Route Origin Authorization

$ cd rpki.apnic.net/member_repository/A917BC03/AB66351EA7ED11EA91DCC566C4F9AE02/

$ rpki-client -vvf 6CA9B5C2B1A911EC85A03563C4F9AE02.roa
File:                     6CA9B5C2B1A911EC85A03563C4F9AE02.roa (download)
Hash identifier:          ItLO/lrWKkzDQH2Q2K8vDtTGsgPPwiwzUZNPQ6RZFiE=
Subject key identifier:   4D:D7:4E:BC:A9:50:05:90:1C:81:F4:CB:3F:D8:B8:AB:73:16:FC:12
Certificate issuer:       /CN=A917BC03/serialNumber=167D9E47FD35B229D323EECBEC0A514EEB7C92DC
Certificate serial:       0689
Authority key identifier: 16:7D:9E:47:FD:35:B2:29:D3:23:EE:CB:EC:0A:51:4E:EB:7C:92:DC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fn2eR_01sinTI-7L7ApRTut8ktw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917BC03/AB66351EA7ED11EA91DCC566C4F9AE02/6CA9B5C2B1A911EC85A03563C4F9AE02.roa
ROA valid until:          May 01 00:00:00 2023 GMT
asID:                     135386
IP address blocks:
    1: 103.50.16.0/22 maxlen: 22
    2: 103.50.16.0/24 maxlen: 24
    3: 103.50.17.0/24 maxlen: 24
    4: 103.50.18.0/24 maxlen: 24
    5: 103.50.19.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1673 (0x689)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917BC03/serialNumber=167D9E47FD35B229D323EECBEC0A514EEB7C92DC
        Validity
            Not Before: Jul 20 10:28:12 2022 GMT
            Not After : May  1 00:00:00 2023 GMT
        Subject: CN=62d7d8bc-ec70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:b1:7f:45:9a:19:d0:52:bd:a0:7a:2e:86:17:
                    d6:68:bb:55:32:55:ab:d9:5e:11:3e:8a:65:92:bf:
                    3b:65:d2:c9:2e:0c:9a:4b:b0:61:c3:a1:69:d4:a8:
                    93:1a:de:ea:8f:5d:d5:8c:bc:eb:54:06:d3:7c:a4:
                    92:89:ba:b5:a8:ca:c1:d5:8e:d3:89:d1:69:18:de:
                    2a:6b:cd:38:47:41:23:c1:c0:a5:9a:4a:7b:54:35:
                    86:a1:46:85:c3:9d:4d:c5:f1:0a:c6:e8:11:0f:27:
                    1d:68:14:e4:be:24:55:9c:17:69:0e:9b:de:41:75:
                    5a:f5:ee:24:bb:12:88:01:6a:8e:73:7c:e4:4f:b1:
                    be:b4:b1:de:4f:a5:a8:01:5d:68:c6:8f:9b:4f:be:
                    0d:17:43:c8:79:bf:a4:a7:1a:b3:2c:f1:83:f3:36:
                    2f:36:3e:ee:ac:86:0e:2e:8f:20:0c:db:17:21:b3:
                    0b:66:f3:04:23:c8:e2:c3:0c:c9:5f:d0:60:5b:13:
                    1a:3f:c1:2e:d2:37:8b:b5:dd:23:2a:ec:f0:58:4a:
                    dc:9b:be:91:c5:dc:65:55:bf:7e:7d:d3:40:89:17:
                    2c:c4:00:6e:f9:10:c3:03:b7:77:cd:81:b4:86:8e:
                    32:e2:ac:af:13:4e:2a:54:cf:4d:df:fb:61:3d:f0:
                    f3:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                4D:D7:4E:BC:A9:50:05:90:1C:81:F4:CB:3F:D8:B8:AB:73:16:FC:12
            X509v3 Authority Key Identifier: 
