Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/E40405B22F3211ED958A415DC4F9AE02.roa
File:                     E40405B22F3211ED958A415DC4F9AE02.roa (download)
Hash identifier:          UEwqKpuPiSuMIW2J6zGzkob+7GHA4jxjm/+w45zp5PM=
Subject key identifier:   86:87:1C:36:C9:2D:B6:89:5D:25:3C:2C:46:EB:C5:28:B0:82:66:BA
Certificate issuer:       /CN=A91298DA/serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD
Certificate serial:       0997
Authority key identifier: FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/E40405B22F3211ED958A415DC4F9AE02.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     58895
IP address blocks:
    1: 36.255.100.0/22 maxlen: 22
    2: 36.255.100.0/24 maxlen: 24
    3: 36.255.101.0/24 maxlen: 24
    4: 36.255.102.0/24 maxlen: 24
    5: 36.255.103.0/24 maxlen: 24
    6: 43.229.164.0/22 maxlen: 22
    7: 43.229.164.0/24 maxlen: 24
    8: 43.229.165.0/24 maxlen: 24
    9: 43.229.166.0/24 maxlen: 24
   10: 43.229.167.0/24 maxlen: 24
   11: 43.230.92.0/22 maxlen: 22
   12: 43.230.92.0/24 maxlen: 24
   13: 43.230.93.0/24 maxlen: 24
   14: 43.230.94.0/24 maxlen: 24
   15: 43.230.95.0/24 maxlen: 24
   16: 43.231.60.0/22 maxlen: 22
   17: 43.231.60.0/24 maxlen: 24
   18: 43.231.61.0/24 maxlen: 24
   19: 43.231.62.0/24 maxlen: 24
   20: 43.231.63.0/24 maxlen: 24
   21: 43.248.12.0/22 maxlen: 22
   22: 43.248.12.0/24 maxlen: 24
   23: 43.248.13.0/24 maxlen: 24
   24: 43.248.14.0/24 maxlen: 24
   25: 43.248.15.0/24 maxlen: 24
   26: 45.113.124.0/22 maxlen: 22
   27: 45.113.124.0/24 maxlen: 24
   28: 45.113.125.0/24 maxlen: 24
   29: 45.113.126.0/24 maxlen: 24
   30: 45.113.127.0/24 maxlen: 24
   31: 45.117.104.0/22 maxlen: 22
   32: 45.117.104.0/24 maxlen: 24
   33: 45.117.105.0/24 maxlen: 24
   34: 45.117.106.0/24 maxlen: 24
   35: 45.117.107.0/24 maxlen: 24
   36: 103.24.96.0/22 maxlen: 24
   37: 103.35.212.0/22 maxlen: 22
   38: 103.35.212.0/24 maxlen: 24
   39: 103.35.213.0/24 maxlen: 24
   40: 103.35.214.0/24 maxlen: 24
   41: 103.35.215.0/24 maxlen: 24
   42: 103.39.80.0/22 maxlen: 22
   43: 103.39.80.0/24 maxlen: 24
   44: 103.39.81.0/24 maxlen: 24
   45: 103.39.82.0/24 maxlen: 24
   46: 103.39.83.0/24 maxlen: 24
   47: 103.49.136.0/22 maxlen: 22
   48: 103.49.136.0/24 maxlen: 24
   49: 103.49.137.0/24 maxlen: 24
   50: 103.49.138.0/24 maxlen: 24
   51: 103.49.139.0/24 maxlen: 24
   52: 103.50.156.0/22 maxlen: 22
   53: 103.50.156.0/24 maxlen: 24
   54: 103.50.157.0/24 maxlen: 24
   55: 103.50.158.0/24 maxlen: 24
   56: 103.50.159.0/24 maxlen: 24
   57: 103.53.44.0/22 maxlen: 22
   58: 103.53.44.0/24 maxlen: 24
   59: 103.53.45.0/24 maxlen: 24
   60: 103.53.46.0/24 maxlen: 24
   61: 103.53.47.0/24 maxlen: 24
   62: 103.57.168.0/22 maxlen: 22
   63: 103.57.168.0/24 maxlen: 24
   64: 103.57.169.0/24 maxlen: 24
   65: 103.57.170.0/24 maxlen: 24
   66: 103.57.171.0/24 maxlen: 24
   67: 103.70.84.0/22 maxlen: 22
   68: 103.70.84.0/24 maxlen: 24
   69: 103.70.85.0/24 maxlen: 24
   70: 103.70.86.0/24 maxlen: 24
   71: 103.70.87.0/24 maxlen: 24
