Route Origin Authorization

$ cd rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/

$ rpki-client -vvf D7120558A7ED11EA95BED565C4F9AE02.roa
File:                     D7120558A7ED11EA95BED565C4F9AE02.roa (download)
Hash identifier:          RVQJS3Biv9uqg78jGVI0mzXJu0OQzzuM5s5Ei9jLLgY=
Subject key identifier:   1E:27:54:A8:58:7B:65:AE:98:1A:4C:F9:D1:5A:A2:86:BA:D2:8A:FD
Certificate issuer:       /CN=A9161A58/serialNumber=B4669D30D210E4907CD2888BE74B89A6DD3CB6C8
Certificate serial:       0683
Authority key identifier: B4:66:9D:30:D2:10:E4:90:7C:D2:88:8B:E7:4B:89:A6:DD:3C:B6:C8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tGadMNIQ5JB80oiL50uJpt08tsg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/D7120558A7ED11EA95BED565C4F9AE02.roa
ROA valid until:          Jul 30 00:00:00 2023 GMT
asID:                     135386
IP address blocks:
    1: 43.230.204.0/22 maxlen: 22
    2: 43.230.204.0/24 maxlen: 24
    3: 43.230.205.0/24 maxlen: 24
    4: 43.230.206.0/24 maxlen: 24
    5: 43.230.207.0/24 maxlen: 24
    6: 103.56.44.0/22 maxlen: 22
    7: 103.56.44.0/24 maxlen: 24
    8: 103.56.45.0/24 maxlen: 24
    9: 103.56.46.0/24 maxlen: 24
   10: 103.56.47.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1667 (0x683)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9161A58/serialNumber=B4669D30D210E4907CD2888BE74B89A6DD3CB6C8
        Validity
            Not Before: Jul 21 10:27:36 2022 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=62d92a18-6402
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:88:47:ae:73:66:b0:b0:6e:7e:1f:d0:b6:36:
                    4d:6b:66:8b:f8:f9:dd:ac:19:ac:c1:f4:98:0d:a3:
                    db:af:c3:94:75:08:84:ac:23:e7:37:27:c0:1f:6b:
                    17:e9:65:cf:e6:ac:d7:90:cc:99:09:16:01:e7:98:
                    e5:3e:de:34:e1:9e:47:9b:dc:c5:51:96:70:ad:63:
                    92:f6:42:03:b3:e5:af:c3:1f:2b:75:04:0a:5a:63:
                    3b:45:c4:87:e3:9d:85:4d:d4:06:7a:7d:62:ca:9a:
                    45:2e:b5:7c:36:7e:f4:90:96:c1:d3:e3:61:9f:01:
                    ac:43:db:8e:db:16:7d:87:5e:31:63:2f:71:af:ee:
                    72:da:99:0b:0b:bf:d6:d9:1a:b9:84:36:2c:29:cc:
                    40:37:0a:85:a5:b0:48:7e:0d:b5:6c:b0:f0:fc:fa:
                    dc:cc:7d:d6:3c:c0:fc:ba:ba:fe:54:6d:96:9d:4b:
                    ff:d4:67:16:eb:fc:46:55:63:dd:a5:34:6d:4d:7a:
                    12:42:63:13:20:83:23:ce:56:6a:de:10:56:61:f2:
                    b4:95:54:2f:22:31:18:3e:26:46:12:7e:6c:5b:f0:
                    e1:66:6f:75:28:e1:14:5d:49:1d:dc:c9:88:0a:b5:
                    03:0a:92:bd:ec:ae:7a:2c:a0:fc:3b:46:25:f2:d8:
                    af:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                1E:27:54:A8:58:7B:65:AE:98:1A:4C:F9:D1:5A:A2:86:BA:D2:8A:FD
            X509v3 Authority Key Identifier: 
