Route Origin Authorization

$ cd rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/

$ rpki-client -vvf B2B24A4221D711EB9CFAC46EC4F9AE02.roa
File:                     B2B24A4221D711EB9CFAC46EC4F9AE02.roa (download)
Hash identifier:          z5VkH8EaDdm8h+fQ5X8mPtE+oXy4PlFI3q0za1U3V+M=
Subject key identifier:   12:F6:E8:39:11:6D:AA:1D:89:0E:69:92:EC:67:2B:D4:D8:9A:73:81
Certificate issuer:       /CN=A9131690/serialNumber=3474C94C36E8F9A0D3A0D22E1DDA108CD340AB28
Certificate serial:       0C02
Authority key identifier: 34:74:C9:4C:36:E8:F9:A0:D3:A0:D2:2E:1D:DA:10:8C:D3:40:AB:28
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHTJTDbo-aDToNIuHdoQjNNAqyg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/B2B24A4221D711EB9CFAC46EC4F9AE02.roa
ROA valid until:          May 01 00:00:00 2023 GMT
asID:                     135386
IP address blocks:
    1: 103.133.176.0/22 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3074 (0xc02)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9131690/serialNumber=3474C94C36E8F9A0D3A0D22E1DDA108CD340AB28
        Validity
            Not Before: Mar 14 19:07:22 2022 GMT
            Not After : May  1 00:00:00 2023 GMT
        Subject: CN=622f926a-5799
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:28:20:bf:e4:35:36:83:4e:ec:b3:04:90:ad:
                    b9:f5:58:ec:9b:54:ff:cd:4e:41:6c:a4:8e:af:8c:
                    ea:53:26:93:b6:7d:46:cb:69:49:0e:d4:93:93:ac:
                    27:93:6b:8e:a6:a4:1b:15:43:2e:56:74:ac:cb:8b:
                    fa:5e:cd:2c:25:d4:51:cb:39:4e:2f:a6:37:05:f6:
                    2a:cd:a7:df:03:01:ba:56:f7:60:7f:07:08:2f:2b:
                    f4:97:5b:3e:2c:3b:51:63:59:d4:87:2a:21:51:ab:
                    35:48:48:94:b3:03:37:d0:ad:dc:8e:4d:3f:af:f5:
                    35:e2:54:52:0e:f7:54:8a:04:ea:61:18:39:a4:24:
                    f9:d4:71:47:de:07:1f:d0:b7:df:90:58:ce:8b:25:
                    80:4d:92:d7:cc:65:62:cb:73:c6:06:90:7a:7d:0a:
                    58:14:c7:3e:2f:c5:4e:cc:eb:25:94:da:e7:4c:b8:
                    eb:65:73:7f:2c:93:da:23:e7:43:46:11:51:b7:88:
                    78:24:d0:c6:44:a4:b4:1d:08:9e:ff:9f:ec:a5:2e:
                    97:ae:fc:cf:4e:c4:3c:1c:9d:18:51:05:26:1c:56:
                    6e:ae:24:25:47:50:60:d2:e1:67:1d:a3:37:a4:67:
                    ca:07:52:41:c9:83:07:84:c1:e4:b4:c8:ca:e5:0f:
                    ad:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                12:F6:E8:39:11:6D:AA:1D:89:0E:69:92:EC:67:2B:D4:D8:9A:73:81
            X509v3 Authority Key Identifier: 
                keyid:34:74:C9:4C:36:E8:F9:A0:D3:A0:D2:2E:1D:DA:10:8C:D3:40:AB:28

