Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916BCDF/F858344EE36D11E8956F3516C4F9AE02/051C9854E9B911E8B7734A26C4F9AE02.roa
File:                     051C9854E9B911E8B7734A26C4F9AE02.roa (download)
Hash identifier:          KLecoxxPF4KTg/yRHNEZBUQzcbHBy6LH/twm/VMyZP8=
Subject key identifier:   E4:28:19:A5:DB:5B:AE:7E:FF:6C:56:61:B3:FE:5E:BE:EC:27:BF:EB
Certificate issuer:       /CN=A916BCDF/serialNumber=51AAAC7F6F58F747072C87EC2F4878EF1CB8F4CE
Certificate serial:       1024
Authority key identifier: 51:AA:AC:7F:6F:58:F7:47:07:2C:87:EC:2F:48:78:EF:1C:B8:F4:CE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Uaqsf29Y90cHLIfsL0h47xy49M4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916BCDF/F858344EE36D11E8956F3516C4F9AE02/051C9854E9B911E8B7734A26C4F9AE02.roa
ROA valid until:          Dec 30 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 43.224.32.0/22 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4132 (0x1024)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916BCDF/serialNumber=51AAAC7F6F58F747072C87EC2F4878EF1CB8F4CE
        Validity
            Not Before: Oct 30 18:24:50 2022 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=635ec172-7861
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:0e:9a:5f:34:0a:23:d4:0c:56:a0:88:d8:8d:
                    cc:8f:43:82:ec:ae:5e:84:0f:23:67:75:7e:63:e2:
                    ec:87:da:ce:80:62:bb:d2:d8:96:5c:42:c3:88:1a:
                    92:2f:b7:f8:36:d4:0b:3e:64:41:5c:2f:47:34:ca:
                    49:39:a6:05:e1:eb:67:e3:d6:61:e8:29:dd:24:3c:
                    29:af:13:79:2d:13:62:6d:2a:c6:c5:b2:11:62:c7:
                    b9:2b:51:85:46:7c:0d:78:0a:39:fd:3b:bc:a6:e8:
                    c6:ed:db:39:dd:13:9a:d7:55:ba:10:8e:98:f8:bb:
                    d3:44:1b:2c:8f:85:c9:1f:7b:2a:a7:c9:ab:77:70:
                    fc:f1:61:10:e9:6c:de:f4:eb:4d:44:66:df:92:01:
                    ec:cb:db:c0:ac:fa:ee:04:01:fc:18:5b:41:2b:2f:
                    a4:ec:e7:b6:05:16:78:76:04:f9:18:e8:13:0f:f9:
                    19:90:c3:42:dc:e1:05:e2:7c:d6:00:93:fa:a9:96:
                    5a:4a:57:88:92:09:fe:f4:7c:f8:8d:3c:45:81:de:
                    be:33:57:d6:8f:06:51:f0:26:2e:a3:2e:f0:dc:b3:
                    7b:fb:d0:78:a2:80:f2:23:e0:e0:7f:6a:56:81:94:
                    0e:f3:05:13:5b:ed:b9:dd:41:4e:0d:ba:3a:57:64:
                    19:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                E4:28:19:A5:DB:5B:AE:7E:FF:6C:56:61:B3:FE:5E:BE:EC:27:BF:EB
            X509v3 Authority Key Identifier: 
