Route Origin Authorization

$ cd rpki.apnic.net/member_repository/A917FFBF/ED52F030C5F411EC8E80D886C4F9AE02/

$ rpki-client -vvf 6AE91888C5FC11EC9127557EC4F9AE02.roa
File:                     6AE91888C5FC11EC9127557EC4F9AE02.roa (download)
Hash identifier:          pohHz9a5PNxevcdkGnJz91vJpGUUZ4J4gA7SlduOwp8=
Subject key identifier:   B0:02:42:D0:79:9F:3C:08:BF:F5:FC:A9:F2:4F:9F:49:F0:71:93:A4
Certificate issuer:       /CN=A917FFBF/serialNumber=9CFA869DC306357D7AC3092E4FFFD04CA502775E
Certificate serial:       02
Authority key identifier: 9C:FA:86:9D:C3:06:35:7D:7A:C3:09:2E:4F:FF:D0:4C:A5:02:77:5E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nPqGncMGNX16wwkuT__QTKUCd14.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917FFBF/ED52F030C5F411EC8E80D886C4F9AE02/6AE91888C5FC11EC9127557EC4F9AE02.roa
ROA valid until:          Mar 31 00:00:00 2023 GMT
asID:                     135386
IP address blocks:
    1: 103.177.222.0/23 maxlen: 24
    2: 2001:df0:2c40::/48 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917FFBF/serialNumber=9CFA869DC306357D7AC3092E4FFFD04CA502775E
        Validity
            Not Before: Apr 27 07:34:06 2022 GMT
            Not After : Mar 31 00:00:00 2023 GMT
        Subject: CN=6268f1ee-5f5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:12:dd:6b:46:1f:a6:34:f7:7c:34:12:c0:8e:
                    4a:3c:d2:0d:40:94:25:ef:93:fb:37:64:43:c1:ea:
                    bd:19:9f:48:8e:55:cd:de:88:b1:b8:24:78:3a:1d:
                    b6:7b:1f:19:f4:63:d4:4d:b8:61:11:01:34:21:d9:
                    61:94:84:6a:5b:78:de:63:95:1c:00:df:5e:28:5c:
                    42:f8:e2:ef:2d:32:bc:c0:00:49:30:f3:0b:c3:02:
                    1b:23:10:ce:34:4e:44:4a:e4:26:1b:7c:2e:07:5d:
                    db:4d:25:8a:5b:a3:82:e6:5e:40:c2:1d:17:a3:a9:
                    53:66:d6:e6:41:9e:ec:59:17:2c:f4:43:95:54:1c:
                    1e:7e:87:a2:98:03:24:5c:ba:ff:f0:98:52:fa:79:
                    62:9b:d3:94:7e:53:d1:3a:e8:74:51:a6:a7:2e:d2:
                    83:91:b9:a3:ef:84:76:c7:b1:67:5f:dd:af:38:16:
                    e0:4d:03:1d:4b:24:ae:1b:f7:ef:05:1f:04:c0:be:
                    44:ac:18:f1:54:0e:f6:b6:86:95:d0:c1:fe:a2:36:
                    27:ed:6b:63:90:10:67:bd:02:72:cd:65:94:3e:7c:
                    64:23:01:e4:bb:4d:82:da:78:72:00:97:89:eb:f5:
                    84:34:7c:80:ab:00:02:e7:01:62:89:24:4f:a3:65:
                    b0:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                B0:02:42:D0:79:9F:3C:08:BF:F5:FC:A9:F2:4F:9F:49:F0:71:93:A4
            X509v3 Authority Key Identifier: 
                keyid:9C:FA:86:9D:C3:06:35:7D:7A:C3:09:2E:4F:FF:D0:4C:A5:02:77:5E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917FFBF/ED52F030C5F411EC8E80D886C4F9AE02/nPqGncMGNX16wwkuT__QTKUCd14.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nPqGncMGNX16wwkuT__QTKUCd14.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917FFBF/ED52F030C5F411EC8E80D886C4F9AE02/6AE91888C5FC11EC9127557EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.177.222.0/23
                IPv6:
                  2001:df0:2c40::/48

