Route Origin Authorization

$ cd rpki.apnic.net/member_repository/A9157BF7/AD2AC72EFBEA11EAA0AC331AC4F9AE02/

$ rpki-client -vvf 1E69B82CAD5311EBA93CEB69C4F9AE02.roa
File:                     1E69B82CAD5311EBA93CEB69C4F9AE02.roa (download)
Hash identifier:          ulm4k9XsQzLEioLQO46sWQ5A50sPwp0zT3WUzGaaALA=
Subject key identifier:   E5:46:57:89:3D:17:02:E7:1D:6A:C2:21:5D:8A:60:41:4A:99:F0:22
Certificate issuer:       /CN=A9157BF7/serialNumber=9B4601B6B0B78FB8FE9E39334A81B5A5DD595629
Certificate serial:       05E4
Authority key identifier: 9B:46:01:B6:B0:B7:8F:B8:FE:9E:39:33:4A:81:B5:A5:DD:59:56:29
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m0YBtrC3j7j-njkzSoG1pd1ZVik.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9157BF7/AD2AC72EFBEA11EAA0AC331AC4F9AE02/1E69B82CAD5311EBA93CEB69C4F9AE02.roa
ROA valid until:          Dec 01 00:00:00 2023 GMT
asID:                     135386
IP address blocks:
    1: 103.155.120.0/23 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1508 (0x5e4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9157BF7/serialNumber=9B4601B6B0B78FB8FE9E39334A81B5A5DD595629
        Validity
            Not Before: Oct 28 23:29:35 2022 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=635c65df-fd29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ce:55:7b:c8:33:ee:c8:2f:3f:c8:9f:a0:88:
                    e2:40:66:7e:27:82:51:d2:c4:42:28:b4:2b:2b:e9:
                    ce:8b:a7:ef:7c:04:06:28:c9:a8:ca:ec:75:2f:b8:
                    35:08:6b:79:c4:b0:c9:2c:21:2e:6a:0d:7c:36:76:
                    2a:27:36:18:ce:df:71:e4:80:b8:e2:62:bd:e4:e3:
                    c9:19:3e:8e:6f:da:f1:48:96:89:d9:32:45:1d:3d:
                    e3:a1:c0:5d:57:2e:6c:40:c9:ea:44:b4:38:e6:dc:
                    0a:f0:9f:9f:32:02:a8:b6:3c:49:62:8b:20:e4:a0:
                    fc:90:96:76:63:ff:59:97:ee:b2:ef:c9:b7:be:1a:
                    55:dc:99:7a:1c:08:5c:1c:0a:4c:a0:58:eb:cf:5c:
                    0a:80:0a:94:ce:48:89:65:35:2c:19:33:17:87:2b:
                    51:47:e3:77:77:1a:f8:d8:88:cd:aa:d5:6e:c5:3e:
                    64:8d:43:49:5b:ec:18:63:c4:ad:ce:b3:c2:8f:ea:
                    72:a1:df:26:55:ca:ef:9b:17:ad:f5:5a:9e:9a:32:
                    6b:56:83:31:a6:39:c0:6a:05:c6:d5:3b:bd:53:97:
                    91:2b:73:1d:2f:2b:a8:30:73:db:e5:af:39:fc:7a:
                    6e:8e:6c:d6:ee:e7:1e:0a:a0:44:d3:3a:7b:f5:ce:
                    17:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                E5:46:57:89:3D:17:02:E7:1D:6A:C2:21:5D:8A:60:41:4A:99:F0:22
            X509v3 Authority Key Identifier: 
                keyid:9B:46:01:B6:B0:B7:8F:B8:FE:9E:39:33:4A:81:B5:A5:DD:59:56:29

