Route Origin Authorization

$ cd rpki.apnic.net/member_repository/A9118022/C61C256AADCC11E9AC672F4BC4F9AE02/

$ rpki-client -vvf 1BBE249C21D911EB85DAFE71C4F9AE02.roa
File:                     1BBE249C21D911EB85DAFE71C4F9AE02.roa (download)
Hash identifier:          omacLFTTD2eEKk7wkMEeeDyHuGrsWjblt9BXhiuKNKo=
Subject key identifier:   0E:79:DB:96:28:AF:7E:6A:A1:36:AC:CA:AC:83:20:AE:5A:74:AE:75
Certificate issuer:       /CN=A9118022/serialNumber=C768761BC81AB4FE7FD4401548261CBA87207BEA
Certificate serial:       0C11
Authority key identifier: C7:68:76:1B:C8:1A:B4:FE:7F:D4:40:15:48:26:1C:BA:87:20:7B:EA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x2h2G8gatP5_1EAVSCYcuocge-o.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9118022/C61C256AADCC11E9AC672F4BC4F9AE02/1BBE249C21D911EB85DAFE71C4F9AE02.roa
ROA valid until:          Oct 31 00:00:00 2023 GMT
asID:                     135386
IP address blocks:
    1: 103.140.228.0/23 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3089 (0xc11)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9118022/serialNumber=C768761BC81AB4FE7FD4401548261CBA87207BEA
        Validity
            Not Before: Sep 24 19:16:24 2022 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=632f5788-8ea5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:14:1c:ec:b6:f2:db:2a:af:2c:6a:d6:54:17:
                    16:46:22:c3:b8:56:d6:f1:9c:04:72:46:d7:45:dd:
                    a1:03:3e:fa:51:f5:bc:50:29:f1:05:b4:f2:02:c4:
                    c6:70:49:c4:8f:8d:71:db:d9:d6:3b:e8:7c:7d:7f:
                    84:29:a3:83:0a:e0:62:c6:a1:dc:10:dc:17:83:9f:
                    e3:10:15:a3:9f:b4:22:ea:4f:51:53:6d:b2:08:58:
                    f4:5f:60:f2:66:a6:fe:fe:c8:ad:91:5c:3c:97:ed:
                    75:f4:87:b6:e2:de:70:85:37:f3:8f:c4:bf:28:14:
                    4b:59:33:11:75:81:46:29:b3:36:02:9d:66:15:03:
                    f2:95:27:89:5e:f5:5a:8a:3a:5e:8d:68:c1:ac:91:
                    a8:b9:dd:12:87:4e:ab:3b:65:f7:85:3c:28:1a:54:
                    2a:12:39:aa:e3:f9:cd:b3:56:17:a9:f6:bb:0c:1a:
                    5a:9d:3b:ea:42:c3:78:8a:f2:92:1b:56:94:55:93:
                    5d:b1:18:75:d6:c7:53:29:a4:7b:5c:a9:a5:2b:1d:
                    aa:3b:0c:29:30:22:6e:a4:02:06:35:a0:6a:cf:9b:
                    b4:4b:8a:cb:83:a9:ad:0d:04:b1:ec:08:40:12:2c:
                    6c:2f:58:16:38:c1:0c:64:4a:ed:73:04:40:16:81:
                    b4:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                0E:79:DB:96:28:AF:7E:6A:A1:36:AC:CA:AC:83:20:AE:5A:74:AE:75
            X509v3 Authority Key Identifier: 
