Route Origin Authorization

$ cd rpki.apnic.net/member_repository/A91BB94D/2C7162CC232811EB9FF6E91AC4F9AE02/

$ rpki-client -vvf 8126464A232B11EBB2348B23C4F9AE02.roa
File:                     8126464A232B11EBB2348B23C4F9AE02.roa (download)
Hash identifier:          M9dn0yVQXQ5aJhfXmSnEHRVHygunSex/d5bOR5quiKE=
Subject key identifier:   50:9B:26:3B:75:7D:0D:16:05:F9:7D:40:EB:F0:EB:24:23:01:D8:CA
Certificate issuer:       /CN=A91BB94D/serialNumber=747C86C3CC14A77973805315408CDCA10A2147B2
Certificate serial:       0562
Authority key identifier: 74:7C:86:C3:CC:14:A7:79:73:80:53:15:40:8C:DC:A1:0A:21:47:B2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dHyGw8wUp3lzgFMVQIzcoQohR7I.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BB94D/2C7162CC232811EB9FF6E91AC4F9AE02/8126464A232B11EBB2348B23C4F9AE02.roa
ROA valid until:          Oct 31 00:00:00 2023 GMT
asID:                     135386
IP address blocks:
    1: 103.153.100.0/23 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1378 (0x562)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BB94D/serialNumber=747C86C3CC14A77973805315408CDCA10A2147B2
        Validity
            Not Before: Sep 26 00:00:15 2022 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=6330eb8f-7992
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:9f:72:8f:98:84:8e:eb:9d:fe:65:ea:c1:61:
                    66:39:a8:b1:c8:8d:d1:77:30:46:78:26:4a:92:39:
                    50:64:d3:78:b7:09:d2:50:de:2f:a6:e1:be:b3:f3:
                    82:ba:09:a7:b2:85:d5:f0:6e:60:f3:85:44:7f:76:
                    99:7c:c1:e1:cb:16:51:81:c8:c8:74:7a:24:8c:64:
                    7a:c9:f8:c6:84:5a:fa:27:d2:a5:22:5f:80:61:23:
                    17:4c:0e:6c:32:09:eb:91:da:b6:35:37:5e:a9:3d:
                    5a:b9:8e:a8:fa:79:40:06:2e:71:e4:c8:a8:64:59:
                    bb:02:9a:ca:93:e3:f0:9f:6d:37:4a:1e:78:2c:e2:
                    34:9c:9e:16:73:e2:ce:0d:29:45:9e:6e:44:58:c0:
                    b7:fa:f6:2e:3b:d6:41:54:36:77:6c:d2:ce:fb:68:
                    b3:37:0c:31:56:ba:0f:61:1f:e0:14:92:fd:a7:a0:
                    45:0a:8b:88:1e:ce:c6:24:98:b6:73:fb:ea:3e:59:
                    52:4e:d6:58:87:5e:f8:17:91:54:63:73:1a:9a:1a:
                    8a:3b:ab:60:70:c2:d0:de:88:a2:f4:35:f3:56:bf:
                    d8:3b:74:ed:32:10:f1:54:73:61:aa:91:11:ab:85:
                    70:90:95:41:8b:cc:ec:03:bd:3f:69:a3:29:b5:97:
                    52:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                50:9B:26:3B:75:7D:0D:16:05:F9:7D:40:EB:F0:EB:24:23:01:D8:CA
            X509v3 Authority Key Identifier: 
                keyid:74:7C:86:C3:CC:14:A7:79:73:80:53:15:40:8C:DC:A1:0A:21:47:B2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BB94D/2C7162CC232811EB9FF6E91AC4F9AE02/dHyGw8wUp3lzgFMVQIzcoQohR7I.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dHyGw8wUp3lzgFMVQIzcoQohR7I.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB94D/2C7162CC232811EB9FF6E91AC4F9AE02/8126464A232B11EBB2348B23C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.153.100.0/23

