Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/490CDADA42F211EBB34A1A60C4F9AE02.roa
File:                     490CDADA42F211EBB34A1A60C4F9AE02.roa (download)
Hash identifier:          6J3ZJbkLHUoYLFGihGWvxpQWzVCEBy3ORRnmTtz2znc=
Subject key identifier:   CB:9B:74:B2:1C:9D:B9:AA:74:34:24:67:2B:E9:96:28:0C:B6:9C:8A
Certificate issuer:       /CN=A9116BB8/serialNumber=8AE9CDE10BE0B77F091B0D38EBC1967C8BC0919E
Certificate serial:       0512
Authority key identifier: 8A:E9:CD:E1:0B:E0:B7:7F:09:1B:0D:38:EB:C1:96:7C:8B:C0:91:9E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iunN4Qvgt38JGw0468GWfIvAkZ4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/490CDADA42F211EBB34A1A60C4F9AE02.roa
ROA valid until:          Dec 30 00:00:00 2023 GMT
asID:                     138995
IP address blocks:
    1: 103.142.244.0/24 maxlen: 24
    2: 103.142.245.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1298 (0x512)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9116BB8/serialNumber=8AE9CDE10BE0B77F091B0D38EBC1967C8BC0919E
        Validity
            Not Before: Oct  3 00:40:40 2022 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=633a2f87-40e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:97:38:67:11:2e:ef:0e:9a:70:af:39:c5:8a:
                    59:0c:34:09:1e:db:c9:a2:3a:3d:f0:e1:3e:d9:66:
                    f2:dc:1a:81:26:9e:e6:7c:81:40:0b:71:c0:0c:0f:
                    12:61:e7:7f:d0:c9:2a:40:18:fb:c3:ec:15:83:aa:
                    91:b0:cb:15:89:87:89:a7:94:f0:96:ba:9f:c6:41:
                    50:8f:41:43:12:18:fe:3f:bf:72:98:95:44:80:6b:
                    c9:97:ab:cc:66:94:4e:ee:27:78:d8:c8:36:fe:d6:
                    2c:1a:83:59:c2:04:84:d2:3f:cf:11:33:db:71:ef:
                    f3:ad:c6:c8:17:a3:1f:cc:95:7e:1e:e1:4f:b6:73:
                    65:b9:f8:ec:a4:f7:14:db:65:36:c2:8e:71:91:7a:
                    ae:e0:d7:1e:7f:5a:7f:c3:fe:fc:68:23:23:cd:5a:
                    e5:78:bf:10:b6:21:45:d6:85:9a:4a:68:68:b5:10:
                    fd:8e:d2:33:58:fc:08:4c:f4:b1:aa:9e:c3:23:51:
                    50:92:22:ab:b8:5e:27:f3:4e:b9:48:61:c7:7d:f7:
                    f8:aa:e8:8a:0a:98:1d:ef:fd:87:92:b6:51:65:9a:
                    4a:8f:79:71:d2:92:0c:1e:dc:78:d8:20:f3:c0:0c:
                    57:2e:d2:8d:52:d7:18:1e:07:03:dc:0e:e9:9d:0e:
                    dd:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                CB:9B:74:B2:1C:9D:B9:AA:74:34:24:67:2B:E9:96:28:0C:B6:9C:8A
            X509v3 Authority Key Identifier: 
                keyid:8A:E9:CD:E1:0B:E0:B7:7F:09:1B:0D:38:EB:C1:96:7C:8B:C0:91:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/iunN4Qvgt38JGw0468GWfIvAkZ4.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iunN4Qvgt38JGw0468GWfIvAkZ4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/490CDADA42F211EBB34A1A60C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.142.244.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a4:eb:c6:f7:b0:b1:57:66:92:7a:f5:45:1f:8e:f4:a0:5a:91:
