Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917BC03/AB66351EA7ED11EA91DCC566C4F9AE02/6CA9B5C2B1A911EC85A03563C4F9AE02.roa
File: 6CA9B5C2B1A911EC85A03563C4F9AE02.roa (raw, json)
Hash identifier: ItLO/lrWKkzDQH2Q2K8vDtTGsgPPwiwzUZNPQ6RZFiE=
Subject key identifier: 4D:D7:4E:BC:A9:50:05:90:1C:81:F4:CB:3F:D8:B8:AB:73:16:FC:12
Certificate issuer: /CN=A917BC03/serialNumber=167D9E47FD35B229D323EECBEC0A514EEB7C92DC
Certificate serial: 0689
Authority key identifier: 16:7D:9E:47:FD:35:B2:29:D3:23:EE:CB:EC:0A:51:4E:EB:7C:92:DC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fn2eR_01sinTI-7L7ApRTut8ktw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917BC03/AB66351EA7ED11EA91DCC566C4F9AE02/6CA9B5C2B1A911EC85A03563C4F9AE02.roa
Signing time: Wed 20 Jul 2022 10:28:12 +0000
ROA not before: Wed 20 Jul 2022 10:28:12 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 135386
IP address blocks: 103.50.16.0/22 maxlen: 22
103.50.16.0/24 maxlen: 24
103.50.17.0/24 maxlen: 24
103.50.18.0/24 maxlen: 24
103.50.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1673 (0x689)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917BC03/serialNumber=167D9E47FD35B229D323EECBEC0A514EEB7C92DC
Validity
Not Before: Jul 20 10:28:12 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=62d7d8bc-ec70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b1:7f:45:9a:19:d0:52:bd:a0:7a:2e:86:17:
d6:68:bb:55:32:55:ab:d9:5e:11:3e:8a:65:92:bf:
3b:65:d2:c9:2e:0c:9a:4b:b0:61:c3:a1:69:d4:a8:
93:1a:de:ea:8f:5d:d5:8c:bc:eb:54:06:d3:7c:a4:
92:89:ba:b5:a8:ca:c1:d5:8e:d3:89:d1:69:18:de:
2a:6b:cd:38:47:41:23:c1:c0:a5:9a:4a:7b:54:35:
86:a1:46:85:c3:9d:4d:c5:f1:0a:c6:e8:11:0f:27:
1d:68:14:e4:be:24:55:9c:17:69:0e:9b:de:41:75:
5a:f5:ee:24:bb:12:88:01:6a:8e:73:7c:e4:4f:b1:
be:b4:b1:de:4f:a5:a8:01:5d:68:c6:8f:9b:4f:be:
0d:17:43:c8:79:bf:a4:a7:1a:b3:2c:f1:83:f3:36:
2f:36:3e:ee:ac:86:0e:2e:8f:20:0c:db:17:21:b3:
0b:66:f3:04:23:c8:e2:c3:0c:c9:5f:d0:60:5b:13:
1a:3f:c1:2e:d2:37:8b:b5:dd:23:2a:ec:f0:58:4a:
dc:9b:be:91:c5:dc:65:55:bf:7e:7d:d3:40:89:17:
2c:c4:00:6e:f9:10:c3:03:b7:77:cd:81:b4:86:8e:
32:e2:ac:af:13:4e:2a:54:cf:4d:df:fb:61:3d:f0:
f3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:D7:4E:BC:A9:50:05:90:1C:81:F4:CB:3F:D8:B8:AB:73:16:FC:12
X509v3 Authority Key Identifier:
keyid:16:7D:9E:47:FD:35:B2:29:D3:23:EE:CB:EC:0A:51:4E:EB:7C:92:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917BC03/AB66351EA7ED11EA91DCC566C4F9AE02/Fn2eR_01sinTI-7L7ApRTut8ktw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fn2eR_01sinTI-7L7ApRTut8ktw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BC03/AB66351EA7ED11EA91DCC566C4F9AE02/6CA9B5C2B1A911EC85A03563C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.50.16.0/22
