Route Origin Authorization

$ cd rpki.apnic.net/member_repository/A9153AC4/3BF4A698261011EAAD746978C4F9AE02/

$ rpki-client -vvf 0E50DF10261311EAAD88B67EC4F9AE02.roa
File:                     0E50DF10261311EAAD88B67EC4F9AE02.roa (download)
Hash identifier:          cxXpAD6QBJVnTmEOd8NPkucR+73swrC5ivIp8FnGpGs=
Subject key identifier:   CD:27:00:1F:E7:CA:F7:59:2C:7A:47:50:D5:FF:B0:A7:92:3B:71:CE
Certificate issuer:       /CN=A9153AC4/serialNumber=5A8FC6D9B992322F2D7C07734543F79897ED8037
Certificate serial:       091A
Authority key identifier: 5A:8F:C6:D9:B9:92:32:2F:2D:7C:07:73:45:43:F7:98:97:ED:80:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wo_G2bmSMi8tfAdzRUP3mJftgDc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9153AC4/3BF4A698261011EAAD746978C4F9AE02/0E50DF10261311EAAD88B67EC4F9AE02.roa
ROA valid until:          Sep 30 00:00:00 2023 GMT
asID:                     135386
IP address blocks:
    1: 103.71.236.0/22 maxlen: 22
    2: 103.71.236.0/23 maxlen: 23
    3: 103.71.236.0/24 maxlen: 24
    4: 103.71.237.0/24 maxlen: 24
    5: 103.71.238.0/24 maxlen: 24
    6: 103.71.239.0/24 maxlen: 24
    7: 103.72.164.0/22 maxlen: 22
    8: 103.72.164.0/23 maxlen: 23
    9: 103.72.164.0/24 maxlen: 24
   10: 103.72.165.0/24 maxlen: 24
   11: 103.72.166.0/24 maxlen: 24
   12: 103.72.167.0/24 maxlen: 24
   13: 160.19.48.0/22 maxlen: 22
   14: 160.19.48.0/23 maxlen: 23
   15: 160.19.48.0/24 maxlen: 24
   16: 160.19.49.0/24 maxlen: 24
   17: 160.19.50.0/24 maxlen: 24
   18: 160.19.51.0/24 maxlen: 24
   19: 203.78.140.0/22 maxlen: 22
   20: 203.78.140.0/23 maxlen: 23
   21: 203.78.140.0/24 maxlen: 24
   22: 203.78.141.0/24 maxlen: 24
   23: 203.78.142.0/24 maxlen: 24
   24: 203.78.143.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2330 (0x91a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9153AC4/serialNumber=5A8FC6D9B992322F2D7C07734543F79897ED8037
        Validity
            Not Before: Jul 19 08:46:57 2022 GMT
            Not After : Sep 30 00:00:00 2023 GMT
        Subject: CN=62d66f80-964f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:a2:17:04:57:c0:40:46:43:12:e2:01:d8:cd:
                    32:5b:d7:d7:ef:35:6b:99:47:d7:e0:3d:bd:26:d3:
                    dc:82:c0:4a:81:99:ba:f5:c6:28:6a:e4:9f:ec:be:
                    14:e9:c2:b2:fa:c9:d2:91:f7:9f:0e:cc:b6:c5:2f:
                    86:f6:bb:49:64:bf:ae:23:5c:55:a1:d6:d4:c4:24:
                    bd:05:fc:48:bd:10:47:72:71:63:e3:18:4a:95:4c:
                    54:db:3e:b2:d1:3e:ad:50:40:ad:cd:94:e9:de:31:
                    9f:09:c9:8b:60:65:76:18:31:bf:6d:70:ee:49:c5:
                    52:1c:11:66:f1:40:33:29:43:7d:f0:77:75:26:e2:
                    fa:c7:55:ef:1a:e7:77:3a:81:72:eb:8d:55:23:90:
                    df:05:25:9f:9f:f7:9b:cd:d8:00:98:55:21:4a:bd:
                    c3:bf:df:d3:11:f5:bd:09:19:68:3f:0c:dd:4d:74:
                    88:b0:98:aa:8c:11:d2:4b:25:ff:9e:55:29:94:38:
                    ca:a0:6d:57:ef:91:d1:27:37:64:02:03:90:98:28:
                    07:cb:f3:1d:7b:08:64:dd:90:f1:8d:0a:ce:8b:6c:
                    69:6a:74:99:f8:34:95:44:05:19:49:2d:1c:1f:65:
                    cb:cd:87:f9:a5:9b:59:80:96:70:6f:bd:4b:fa:45:
                    75:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                CD:27:00:1F:E7:CA:F7:59:2C:7A:47:50:D5:FF:B0:A7:92:3B:71:CE
            X509v3 Authority Key Identifier: 
                keyid:5A:8F:C6:D9:B9:92:32:2F:2D:7C:07:73:45:43:F7:98:97:ED:80:37

