Route Origin Authorization

$ cd rpki.apnic.net/member_repository/A919F207/12F2CC0AC26111EA986EEF41C4F9AE02/

$ rpki-client -vvf D661BF1821E111EB85E9C824C4F9AE02.roa
File:                     D661BF1821E111EB85E9C824C4F9AE02.roa (download)
Hash identifier:          hNwIGL6bgm4WfjaMWGJQ7T4yUGe4OMbU14OJsmHKvXw=
Subject key identifier:   44:72:3B:CC:0C:1E:C4:4B:7F:66:FE:20:67:9F:E2:67:C8:CB:34:D9
Certificate issuer:       /CN=A919F207/serialNumber=E73A79440444FE34C310F784894C4AB21EACAA04
Certificate serial:       0682
Authority key identifier: E7:3A:79:44:04:44:FE:34:C3:10:F7:84:89:4C:4A:B2:1E:AC:AA:04
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5zp5RARE_jTDEPeEiUxKsh6sqgQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919F207/12F2CC0AC26111EA986EEF41C4F9AE02/D661BF1821E111EB85E9C824C4F9AE02.roa
ROA valid until:          Oct 31 00:00:00 2023 GMT
asID:                     135386
IP address blocks:
    1: 103.153.36.0/23 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1666 (0x682)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919F207/serialNumber=E73A79440444FE34C310F784894C4AB21EACAA04
        Validity
            Not Before: Sep 24 10:59:43 2022 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=632ee31e-7060
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:82:a2:54:ab:f1:89:29:aa:f1:0d:16:91:ce:
                    c0:bb:a2:68:af:b6:62:ff:e0:3a:fd:31:55:04:a7:
                    16:b9:fd:6c:2b:60:64:10:35:cd:4e:49:62:65:13:
                    68:87:b5:f8:02:53:ae:21:40:df:16:2f:09:60:6f:
                    31:45:83:43:32:eb:a2:8a:93:6c:e9:05:fa:fa:05:
                    44:bb:f1:9f:1a:4f:58:fe:f6:e2:60:a0:75:15:ad:
                    2f:25:97:e3:3c:6a:75:1b:79:19:45:41:27:e6:86:
                    98:87:be:5c:3c:81:74:1b:53:39:04:27:e1:21:58:
                    ab:ec:71:52:4b:43:4c:2e:d2:83:e2:0e:98:09:89:
                    83:50:f5:53:6d:54:83:ab:43:7e:42:a9:c7:14:8e:
                    67:eb:54:c7:30:2b:7c:95:ed:d5:09:92:32:43:27:
                    39:2a:10:a3:c7:f6:cd:5e:4a:d2:89:35:41:7d:a7:
                    d8:4a:5f:e9:5e:5e:4b:de:00:a7:95:30:c1:4a:0d:
                    ba:bc:f5:09:85:4f:41:4b:e8:da:36:cc:27:e3:63:
                    6f:ed:ba:4a:5f:7d:0b:7b:8c:f7:eb:7a:1f:f4:e5:
                    d5:b7:ba:58:f6:1c:ea:56:17:6b:84:b8:4f:11:0a:
                    c8:23:c3:7e:73:82:d6:af:d9:04:bf:9a:2e:ae:7f:
                    72:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                44:72:3B:CC:0C:1E:C4:4B:7F:66:FE:20:67:9F:E2:67:C8:CB:34:D9
            X509v3 Authority Key Identifier: 
                keyid:E7:3A:79:44:04:44:FE:34:C3:10:F7:84:89:4C:4A:B2:1E:AC:AA:04

