Route Origin Authorization

$ cd rpki.apnic.net/member_repository/A9149E94/9A0F8854AA0B11EA94461B25C4F9AE02/

$ rpki-client -vvf 4DA0DCC8AA0D11EA9746F027C4F9AE02.roa
File:                     4DA0DCC8AA0D11EA9746F027C4F9AE02.roa (download)
Hash identifier:          8LDJb7TOoAJoQPnm4JdROPHfDod5w7Y5eEvSrYvuT5k=
Subject key identifier:   A8:D6:83:E5:E5:2C:47:A1:AE:E9:AC:14:9F:87:21:7E:38:1E:EC:F6
Certificate issuer:       /CN=A9149E94/serialNumber=145CEB79B0D5DB9FC4E77F512F6723085F3ED1B9
Certificate serial:       067F
Authority key identifier: 14:5C:EB:79:B0:D5:DB:9F:C4:E7:7F:51:2F:67:23:08:5F:3E:D1:B9
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FFzrebDV25_E539RL2cjCF8-0bk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9149E94/9A0F8854AA0B11EA94461B25C4F9AE02/4DA0DCC8AA0D11EA9746F027C4F9AE02.roa
ROA valid until:          Dec 01 00:00:00 2023 GMT
asID:                     135386
IP address blocks:
    1: 103.9.192.0/22 maxlen: 24
    2: 103.73.96.0/22 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1663 (0x67f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9149E94/serialNumber=145CEB79B0D5DB9FC4E77F512F6723085F3ED1B9
        Validity
            Not Before: Jul 25 10:28:51 2022 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=62de7063-bd8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e0:b3:c4:66:5e:9b:19:c3:69:b9:dc:f0:46:
                    37:06:dd:7e:1d:a1:19:b0:86:c9:6a:60:99:7e:60:
                    93:45:06:89:3e:d8:cf:0e:7f:de:44:41:33:75:94:
                    84:0b:0e:3d:df:d5:fe:d1:2c:a2:86:97:6d:4d:3b:
                    83:bb:81:05:2b:2c:a1:7b:e5:f9:9a:4a:7a:76:b8:
                    b2:1f:b5:8a:e6:68:29:97:88:3a:4d:c1:89:5f:e0:
                    60:5e:dd:0d:b6:eb:17:3c:ee:57:a1:18:5f:8c:65:
                    55:15:30:46:3e:7e:0b:82:ab:63:ce:ea:30:2f:cd:
                    98:d6:ac:2f:4d:47:a9:ee:ca:71:e2:14:4b:30:2a:
                    52:9e:50:43:8e:86:8d:83:a2:3b:92:d6:8e:6b:84:
                    26:c5:1a:40:2c:1e:38:1d:3b:41:09:38:f9:ed:19:
                    b5:ff:7a:f5:c0:e6:97:a0:5a:59:13:53:13:da:11:
                    9d:3c:47:99:66:c1:ca:ca:86:03:99:9a:6f:27:6e:
                    5d:46:00:75:35:0a:43:8c:42:57:06:40:27:2c:68:
                    10:48:2c:58:fd:35:9c:33:b4:d7:2b:b2:04:c7:98:
                    90:d5:c1:a1:a2:1c:98:d0:a8:97:da:3f:c0:f5:86:
                    eb:e0:60:b0:33:12:55:d0:74:9b:a6:c9:c7:40:e4:
                    1a:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                A8:D6:83:E5:E5:2C:47:A1:AE:E9:AC:14:9F:87:21:7E:38:1E:EC:F6
            X509v3 Authority Key Identifier: 
                keyid:14:5C:EB:79:B0:D5:DB:9F:C4:E7:7F:51:2F:67:23:08:5F:3E:D1:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9149E94/9A0F8854AA0B11EA94461B25C4F9AE02/FFzrebDV25_E539RL2cjCF8-0bk.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FFzrebDV25_E539RL2cjCF8-0bk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149E94/9A0F8854AA0B11EA94461B25C4F9AE02/4DA0DCC8AA0D11EA9746F027C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.9.192.0/22