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9153AC4/3BF4A698261011EAAD746978C4F9AE02/Wo_G2bmSMi8tfAdzRUP3mJftgDc.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wo_G2bmSMi8tfAdzRUP3mJftgDc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153AC4/3BF4A698261011EAAD746978C4F9AE02/0E50DF10261311EAAD88B67EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.71.236.0/22
                  103.72.164.0/22
                  160.19.48.0/22
                  203.78.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         76:5c:41:e8:cf:e8:e2:6a:ee:c6:ca:1a:34:d6:c4:d0:36:94:
         25:9a:10:4b:4f:70:93:26:4a:4b:91:ee:e7:c1:0c:98:76:59:
         77:8b:f8:dc:00:ff:9e:73:f9:95:c9:9e:37:4b:09:e0:31:c1:
         a8:1c:a5:1f:1c:f2:ab:58:e3:97:9b:ca:b2:e2:75:2c:a4:2f:
         95:cb:5b:87:81:07:91:72:09:a6:63:0c:74:46:c7:09:aa:4f:
         78:7f:a0:f9:92:50:79:1e:8a:25:de:02:74:40:cb:97:6e:4b:
         f8:6f:04:74:a9:e0:4d:4e:38:83:1a:6d:79:ec:e0:ee:ee:93:
         fd:4a:79:ae:e3:d3:7c:53:e1:a6:4e:8f:6b:b8:03:1d:e5:c1:
         9d:40:ab:31:93:dc:6d:75:e7:28:27:2b:23:ec:1c:c6:3a:2d:
         1a:15:73:26:f1:e6:0f:b8:7a:1b:59:b9:9f:1d:24:00:4a:30:
         9b:69:06:40:00:13:36:fe:b6:72:e3:13:ce:e0:0c:30:b9:91:
         ce:69:34:58:96:d3:f8:30:de:9e:d0:93:20:80:ff:16:5c:19:
         c0:f6:dd:55:28:b6:fc:c3:d0:55:53:e6:f2:14:b2:52:21:ff:
         9b:16:e2:52:1a:bb:a6:de:c7:eb:c5:a8:ec:ad:ef:3c:b1:c4:
         6b:95:05:1e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCRowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTNBQzQxMTAvBgNVBAUTKDVBOEZDNkQ5Qjk5MjMyMkYyRDdDMDc3MzQ1NDNGNzk4
OTdFRDgwMzcwHhcNMjIwNzE5MDg0NjU3WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmQ2NmY4MC05NjRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw6IXBFfAQEZDEuIB2M0yW9fX7zVrmUfX4D29JtPcgsBKgZm69cYoauSf7L4U
6cKy+snSkfefDsy2xS+G9rtJZL+uI1xVodbUxCS9BfxIvRBHcnFj4xhKlUxU2z6y
0T6tUECtzZTp3jGfCcmLYGV2GDG/bXDuScVSHBFm8UAzKUN98Hd1JuL6x1XvGud3
OoFy641VI5DfBSWfn/ebzdgAmFUhSr3Dv9/TEfW9CRloPwzdTXSIsJiqjBHSSyX/
nlUplDjKoG1X75HRJzdkAgOQmCgHy/Mdewhk3ZDxjQrOi2xpanSZ+DSVRAUZSS0c
H2XLzYf5pZtZgJZwb71L+kV1bQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFM0nAB/n
yvdZLHpHUNX/sKeSO3HOMB8GA1UdIwQYMBaAFFqPxtm5kjIvLXwHc0VD95iX7YA3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1M0FDNC8zQkY0QTY5ODI2
MTAxMUVBQUQ3NDY5NzhDNEY5QUUwMi9Xb19HMmJtU01pOHRmQWR6UlVQM21KZnRn
RGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dvX0cyYm1TTWk4dGZBZHpSVVAzbUpmdGdEYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTNBQzQvM0JGNEE2OTgyNjEwMTFFQUFENzQ2OTc4QzRGOUFFMDIvMEU1MERGMTAy
NjEzMTFFQUFEODhCNjdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAJnR+wDBAJnSKQDBAKgEzADBALLTowwDQYJKoZIhvcNAQEL
BQADggEBAHZcQejP6OJq7sbKGjTWxNA2lCWaEEtPcJMmSkuR7ufBDJh2WXeL+NwA
/55z+ZXJnjdLCeAxwagcpR8c8qtY45ebyrLidSykL5XLW4eBB5FyCaZjDHRGxwmq
T3h/oPmSUHkeiiXeAnRAy5duS/hvBHSp4E1OOIMabXns4O7uk/1Kea7j03xT4aZO
j2u4Ax3lwZ1AqzGT3G115ygnKyPsHMY6LRoVcybx5g+4ehtZuZ8dJABKMJtpBkAA
Ezb+tnLjE87gDDC5kc5pNFiW0/gw3p7QkyCA/xZcGcD23VUotvzD0FVT5vIUslIh
/5sW4lIau6bex+vFqOyt7zyxxGuVBR4=
-----END CERTIFICATE-----
Generated at Sat Dec 3 19:49:08 2022 by rpki-client.