                keyid:B4:66:9D:30:D2:10:E4:90:7C:D2:88:8B:E7:4B:89:A6:DD:3C:B6:C8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/tGadMNIQ5JB80oiL50uJpt08tsg.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tGadMNIQ5JB80oiL50uJpt08tsg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/D7120558A7ED11EA95BED565C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.230.204.0/22
                  103.56.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7a:ec:c6:03:ad:08:9a:e5:39:0a:93:5f:1a:bd:35:22:40:5e:
         bf:cb:94:f9:ee:6e:43:1f:e7:13:dd:02:89:c2:b0:e2:1b:34:
         ff:2c:36:39:34:b1:a7:2b:b2:64:a7:17:5b:2d:30:77:89:4c:
         08:bc:37:c6:aa:fd:da:af:b6:1a:2c:de:34:5e:f2:5b:c9:91:
         96:8b:aa:7d:9f:18:58:f0:50:2c:50:ae:44:27:a1:ef:3c:a2:
         87:4e:2d:86:10:7a:6b:c2:5d:fc:87:8b:06:2a:65:e3:78:98:
         71:f4:b3:d9:c2:88:34:ac:51:3f:c1:ae:61:5a:4b:af:9f:49:
         f3:8e:da:94:a1:72:f9:99:b5:55:04:2d:14:12:3c:84:4b:a6:
         13:9c:0f:7b:c9:2d:6f:f2:d5:14:67:93:c0:1c:3b:ee:b2:77:
         16:9d:45:7e:68:13:ad:b6:cf:a2:1d:b9:75:ee:77:b6:bc:d2:
         d9:81:0e:6f:76:e1:99:98:58:ef:eb:5d:ed:87:73:1c:c9:c0:
         a0:54:63:4d:ae:28:52:c3:a7:b4:1b:ca:46:31:0b:b4:44:5c:
         c8:c4:18:a7:5e:84:50:78:2a:da:e0:66:03:3c:c8:60:74:30:
         41:42:f3:18:36:d0:8d:1c:0b:15:58:0b:99:a8:f6:2c:11:85:
         e3:ed:cc:84
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBoMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjFBNTgxMTAvBgNVBAUTKEI0NjY5RDMwRDIxMEU0OTA3Q0QyODg4QkU3NEI4OUE2
REQzQ0I2QzgwHhcNMjIwNzIxMTAyNzM2WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmQ5MmExOC02NDAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8ohHrnNmsLBufh/QtjZNa2aL+PndrBmswfSYDaPbr8OUdQiErCPnNyfAH2sX
6WXP5qzXkMyZCRYB55jlPt404Z5Hm9zFUZZwrWOS9kIDs+Wvwx8rdQQKWmM7RcSH
452FTdQGen1iyppFLrV8Nn70kJbB0+NhnwGsQ9uO2xZ9h14xYy9xr+5y2pkLC7/W
2Rq5hDYsKcxANwqFpbBIfg21bLDw/PrczH3WPMD8urr+VG2WnUv/1GcW6/xGVWPd
pTRtTXoSQmMTIIMjzlZq3hBWYfK0lVQvIjEYPiZGEn5sW/DhZm91KOEUXUkd3MmI
CrUDCpK97K56LKD8O0Yl8tiv1QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFB4nVKhY
e2WumBpM+dFaooa60or9MB8GA1UdIwQYMBaAFLRmnTDSEOSQfNKIi+dLiabdPLbI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MUE1OC9CMzg5MzA0RUE3
RUMxMUVBODA0ODU4NjRDNEY5QUUwMi90R2FkTU5JUTVKQjgwb2lMNTB1SnB0MDh0
c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RHYWRNTklRNUpCODBvaUw1MHVKcHQwOHRzZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjFBNTgvQjM4OTMwNEVBN0VDMTFFQTgwNDg1ODY0QzRGOUFFMDIvRDcxMjA1NThB
N0VEMTFFQTk1QkVENTY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr5swDBAJnOCwwDQYJKoZIhvcNAQELBQADggEBAHrsxgOt
CJrlOQqTXxq9NSJAXr/LlPnubkMf5xPdAonCsOIbNP8sNjk0sacrsmSnF1stMHeJ
TAi8N8aq/dqvthos3jRe8lvJkZaLqn2fGFjwUCxQrkQnoe88oodOLYYQemvCXfyH
iwYqZeN4mHH0s9nCiDSsUT/BrmFaS6+fSfOO2pShcvmZtVUELRQSPIRLphOcD3vJ
LW/y1RRnk8AcO+6ydxadRX5oE622z6IduXXud7a80tmBDm924ZmYWO/rXe2HcxzJ
wKBUY02uKFLDp7QbykYxC7REXMjEGKdehFB4KtrgZgM8yGB0MEFC8xg20I0cCxVY
C5mo9iwRhePtzIQ=
-----END CERTIFICATE-----
Generated at Sat Dec 3 19:12:08 2022 by rpki-client.