Route Origin Authorization

$ cd rpki.apnic.net/member_repository/A91ABFD9/4AE8041EB9D711EA9CF51E5FC4F9AE02/

$ rpki-client -vvf 6AE50E1C21E011EBBF36CD21C4F9AE02.roa
File:                     6AE50E1C21E011EBBF36CD21C4F9AE02.roa (download)
Hash identifier:          uwxFXhKL8uk/YUETm9o+PaHc8T/jS2XNy0HkAHd3Mr8=
Subject key identifier:   34:1F:83:E5:E4:42:53:C4:62:09:15:6A:92:32:05:12:E7:04:06:03
Certificate issuer:       /CN=A91ABFD9/serialNumber=E5EB180CD6DC516C66D352B047B9E9C5A50270E3
Certificate serial:       0672
Authority key identifier: E5:EB:18:0C:D6:DC:51:6C:66:D3:52:B0:47:B9:E9:C5:A5:02:70:E3
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5esYDNbcUWxm01KwR7npxaUCcOM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91ABFD9/4AE8041EB9D711EA9CF51E5FC4F9AE02/6AE50E1C21E011EBBF36CD21C4F9AE02.roa
ROA valid until:          Sep 30 00:00:00 2023 GMT
asID:                     135386
IP address blocks:
    1: 103.152.170.0/23 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1650 (0x672)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91ABFD9/serialNumber=E5EB180CD6DC516C66D352B047B9E9C5A50270E3
        Validity
            Not Before: Aug 25 10:39:46 2022 GMT
            Not After : Sep 30 00:00:00 2023 GMT
        Subject: CN=63075172-6c2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:06:03:01:08:13:b1:9e:b4:f2:3f:87:72:41:
                    88:64:e0:9c:3a:14:70:46:b8:1d:be:65:7c:d4:74:
                    64:7d:f3:be:c4:06:32:f9:30:2e:f9:86:d8:01:ef:
                    52:0d:97:7e:47:3f:99:81:6b:4e:53:50:e8:d9:dd:
                    2e:1a:d0:ef:ba:ef:f7:f4:59:9a:56:a0:e1:81:d0:
                    1a:ea:38:0c:d5:92:79:c1:74:51:78:a7:92:a1:a3:
                    a0:2a:ee:4b:33:e5:17:5b:23:fe:70:86:c1:93:af:
                    8f:a0:3c:98:61:66:d8:50:80:be:28:0a:af:28:9f:
                    27:73:b0:dc:b3:b7:e0:06:ea:56:7c:ba:5a:8c:6c:
                    ef:55:60:b9:b4:0d:bf:8d:82:c5:6f:d0:a3:d1:83:
                    df:dc:db:7d:df:6e:1e:a7:cd:3a:3a:21:0b:55:9f:
                    92:12:a1:1f:cf:90:e4:a9:c4:d9:ed:02:d8:d6:4e:
                    3d:dd:fb:a6:8a:ef:de:98:89:75:92:6a:8d:39:aa:
                    72:66:3d:63:9a:46:c6:c2:dc:5f:46:25:05:07:bf:
                    2f:fe:1a:3a:31:6c:46:0e:26:a4:4a:35:20:a3:94:
                    3f:64:17:48:11:c0:23:69:87:10:5b:09:f1:d9:9b:
                    b1:34:08:d4:a3:63:f6:3f:83:b2:df:f1:ac:71:4d:
                    5f:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                34:1F:83:E5:E4:42:53:C4:62:09:15:6A:92:32:05:12:E7:04:06:03
            X509v3 Authority Key Identifier: 
