Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/3C726724C06211EC93514712C4F9AE02.roa
File:                     3C726724C06211EC93514712C4F9AE02.roa (download)
Hash identifier:          MvY6/WmhA8m3M/O0Guk2xynVLSgBCrms22ubs91JkHQ=
Subject key identifier:   31:54:59:5D:24:EA:BB:4E:11:B7:D0:90:E6:05:CF:AD:EF:29:01:54
Certificate issuer:       /CN=A91C3B8A/serialNumber=4550C69051BAA18AF112DC76B5F5DF9E6B7940D5
Certificate serial:       0815
Authority key identifier: 45:50:C6:90:51:BA:A1:8A:F1:12:DC:76:B5:F5:DF:9E:6B:79:40:D5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RVDGkFG6oYrxEtx2tfXfnmt5QNU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/3C726724C06211EC93514712C4F9AE02.roa
ROA valid until:          May 01 00:00:00 2023 GMT
asID:                     397373
IP address blocks:
    1: 103.229.198.0/23 maxlen: 23

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2069 (0x815)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C3B8A/serialNumber=4550C69051BAA18AF112DC76B5F5DF9E6B7940D5
        Validity
            Not Before: Apr 20 04:27:50 2022 GMT
            Not After : May  1 00:00:00 2023 GMT
        Subject: CN=625f8bc5-844f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:92:77:b3:0b:87:18:7d:ac:70:f6:d7:ea:22:
                    a7:c3:37:7f:27:76:49:f7:de:56:07:48:fa:24:b3:
                    f3:40:2f:52:1a:41:66:73:ee:5e:03:61:76:f1:5d:
                    7b:06:b3:45:e9:68:6f:12:0c:c6:19:ea:fb:e2:cd:
                    67:aa:a9:dd:47:53:7b:5e:6f:65:56:c4:db:c1:5e:
                    64:3e:3b:55:49:24:16:b1:1c:48:28:3f:d7:8a:32:
                    36:ef:95:f9:bd:48:08:ef:05:9c:81:ce:97:65:f1:
                    0c:85:d0:0f:11:24:d6:40:18:a7:ec:c9:b6:de:a1:
                    0d:d2:b0:a4:1f:eb:c1:57:4a:d2:7d:ae:95:ef:b8:
                    f3:a0:80:aa:71:11:f1:51:ce:6c:2c:28:a4:cd:86:
                    7e:c6:fc:b1:5d:0a:ba:45:71:31:ea:33:16:62:d8:
                    1f:a5:17:b2:f2:b9:da:10:35:7d:43:a4:93:0a:1a:
                    e1:bd:88:cd:c7:5c:90:92:26:6a:ed:3b:34:e9:51:
                    c2:f0:01:87:fc:eb:c3:86:7c:84:dd:b3:4a:d0:51:
                    44:0f:d4:61:3a:5e:12:6b:8a:13:e2:cb:c1:5e:fe:
                    29:4d:9f:fa:e5:af:32:08:7d:1a:87:b8:ed:3a:e0:
                    dc:bd:b7:ce:c9:a6:42:db:8d:c6:13:9c:ab:14:c4:
                    ec:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                31:54:59:5D:24:EA:BB:4E:11:B7:D0:90:E6:05:CF:AD:EF:29:01:54
            X509v3 Authority Key Identifier: 