                keyid:16:7D:9E:47:FD:35:B2:29:D3:23:EE:CB:EC:0A:51:4E:EB:7C:92:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917BC03/AB66351EA7ED11EA91DCC566C4F9AE02/Fn2eR_01sinTI-7L7ApRTut8ktw.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fn2eR_01sinTI-7L7ApRTut8ktw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BC03/AB66351EA7ED11EA91DCC566C4F9AE02/6CA9B5C2B1A911EC85A03563C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.50.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         63:89:17:86:ff:25:0a:a3:4e:9c:60:86:02:f5:73:1e:73:53:
         03:2a:cc:7d:2e:bc:17:67:b7:9b:3e:ce:55:96:05:98:08:85:
         19:d5:87:d0:87:47:6c:1f:47:de:db:76:6e:c6:0b:05:ab:09:
         db:27:09:50:a9:d2:d1:f2:43:7e:c9:07:8c:a9:cf:5b:45:1b:
         41:ed:7e:17:74:fc:aa:21:8d:51:55:47:56:f6:a1:91:d7:85:
         d4:ae:e8:f7:6c:a1:9c:6d:c8:7e:51:04:81:99:31:20:1a:b9:
         b0:60:9f:4f:1b:5e:7a:da:ff:72:6b:5c:3f:16:8b:ef:52:61:
         d8:43:73:46:6e:b2:76:90:08:84:1c:7d:a4:c7:6f:09:7c:c4:
         13:0a:2e:ca:8e:6c:b9:fa:58:7e:61:2c:a9:09:f3:ae:79:67:
         c3:67:1d:a4:4f:fb:78:ba:a2:92:99:01:2c:64:81:0d:ba:87:
         c8:c9:18:56:38:d1:33:1d:73:d6:b9:18:03:7b:bd:17:aa:cb:
         f5:56:0a:62:08:6e:eb:ef:e3:17:de:fe:25:6b:95:3a:a0:ca:
         04:c9:9c:7d:35:ed:58:72:b0:7c:63:43:24:47:b2:6d:79:6e:
         43:72:17:fe:91:0c:f6:5c:72:d6:d7:4a:99:9d:e4:bd:50:8f:
         bd:1f:82:e3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBokwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0JDMDMxMTAvBgNVBAUTKDE2N0Q5RTQ3RkQzNUIyMjlEMzIzRUVDQkVDMEE1MTRF
RUI3QzkyREMwHhcNMjIwNzIwMTAyODEyWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmQ3ZDhiYy1lYzcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwrF/RZoZ0FK9oHouhhfWaLtVMlWr2V4RPoplkr87ZdLJLgyaS7Bhw6Fp1KiT
Gt7qj13VjLzrVAbTfKSSibq1qMrB1Y7TidFpGN4qa804R0EjwcClmkp7VDWGoUaF
w51NxfEKxugRDycdaBTkviRVnBdpDpveQXVa9e4kuxKIAWqOc3zkT7G+tLHeT6Wo
AV1oxo+bT74NF0PIeb+kpxqzLPGD8zYvNj7urIYOLo8gDNsXIbMLZvMEI8jiwwzJ
X9BgWxMaP8Eu0jeLtd0jKuzwWErcm76RxdxlVb9+fdNAiRcsxABu+RDDA7d3zYG0
ho4y4qyvE04qVM9N3/thPfDzJQIDAQABo4IClTCCApEwHQYDVR0OBBYEFE3XTryp
UAWQHIH0yz/YuKtzFvwSMB8GA1UdIwQYMBaAFBZ9nkf9NbIp0yPuy+wKUU7rfJLc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QkMwMy9BQjY2MzUxRUE3
RUQxMUVBOTFEQ0M1NjZDNEY5QUUwMi9GbjJlUl8wMXNpblRJLTdMN0FwUlR1dDhr
dHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZuMmVSXzAxc2luVEktN0w3QXBSVHV0OGt0dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0JDMDMvQUI2NjM1MUVBN0VEMTFFQTkxRENDNTY2QzRGOUFFMDIvNkNBOUI1QzJC
MUE5MTFFQzg1QTAzNTYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnMhAwDQYJKoZIhvcNAQELBQADggEBAGOJF4b/JQqjTpxg
hgL1cx5zUwMqzH0uvBdnt5s+zlWWBZgIhRnVh9CHR2wfR97bdm7GCwWrCdsnCVCp
0tHyQ37JB4ypz1tFG0Htfhd0/KohjVFVR1b2oZHXhdSu6PdsoZxtyH5RBIGZMSAa
ubBgn08bXnra/3JrXD8Wi+9SYdhDc0ZusnaQCIQcfaTHbwl8xBMKLsqObLn6WH5h
LKkJ8655Z8NnHaRP+3i6opKZASxkgQ26h8jJGFY40TMdc9a5GAN7vReqy/VWCmII
buvv4xfe/iVrlTqgygTJnH017VhysHxjQyRHsm15bkNyF/6RDPZcctbXSpmd5L1Q
j70fguM=
-----END CERTIFICATE-----
Generated at Sat Dec 3 19:12:13 2022 by rpki-client.