                keyid:E5:EB:18:0C:D6:DC:51:6C:66:D3:52:B0:47:B9:E9:C5:A5:02:70:E3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91ABFD9/4AE8041EB9D711EA9CF51E5FC4F9AE02/5esYDNbcUWxm01KwR7npxaUCcOM.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5esYDNbcUWxm01KwR7npxaUCcOM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ABFD9/4AE8041EB9D711EA9CF51E5FC4F9AE02/6AE50E1C21E011EBBF36CD21C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.152.170.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7d:2c:ac:71:e0:bd:00:18:f7:79:59:f2:38:27:ee:f3:06:f0:
         cf:cb:3a:12:a0:20:aa:39:24:0c:fe:b5:18:2d:79:82:58:53:
         f7:4a:cd:b0:c5:91:66:9c:c5:f3:56:34:64:62:3f:59:5e:03:
         af:84:e7:21:04:a2:42:8f:af:9f:15:87:f1:06:fa:a2:02:90:
         50:a6:0b:3c:bc:39:74:09:62:c8:dd:23:28:a2:12:c4:af:35:
         96:c3:ff:5d:dc:38:22:b3:3f:7a:f3:27:5f:0d:58:b0:95:d4:
         38:d9:67:0c:17:6b:dc:a3:ad:c9:a7:ce:ed:0a:27:0c:33:93:
         ef:f5:f2:bf:05:f5:e7:4f:8e:d8:58:c9:93:8d:0a:ec:77:64:
         85:ad:c2:ae:9e:37:5a:bd:85:c2:38:ae:c0:06:3b:a7:60:96:
         58:12:54:6b:2e:87:94:7f:94:fb:ab:34:36:99:49:78:7a:b5:
         fb:55:a2:04:80:82:b1:41:da:af:e1:b4:87:08:3d:5d:d9:e9:
         0a:bc:4d:85:75:2d:e3:78:c3:0a:04:40:ab:ca:3f:4c:e6:b9:
         df:f0:7a:0c:c8:5a:d4:72:63:99:af:1a:6e:2e:68:82:e7:e4:
         ec:03:18:ca:a6:10:a1:9e:3c:34:f1:92:9f:9a:0e:09:96:ce:
         e3:63:86:c3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBnIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUJGRDkxMTAvBgNVBAUTKEU1RUIxODBDRDZEQzUxNkM2NkQzNTJCMDQ3QjlFOUM1
QTUwMjcwRTMwHhcNMjIwODI1MTAzOTQ2WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA3NTE3Mi02YzJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6QYDAQgTsZ608j+HckGIZOCcOhRwRrgdvmV81HRkffO+xAYy+TAu+YbYAe9S
DZd+Rz+ZgWtOU1Do2d0uGtDvuu/39FmaVqDhgdAa6jgM1ZJ5wXRReKeSoaOgKu5L
M+UXWyP+cIbBk6+PoDyYYWbYUIC+KAqvKJ8nc7Dcs7fgBupWfLpajGzvVWC5tA2/
jYLFb9Cj0YPf3Nt9324ep806OiELVZ+SEqEfz5DkqcTZ7QLY1k493fumiu/emIl1
kmqNOapyZj1jmkbGwtxfRiUFB78v/ho6MWxGDiakSjUgo5Q/ZBdIEcAjaYcQWwnx
2ZuxNAjUo2P2P4Oy3/GscU1foQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDQfg+Xk
QlPEYgkVapIyBRLnBAYDMB8GA1UdIwQYMBaAFOXrGAzW3FFsZtNSsEe56cWlAnDj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQkZEOS80QUU4MDQxRUI5
RDcxMUVBOUNGNTFFNUZDNEY5QUUwMi81ZXNZRE5iY1VXeG0wMUt3UjducHhhVUNj
T00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVlc1lETmJjVVd4bTAxS3dSN25weGFVQ2NPTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUJGRDkvNEFFODA0MUVCOUQ3MTFFQTlDRjUxRTVGQzRGOUFFMDIvNkFFNTBFMUMy
MUUwMTFFQkJGMzZDRDIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmKowDQYJKoZIhvcNAQELBQADggEBAH0srHHgvQAY93lZ
8jgn7vMG8M/LOhKgIKo5JAz+tRgteYJYU/dKzbDFkWacxfNWNGRiP1leA6+E5yEE
okKPr58Vh/EG+qICkFCmCzy8OXQJYsjdIyiiEsSvNZbD/13cOCKzP3rzJ18NWLCV
1DjZZwwXa9yjrcmnzu0KJwwzk+/18r8F9edPjthYyZONCux3ZIWtwq6eN1q9hcI4
rsAGO6dgllgSVGsuh5R/lPurNDaZSXh6tftVogSAgrFB2q/htIcIPV3Z6Qq8TYV1
LeN4wwoEQKvKP0zmud/wegzIWtRyY5mvGm4uaILn5OwDGMqmEKGePDTxkp+aDgmW
zuNjhsM=
-----END CERTIFICATE-----
Generated at Sat Dec 3 19:49:36 2022 by rpki-client.