Route Origin Authorization

$ cd rpki.apnic.net/member_repository/A91BC6B4/726F51C263F211E9BB20DD45C4F9AE02/

$ rpki-client -vvf 5FB07B1421CF11EBA0C85857C4F9AE02.roa
File:                     5FB07B1421CF11EBA0C85857C4F9AE02.roa (download)
Hash identifier:          7hTKFdsdrSpkYwZlHXEpoZG1wF9J1xTg8Ubc+Wo9DfE=
Subject key identifier:   DC:40:B4:F1:37:0C:EC:54:5D:D3:83:AC:EC:31:96:C4:A5:4F:D4:FB
Certificate issuer:       /CN=A91BC6B4/serialNumber=6CA6B2AC1DD17B014DB6C767279D08C66E4EFC05
Certificate serial:       0DA9
Authority key identifier: 6C:A6:B2:AC:1D:D1:7B:01:4D:B6:C7:67:27:9D:08:C6:6E:4E:FC:05
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bKayrB3RewFNtsdnJ50Ixm5O_AU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BC6B4/726F51C263F211E9BB20DD45C4F9AE02/5FB07B1421CF11EBA0C85857C4F9AE02.roa
ROA valid until:          Dec 01 00:00:00 2023 GMT
asID:                     135386
IP address blocks:
    1: 103.99.40.0/23 maxlen: 24
    2: 103.132.234.0/23 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3497 (0xda9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BC6B4/serialNumber=6CA6B2AC1DD17B014DB6C767279D08C66E4EFC05
        Validity
            Not Before: Oct 28 18:45:28 2022 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=635c2347-7acc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:76:35:43:db:ed:fd:52:17:a7:68:55:fe:ca:
                    b8:87:33:3f:a5:52:76:ef:49:29:c1:97:fd:b0:a4:
                    01:d9:4f:18:ac:12:f4:47:7a:ba:3b:53:58:4e:34:
                    28:62:13:6a:cb:bd:60:ef:f2:16:8f:b6:c0:a8:5f:
                    70:ef:4d:4b:f5:bf:af:50:86:34:e0:e0:0d:d4:b2:
                    c8:d6:41:1b:7a:e4:5a:79:7b:b9:aa:3e:10:12:fc:
                    30:a6:5d:0d:29:82:24:cc:01:50:ed:fc:43:3f:e5:
                    68:f1:de:5f:3c:83:9c:6c:73:e3:b0:8b:f2:a0:1b:
                    5b:05:5c:53:73:15:25:9d:d7:66:c4:99:2b:9e:f8:
                    52:8c:bd:9b:00:79:8f:9a:e3:e7:c4:37:1e:ed:cc:
                    f2:df:49:65:0e:81:1b:b2:ac:74:03:68:cb:09:1a:
                    36:8a:67:45:84:9e:b0:cb:16:0a:78:f1:e0:fb:dd:
                    e8:49:5a:df:67:07:b3:74:8c:a2:cc:11:42:e3:07:
                    71:2c:bf:c3:c3:cb:f5:41:2a:95:f1:1f:c9:04:8a:
                    db:7f:c8:81:d0:cb:48:09:0c:9a:a2:d8:2f:b9:20:
                    50:57:45:b4:8d:d8:69:16:4a:8f:27:11:59:0f:c1:
                    1b:1c:bb:ef:38:72:21:c7:22:07:0e:55:ff:81:30:
                    72:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                DC:40:B4:F1:37:0C:EC:54:5D:D3:83:AC:EC:31:96:C4:A5:4F:D4:FB
            X509v3 Authority Key Identifier: 
                keyid:6C:A6:B2:AC:1D:D1:7B:01:4D:B6:C7:67:27:9D:08:C6:6E:4E:FC:05