                keyid:45:50:C6:90:51:BA:A1:8A:F1:12:DC:76:B5:F5:DF:9E:6B:79:40:D5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/RVDGkFG6oYrxEtx2tfXfnmt5QNU.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RVDGkFG6oYrxEtx2tfXfnmt5QNU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/3C726724C06211EC93514712C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.229.198.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ae:05:70:69:de:99:46:9a:97:d0:80:5b:d2:e2:e7:e2:af:42:
         43:2a:1c:f9:4f:16:8d:ee:ce:81:d0:e8:7c:41:8f:cf:df:a5:
         e1:52:ad:d2:6a:5f:53:93:92:36:08:90:e2:79:7c:03:01:62:
         f7:2b:41:a5:0c:9c:8f:11:fe:ef:ec:24:78:62:2b:be:bd:4b:
         e9:70:45:98:e1:ae:2b:74:69:30:41:f9:60:87:f5:77:f5:96:
         bb:f9:94:49:9c:d4:7c:19:92:97:c9:df:a6:c6:25:a8:c7:b0:
         1e:96:f4:02:00:42:26:dd:58:05:22:83:01:d4:7a:e5:10:0c:
         5c:9c:00:84:91:d8:a1:b9:88:1a:fa:4b:14:29:ef:ab:14:3a:
         14:90:58:19:36:ba:90:b6:bf:ff:9c:95:5a:6f:f6:5d:9d:68:
         03:a7:2f:16:dc:bb:ec:4a:cb:11:d6:69:5f:fe:28:f0:78:e2:
         e6:a5:5f:9e:ef:10:76:0a:10:89:03:cc:f5:ac:af:0a:af:a4:
         8d:ab:39:7f:cc:9a:77:af:a7:e3:c1:6b:5b:62:26:9a:ef:41:
         b4:ac:f0:cf:c0:90:65:58:c5:10:bf:34:89:50:32:00:67:90:
         9c:ba:3a:ef:c0:44:02:61:97:c4:21:60:83:37:bc:5d:14:12:
         82:21:a5:2e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCBUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzNCOEExMTAvBgNVBAUTKDQ1NTBDNjkwNTFCQUExOEFGMTEyREM3NkI1RjVERjlF
NkI3OTQwRDUwHhcNMjIwNDIwMDQyNzUwWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjVmOGJjNS04NDRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn5J3swuHGH2scPbX6iKnwzd/J3ZJ995WB0j6JLPzQC9SGkFmc+5eA2F28V17
BrNF6WhvEgzGGer74s1nqqndR1N7Xm9lVsTbwV5kPjtVSSQWsRxIKD/XijI275X5
vUgI7wWcgc6XZfEMhdAPESTWQBin7Mm23qEN0rCkH+vBV0rSfa6V77jzoICqcRHx
Uc5sLCikzYZ+xvyxXQq6RXEx6jMWYtgfpRey8rnaEDV9Q6STChrhvYjNx1yQkiZq
7Ts06VHC8AGH/OvDhnyE3bNK0FFED9RhOl4Sa4oT4svBXv4pTZ/65a8yCH0ah7jt
OuDcvbfOyaZC243GE5yrFMTsowIDAQABo4IClTCCApEwHQYDVR0OBBYEFDFUWV0k
6rtOEbfQkOYFz63vKQFUMB8GA1UdIwQYMBaAFEVQxpBRuqGK8RLcdrX1355reUDV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDM0I4QS8wOEM0MzkyNDM4
NEQxMUVBQTRGNTVCNzNDNEY5QUUwMi9SVkRHa0ZHNm9ZcnhFdHgydGZYZm5tdDVR
TlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JWREdrRkc2b1lyeEV0eDJ0Zlhmbm10NVFOVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzNCOEEvMDhDNDM5MjQzODREMTFFQUE0RjU1QjczQzRGOUFFMDIvM0M3MjY3MjRD
MDYyMTFFQzkzNTE0NzEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn5cYwDQYJKoZIhvcNAQELBQADggEBAK4FcGnemUaal9CA
W9Li5+KvQkMqHPlPFo3uzoHQ6HxBj8/fpeFSrdJqX1OTkjYIkOJ5fAMBYvcrQaUM
nI8R/u/sJHhiK769S+lwRZjhrit0aTBB+WCH9Xf1lrv5lEmc1HwZkpfJ36bGJajH
sB6W9AIAQibdWAUigwHUeuUQDFycAISR2KG5iBr6SxQp76sUOhSQWBk2upC2v/+c
lVpv9l2daAOnLxbcu+xKyxHWaV/+KPB44ualX57vEHYKEIkDzPWsrwqvpI2rOX/M
mnevp+PBa1tiJprvQbSs8M/AkGVYxRC/NIlQMgBnkJy6Ou/ARAJhl8QhYIM3vF0U
EoIhpS4=
-----END CERTIFICATE-----
Generated at Wed Dec 7 17:59:37 2022 by rpki-client.