Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5B4646469B7511EC800FBB44C4F9AE02.roa
File: 5B4646469B7511EC800FBB44C4F9AE02.roa (raw, json)
Hash identifier: nGBzQ3Cg71l+o41CZn+HECdvOqnXP6AMHBAMSLt9Djo=
Subject key identifier: 5E:6D:5A:C9:EB:9C:27:8A:31:24:DA:65:F9:27:12:B1:CE:6B:CE:E3
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4EE2
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5B4646469B7511EC800FBB44C4F9AE02.roa
Signing time: Mon 16 May 2022 04:03:22 +0000
ROA not before: Mon 16 May 2022 04:03:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 132936
IP address blocks: 103.182.114.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20194 (0x4ee2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:03:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281cd09-49ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b2:d0:88:cb:93:52:39:76:4e:43:10:02:0c:
83:bc:16:31:49:90:e5:0b:5c:f2:85:bf:4e:6e:f1:
bb:91:ea:4c:ec:e6:05:46:93:26:01:c9:64:90:a6:
e1:05:85:a6:98:f5:90:c0:75:f7:11:e1:86:ff:f5:
c9:90:8f:04:bb:de:56:71:39:f2:ab:32:8e:96:1c:
a8:52:d6:87:35:5e:e7:36:b1:03:8f:e7:b2:2e:df:
11:d3:c4:a4:27:4b:8d:26:43:22:d3:8d:7a:1d:f5:
3a:8b:0d:6f:6a:8d:00:a3:35:ef:5c:7b:54:21:c6:
03:37:ed:94:02:55:08:3d:c0:76:b1:3e:4f:21:3a:
6e:f9:13:91:bc:6d:0b:34:8f:0e:63:b8:f0:f1:bd:
16:53:ed:6e:98:84:a2:6a:5a:36:97:f0:34:08:3c:
10:0c:a0:dd:0c:ba:40:04:a0:66:1f:9f:8f:de:1c:
22:ab:ac:6b:35:d8:f2:c0:e9:37:d2:cb:84:0d:6e:
44:78:6c:28:2a:9b:ec:31:b5:1f:45:b5:8e:1f:64:
a8:2e:3e:e4:2c:95:4f:37:10:3c:ce:31:d7:46:10:
22:f4:d5:bf:b1:c2:56:98:36:5f:17:92:ae:1c:95:
02:f4:dd:95:8b:6f:e4:32:78:3e:95:7d:f9:a0:32:
26:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:6D:5A:C9:EB:9C:27:8A:31:24:DA:65:F9:27:12:B1:CE:6B:CE:E3
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5B4646469B7511EC800FBB44C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.182.114.0/23
Signature Algorithm: sha256WithRSAEncryption
31:24:e3:9b:20:e3:00:5d:53:5f:93:8c:47:00:b3:0a:c3:ec:
cb:9d:e7:06:e6:d4:51:d5:82:cc:04:fe:78:6d:5d:8e:c0:ef:
57:e8:24:88:e1:10:8b:24:46:ec:d5:3f:5f:c3:70:99:c5:14:
51:26:8b:74:be:9b:e7:32:e3:50:6d:46:aa:95:36:8e:db:8f:
e2:ef:87:de:80:ea:03:a4:82:ad:5f:68:4c:e4:09:bb:e7:e2:
e3:81:11:16:72:f2:41:e2:0f:46:2e:61:b7:65:47:99:b3:9e:
9d:50:6b:b8:2b:a9:b4:6e:21:0b:74:db:b6:dd:f5:32:d3:d2:
d7:e2:be:fc:04:2f:16:c3:f9:52:62:26:fc:c3:9d:60:6d:67:
a1:c5:b0:0e:fe:d3:2a:34:b1:aa:f8:0d:bc:57:a6:e4:ca:ae:
9f:bc:e8:b9:94:a8:75:91:5f:2d:c2:d8:2f:bb:07:91:1d:91:
ee:b8:df:23:49:26:d7:3a:23:32:e1:d3:f0:92:09:6c:20:89:
b1:4d:c4:0a:9d:2c:e7:62:e8:da:a0:6c:81:7f:d6:8b:27:5b:
86:c2:2b:7c:a0:a0:33:a1:72:d2:b7:a9:aa:a3:de:e3:dc:fb:
6f:85:f0:da:f3:ee:65:da:b3:de:c8:0d:42:e9:19:c9:2c:f7:
df:3a:f4:1c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICTuIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQwMzIyWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxY2QwOS00OWVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt7LQiMuTUjl2TkMQAgyDvBYxSZDlC1zyhb9ObvG7kepM7OYFRpMmAclkkKbh
BYWmmPWQwHX3EeGG//XJkI8Eu95WcTnyqzKOlhyoUtaHNV7nNrEDj+eyLt8R08Sk
J0uNJkMi0416HfU6iw1vao0AozXvXHtUIcYDN+2UAlUIPcB2sT5PITpu+RORvG0L
NI8OY7jw8b0WU+1umISialo2l/A0CDwQDKDdDLpABKBmH5+P3hwiq6xrNdjywOk3
0suEDW5EeGwoKpvsMbUfRbWOH2SoLj7kLJVPNxA8zjHXRhAi9NW/scJWmDZfF5Ku
HJUC9N2Vi2/kMng+lX35oDIm6wIDAQABo4IClTCCApEwHQYDVR0OBBYEFF5tWsnr
nCeKMSTaZfknErHOa87jMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNUI0NjQ2NDY5
Qjc1MTFFQzgwMEZCQjQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFntnIwDQYJKoZIhvcNAQELBQADggEBADEk45sg4wBdU1+T
jEcAswrD7Mud5wbm1FHVgswE/nhtXY7A71foJIjhEIskRuzVP1/DcJnFFFEmi3S+
m+cy41BtRqqVNo7bj+Lvh96A6gOkgq1faEzkCbvn4uOBERZy8kHiD0YuYbdlR5mz
np1Qa7grqbRuIQt027bd9TLT0tfivvwELxbD+VJiJvzDnWBtZ6HFsA7+0yo0sar4
DbxXpuTKrp+86LmUqHWRXy3C2C+7B5Edke643yNJJtc6IzLh0/CSCWwgibFNxAqd
LOdi6NqgbIF/1osnW4bCK3ygoDOhctK3qaqj3uPc+2+F8Nrz7mXas97IDULpGcks
99869Bw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-fra.rpki-client.org