:6c:f1:8d:57:51:a8:00:56:1c:
48:58:70:a9:c4:f2:09:d8:7e:60:9a:97:1b:bd:eb:3d:8b:50:
33:28:13:5a:a8:6d:de:7e:0d:0c:90:15:ae:f5:e6:93:3d:68:
30:bd:d9:d5:73:01:d3:54:be:be:98:83:76:48:a5:6d:74:51:
71:d9:27:31:f6:b8:56:47:a4:f0:b1:d8:60:51:ba:ca:7b:75:
a9:83:fa:3e:5d:21:ff:09:10:96:50:12:48:a3:ab:e1:f8:76:
5b:39:78:4f:4d:fe:39:47:01:98:dc:c2:f1:93:ff:e5:01:a4:
28:6e:39:de:53:25:55:88:ea:76:f2:ea:b3:33:b7:20:60:cc:
a4:f0:78:3b:e4:96:a5:9f:ed:b2:b6:97:a5:39:44:d6:f5:b2:
62:03:7d:87:4b:d9:24:dc:bd:48:ce:25:8c:90:4c:0a:f4:d8:
f0:54:a6:9c:29:a2:d9:65:e3:5d:89:4c:a3:36:a6:86:65:2b:
0a:bc:a7:aa:22:9b:78:0d:7d:f7:e0:8c:37:ba:20:a7:14:99:
be:40:f5:fa:bb:2e:1a:ca:95:f6:7c:9e:3f:02:fd:c9:f5:6d:
37:0b:f0:59
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOCQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMzE3MDU0MDEwWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjMyYzliYS05ZDg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5g4SMIoNghtzRk5rXEmJfMFf9UZ8XvvxoLUe5ZT3vPvwWktk5yI04Uvrq0VW
7jJXx9s8Bo6IFi+61KtoWGkThxA/J+JZkAxWcmHra0WePgDCXwNOaPSmEiU01ttM
YBfYDCUCP3xFm5QgIk/ZuqXmRYlG6IF7I0z/tlg1jY3HLw1o0BpxZSHblHpeWnRW
dpkS97efeRse+l12PJ+iKGg50dRYvyx2e6436MnXPv8Ys7rH0SUOp4QhrRdgssNz
GntAVPUPwPhOsSbZq8n2x3STyD4hmGmWNqsSWPLk58LPGa8FgHaOIN6ZK/mGNc4A
Kmj37jJtzVdQ9DfxxJA0DlHxEwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFE7HKjid
51tmEwui1Yg3uaVzfezlMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvRUJDNkQwODJB
NTUyMTFFQ0E4REVGMTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAFVHmL9N186EVujcONKif8NurgOVTSa0vwzTvbPGNV1GoAFYcSFhwqcTy
Cdh+YJqXG73rPYtQMygTWqht3n4NDJAVrvXmkz1oML3Z1XMB01S+vpiDdkilbXRR
cdknMfa4Vkek8LHYYFG6ynt1qYP6Pl0h/wkQllASSKOr4fh2Wzl4T03+OUcBmNzC
8ZP/5QGkKG453lMlVYjqdvLqszO3IGDMpPB4O+SWpZ/tsraXpTlE1vWyYgN9h0vZ
JNy9SM4ljJBMCvTY8FSmnCmi2WXjXYlMozamhmUrCrynqiKbeA199+CMN7ogpxSZ
vkD1+rsuGsqV9nyePwL9yfVtNwvwWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org