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/NHTJTDbo-aDToNIuHdoQjNNAqyg.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHTJTDbo-aDToNIuHdoQjNNAqyg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/B2B24A4221D711EB9CFAC46EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.133.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6f:2c:32:14:ae:47:e8:1c:5c:5f:38:47:8b:ac:a1:86:dc:4d:
         30:35:54:1e:8a:8a:f8:ab:8c:42:7d:be:0b:bd:43:3b:a5:8e:
         f8:19:e5:b1:bd:4a:e5:f8:76:5e:00:ec:e2:b8:9d:2d:42:4c:
         43:b5:7e:92:7e:ee:2b:48:a8:f1:09:5e:52:d0:55:d3:d6:d3:
         a0:98:34:ba:a2:31:b4:7e:ec:dc:96:69:e6:e7:7f:90:63:92:
         05:90:14:b7:42:83:ec:8a:2c:f1:5a:c3:32:57:1a:c4:3d:06:
         7f:04:e9:25:82:24:b3:d0:29:3b:4e:44:0b:40:2d:5a:ea:83:
         7a:79:d0:d8:30:9e:4b:2d:13:58:bc:58:0d:41:3b:af:9c:4d:
         e9:b5:95:04:8e:b3:14:60:00:b5:f2:0a:d7:00:d9:ae:8b:d8:
         ae:4e:73:a6:09:06:96:bb:68:cc:54:ff:09:f3:1f:37:a4:ee:
         1b:b0:40:0b:c7:ff:1e:32:f9:87:e2:59:e5:e4:85:09:53:5f:
         60:83:4b:1d:d0:5f:58:74:80:5d:d1:59:65:e6:c0:87:bd:c0:
         e8:9c:ca:34:88:4d:27:dd:82:cc:4b:5d:b0:c0:fc:ed:1a:54:
         59:74:be:e4:e5:e1:57:60:74:32:9b:e9:ad:e0:bf:bd:35:82:
         7b:b7:af:e4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDAIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzE2OTAxMTAvBgNVBAUTKDM0NzRDOTRDMzZFOEY5QTBEM0EwRDIyRTFEREExMDhD
RDM0MEFCMjgwHhcNMjIwMzE0MTkwNzIyWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjJmOTI2YS01Nzk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuiggv+Q1NoNO7LMEkK259Vjsm1T/zU5BbKSOr4zqUyaTtn1Gy2lJDtSTk6wn
k2uOpqQbFUMuVnSsy4v6Xs0sJdRRyzlOL6Y3BfYqzaffAwG6VvdgfwcILyv0l1s+
LDtRY1nUhyohUas1SEiUswM30K3cjk0/r/U14lRSDvdUigTqYRg5pCT51HFH3gcf
0LffkFjOiyWATZLXzGViy3PGBpB6fQpYFMc+L8VOzOsllNrnTLjrZXN/LJPaI+dD
RhFRt4h4JNDGRKS0HQie/5/spS6XrvzPTsQ8HJ0YUQUmHFZuriQlR1Bg0uFnHaM3
pGfKB1JByYMHhMHktMjK5Q+t5QIDAQABo4IClTCCApEwHQYDVR0OBBYEFBL26DkR
baodiQ5pkuxnK9TYmnOBMB8GA1UdIwQYMBaAFDR0yUw26Pmg06DSLh3aEIzTQKso
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTY5MC8xNUI0MUI4ODYz
RjMxMUU5QTA4NTRDNDdDNEY5QUUwMi9OSFRKVERiby1hRFRvTkl1SGRvUWpOTkFx
eWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05IVEpURGJvLWFEVG9OSXVIZG9Rak5OQXF5Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzE2OTAvMTVCNDFCODg2M0YzMTFFOUEwODU0QzQ3QzRGOUFFMDIvQjJCMjRBNDIy
MUQ3MTFFQjlDRkFDNDZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnhbAwDQYJKoZIhvcNAQELBQADggEBAG8sMhSuR+gcXF84
R4usoYbcTTA1VB6KivirjEJ9vgu9QzuljvgZ5bG9SuX4dl4A7OK4nS1CTEO1fpJ+
7itIqPEJXlLQVdPW06CYNLqiMbR+7NyWaebnf5BjkgWQFLdCg+yKLPFawzJXGsQ9
Bn8E6SWCJLPQKTtORAtALVrqg3p50NgwnkstE1i8WA1BO6+cTem1lQSOsxRgALXy
CtcA2a6L2K5Oc6YJBpa7aMxU/wnzHzek7huwQAvH/x4y+YfiWeXkhQlTX2CDSx3Q
X1h0gF3RWWXmwIe9wOicyjSITSfdgsxLXbDA/O0aVFl0vuTl4VdgdDKb6a3gv701
gnu3r+Q=
-----END CERTIFICATE-----
Generated at Sat Dec 3 19:49:01 2022 by rpki-client.