Route Origin Authorization

$ cd rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/

$ rpki-client -vvf 2CD5AAF8060311EBBE15EA18C4F9AE02.roa
File:                     2CD5AAF8060311EBBE15EA18C4F9AE02.roa (download)
Hash identifier:          b5MCulCX0PTMKUC3G/5q4VZETjaIhL4e4Fk7cI9WXAg=
Subject key identifier:   58:FB:6B:18:12:54:34:CF:A9:6D:20:40:CF:CF:AF:17:34:35:D4:9C
Certificate issuer:       /CN=A914AE22/serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4
Certificate serial:       0884
Authority key identifier: 72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/2CD5AAF8060311EBBE15EA18C4F9AE02.roa
ROA valid until:          Jul 30 00:00:00 2023 GMT
asID:                     135386
IP address blocks:
    1: 45.248.68.0/22 maxlen: 22
    2: 45.248.68.0/24 maxlen: 24
    3: 45.248.69.0/24 maxlen: 24
    4: 45.248.70.0/24 maxlen: 24
    5: 45.248.71.0/24 maxlen: 24
    6: 103.216.216.0/22 maxlen: 24
    7: 2404:f880::/32 maxlen: 32

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2180 (0x884)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914AE22/serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4
        Validity
            Not Before: Apr 13 08:48:13 2022 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=62568e4d-b889
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:19:d6:3e:21:2f:76:6c:f9:c5:c5:90:b4:40:
                    51:e2:06:4c:c3:4c:84:20:3f:49:6e:d2:c9:b6:1e:
                    cb:68:10:7b:9f:eb:12:c2:1a:3e:e0:11:95:35:b4:
                    8a:de:ee:41:1c:8b:f2:cf:45:eb:2e:3a:e4:2c:5e:
                    8e:ae:44:ed:bc:94:13:1a:33:73:59:ff:aa:72:eb:
                    3a:08:75:5b:3d:46:06:79:ad:5d:1c:04:04:fb:3b:
                    69:21:d5:c1:73:00:47:d3:31:5a:2c:01:5a:bb:5a:
                    4a:ab:5d:d4:da:9b:15:28:06:67:ba:fb:10:21:75:
                    36:85:03:c1:fb:16:ac:28:23:66:73:97:07:72:4a:
                    99:82:8f:34:93:bc:9e:6f:ac:4c:09:ca:da:76:76:
                    97:9b:7e:f9:46:87:e2:3d:47:b3:8b:5d:50:2e:79:
                    04:67:d0:66:5d:78:51:8f:3e:b1:72:24:84:e1:0a:
                    c5:68:b2:df:99:d6:66:dc:3c:42:6b:ef:f2:d7:31:
                    f8:d3:0c:03:2a:2b:dd:36:00:ff:3e:d1:38:62:f5:
                    75:d4:82:14:46:1f:76:57:34:f4:8a:08:60:74:15:
                    7c:b3:dc:45:d8:87:85:c6:9e:71:f4:f9:bb:f3:0e:
                    b8:29:28:55:4f:15:90:0c:5e:5e:35:83:a5:04:17:
                    9d:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                58:FB:6B:18:12:54:34:CF:A9:6D:20:40:CF:CF:AF:17:34:35:D4:9C
            X509v3 Authority Key Identifier: 
                keyid:72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/2CD5AAF8060311EBBE15EA18C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.248.68.0/22
                  103.216.216.0/22
                IPv6:
                  2404:f880::/32