   72: 103.200.196.0/22 maxlen: 22
   73: 103.200.196.0/24 maxlen: 24
   74: 103.200.197.0/24 maxlen: 24
   75: 103.200.198.0/24 maxlen: 24
   76: 103.200.199.0/24 maxlen: 24
   77: 103.209.84.0/22 maxlen: 22
   78: 103.209.84.0/24 maxlen: 24
   79: 103.209.85.0/24 maxlen: 24
   80: 103.209.86.0/24 maxlen: 24
   81: 103.209.87.0/24 maxlen: 24
   82: 117.53.40.0/22 maxlen: 22
   83: 117.53.40.0/24 maxlen: 24
   84: 117.53.41.0/24 maxlen: 24
   85: 117.53.42.0/24 maxlen: 24
   86: 117.53.43.0/24 maxlen: 24
   87: 150.129.4.0/22 maxlen: 22
   88: 150.129.4.0/24 maxlen: 24
   89: 150.129.5.0/24 maxlen: 24
   90: 150.129.6.0/24 maxlen: 24
   91: 150.129.7.0/24 maxlen: 24
   92: 2400:1680::/32 maxlen: 32

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2455 (0x997)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91298DA/serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD
        Validity
            Not Before: Sep  8 04:58:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6319767a-d462
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:36:70:ec:4a:b7:bd:ed:12:ac:be:3b:98:e1:
                    30:4b:54:32:10:b2:52:3a:b8:40:9f:43:77:39:07:
                    29:b3:65:49:5b:ed:ad:37:fc:85:02:6a:ca:8a:ff:
                    38:4e:8f:b7:94:b1:c4:7b:f8:10:da:ef:0e:c3:09:
                    32:a8:f7:34:3e:ce:c5:8a:15:dc:93:7b:3b:4c:4d:
                    54:de:8f:97:86:35:a9:6f:84:34:ea:64:80:ed:f2:
                    eb:34:e8:a4:6f:c6:2e:74:0b:66:5f:0d:49:41:78:
                    7c:46:1f:46:8f:ee:5c:eb:54:2a:80:c9:26:46:3e:
                    c0:f0:ce:9b:7f:36:6f:1f:dd:46:d0:87:8b:38:69:
                    b2:a0:34:18:84:bc:78:18:66:ae:a9:26:f0:97:19:
                    cb:13:9a:c9:fe:3e:70:d6:f1:c7:6c:d2:92:33:a6:
                    11:d2:ad:57:46:c3:80:76:e9:91:d2:0c:cc:80:95:
                    6b:21:4b:a4:f8:89:fd:a0:29:2e:30:70:05:5e:3f:
                    7f:47:3a:f3:98:c5:1d:89:64:1d:1a:bd:95:0a:c2:
                    a3:63:d7:0c:53:8c:05:4b:96:a0:c0:18:7d:05:21:
                    3b:a8:3b:8b:27:16:3d:a2:92:59:4e:a6:ed:6f:44:
                    6a:e4:0f:5c:2a:f7:4f:d7:0d:97:d9:4a:b8:45:1e:
                    dd:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                86:87:1C:36:C9:2D:B6:89:5D:25:3C:2C:46:EB:C5:28:B0:82:66:BA
            X509v3 Authority Key Identifier: 
                keyid:FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/E40405B22F3211ED958A415DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  36.255.100.0/22
                  43.229.164.0/22
                  43.230.92.0/22
                  43.231.60.0/22
                  43.248.12.0/22
                  45.113.124.0/22
                  45.117.104.0/22
                  103.24.96.0/22
                  103.35.212.0/22
                  103.39.80.0/22
                  103.49.136.0/22
                  103.50.156.0/22
                  103.53.44.0/22
                  103.57.168.0/22
                  103.70.84.0/22