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BC6B4/726F51C263F211E9BB20DD45C4F9AE02/bKayrB3RewFNtsdnJ50Ixm5O_AU.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bKayrB3RewFNtsdnJ50Ixm5O_AU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC6B4/726F51C263F211E9BB20DD45C4F9AE02/5FB07B1421CF11EBA0C85857C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.99.40.0/23
                  103.132.234.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8a:52:a0:21:91:5a:e2:70:29:09:d2:4f:b4:eb:7f:ef:37:f1:
         28:fa:20:fc:70:25:e0:fd:18:5d:6a:a9:bf:d4:fa:84:1c:fc:
         41:bc:94:e8:b6:72:2a:59:3d:de:a8:36:52:87:f5:2a:52:d3:
         b6:2b:85:ab:af:b5:b1:c0:15:e6:0a:3f:e9:f1:cc:75:20:3b:
         48:77:28:3b:88:5e:8c:81:9a:f6:6a:dc:87:73:6d:88:e2:1f:
         da:68:2e:72:89:f6:ae:36:d7:5b:cf:7b:a6:98:98:4f:4f:6c:
         2a:cb:82:85:fc:be:91:f4:94:5f:90:67:00:82:f6:82:97:86:
         5f:60:4e:cb:63:28:76:9b:e6:20:a3:96:c0:c5:c7:5a:f9:75:
         96:d2:54:b0:7e:8b:90:27:df:fe:82:57:98:03:a1:08:f0:02:
         85:18:16:4d:6e:ed:cf:72:ee:94:49:85:ae:8d:b9:f4:13:c0:
         85:e5:08:38:b2:f8:65:cb:7b:7c:2a:e9:b3:a7:77:16:39:93:
         46:83:52:72:d1:3a:2e:29:b7:c5:02:05:e8:2b:33:14:93:0b:
         90:bf:f1:da:cc:fe:f8:39:cb:c4:97:bb:ed:62:9d:a5:c0:74:
         4f:d5:5f:36:89:55:7e:b0:4f:cb:99:4c:1e:27:88:60:c7:86:
         eb:26:43:0b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDakwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkM2QjQxMTAvBgNVBAUTKDZDQTZCMkFDMUREMTdCMDE0REI2Qzc2NzI3OUQwOEM2
NkU0RUZDMDUwHhcNMjIxMDI4MTg0NTI4WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzVjMjM0Ny03YWNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvnY1Q9vt/VIXp2hV/sq4hzM/pVJ270kpwZf9sKQB2U8YrBL0R3q6O1NYTjQo
YhNqy71g7/IWj7bAqF9w701L9b+vUIY04OAN1LLI1kEbeuRaeXu5qj4QEvwwpl0N
KYIkzAFQ7fxDP+Vo8d5fPIOcbHPjsIvyoBtbBVxTcxUlnddmxJkrnvhSjL2bAHmP
muPnxDce7czy30llDoEbsqx0A2jLCRo2imdFhJ6wyxYKePHg+93oSVrfZwezdIyi
zBFC4wdxLL/Dw8v1QSqV8R/JBIrbf8iB0MtICQyaotgvuSBQV0W0jdhpFkqPJxFZ
D8EbHLvvOHIhxyIHDlX/gTBycwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNxAtPE3
DOxUXdODrOwxlsSlT9T7MB8GA1UdIwQYMBaAFGymsqwd0XsBTbbHZyedCMZuTvwF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzZCNC83MjZGNTFDMjYz
RjIxMUU5QkIyMERENDVDNEY5QUUwMi9iS2F5ckIzUmV3Rk50c2RuSjUwSXhtNU9f
QVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JLYXlyQjNSZXdGTnRzZG5KNTBJeG01T19BVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkM2QjQvNzI2RjUxQzI2M0YyMTFFOUJCMjBERDQ1QzRGOUFFMDIvNUZCMDdCMTQy
MUNGMTFFQkEwQzg1ODU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnYygDBAFnhOowDQYJKoZIhvcNAQELBQADggEBAIpSoCGR
WuJwKQnST7Trf+838Sj6IPxwJeD9GF1qqb/U+oQc/EG8lOi2cipZPd6oNlKH9SpS
07YrhauvtbHAFeYKP+nxzHUgO0h3KDuIXoyBmvZq3IdzbYjiH9poLnKJ9q4211vP
e6aYmE9PbCrLgoX8vpH0lF+QZwCC9oKXhl9gTstjKHab5iCjlsDFx1r5dZbSVLB+
i5An3/6CV5gDoQjwAoUYFk1u7c9y7pRJha6NufQTwIXlCDiy+GXLe3wq6bOndxY5
k0aDUnLROi4pt8UCBegrMxSTC5C/8drM/vg5y8SXu+1inaXAdE/VXzaJVX6wT8uZ
TB4niGDHhusmQws=
-----END CERTIFICATE-----
Generated at Sat Dec 3 17:58:16 2022 by rpki-client.