         b7:3c:22:66:d9:64:fe:cc:59:65:0a:55:d0:fd:94:11:97:d5:
         e7:11:18:fa:9a:62:86:9e:45:d4:4d:b6:ad:ad:20:d5:0c:6e:
         c8:12:4b:41:8b:ab:bc:27:36:45:be:ed:c4:b3:29:59:70:93:
         8c:7d:ad:5c:89:b9:96:bc:d1:20:d0:f5:07:5c:1c:ad:85:43:
         4b:f9:3d:35:b3:d9:d0:2c:8d:ad:70:f5:f9:1d:39:26:c7:9e:
         32:02:52:26:67:c9:c6:4e:e7:3a:82:8a:ae:a3:c7:ec:78:16:
         ae:a5:d4:61:e0:37:c1:05:6a:b6:94:fe:0a:60:30:4d:85:3c:
         7d:16:0f:f7:85:3c:cf:f0:e1:90:5b:0e:c0:e6:09:bd:d5:6e:
         6e:ea:e6:7d:ae:88:66:8c:cd:ea:ba:0c:08:d2:c9:2e:5c:00:
         89:66:2b:18:26:63:2e:f6:da:4f:dd:53:44:fc:be:c7:9e:e9:
         cc:a4:4c:02:08:f7:79:3f:c1:1f:90:94:a4:19:96:32:0d:ba:
         b0:04:6e:2b:96:3e:80:2e:f3:02:89:dc:2d:bc:10:05:7e:b9:
         0b:b2:02:7d:45:fd:40:e8:f6:13:63:16:f9:d2:d1:58:9c:19:
         48:e4:26:60
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBRIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTZCQjgxMTAvBgNVBAUTKDhBRTlDREUxMEJFMEI3N0YwOTFCMEQzOEVCQzE5NjdD
OEJDMDkxOUUwHhcNMjIxMDAzMDA0MDQwWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzNhMmY4Ny00MGU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo5c4ZxEu7w6acK85xYpZDDQJHtvJojo98OE+2Wby3BqBJp7mfIFAC3HADA8S
Yed/0MkqQBj7w+wVg6qRsMsViYeJp5TwlrqfxkFQj0FDEhj+P79ymJVEgGvJl6vM
ZpRO7id42Mg2/tYsGoNZwgSE0j/PETPbce/zrcbIF6MfzJV+HuFPtnNlufjspPcU
22U2wo5xkXqu4Ncef1p/w/78aCMjzVrleL8QtiFF1oWaSmhotRD9jtIzWPwITPSx
qp7DI1FQkiKruF4n8065SGHHfff4quiKCpgd7/2HkrZRZZpKj3lx0pIMHtx42CDz
wAxXLtKNUtcYHgcD3A7pnQ7dvwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMubdLIc
nbmqdDQkZyvpligMtpyKMB8GA1UdIwQYMBaAFIrpzeEL4Ld/CRsNOOvBlnyLwJGe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNkJCOC8zOURDRjc1NDQy
RjAxMUVCOEEwOUM3NUFDNEY5QUUwMi9pdW5ONFF2Z3QzOEpHdzA0NjhHV2ZJdkFr
WjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2l1bk40UXZndDM4Skd3MDQ2OEdXZkl2QWtaNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTZCQjgvMzlEQ0Y3NTQ0MkYwMTFFQjhBMDlDNzVBQzRGOUFFMDIvNDkwQ0RBREE0
MkYyMTFFQkIzNEExQTYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnjvQwDQYJKoZIhvcNAQELBQADggEBAKTrxvewsVdmknr1
RR+O9KBakbc8ImbZZP7MWWUKVdD9lBGX1ecRGPqaYoaeRdRNtq2tINUMbsgSS0GL
q7wnNkW+7cSzKVlwk4x9rVyJuZa80SDQ9QdcHK2FQ0v5PTWz2dAsja1w9fkdOSbH
njICUiZnycZO5zqCiq6jx+x4Fq6l1GHgN8EFaraU/gpgME2FPH0WD/eFPM/w4ZBb
DsDmCb3Vbm7q5n2uiGaMzeq6DAjSyS5cAIlmKxgmYy722k/dU0T8vsee6cykTAII
93k/wR+QlKQZljINurAEbiuWPoAu8wKJ3C28EAV+uQuyAn1F/UDo9hNjFvnS0Vic
GUjkJmA=
-----END CERTIFICATE-----
Generated at Wed Dec 7 16:43:57 2022 by rpki-client.