Signature Algorithm: sha256WithRSAEncryption
63:89:17:86:ff:25:0a:a3:4e:9c:60:86:02:f5:73:1e:73:53:
03:2a:cc:7d:2e:bc:17:67:b7:9b:3e:ce:55:96:05:98:08:85:
19:d5:87:d0:87:47:6c:1f:47:de:db:76:6e:c6:0b:05:ab:09:
db:27:09:50:a9:d2:d1:f2:43:7e:c9:07:8c:a9:cf:5b:45:1b:
41:ed:7e:17:74:fc:aa:21:8d:51:55:47:56:f6:a1:91:d7:85:
d4:ae:e8:f7:6c:a1:9c:6d:c8:7e:51:04:81:99:31:20:1a:b9:
b0:60:9f:4f:1b:5e:7a:da:ff:72:6b:5c:3f:16:8b:ef:52:61:
d8:43:73:46:6e:b2:76:90:08:84:1c:7d:a4:c7:6f:09:7c:c4:
13:0a:2e:ca:8e:6c:b9:fa:58:7e:61:2c:a9:09:f3:ae:79:67:
c3:67:1d:a4:4f:fb:78:ba:a2:92:99:01:2c:64:81:0d:ba:87:
c8:c9:18:56:38:d1:33:1d:73:d6:b9:18:03:7b:bd:17:aa:cb:
f5:56:0a:62:08:6e:eb:ef:e3:17:de:fe:25:6b:95:3a:a0:ca:
04:c9:9c:7d:35:ed:58:72:b0:7c:63:43:24:47:b2:6d:79:6e:
43:72:17:fe:91:0c:f6:5c:72:d6:d7:4a:99:9d:e4:bd:50:8f:
bd:1f:82:e3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBokwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0JDMDMxMTAvBgNVBAUTKDE2N0Q5RTQ3RkQzNUIyMjlEMzIzRUVDQkVDMEE1MTRF
RUI3QzkyREMwHhcNMjIwNzIwMTAyODEyWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmQ3ZDhiYy1lYzcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwrF/RZoZ0FK9oHouhhfWaLtVMlWr2V4RPoplkr87ZdLJLgyaS7Bhw6Fp1KiT
Gt7qj13VjLzrVAbTfKSSibq1qMrB1Y7TidFpGN4qa804R0EjwcClmkp7VDWGoUaF
w51NxfEKxugRDycdaBTkviRVnBdpDpveQXVa9e4kuxKIAWqOc3zkT7G+tLHeT6Wo
AV1oxo+bT74NF0PIeb+kpxqzLPGD8zYvNj7urIYOLo8gDNsXIbMLZvMEI8jiwwzJ
X9BgWxMaP8Eu0jeLtd0jKuzwWErcm76RxdxlVb9+fdNAiRcsxABu+RDDA7d3zYG0
ho4y4qyvE04qVM9N3/thPfDzJQIDAQABo4IClTCCApEwHQYDVR0OBBYEFE3XTryp
UAWQHIH0yz/YuKtzFvwSMB8GA1UdIwQYMBaAFBZ9nkf9NbIp0yPuy+wKUU7rfJLc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QkMwMy9BQjY2MzUxRUE3
RUQxMUVBOTFEQ0M1NjZDNEY5QUUwMi9GbjJlUl8wMXNpblRJLTdMN0FwUlR1dDhr
dHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZuMmVSXzAxc2luVEktN0w3QXBSVHV0OGt0dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0JDMDMvQUI2NjM1MUVBN0VEMTFFQTkxRENDNTY2QzRGOUFFMDIvNkNBOUI1QzJC
MUE5MTFFQzg1QTAzNTYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnMhAwDQYJKoZIhvcNAQELBQADggEBAGOJF4b/JQqjTpxg
hgL1cx5zUwMqzH0uvBdnt5s+zlWWBZgIhRnVh9CHR2wfR97bdm7GCwWrCdsnCVCp
0tHyQ37JB4ypz1tFG0Htfhd0/KohjVFVR1b2oZHXhdSu6PdsoZxtyH5RBIGZMSAa
ubBgn08bXnra/3JrXD8Wi+9SYdhDc0ZusnaQCIQcfaTHbwl8xBMKLsqObLn6WH5h
LKkJ8655Z8NnHaRP+3i6opKZASxkgQ26h8jJGFY40TMdc9a5GAN7vReqy/VWCmII
buvv4xfe/iVrlTqgygTJnH017VhysHxjQyRHsm15bkNyF/6RDPZcctbXSpmd5L1Q
j70fguM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:45 2023 by rpki-client on console-ams.rpki-client.org