Route Origin Authorization

$ cd rpki.apnic.net/member_repository/A915418F/75B90D24AFB811EAA76E5E7BC4F9AE02/

$ rpki-client -vvf 3BEF1820AFBA11EA8449B980C4F9AE02.roa
File:                     3BEF1820AFBA11EA8449B980C4F9AE02.roa (download)
Hash identifier:          AGeV+s2EFxswkarm+mMwAq5hcOI99Z6+hS2KWJGyhL8=
Subject key identifier:   8B:3B:D8:09:BE:FB:3A:32:09:BB:2C:81:AC:18:F3:B5:62:B0:93:0B
Certificate issuer:       /CN=A915418F/serialNumber=D1B6BE7CD51545813EC31766807ACDD987A90FDF
Certificate serial:       0630
Authority key identifier: D1:B6:BE:7C:D5:15:45:81:3E:C3:17:66:80:7A:CD:D9:87:A9:0F:DF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0ba-fNUVRYE-wxdmgHrN2YepD98.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915418F/75B90D24AFB811EAA76E5E7BC4F9AE02/3BEF1820AFBA11EA8449B980C4F9AE02.roa
ROA valid until:          Aug 31 00:00:00 2023 GMT
asID:                     135386
IP address blocks:
    1: 103.118.48.0/23 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1584 (0x630)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915418F/serialNumber=D1B6BE7CD51545813EC31766807ACDD987A90FDF
        Validity
            Not Before: Jun 28 10:17:48 2022 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=62bad54c-ee3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:94:ee:af:4a:9a:66:2d:08:8b:9f:20:14:85:
                    8c:57:6b:fe:23:6f:a7:7d:da:28:4b:74:8c:be:66:
                    54:4f:4d:e7:7d:75:29:3b:25:92:ab:d0:eb:d3:ed:
                    43:e8:97:21:58:40:93:9f:ff:d4:17:dc:3b:53:7b:
                    61:74:78:6b:e7:c8:34:81:96:7d:5c:fa:c4:3c:f3:
                    67:34:1a:38:c5:bb:79:51:e4:fd:e7:b0:e5:cf:ee:
                    4d:49:8b:b4:09:80:65:8c:40:f4:bb:15:9b:59:73:
                    34:4e:28:45:9e:58:ec:09:c8:88:a4:63:78:8e:d4:
                    1d:4e:e7:3f:05:33:90:88:a3:4b:5b:a8:78:e9:39:
                    03:fd:6a:2d:33:e7:d0:b6:35:b7:7e:f2:34:ba:a9:
                    90:77:a0:3f:14:62:b9:28:fd:22:03:97:3a:18:8f:
                    00:a7:ad:1c:62:b8:63:4f:0a:79:3d:1e:b9:45:7a:
                    be:01:27:36:88:c5:73:ce:f1:64:95:ba:4c:f1:3f:
                    3f:7d:bb:54:cd:f7:0a:88:30:5a:21:26:52:bd:05:
                    3c:fe:eb:eb:50:16:38:20:ee:a3:94:28:45:ec:e9:
                    55:cc:d3:d3:6d:d6:c6:35:86:82:ed:19:e0:15:92:
                    fe:36:01:1b:4d:a1:97:a4:2b:ec:12:88:59:47:0f:
                    58:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                8B:3B:D8:09:BE:FB:3A:32:09:BB:2C:81:AC:18:F3:B5:62:B0:93:0B
            X509v3 Authority Key Identifier: 
                keyid:D1:B6:BE:7C:D5:15:45:81:3E:C3:17:66:80:7A:CD:D9:87:A9:0F:DF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915418F/75B90D24AFB811EAA76E5E7BC4F9AE02/0ba-fNUVRYE-wxdmgHrN2YepD98.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0ba-fNUVRYE-wxdmgHrN2YepD98.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915418F/75B90D24AFB811EAA76E5E7BC4F9AE02/3BEF1820AFBA11EA8449B980C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.118.48.0/23