    Signature Algorithm: sha256WithRSAEncryption
         25:50:83:68:f6:7d:57:1a:04:56:28:c7:0d:f0:94:06:b7:e9:
         b8:e7:9d:d9:db:b8:e4:0f:c4:af:e8:82:11:e5:ef:b6:ce:81:
         39:79:6f:8f:f3:0f:e4:d7:4e:4f:a1:25:15:96:9a:e9:74:d7:
         c7:e1:6e:ab:33:23:65:21:5e:8a:35:78:f0:90:76:8d:a2:52:
         9e:ee:74:15:c7:b1:f2:8c:a8:b4:75:e0:7b:ca:83:24:a3:85:
         48:bb:5f:89:21:7d:32:9a:cf:c5:7d:e5:7a:1c:88:da:4c:91:
         a4:bf:e2:3f:38:66:5a:67:69:0e:53:aa:db:38:52:02:ea:da:
         7b:11:b5:e0:f9:8a:2f:c9:3a:21:5b:e5:63:ee:f1:a1:42:2a:
         4e:f8:e6:a5:b3:7d:8f:3f:47:6b:9d:8c:0d:d6:21:69:b8:9c:
         b6:68:08:82:b6:45:08:80:5a:3b:0c:4f:8a:f8:b1:a7:26:5b:
         33:02:12:9c:62:55:b4:81:5c:25:a8:a4:ae:76:11:f3:96:f1:
         f1:42:83:fe:03:3c:a0:0a:74:42:16:4b:a5:ba:a7:d8:1b:83:
         ca:a5:a1:3a:9a:cb:ba:f3:58:c1:c1:dd:94:1a:4e:99:68:44:
         68:a5:47:45:93:d8:e8:45:5f:db:14:67:73:a9:dd:58:f9:7d:
         40:70:68:a9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
RkZCRjExMC8GA1UEBRMoOUNGQTg2OURDMzA2MzU3RDdBQzMwOTJFNEZGRkQwNENB
NTAyNzc1RTAeFw0yMjA0MjcwNzM0MDZaFw0yMzAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNjhmMWVlLTVmNWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDYEt1rRh+mNPd8NBLAjko80g1AlCXvk/s3ZEPB6r0Zn0iOVc3eiLG4JHg6HbZ7
Hxn0Y9RNuGERATQh2WGUhGpbeN5jlRwA314oXEL44u8tMrzAAEkw8wvDAhsjEM40
TkRK5CYbfC4HXdtNJYpbo4LmXkDCHRejqVNm1uZBnuxZFyz0Q5VUHB5+h6KYAyRc
uv/wmFL6eWKb05R+U9E66HRRpqcu0oORuaPvhHbHsWdf3a84FuBNAx1LJK4b9+8F
HwTAvkSsGPFUDva2hpXQwf6iNifta2OQEGe9AnLNZZQ+fGQjAeS7TYLaeHIAl4nr
9YQ0fICrAALnAWKJJE+jZbBHAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUsAJC0Hmf
PAi/9fyp8k+fSfBxk6QwHwYDVR0jBBgwFoAUnPqGncMGNX16wwkuT//QTKUCd14w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdGRkJGL0VENTJGMDMwQzVG
NDExRUM4RTgwRDg4NkM0RjlBRTAyL25QcUduY01HTlgxNnd3a3VUX19RVEtVQ2Qx
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvblBxR25jTUdOWDE2d3drdVRfX1FUS1VDZDE0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RkZCRi9FRDUyRjAzMEM1RjQxMUVDOEU4MEQ4ODZDNEY5QUUwMi82QUU5MTg4OEM1
RkMxMUVDOTEyNzU1N0VDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWex3jAPBAIAAjAJAwcAIAEN8CxAMA0GCSqGSIb3DQEBCwUA
A4IBAQAlUINo9n1XGgRWKMcN8JQGt+m4553Z27jkD8Sv6IIR5e+2zoE5eW+P8w/k
105PoSUVlprpdNfH4W6rMyNlIV6KNXjwkHaNolKe7nQVx7HyjKi0deB7yoMko4VI
u1+JIX0yms/FfeV6HIjaTJGkv+I/OGZaZ2kOU6rbOFIC6tp7EbXg+YovyTohW+Vj
7vGhQipO+Oals32PP0drnYwN1iFpuJy2aAiCtkUIgFo7DE+K+LGnJlszAhKcYlW0
gVwlqKSudhHzlvHxQoP+AzygCnRCFkuluqfYG4PKpaE6msu681jBwd2UGk6ZaERo
pUdFk9joRV/bFGdzqd1Y+X1AcGip
-----END CERTIFICATE-----
Generated at Sat Dec 3 19:49:16 2022 by rpki-client.