                keyid:C7:68:76:1B:C8:1A:B4:FE:7F:D4:40:15:48:26:1C:BA:87:20:7B:EA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9118022/C61C256AADCC11E9AC672F4BC4F9AE02/x2h2G8gatP5_1EAVSCYcuocge-o.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x2h2G8gatP5_1EAVSCYcuocge-o.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118022/C61C256AADCC11E9AC672F4BC4F9AE02/1BBE249C21D911EB85DAFE71C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.140.228.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0c:17:93:69:72:c6:f6:ea:9a:36:25:0d:29:20:17:c4:f2:b0:
         02:98:e1:c7:75:f4:38:ea:5a:90:ce:e3:ba:35:6d:a2:95:6f:
         06:a7:a9:a0:70:f2:f7:c1:7c:fd:37:e9:db:6b:d2:9f:90:f0:
         98:17:dc:f6:42:b7:29:04:c0:64:77:fb:7b:97:c8:7d:8d:bd:
         0a:13:d9:ed:20:45:b4:4a:99:bd:5d:85:24:3a:fa:15:cb:61:
         cd:22:88:5d:4d:44:a2:02:dd:70:42:9a:88:e0:0e:6a:5f:c5:
         e2:c5:31:a6:6c:6d:23:11:a6:50:4f:87:41:57:a7:72:fc:83:
         6e:ce:4f:44:13:16:2a:68:e3:29:fa:54:61:e0:5b:4a:cb:c1:
         32:32:cb:63:26:79:30:98:cb:4c:6a:7d:ad:d0:c6:86:c6:e0:
         b1:4a:4b:26:e6:e1:26:e8:f8:98:d7:a9:30:23:88:c9:b5:50:
         83:65:d9:36:09:d8:fd:a3:67:d8:ea:9e:62:bc:01:1d:02:00:
         d5:05:30:b5:3c:73:4d:f1:cb:bb:e8:1a:f5:33:79:18:89:9a:
         f8:1a:d6:93:e3:75:3c:6f:42:de:2f:95:ba:09:c2:e7:8f:ff:
         dd:92:22:c3:70:dc:9a:5e:67:7a:4b:81:cd:85:ad:67:82:2f:
         7c:c3:62:e6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDBEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTgwMjIxMTAvBgNVBAUTKEM3Njg3NjFCQzgxQUI0RkU3RkQ0NDAxNTQ4MjYxQ0JB
ODcyMDdCRUEwHhcNMjIwOTI0MTkxNjI0WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzJmNTc4OC04ZWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnBQc7Lby2yqvLGrWVBcWRiLDuFbW8ZwEckbXRd2hAz76UfW8UCnxBbTyAsTG
cEnEj41x29nWO+h8fX+EKaODCuBixqHcENwXg5/jEBWjn7Qi6k9RU22yCFj0X2Dy
Zqb+/sitkVw8l+119Ie24t5whTfzj8S/KBRLWTMRdYFGKbM2Ap1mFQPylSeJXvVa
ijpejWjBrJGoud0Sh06rO2X3hTwoGlQqEjmq4/nNs1YXqfa7DBpanTvqQsN4ivKS
G1aUVZNdsRh11sdTKaR7XKmlKx2qOwwpMCJupAIGNaBqz5u0S4rLg6mtDQSx7AhA
EixsL1gWOMEMZErtcwRAFoG0nwIDAQABo4IClTCCApEwHQYDVR0OBBYEFA5525Yo
r35qoTasyqyDIK5adK51MB8GA1UdIwQYMBaAFMdodhvIGrT+f9RAFUgmHLqHIHvq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExODAyMi9DNjFDMjU2QUFE
Q0MxMUU5QUM2NzJGNEJDNEY5QUUwMi94MmgyRzhnYXRQNV8xRUFWU0NZY3VvY2dl
LW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3gyaDJHOGdhdFA1XzFFQVZTQ1ljdW9jZ2Utby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTgwMjIvQzYxQzI1NkFBRENDMTFFOUFDNjcyRjRCQzRGOUFFMDIvMUJCRTI0OUMy
MUQ5MTFFQjg1REFGRTcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnjOQwDQYJKoZIhvcNAQELBQADggEBAAwXk2lyxvbqmjYl
DSkgF8TysAKY4cd19DjqWpDO47o1baKVbwanqaBw8vfBfP036dtr0p+Q8JgX3PZC
tykEwGR3+3uXyH2NvQoT2e0gRbRKmb1dhSQ6+hXLYc0iiF1NRKIC3XBCmojgDmpf
xeLFMaZsbSMRplBPh0FXp3L8g27OT0QTFipo4yn6VGHgW0rLwTIyy2MmeTCYy0xq
fa3QxobG4LFKSybm4Sbo+JjXqTAjiMm1UINl2TYJ2P2jZ9jqnmK8AR0CANUFMLU8
c03xy7voGvUzeRiJmvga1pPjdTxvQt4vlboJwueP/92SIsNw3JpeZ3pLgc2FrWeC
L3zDYuY=
-----END CERTIFICATE-----
Generated at Sat Dec 3 19:48:57 2022 by rpki-client.