                keyid:51:AA:AC:7F:6F:58:F7:47:07:2C:87:EC:2F:48:78:EF:1C:B8:F4:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916BCDF/F858344EE36D11E8956F3516C4F9AE02/Uaqsf29Y90cHLIfsL0h47xy49M4.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Uaqsf29Y90cHLIfsL0h47xy49M4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BCDF/F858344EE36D11E8956F3516C4F9AE02/051C9854E9B911E8B7734A26C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.224.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         94:44:b6:6e:82:2a:a3:ee:30:6f:1f:b3:4a:dd:ac:72:86:7c:
         b6:27:75:80:9a:26:73:a0:71:03:c2:82:6c:cb:f5:d3:e0:e8:
         09:85:06:2a:0b:9b:58:31:f5:ed:f4:08:75:66:98:82:15:9f:
         78:ce:7e:f1:f7:12:9c:e9:78:fa:ba:08:ff:9c:f0:87:4b:14:
         3c:80:9f:2f:13:8e:00:63:f9:9b:ec:dd:ce:72:38:c4:78:b1:
         81:ce:30:f2:dd:8d:c3:cc:ad:52:5f:ae:ae:7e:77:7b:d2:bf:
         21:2b:bb:75:58:2a:4a:d4:4d:78:d4:e3:a7:d8:c8:a4:56:e6:
         83:1a:de:86:69:30:38:b7:28:01:ab:19:b4:2b:35:66:52:39:
         19:5e:d1:99:8b:83:ab:bb:4f:b5:06:d6:f7:cf:ac:a4:a5:40:
         e4:18:57:91:03:68:64:6f:05:e3:19:67:e2:6a:9e:b1:6c:7f:
         8a:ca:af:38:6a:75:16:3b:cf:84:7e:0a:9b:59:cc:ab:7b:4f:
         07:af:c0:b4:3e:b3:2f:ea:56:51:9a:0e:97:4f:0e:6b:2b:8a:
         62:78:67:47:9e:7d:0d:0e:cf:17:2f:64:55:d6:7a:16:e9:83:
         90:52:80:09:46:d4:2a:18:28:c8:1d:cf:0f:5f:1c:b1:b4:2d:
         8d:1e:85:8f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICECQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkJDREYxMTAvBgNVBAUTKDUxQUFBQzdGNkY1OEY3NDcwNzJDODdFQzJGNDg3OEVG
MUNCOEY0Q0UwHhcNMjIxMDMwMTgyNDUwWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzVlYzE3Mi03ODYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9Q6aXzQKI9QMVqCI2I3Mj0OC7K5ehA8jZ3V+Y+Lsh9rOgGK70tiWXELDiBqS
L7f4NtQLPmRBXC9HNMpJOaYF4etn49Zh6CndJDwprxN5LRNibSrGxbIRYse5K1GF
RnwNeAo5/Tu8pujG7ds53ROa11W6EI6Y+LvTRBssj4XJH3sqp8mrd3D88WEQ6Wze
9OtNRGbfkgHsy9vArPruBAH8GFtBKy+k7Oe2BRZ4dgT5GOgTD/kZkMNC3OEF4nzW
AJP6qZZaSleIkgn+9Hz4jTxFgd6+M1fWjwZR8CYuoy7w3LN7+9B4ooDyI+Dgf2pW
gZQO8wUTW+253UFODbo6V2QZWQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOQoGaXb
W65+/2xWYbP+Xr7sJ7/rMB8GA1UdIwQYMBaAFFGqrH9vWPdHByyH7C9IeO8cuPTO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QkNERi9GODU4MzQ0RUUz
NkQxMUU4OTU2RjM1MTZDNEY5QUUwMi9VYXFzZjI5WTkwY0hMSWZzTDBoNDd4eTQ5
TTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VhcXNmMjlZOTBjSExJZnNMMGg0N3h5NDlNNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkJDREYvRjg1ODM0NEVFMzZEMTFFODk1NkYzNTE2QzRGOUFFMDIvMDUxQzk4NTRF
OUI5MTFFOEI3NzM0QTI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAIr4CAwDQYJKoZIhvcNAQELBQADggEBAJREtm6CKqPuMG8f
s0rdrHKGfLYndYCaJnOgcQPCgmzL9dPg6AmFBioLm1gx9e30CHVmmIIVn3jOfvH3
EpzpePq6CP+c8IdLFDyAny8TjgBj+Zvs3c5yOMR4sYHOMPLdjcPMrVJfrq5+d3vS
vyEru3VYKkrUTXjU46fYyKRW5oMa3oZpMDi3KAGrGbQrNWZSORle0ZmLg6u7T7UG
1vfPrKSlQOQYV5EDaGRvBeMZZ+JqnrFsf4rKrzhqdRY7z4R+CptZzKt7TwevwLQ+
sy/qVlGaDpdPDmsrimJ4Z0eefQ0OzxcvZFXWehbpg5BSgAlG1CoYKMgdzw9fHLG0
LY0ehY8=
-----END CERTIFICATE-----
Generated at Fri Dec 9 01:29:21 2022 by rpki-client.