    Signature Algorithm: sha256WithRSAEncryption
         71:31:b2:f8:28:16:2c:71:4c:dc:14:43:bb:7a:bc:d4:21:19:
         fc:bf:db:bc:48:ef:f6:0c:5b:99:35:11:47:f9:7c:d5:f1:ab:
         e0:ba:03:1b:ad:c1:b0:e9:0a:20:cb:3a:41:ee:6e:e9:30:0c:
         6f:6c:54:ca:59:13:bf:94:20:14:8e:81:a0:5e:d2:64:f2:24:
         82:15:3a:9f:f3:0f:05:06:01:a2:a2:a5:de:9e:85:61:b8:a0:
         61:93:bc:e6:33:64:1c:36:d3:36:2c:55:2c:80:2f:a6:43:9f:
         c6:47:2d:f3:fd:e6:2d:80:fe:26:b8:d9:da:14:74:80:a6:52:
         79:e2:f5:1e:a6:17:b6:a8:a7:36:40:72:0d:a5:93:09:76:f0:
         d7:fe:47:90:57:a2:ca:c8:95:d4:eb:21:21:30:55:c3:d7:4a:
         6a:26:f8:d9:34:71:2a:e6:c1:46:34:11:36:29:87:75:5a:f1:
         a9:44:c4:30:89:27:ee:fc:64:d6:c4:c1:a0:4b:02:2a:db:32:
         27:93:25:74:32:1c:3f:e9:2a:75:16:db:d9:fa:b0:19:09:4d:
         a0:17:40:62:ce:c2:e5:38:f9:85:79:e8:dd:ae:2b:15:41:5b:
         59:7a:51:8d:a8:c1:86:fb:9a:3b:1c:31:e6:05:4f:cf:33:e0:
         b4:f7:2e:c1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBjAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTQxOEYxMTAvBgNVBAUTKEQxQjZCRTdDRDUxNTQ1ODEzRUMzMTc2NjgwN0FDREQ5
ODdBOTBGREYwHhcNMjIwNjI4MTAxNzQ4WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmJhZDU0Yy1lZTNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxZTur0qaZi0Ii58gFIWMV2v+I2+nfdooS3SMvmZUT03nfXUpOyWSq9Dr0+1D
6JchWECTn//UF9w7U3thdHhr58g0gZZ9XPrEPPNnNBo4xbt5UeT957Dlz+5NSYu0
CYBljED0uxWbWXM0TihFnljsCciIpGN4jtQdTuc/BTOQiKNLW6h46TkD/WotM+fQ
tjW3fvI0uqmQd6A/FGK5KP0iA5c6GI8Ap60cYrhjTwp5PR65RXq+ASc2iMVzzvFk
lbpM8T8/fbtUzfcKiDBaISZSvQU8/uvrUBY4IO6jlChF7OlVzNPTbdbGNYaC7Rng
FZL+NgEbTaGXpCvsEohZRw9YVQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIs72Am+
+zoyCbssgawY87VisJMLMB8GA1UdIwQYMBaAFNG2vnzVFUWBPsMXZoB6zdmHqQ/f
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NDE4Ri83NUI5MEQyNEFG
QjgxMUVBQTc2RTVFN0JDNEY5QUUwMi8wYmEtZk5VVlJZRS13eGRtZ0hyTjJZZXBE
OTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBiYS1mTlVWUllFLXd4ZG1nSHJOMlllcEQ5OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTQxOEYvNzVCOTBEMjRBRkI4MTFFQUE3NkU1RTdCQzRGOUFFMDIvM0JFRjE4MjBB
RkJBMTFFQTg0NDlCOTgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFndjAwDQYJKoZIhvcNAQELBQADggEBAHExsvgoFixxTNwU
Q7t6vNQhGfy/27xI7/YMW5k1EUf5fNXxq+C6AxutwbDpCiDLOkHubukwDG9sVMpZ
E7+UIBSOgaBe0mTyJIIVOp/zDwUGAaKipd6ehWG4oGGTvOYzZBw20zYsVSyAL6ZD
n8ZHLfP95i2A/ia42doUdICmUnni9R6mF7aopzZAcg2lkwl28Nf+R5BXosrIldTr
ISEwVcPXSmom+Nk0cSrmwUY0ETYph3Va8alExDCJJ+78ZNbEwaBLAirbMieTJXQy
HD/pKnUW29n6sBkJTaAXQGLOwuU4+YV56N2uKxVBW1l6UY2owYb7mjscMeYFT88z
4LT3LsE=
-----END CERTIFICATE-----
Generated at Sat Dec 3 17:57:45 2022 by rpki-client.