    Signature Algorithm: sha256WithRSAEncryption
         00:06:53:0d:21:30:c7:e6:c2:63:c6:21:21:7f:0a:78:12:63:
         7c:ba:d6:74:93:92:47:3c:e0:91:16:9c:a7:8f:c7:8e:c9:d4:
         97:17:62:1a:e3:0a:6d:0d:6e:e1:44:45:7b:14:a6:7e:1f:ec:
         eb:f6:29:54:19:75:bc:ee:e5:72:a8:db:2a:f2:2d:e4:c4:02:
         0f:34:11:a1:e5:3d:0b:1f:a2:13:c3:02:f7:f7:ab:65:5b:43:
         61:b9:cb:57:43:be:75:cc:8b:40:f6:17:3d:1e:2c:6a:9a:d7:
         05:78:e3:a7:71:79:15:c8:d3:dc:65:00:e1:80:8a:cb:21:91:
         86:ef:81:06:07:e3:f3:d0:06:8d:f5:58:83:06:53:5f:65:86:
         6a:39:fa:f3:17:1a:f0:8e:f9:12:c0:ba:a2:b1:21:ff:80:2f:
         78:e1:3b:19:51:e9:ae:82:a6:32:0d:3b:93:3d:ac:98:58:ad:
         79:a9:f2:95:fe:76:64:c7:9a:96:c5:d8:ba:2d:b8:8b:ed:32:
         59:2d:bc:92:aa:b9:4c:70:4f:9c:50:62:14:0e:a7:14:94:0e:
         19:d8:8c:10:de:9a:ad:77:38:5f:20:ab:bc:f8:a1:c4:98:33:
         21:ac:f8:32:d7:d0:21:07:c9:8b:2e:2b:47:6b:c0:8c:90:24:
         d2:75:e5:e0
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCIQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEFFMjIxMTAvBgNVBAUTKDcyNjIyMEQ5OEJDQzdEQzY2QTNDQ0YzNzY3N0VBMEEz
REIwOTBEQTQwHhcNMjIwNDEzMDg0ODEzWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjU2OGU0ZC1iODg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2RnWPiEvdmz5xcWQtEBR4gZMw0yEID9JbtLJth7LaBB7n+sSwho+4BGVNbSK
3u5BHIvyz0XrLjrkLF6OrkTtvJQTGjNzWf+qcus6CHVbPUYGea1dHAQE+ztpIdXB
cwBH0zFaLAFau1pKq13U2psVKAZnuvsQIXU2hQPB+xasKCNmc5cHckqZgo80k7ye
b6xMCcradnaXm375RofiPUezi11QLnkEZ9BmXXhRjz6xciSE4QrFaLLfmdZm3DxC
a+/y1zH40wwDKivdNgD/PtE4YvV11IIURh92VzT0ighgdBV8s9xF2IeFxp5x9Pm7
8w64KShVTxWQDF5eNYOlBBed2wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFFj7axgS
VDTPqW0gQM/Prxc0NdScMB8GA1UdIwQYMBaAFHJiINmLzH3GajzPN2d+oKPbCQ2k
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QUUyMi9CMTc4NDM5RTFC
QkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZjWnFQTTgzWjM2Z285c0pE
YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NtSWcyWXZNZmNacVBNODNaMzZnbzlzSkRhUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEFFMjIvQjE3ODQzOUUxQkJGMTFFQUI2QTc0RjcxQzRGOUFFMDIvMkNENUFBRjgw
NjAzMTFFQkJFMTVFQTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAIt+EQDBAJn2NgwDQQCAAIwBwMFACQE+IAwDQYJKoZIhvcN
AQELBQADggEBAAAGUw0hMMfmwmPGISF/CngSY3y61nSTkkc84JEWnKePx47J1JcX
YhrjCm0NbuFERXsUpn4f7Ov2KVQZdbzu5XKo2yryLeTEAg80EaHlPQsfohPDAvf3
q2VbQ2G5y1dDvnXMi0D2Fz0eLGqa1wV446dxeRXI09xlAOGAisshkYbvgQYH4/PQ
Bo31WIMGU19lhmo5+vMXGvCO+RLAuqKxIf+AL3jhOxlR6a6CpjINO5M9rJhYrXmp
8pX+dmTHmpbF2LotuIvtMlktvJKquUxwT5xQYhQOpxSUDhnYjBDemq13OF8gq7z4
ocSYMyGs+DLX0CEHyYsuK0drwIyQJNJ15eA=
-----END CERTIFICATE-----
Generated at Sat Dec 3 19:49:06 2022 by rpki-client.