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9157BF7/AD2AC72EFBEA11EAA0AC331AC4F9AE02/m0YBtrC3j7j-njkzSoG1pd1ZVik.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m0YBtrC3j7j-njkzSoG1pd1ZVik.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157BF7/AD2AC72EFBEA11EAA0AC331AC4F9AE02/1E69B82CAD5311EBA93CEB69C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.155.120.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1e:d7:94:19:68:48:c8:19:19:81:da:b7:e8:06:19:c2:d0:04:
         43:19:e4:e5:df:41:de:f6:5b:8d:75:51:71:7d:72:58:99:75:
         06:64:97:2c:1d:2f:89:3b:b3:d8:17:45:d8:ae:f4:d9:eb:20:
         c3:a9:20:8f:d6:29:bf:56:0b:2c:2a:4c:d2:83:2a:ad:01:54:
         10:05:06:19:f6:ef:ce:f9:e2:33:94:28:30:85:86:74:01:5c:
         fd:94:eb:53:d1:02:3d:41:32:75:d5:c1:6c:5f:98:2a:3e:5d:
         c7:81:c0:20:20:b1:50:a4:3b:de:b5:d0:be:4d:0a:98:b1:80:
         57:01:12:6e:35:c4:50:da:f2:e1:24:59:9a:9e:ba:06:59:82:
         d1:84:2b:34:f9:c6:70:bc:8d:88:26:1b:28:e3:6b:e6:d4:7a:
         67:cb:ac:8e:15:85:e8:05:43:45:4c:86:15:8e:24:6c:60:c2:
         21:10:9f:d0:b6:07:a0:6f:3c:f6:41:93:27:1a:a8:84:13:d3:
         dd:ce:1e:df:40:47:63:4e:cb:9d:3f:02:07:1c:d8:88:03:7e:
         e0:d1:09:6d:ff:29:6c:9a:d8:41:1d:ad:f6:36:c7:a4:8c:02:
         a5:74:18:80:a7:ad:d2:7f:99:94:37:19:8e:17:75:b3:3a:ca:
         f9:81:49:23
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBeQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdCRjcxMTAvBgNVBAUTKDlCNDYwMUI2QjBCNzhGQjhGRTlFMzkzMzRBODFCNUE1
REQ1OTU2MjkwHhcNMjIxMDI4MjMyOTM1WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzVjNjVkZi1mZDI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAus5Ve8gz7sgvP8ifoIjiQGZ+J4JR0sRCKLQrK+nOi6fvfAQGKMmoyux1L7g1
CGt5xLDJLCEuag18NnYqJzYYzt9x5IC44mK95OPJGT6Ob9rxSJaJ2TJFHT3jocBd
Vy5sQMnqRLQ45twK8J+fMgKotjxJYosg5KD8kJZ2Y/9Zl+6y78m3vhpV3Jl6HAhc
HApMoFjrz1wKgAqUzkiJZTUsGTMXhytRR+N3dxr42IjNqtVuxT5kjUNJW+wYY8St
zrPCj+pyod8mVcrvmxet9VqemjJrVoMxpjnAagXG1Tu9U5eRK3MdLyuoMHPb5a85
/HpujmzW7uceCqBE0zp79c4XpQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOVGV4k9
FwLnHWrCIV2KYEFKmfAiMB8GA1UdIwQYMBaAFJtGAbawt4+4/p45M0qBtaXdWVYp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0JGNy9BRDJBQzcyRUZC
RUExMUVBQTBBQzMzMUFDNEY5QUUwMi9tMFlCdHJDM2o3ai1uamt6U29HMXBkMVpW
aWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL20wWUJ0ckMzajdqLW5qa3pTb0cxcGQxWlZpay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdCRjcvQUQyQUM3MkVGQkVBMTFFQUEwQUMzMzFBQzRGOUFFMDIvMUU2OUI4MkNB
RDUzMTFFQkE5M0NFQjY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnm3gwDQYJKoZIhvcNAQELBQADggEBAB7XlBloSMgZGYHa
t+gGGcLQBEMZ5OXfQd72W411UXF9cliZdQZklywdL4k7s9gXRdiu9NnrIMOpII/W
Kb9WCywqTNKDKq0BVBAFBhn278754jOUKDCFhnQBXP2U61PRAj1BMnXVwWxfmCo+
XceBwCAgsVCkO9610L5NCpixgFcBEm41xFDa8uEkWZqeugZZgtGEKzT5xnC8jYgm
Gyjja+bUemfLrI4VhegFQ0VMhhWOJGxgwiEQn9C2B6BvPPZBkycaqIQT093OHt9A
R2NOy50/Agcc2IgDfuDRCW3/KWya2EEdrfY2x6SMAqV0GICnrdJ/mZQ3GY4XdbM6
yvmBSSM=
-----END CERTIFICATE-----
Generated at Sat Dec 3 18:35:00 2022 by rpki-client.