Route Origin Authorization

$ cd rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/

$ rpki-client -vvf 84E5AEAE9DBB11ECAEF71E5FC4F9AE02.roa
File:                     84E5AEAE9DBB11ECAEF71E5FC4F9AE02.roa (download)
Hash identifier:          Cs6+V4hGCVj0X7kuXL81n5N6f0n8a1Y0dtbTdrNYwBc=
Subject key identifier:   FB:7B:26:00:7D:43:09:00:91:E5:FE:94:C3:67:FF:3D:7A:68:7A:9F
Certificate issuer:       /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Certificate serial:       081A
Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/84E5AEAE9DBB11ECAEF71E5FC4F9AE02.roa
ROA valid until:          Jul 30 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 2406:840:9888::/48 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2074 (0x81a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
        Validity
            Not Before: May 11 10:11:30 2022 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=627b8bd1-a514
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:5b:a3:77:5a:b8:79:c3:4f:68:83:e6:26:5e:
                    88:fc:3b:69:63:4e:4a:24:cb:aa:59:a5:48:1f:df:
                    44:2c:71:79:f9:64:c8:45:86:08:bd:d0:20:eb:75:
                    99:f4:f0:ef:8d:e8:cd:bd:20:dd:e8:72:95:d9:9a:
                    ec:b4:07:f5:49:04:33:04:60:b4:aa:d8:1f:0c:24:
                    2e:7b:27:d6:c1:45:b8:83:b7:e1:08:63:7c:1a:a1:
                    53:52:0c:1e:27:67:7d:8e:cf:b8:11:b3:15:40:6b:
                    a9:a4:78:bb:03:32:10:2a:8d:7a:22:0c:c0:92:77:
                    b1:2c:f7:e3:67:c8:bc:c6:4f:33:3b:23:65:a7:e8:
                    54:f4:ed:3a:c3:6c:74:e5:8c:0f:75:78:05:60:72:
                    de:5a:f7:a5:fe:db:e5:78:e9:9e:5b:2b:cf:48:0d:
                    28:5f:79:3e:2b:0d:19:52:88:ed:f3:41:9c:79:21:
                    d0:d7:c6:80:d5:28:b7:a8:8c:66:47:dd:c9:53:7a:
                    21:2b:a5:56:8f:e4:b8:d5:cf:28:4d:7c:0b:8b:51:
                    7c:a5:b7:df:b5:c3:43:1a:76:bc:df:83:d4:f3:18:
                    22:6a:0f:1e:20:cd:c4:7a:0a:8f:e6:73:76:b3:0c:
                    9b:59:46:eb:96:cb:06:63:32:27:85:89:60:e5:0a:
                    34:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                FB:7B:26:00:7D:43:09:00:91:E5:FE:94:C3:67:FF:3D:7A:68:7A:9F
            X509v3 Authority Key Identifier: 
                keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/84E5AEAE9DBB11ECAEF71E5FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:840:9888::/48

    Signature Algorithm: sha256WithRSAEncryption
         87:92:61:fd:c9:84:7c:4b:3e:59:2d:f6:f9:e4:e9:28:5b:94:
         e3:d3:96:8e:29:eb:58:17:73:3d:a3:d4:c4:f6:00:87:58:66:
         f6:b7:43:d5:0c:2e:de:11:96:f0:13:c6:d4:da:53:43:5e:aa:
         33:00:c3:9c:b2:f7:c8:e5:2c:60:a6:78:a3:e2:50:d3:16:c9:
         30:e0:a3:94:ca:43:b3:9a:b0:55:a7:2d:72:4a:a1:d9:fe:3c:
         61:c1:63:3b:96:46:35:a3:e3:3c:d4:26:ce:5b:3e:27:98:40:
         ee:a3:70:44:90:89:fc:a2:65:3d:aa:17:22:8a:82:d7:fd:4d:
         41:6f:70:03:26:a9:6d:a8:27:63:5e:fa:bd:45:f8:a8:1d:d2:
         a9:ab:b2:27:ba:5a:6e:46:33:1f:c6:0b:00:e3:bc:db:a6:62:
         d4:48:37:06:8b:45:ca:1c:6d:40:9c:5f:3f:ff:e0:16:24:b7:
         70:cb:b0:77:e3:52:4f:a5:7b:a2:e1:09:99:79:5d:bc:a1:55:
         f9:f6:79:68:1f:09:05:d0:d6:78:5a:cd:46:de:67:55:9f:a0:
         6c:f7:14:7b:ef:1f:9f:57:32:1f:c2:b8:7a:99:2d:cb:ce:f7:
         28:19:89:ef:b3:cb:5a:b5:fb:bf:7b:0e:da:e7:3d:97:dc:fb:
         ef:22:01:db
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICCBowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE
RTExQ0ExQTUwHhcNMjIwNTExMTAxMTMwWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjdiOGJkMS1hNTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA41ujd1q4ecNPaIPmJl6I/DtpY05KJMuqWaVIH99ELHF5+WTIRYYIvdAg63WZ
9PDvjejNvSDd6HKV2ZrstAf1SQQzBGC0qtgfDCQueyfWwUW4g7fhCGN8GqFTUgwe
J2d9js+4EbMVQGuppHi7AzIQKo16IgzAknexLPfjZ8i8xk8zOyNlp+hU9O06w2x0
5YwPdXgFYHLeWvel/tvleOmeWyvPSA0oX3k+Kw0ZUojt80GceSHQ18aA1Si3qIxm
R93JU3ohK6VWj+S41c8oTXwLi1F8pbfftcNDGna834PU8xgiag8eIM3EegqP5nN2
swybWUbrlssGYzInhYlg5Qo0YQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFPt7JgB9
QwkAkeX+lMNn/z16aHqfMB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2
MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvODRFNUFFQUU5
REJCMTFFQ0FFRjcxRTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkBghAmIgwDQYJKoZIhvcNAQELBQADggEBAIeSYf3JhHxL
Plkt9vnk6ShblOPTlo4p61gXcz2j1MT2AIdYZva3Q9UMLt4RlvATxtTaU0NeqjMA
w5yy98jlLGCmeKPiUNMWyTDgo5TKQ7OasFWnLXJKodn+PGHBYzuWRjWj4zzUJs5b
PieYQO6jcESQifyiZT2qFyKKgtf9TUFvcAMmqW2oJ2Ne+r1F+Kgd0qmrsie6Wm5G
Mx/GCwDjvNumYtRINwaLRcocbUCcXz//4BYkt3DLsHfjUk+le6LhCZl5XbyhVfn2
eWgfCQXQ1nhazUbeZ1WfoGz3FHvvH59XMh/CuHqZLcvO9ygZie+zy1q1+797Dtrn
PZfc++8iAds=
-----END CERTIFICATE-----
Generated at Sat Dec 3 19:12:14 2022 by rpki-client.