                  103.200.196.0/22
                  103.209.84.0/22
                  117.53.40.0/22
                  150.129.4.0/22
                IPv6:
                  2400:1680::/32

    Signature Algorithm: sha256WithRSAEncryption
         55:ce:1e:b0:6e:7d:7d:45:1c:42:eb:b3:b6:ab:c6:06:15:e8:
         ff:4b:c6:02:42:73:42:43:d2:fe:5c:f9:68:28:b4:70:a2:ef:
         26:b5:a9:85:c8:5d:27:5c:3a:9f:22:2f:32:b4:53:c2:0f:c4:
         0d:a6:b5:70:15:eb:74:b4:82:8e:bb:0a:ad:33:b6:a1:6b:27:
         80:a5:5a:40:bc:2b:2e:9f:2a:60:45:94:1b:9f:49:10:e7:7a:
         28:ee:81:99:97:44:fb:f2:be:af:f6:ec:6b:3c:d5:d2:03:9a:
         30:7e:82:a3:5f:98:3d:f0:20:96:e5:08:a3:6a:f3:8c:c1:fe:
         f5:96:95:d0:cf:c1:03:cc:1c:c1:73:0c:e5:ef:c2:77:fc:28:
         ae:fb:2a:bf:c0:a3:8f:26:9b:fc:dd:d8:7c:3a:7c:5e:88:1e:
         28:66:28:55:be:68:3d:1c:0a:60:f4:80:d2:e5:40:86:9a:94:
         c0:9d:d8:06:bd:62:44:8c:bc:4e:42:a0:4c:66:02:22:ea:1b:
         33:3a:fc:ec:5d:ed:e1:13:0d:6f:72:f0:2a:6d:1e:ef:40:98:
         79:05:3d:55:72:ad:f0:55:b9:d8:16:82:a6:6b:34:1e:3c:d5:
         32:14:c9:d2:c0:94:44:3b:e9:4f:95:61:8b:5d:f5:89:89:5f:
         91:60:b2:a4
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgICCZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjk4REExMTAvBgNVBAUTKEZDQUEwODYyMjZERjAyQUY4Mzk0RkFCMjJEMUZCOTZF
MEI3RDY1REQwHhcNMjIwOTA4MDQ1ODM0WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzE5NzY3YS1kNDYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3zZw7Eq3ve0SrL47mOEwS1QyELJSOrhAn0N3OQcps2VJW+2tN/yFAmrKiv84
To+3lLHEe/gQ2u8OwwkyqPc0Ps7FihXck3s7TE1U3o+XhjWpb4Q06mSA7fLrNOik
b8YudAtmXw1JQXh8Rh9Gj+5c61QqgMkmRj7A8M6bfzZvH91G0IeLOGmyoDQYhLx4
GGauqSbwlxnLE5rJ/j5w1vHHbNKSM6YR0q1XRsOAdumR0gzMgJVrIUuk+In9oCku
MHAFXj9/RzrzmMUdiWQdGr2VCsKjY9cMU4wFS5agwBh9BSE7qDuLJxY9opJZTqbt
b0Rq5A9cKvdP1w2X2Uq4RR7dIQIDAQABo4IDEzCCAw8wHQYDVR0OBBYEFIaHHDbJ
LbaJXSU8LEbrxSiwgma6MB8GA1UdIwQYMBaAFPyqCGIm3wKvg5T6si0fuW4LfWXd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOThEQS8zNEYzNjEyRTI2
ODExMUVBOTAzRDcwNThDNEY5QUUwMi9fS29JWWliZkFxLURsUHF5TFItNWJndDla
ZDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19Lb0lZaWJmQXEtRGxQcXlMUi01Ymd0OVpkMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjk4REEvMzRGMzYxMkUyNjgxMTFFQTkwM0Q3MDU4QzRGOUFFMDIvRTQwNDA1QjIy
RjMyMTFFRDk1OEE0MTVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZwGCCsGAQUFBwEHAQH/
BIGMMIGJMHgEAgABMHIDBAIk/2QDBAIr5aQDBAIr5lwDBAIr5zwDBAIr+AwDBAIt
cXwDBAItdWgDBAJnGGADBAJnI9QDBAJnJ1ADBAJnMYgDBAJnMpwDBAJnNSwDBAJn
OagDBAJnRlQDBAJnyMQDBAJn0VQDBAJ1NSgDBAKWgQQwDQQCAAIwBwMFACQAFoAw
DQYJKoZIhvcNAQELBQADggEBAFXOHrBufX1FHELrs7arxgYV6P9LxgJCc0JD0v5c
+WgotHCi7ya1qYXIXSdcOp8iLzK0U8IPxA2mtXAV63S0go67Cq0ztqFrJ4ClWkC8
Ky6fKmBFlBufSRDneijugZmXRPvyvq/27Gs81dIDmjB+gqNfmD3wIJblCKNq84zB
/vWWldDPwQPMHMFzDOXvwnf8KK77Kr/Ao48mm/zd2Hw6fF6IHihmKFW+aD0cCmD0
gNLlQIaalMCd2Aa9YkSMvE5CoExmAiLqGzM6/Oxd7eETDW9y8CptHu9AmHkFPVVy
rfBVudgWgqZrNB481TIUydLAlEQ76U+VYYtd9YmJX5FgsqQ=
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:09:29 2022 by rpki-client.