Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/F20AC7089D5211ECA182B65FC4F9AE02.roa
File: F20AC7089D5211ECA182B65FC4F9AE02.roa (raw, json)
Hash identifier: vKhxKvty5Ma1GMcQs5DyWI2eR2YiGith58rFkqnhe9s=
Subject key identifier: 18:D7:88:DB:2C:2B:CD:3A:60:33:08:1D:21:64:84:39:4C:21:AA:AE
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 37B1
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/F20AC7089D5211ECA182B65FC4F9AE02.roa
Signing time: Sun 06 Mar 2022 13:40:12 +0000
ROA not before: Sun 06 Mar 2022 13:40:12 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14257 (0x37b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Mar 6 13:40:12 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=6224b9bb-e509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:76:e9:66:ac:b0:7b:b1:aa:80:18:c4:72:8a:
3e:de:05:37:09:f1:50:f4:6f:fd:1d:4f:82:9f:0a:
c8:9a:c5:a6:dd:71:97:2c:02:15:79:49:18:75:e8:
55:0e:a1:d1:d3:fd:6b:af:d0:b6:b1:eb:36:e8:23:
75:b7:c0:f5:d8:14:52:37:be:70:56:b2:f5:24:e1:
a4:0c:e3:97:63:0b:74:e0:0b:cf:1b:82:90:da:ab:
24:84:0b:4b:3a:b9:fa:a4:18:88:83:4e:2f:e7:6c:
66:ae:51:fb:4f:10:99:4a:a0:66:8b:13:ec:53:0b:
3d:82:cc:7a:91:e2:4d:39:4f:46:c9:e4:cd:32:0b:
ba:c5:7a:ae:99:fc:e0:c0:2e:12:c3:40:b2:46:44:
91:39:f6:7b:bf:b3:99:3c:eb:4a:47:0f:46:d6:18:
84:0c:c8:8d:48:19:35:67:a5:e6:3e:5c:86:d1:81:
1e:16:46:a7:58:a9:3c:1f:49:78:22:53:1b:1e:cc:
18:f0:13:e9:5d:d3:ec:83:5a:36:f1:3c:34:7c:47:
95:30:55:ab:63:83:03:e8:76:3f:b4:e9:1b:e7:7d:
a9:45:b6:95:aa:b0:23:39:33:fc:cd:d8:87:4e:a9:
7e:02:61:cd:4a:65:ba:d2:e6:4a:2b:c5:72:25:09:
14:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D7:88:DB:2C:2B:CD:3A:60:33:08:1D:21:64:84:39:4C:21:AA:AE
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/F20AC7089D5211ECA182B65FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/24
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
2e:f7:c3:c9:aa:e4:47:a7:d5:e2:de:7c:70:87:5e:fe:85:bb:
c4:c2:0c:fa:32:c2:d5:de:32:ed:a2:33:74:a0:c4:db:41:4d:
a8:46:c6:f1:0e:01:ee:ac:8b:d8:4d:d2:4b:d5:08:69:aa:8f:
a3:f5:3c:bc:93:a0:74:ad:d3:93:4b:be:26:5a:aa:04:e0:eb:
65:8a:30:be:87:84:b4:cc:06:75:de:34:04:3a:f6:87:d8:0f:
d5:6e:bf:4e:ad:64:bd:91:79:5d:79:4b:c3:49:32:46:25:13:
1b:50:66:73:a5:47:7c:ca:2a:7e:f0:d5:7a:e6:6f:51:ef:03:
f6:4c:1b:e3:19:9f:ef:a4:f3:8a:9f:ec:99:b7:94:57:49:12:
d1:e4:88:0d:c8:c3:94:3c:81:ba:06:17:fb:62:a2:5f:69:60:
c1:41:a6:bf:d5:55:10:4f:e6:13:9b:7d:7c:8e:e0:4e:2a:de:
b4:dc:9b:77:c1:48:7c:6e:16:b9:1a:46:8c:60:d1:e3:c2:ff:
47:f6:3b:eb:9d:e9:27:34:ff:5b:e5:2c:f5:31:56:b2:9f:a4:
59:0c:58:e7:c6:e6:22:aa:50:e0:fa:59:e2:7a:d1:2a:35:74:
4d:17:2f:19:22:d4:a2:50:01:b0:22:02:da:c2:e3:70:01:30:
4b:6f:a2:fb
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICN7EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwMzA2MTM0MDEyWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjI0YjliYi1lNTA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwHbpZqywe7GqgBjEcoo+3gU3CfFQ9G/9HU+CnwrImsWm3XGXLAIVeUkYdehV
DqHR0/1rr9C2ses26CN1t8D12BRSN75wVrL1JOGkDOOXYwt04AvPG4KQ2qskhAtL
Orn6pBiIg04v52xmrlH7TxCZSqBmixPsUws9gsx6keJNOU9GyeTNMgu6xXqumfzg
wC4Sw0CyRkSROfZ7v7OZPOtKRw9G1hiEDMiNSBk1Z6XmPlyG0YEeFkanWKk8H0l4
IlMbHswY8BPpXdPsg1o28Tw0fEeVMFWrY4MD6HY/tOkb532pRbaVqrAjOTP8zdiH
Tql+AmHNSmW60uZKK8VyJQkUYwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFBjXiNss
K806YDMIHSFkhDlMIaquMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvRjIwQUM3MDg5
RDUyMTFFQ0ExODJCNjVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEALvfDyarkR6fV4t58cIde/oW7xMIM+jLC1d4y7aIzdKDE20FNqEbG8Q4B
7qyL2E3SS9UIaaqPo/U8vJOgdK3Tk0u+JlqqBODrZYowvoeEtMwGdd40BDr2h9gP
1W6/Tq1kvZF5XXlLw0kyRiUTG1Bmc6VHfMoqfvDVeuZvUe8D9kwb4xmf76Tzip/s
mbeUV0kS0eSIDcjDlDyBugYX+2KiX2lgwUGmv9VVEE/mE5t9fI7gTiretNybd8FI
fG4WuRpGjGDR48L/R/Y7653pJzT/W+Us9TFWsp+kWQxY58bmIqpQ4PpZ4nrRKjV0
TRcvGSLUolABsCIC2sLjcAEwS2+i+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org