Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A279C/1CEB7718335111E7BF4B9586C4F9AE02/9DD35B9AF1D011E88D564045C4F9AE02.roa
File:                     9DD35B9AF1D011E88D564045C4F9AE02.roa (download)
Hash identifier:          gTWTgQI2GD7ALOIVmmb4qCwhDF3LTK9hgsUPjZTjuL0=
Subject key identifier:   EE:05:13:EF:24:92:8B:4E:14:4E:14:AB:F3:F7:46:75:DB:DA:EA:06
Certificate issuer:       /CN=A91A279C/serialNumber=0BA34E6430B10E6A7F2D29964425D1F714AF865C
Certificate serial:       1777
Authority key identifier: 0B:A3:4E:64:30:B1:0E:6A:7F:2D:29:96:44:25:D1:F7:14:AF:86:5C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C6NOZDCxDmp_LSmWRCXR9xSvhlw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A279C/1CEB7718335111E7BF4B9586C4F9AE02/9DD35B9AF1D011E88D564045C4F9AE02.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 103.87.91.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6007 (0x1777)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A279C/serialNumber=0BA34E6430B10E6A7F2D29964425D1F714AF865C
        Validity
            Not Before: Apr 26 05:23:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=626781d8-23ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:5a:8a:82:00:87:19:0c:1c:e0:91:07:cb:ca:
                    94:a1:66:c9:8a:e7:1e:22:65:08:43:ea:7f:d1:99:
                    08:ea:11:00:a3:6b:01:1b:69:dd:1a:a5:8e:bd:0d:
                    93:cc:fe:da:0f:85:7f:31:44:c8:f1:83:b5:09:bb:
                    55:22:17:a8:c8:6f:fa:4f:c5:c5:cc:45:57:3a:7e:
                    17:c0:43:f2:0a:71:83:27:5a:04:d9:4b:20:31:48:
                    1c:bf:bf:16:7a:ca:d0:6f:9f:a5:ca:a3:47:b3:03:
                    1f:df:8f:6a:74:a0:8b:74:d7:6e:24:6d:e4:5e:bf:
                    d0:96:fe:45:9d:05:02:5b:01:13:ba:7d:5f:15:1b:
                    97:3b:30:4f:22:42:47:4b:f7:fc:18:a9:e5:7a:f3:
                    e2:16:42:11:cc:0c:35:21:9e:e5:8d:06:0d:15:3d:
                    e3:b7:3c:eb:46:61:07:6b:f3:b0:63:23:14:14:01:
                    49:b9:eb:e5:d8:81:c0:2a:b9:63:3b:c5:35:03:0c:
                    bd:da:31:48:4d:fd:5b:f5:60:fd:4c:89:e0:0f:38:
                    82:5d:3a:64:bf:1a:d6:a5:9c:69:95:75:8a:e5:a7:
                    59:1a:6c:84:88:2e:60:4c:9d:e6:56:68:71:ab:80:
                    c9:85:a0:58:53:83:c3:05:3b:0d:82:05:be:59:b6:
                    60:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                EE:05:13:EF:24:92:8B:4E:14:4E:14:AB:F3:F7:46:75:DB:DA:EA:06
            X509v3 Authority Key Identifier: 
                keyid:0B:A3:4E:64:30:B1:0E:6A:7F:2D:29:96:44:25:D1:F7:14:AF:86:5C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A279C/1CEB7718335111E7BF4B9586C4F9AE02/C6NOZDCxDmp_LSmWRCXR9xSvhlw.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C6NOZDCxDmp_LSmWRCXR9xSvhlw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A279C/1CEB7718335111E7BF4B9586C4F9AE02/9DD35B9AF1D011E88D564045C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.87.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:5e:3d:34:3f:24:74:67:6e:3d:ed:d3:1c:d3:52:d0:3b:8a:
         e3:eb:10:f1:04:ad:9e:06:32:32:32:e1:a1:25:3e:18:0b:a7:
         6e:26:5d:39:f1:5b:3e:66:ac:cc:da:17:76:71:68:46:1c:d9:
         dc:32:5d:f7:c3:23:a6:80:3d:6a:5e:12:18:f3:d2:55:77:dd:
         93:78:68:a7:ac:e1:a0:4a:66:ad:77:da:2d:20:9f:26:c7:e3:
         fa:9d:c0:27:b0:9b:6e:1d:f1:2a:66:9d:1e:bf:08:88:d1:33:
         42:00:fd:e1:8e:64:f0:55:24:85:f6:5b:e5:55:db:d0:b6:ea:
         5d:e4:54:36:d6:cc:f4:62:90:cd:18:ff:35:5d:1a:7f:81:4a:
         91:38:13:6d:0a:00:b4:3c:05:a0:e6:55:c5:5f:d7:2a:a5:df:
         99:0b:17:50:df:b3:9b:ab:76:fa:40:e6:38:aa:16:6d:e0:ca:
         56:01:6f:7f:bd:fb:6c:8a:50:c5:b8:90:fe:af:0e:48:ef:86:
         38:e1:9f:26:b1:59:73:fc:0c:2b:40:8d:51:77:fd:e5:8a:a1:
         7c:c1:8c:e9:8d:ee:ac:80:2c:28:fa:a2:f1:f9:da:05:bc:53:
         bd:ee:73:a8:e4:79:26:44:13:50:5e:d3:9e:6b:0b:0d:2f:31:
         bc:23:9a:2f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICF3cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTI3OUMxMTAvBgNVBAUTKDBCQTM0RTY0MzBCMTBFNkE3RjJEMjk5NjQ0MjVEMUY3
MTRBRjg2NUMwHhcNMjIwNDI2MDUyMzM2WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjY3ODFkOC0yM2NhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvFqKggCHGQwc4JEHy8qUoWbJiuceImUIQ+p/0ZkI6hEAo2sBG2ndGqWOvQ2T
zP7aD4V/MUTI8YO1CbtVIheoyG/6T8XFzEVXOn4XwEPyCnGDJ1oE2UsgMUgcv78W
esrQb5+lyqNHswMf349qdKCLdNduJG3kXr/Qlv5FnQUCWwETun1fFRuXOzBPIkJH
S/f8GKnlevPiFkIRzAw1IZ7ljQYNFT3jtzzrRmEHa/OwYyMUFAFJuevl2IHAKrlj
O8U1Awy92jFITf1b9WD9TIngDziCXTpkvxrWpZxplXWK5adZGmyEiC5gTJ3mVmhx
q4DJhaBYU4PDBTsNggW+WbZgtwIDAQABo4IClTCCApEwHQYDVR0OBBYEFO4FE+8k
kotOFE4Uq/P3RnXb2uoGMB8GA1UdIwQYMBaAFAujTmQwsQ5qfy0plkQl0fcUr4Zc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMjc5Qy8xQ0VCNzcxODMz
NTExMUU3QkY0Qjk1ODZDNEY5QUUwMi9DNk5PWkRDeERtcF9MU21XUkNYUjl4U3Zo
bHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0M2Tk9aREN4RG1wX0xTbVdSQ1hSOXhTdmhsdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTI3OUMvMUNFQjc3MTgzMzUxMTFFN0JGNEI5NTg2QzRGOUFFMDIvOUREMzVCOUFG
MUQwMTFFODhENTY0MDQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnV1swDQYJKoZIhvcNAQELBQADggEBADJePTQ/JHRnbj3t
0xzTUtA7iuPrEPEErZ4GMjIy4aElPhgLp24mXTnxWz5mrMzaF3ZxaEYc2dwyXffD
I6aAPWpeEhjz0lV33ZN4aKes4aBKZq132i0gnybH4/qdwCewm24d8SpmnR6/CIjR
M0IA/eGOZPBVJIX2W+VV29C26l3kVDbWzPRikM0Y/zVdGn+BSpE4E20KALQ8BaDm
VcVf1yql35kLF1Dfs5urdvpA5jiqFm3gylYBb3+9+2yKUMW4kP6vDkjvhjjhnyax
WXP8DCtAjVF3/eWKoXzBjOmN7qyALCj6ovH52gW8U73uc6jkeSZEE1Be055rCw0v
Mbwjmi8=
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:50:55 2022 by rpki-client.