    Signature Algorithm: sha256WithRSAEncryption
         bf:c0:9c:c9:ef:48:38:1c:35:88:dd:2d:c3:bd:ff:77:67:af:
         d7:32:8a:32:f1:fe:e9:13:a8:3a:db:71:96:6a:3f:5b:c7:19:
         3c:a7:cc:19:4c:d5:9d:4c:dc:f1:f0:e7:d9:59:7b:b3:91:99:
         23:02:f5:e0:31:ea:98:7a:bc:e5:db:9f:ae:af:27:a6:84:c0:
         59:1f:56:50:dc:a1:1d:2b:83:09:07:e7:e7:36:5d:bb:d2:40:
         92:ad:65:66:2d:d4:2f:02:61:68:fb:4b:74:fd:67:02:9e:92:
         2c:33:d7:fd:55:d5:9b:04:7a:6c:9d:25:ca:71:b9:eb:b8:28:
         c2:1b:9b:36:dc:d0:13:76:cd:9f:3e:7d:53:09:79:8a:78:db:
         29:cb:3a:40:aa:e0:9e:ba:61:47:15:33:0a:e3:f0:2f:f8:71:
         0d:49:34:a2:ab:4e:b6:8d:85:54:9e:c1:07:15:40:05:45:79:
         5a:10:8d:82:20:5b:bc:ee:e1:3f:ed:71:99:2f:18:15:da:b0:
         45:9e:63:42:b8:65:04:c1:b5:a1:09:0c:96:04:9b:61:a9:11:
         a7:ac:32:02:91:52:f7:65:ea:ce:f2:e8:bf:21:50:16:4f:1e:
         23:c8:7c:0d:64:3e:84:18:bb:d1:b5:a9:f6:4a:4d:1b:84:2f:
         05:0a:dd:5e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBWIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkI5NEQxMTAvBgNVBAUTKDc0N0M4NkMzQ0MxNEE3Nzk3MzgwNTMxNTQwOENEQ0Ex
MEEyMTQ3QjIwHhcNMjIwOTI2MDAwMDE1WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzMwZWI4Zi03OTkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6p9yj5iEjuud/mXqwWFmOaixyI3RdzBGeCZKkjlQZNN4twnSUN4vpuG+s/OC
ugmnsoXV8G5g84VEf3aZfMHhyxZRgcjIdHokjGR6yfjGhFr6J9KlIl+AYSMXTA5s
Mgnrkdq2NTdeqT1auY6o+nlABi5x5MioZFm7AprKk+Pwn203Sh54LOI0nJ4Wc+LO
DSlFnm5EWMC3+vYuO9ZBVDZ3bNLO+2izNwwxVroPYR/gFJL9p6BFCouIHs7GJJi2
c/vqPllSTtZYh174F5FUY3MamhqKO6tgcMLQ3oii9DXzVr/YO3TtMhDxVHNhqpER
q4VwkJVBi8zsA70/aaMptZdSBwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFCbJjt1
fQ0WBfl9QOvw6yQjAdjKMB8GA1UdIwQYMBaAFHR8hsPMFKd5c4BTFUCM3KEKIUey
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjk0RC8yQzcxNjJDQzIz
MjgxMUVCOUZGNkU5MUFDNEY5QUUwMi9kSHlHdzh3VXAzbHpnRk1WUUl6Y29Rb2hS
N0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RIeUd3OHdVcDNsemdGTVZRSXpjb1FvaFI3SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkI5NEQvMkM3MTYyQ0MyMzI4MTFFQjlGRjZFOTFBQzRGOUFFMDIvODEyNjQ2NEEy
MzJCMTFFQkIyMzQ4QjIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmWQwDQYJKoZIhvcNAQELBQADggEBAL/AnMnvSDgcNYjd
LcO9/3dnr9cyijLx/ukTqDrbcZZqP1vHGTynzBlM1Z1M3PHw59lZe7ORmSMC9eAx
6ph6vOXbn66vJ6aEwFkfVlDcoR0rgwkH5+c2XbvSQJKtZWYt1C8CYWj7S3T9ZwKe
kiwz1/1V1ZsEemydJcpxueu4KMIbmzbc0BN2zZ8+fVMJeYp42ynLOkCq4J66YUcV
Mwrj8C/4cQ1JNKKrTraNhVSewQcVQAVFeVoQjYIgW7zu4T/tcZkvGBXasEWeY0K4
ZQTBtaEJDJYEm2GpEaesMgKRUvdl6s7y6L8hUBZPHiPIfA1kPoQYu9G1qfZKTRuE
LwUK3V4=
-----END CERTIFICATE-----
Generated at Sat Dec 3 17:58:14 2022 by rpki-client.