                  103.73.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         21:4e:2a:a0:8a:49:79:fa:c4:25:66:91:0d:31:85:9b:b4:36:
         2c:a2:68:f2:a5:1f:3c:85:3a:ab:73:98:1e:96:58:76:c7:dd:
         cc:df:1a:a1:70:ad:67:65:a5:2a:10:6a:be:54:60:70:99:56:
         2b:c7:4b:1d:46:5e:e4:ba:2e:ae:2b:6f:78:d1:98:75:de:eb:
         03:d2:a8:bc:98:f3:0c:bd:d7:35:63:e1:49:b9:5d:70:08:7a:
         b1:16:a8:85:03:b6:5c:62:90:3a:1d:2e:52:f2:8c:fe:ba:15:
         a2:6c:ea:b1:b1:87:f4:97:2d:5f:6d:e0:ee:49:ef:e6:1d:59:
         02:ca:4c:97:07:bd:e3:28:27:03:3b:7c:77:3a:4f:5e:67:a9:
         a1:10:86:29:06:16:ca:15:98:39:4c:69:01:bf:e8:43:c2:5f:
         6e:4c:3f:de:4f:1f:8f:8f:6a:03:60:89:d5:ed:0e:1a:9e:0d:
         9f:a4:32:36:1c:71:f3:75:ee:e4:4b:50:e2:5e:b4:47:31:b4:
         65:cd:dd:06:fa:9f:5b:9e:4a:dc:1e:f1:8d:97:f2:28:ef:52:
         bb:ae:62:0d:52:0f:40:bb:c2:94:97:0d:6e:55:ef:f4:f0:37:
         96:5e:c4:20:fe:fb:8a:c5:a0:85:57:31:7a:7c:ae:09:ba:48:
         8a:34:ce:d8
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBn8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlFOTQxMTAvBgNVBAUTKDE0NUNFQjc5QjBENURCOUZDNEU3N0Y1MTJGNjcyMzA4
NUYzRUQxQjkwHhcNMjIwNzI1MTAyODUxWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmRlNzA2My1iZDhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv+CzxGZemxnDabnc8EY3Bt1+HaEZsIbJamCZfmCTRQaJPtjPDn/eREEzdZSE
Cw4939X+0SyihpdtTTuDu4EFKyyhe+X5mkp6driyH7WK5mgpl4g6TcGJX+BgXt0N
tusXPO5XoRhfjGVVFTBGPn4LgqtjzuowL82Y1qwvTUep7spx4hRLMCpSnlBDjoaN
g6I7ktaOa4QmxRpALB44HTtBCTj57Rm1/3r1wOaXoFpZE1MT2hGdPEeZZsHKyoYD
mZpvJ25dRgB1NQpDjEJXBkAnLGgQSCxY/TWcM7TXK7IEx5iQ1cGhohyY0KiX2j/A
9Ybr4GCwMxJV0HSbpsnHQOQa8QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKjWg+Xl
LEehrumsFJ+HIX44Huz2MB8GA1UdIwQYMBaAFBRc63mw1dufxOd/US9nIwhfPtG5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUU5NC85QTBGODg1NEFB
MEIxMUVBOTQ0NjFCMjVDNEY5QUUwMi9GRnpyZWJEVjI1X0U1MzlSTDJjakNGOC0w
YmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZGenJlYkRWMjVfRTUzOVJMMmNqQ0Y4LTBiay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDlFOTQvOUEwRjg4NTRBQTBCMTFFQTk0NDYxQjI1QzRGOUFFMDIvNERBMERDQzhB
QTBEMTFFQTk3NDZGMDI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnCcADBAJnSWAwDQYJKoZIhvcNAQELBQADggEBACFOKqCK
SXn6xCVmkQ0xhZu0NiyiaPKlHzyFOqtzmB6WWHbH3czfGqFwrWdlpSoQar5UYHCZ
VivHSx1GXuS6Lq4rb3jRmHXe6wPSqLyY8wy91zVj4Um5XXAIerEWqIUDtlxikDod
LlLyjP66FaJs6rGxh/SXLV9t4O5J7+YdWQLKTJcHveMoJwM7fHc6T15nqaEQhikG
FsoVmDlMaQG/6EPCX25MP95PH4+PagNgidXtDhqeDZ+kMjYccfN17uRLUOJetEcx
tGXN3Qb6n1ueStwe8Y2X8ijvUruuYg1SD0C7wpSXDW5V7/TwN5ZexCD++4rFoIVX
MXp8rgm6SIo0ztg=
-----END CERTIFICATE-----
Generated at Sat Dec 3 17:57:43 2022 by rpki-client.