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919F207/12F2CC0AC26111EA986EEF41C4F9AE02/5zp5RARE_jTDEPeEiUxKsh6sqgQ.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5zp5RARE_jTDEPeEiUxKsh6sqgQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F207/12F2CC0AC26111EA986EEF41C4F9AE02/D661BF1821E111EB85E9C824C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.153.36.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7c:54:ec:27:3e:8b:5c:18:a8:0f:51:16:dd:07:22:ca:63:5c:
         00:d8:d2:33:30:e9:e6:cf:af:e3:d4:0e:81:73:18:7f:4c:b2:
         51:49:af:50:64:51:33:89:15:be:65:11:2d:58:3f:b3:07:04:
         59:96:ac:ef:3f:39:c1:ec:ef:d8:85:ca:0c:b4:9e:fb:42:ef:
         41:32:6a:20:c2:52:8c:5b:8a:3a:26:93:f5:9f:4e:de:f7:45:
         b1:5e:56:9e:80:50:b5:f2:e4:e2:67:7d:d6:ca:20:45:b7:ff:
         23:7a:f8:02:19:5d:ad:8f:7c:68:d9:5e:57:52:62:da:66:01:
         40:30:3e:38:ba:27:77:c0:02:23:43:f6:9d:4b:85:a9:1e:21:
         80:40:f4:dc:0c:2f:8f:59:22:b2:72:74:63:6b:f0:44:6c:e3:
         22:53:38:df:36:33:8c:b3:42:b3:ac:1e:25:89:4b:08:1d:17:
         cf:24:bc:76:f6:50:6f:2d:d6:55:ef:02:81:0c:df:7a:8a:e7:
         e1:e6:c3:bc:8f:3b:af:0b:91:08:04:a6:c7:04:d7:15:22:95:
         46:e1:17:2b:71:3a:53:d0:40:86:a6:26:dd:6d:0d:f1:30:8c:
         ed:e1:fd:fb:83:37:37:bb:4c:50:82:96:fc:84:89:0d:ad:ec:
         fa:eb:5e:13
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBoIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUYyMDcxMTAvBgNVBAUTKEU3M0E3OTQ0MDQ0NEZFMzRDMzEwRjc4NDg5NEM0QUIy
MUVBQ0FBMDQwHhcNMjIwOTI0MTA1OTQzWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzJlZTMxZS03MDYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApoKiVKvxiSmq8Q0Wkc7Au6Jor7Zi/+A6/TFVBKcWuf1sK2BkEDXNTkliZRNo
h7X4AlOuIUDfFi8JYG8xRYNDMuuiipNs6QX6+gVEu/GfGk9Y/vbiYKB1Fa0vJZfj
PGp1G3kZRUEn5oaYh75cPIF0G1M5BCfhIVir7HFSS0NMLtKD4g6YCYmDUPVTbVSD
q0N+QqnHFI5n61THMCt8le3VCZIyQyc5KhCjx/bNXkrSiTVBfafYSl/pXl5L3gCn
lTDBSg26vPUJhU9BS+jaNswn42Nv7bpKX30Le4z363of9OXVt7pY9hzqVhdrhLhP
EQrII8N+c4LWr9kEv5ourn9y1wIDAQABo4IClTCCApEwHQYDVR0OBBYEFERyO8wM
HsRLf2b+IGef4mfIyzTZMB8GA1UdIwQYMBaAFOc6eUQERP40wxD3hIlMSrIerKoE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RjIwNy8xMkYyQ0MwQUMy
NjExMUVBOTg2RUVGNDFDNEY5QUUwMi81enA1UkFSRV9qVERFUGVFaVV4S3NoNnNx
Z1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzV6cDVSQVJFX2pUREVQZUVpVXhLc2g2c3FnUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUYyMDcvMTJGMkNDMEFDMjYxMTFFQTk4NkVFRjQxQzRGOUFFMDIvRDY2MUJGMTgy
MUUxMTFFQjg1RTlDODI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmSQwDQYJKoZIhvcNAQELBQADggEBAHxU7Cc+i1wYqA9R
Ft0HIspjXADY0jMw6ebPr+PUDoFzGH9MslFJr1BkUTOJFb5lES1YP7MHBFmWrO8/
OcHs79iFygy0nvtC70EyaiDCUoxbijomk/WfTt73RbFeVp6AULXy5OJnfdbKIEW3
/yN6+AIZXa2PfGjZXldSYtpmAUAwPji6J3fAAiND9p1LhakeIYBA9NwML49ZIrJy
dGNr8ERs4yJTON82M4yzQrOsHiWJSwgdF88kvHb2UG8t1lXvAoEM33qK5+Hmw7yP
O68LkQgEpscE1xUilUbhFytxOlPQQIamJt1tDfEwjO3h/fuDNze7TFCClvyEiQ2t
7PrrXhM=
-----END CERTIFICATE-----
Generated at Sat Dec 3 19:49:34 2022 by rpki-client.