Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4D7C/4CF65A86DE3C11EC954ECA59C4F9AE02/38D281C4EE3B11EC8EE6DA63C4F9AE02.roa
File:                     38D281C4EE3B11EC8EE6DA63C4F9AE02.roa (download)
Hash identifier:          /SlcS9vJo+fOk08Yi1RVst9N9NtfSELVHlTklvYnqDM=
Subject key identifier:   BD:C4:79:2F:C0:4E:93:AF:85:B9:10:6A:2B:57:C0:2C:CD:F7:52:95
Certificate issuer:       /CN=A91C4D7C/serialNumber=CA960B652B78670AFA3E0927C2849989F9F954CE
Certificate serial:       C5
Authority key identifier: CA:96:0B:65:2B:78:67:0A:FA:3E:09:27:C2:84:99:89:F9:F9:54:CE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypYLZSt4Zwr6PgknwoSZifn5VM4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C4D7C/4CF65A86DE3C11EC954ECA59C4F9AE02/38D281C4EE3B11EC8EE6DA63C4F9AE02.roa
ROA valid until:          Oct 31 00:00:00 2023 GMT
asID:                     399686
IP address blocks:
    1: 103.171.26.0/23 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 197 (0xc5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C4D7C/serialNumber=CA960B652B78670AFA3E0927C2849989F9F954CE
        Validity
            Not Before: Aug 29 05:24:17 2022 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=630c4d81-1fb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:17:90:52:b7:29:00:ae:ea:2f:45:b1:d2:6b:
                    5a:27:34:41:21:e6:e9:f3:80:85:b2:e8:15:c5:5f:
                    3e:1e:4f:05:46:30:68:5b:af:f6:9f:39:07:73:c9:
                    7d:24:2a:dc:57:57:fc:4e:a1:7e:ab:c1:9d:22:5f:
                    73:b7:b3:7d:87:af:cf:0f:1c:fd:36:63:8a:7d:61:
                    79:f5:6d:f5:ed:ef:fd:f4:90:42:de:f9:14:65:bf:
                    ed:f6:d1:1a:54:7c:e5:b4:e3:fb:43:69:9c:ee:74:
                    f6:b8:ef:c2:bd:88:02:5e:c6:6f:91:f5:11:5b:70:
                    c1:79:91:36:85:fa:dd:89:e2:45:7c:bc:3f:da:b8:
                    5a:32:19:6b:28:1f:54:4b:63:d8:b3:fc:83:17:c9:
                    d1:99:28:94:7a:a0:ac:f2:a2:89:3a:b7:0f:9e:d7:
                    55:ba:49:a3:8c:c6:0b:a0:39:80:4e:2f:07:ea:d2:
                    39:af:94:8c:35:87:0f:80:77:a9:1f:d3:1c:22:19:
                    08:04:6d:7d:04:ff:98:4e:13:79:7c:2c:ff:28:3d:
                    8a:8e:5f:20:bb:c2:10:e5:c8:96:37:2b:c1:dd:33:
                    55:2b:6a:38:cc:83:98:91:d9:c6:61:a9:c9:60:3d:
                    89:ea:80:10:1e:4f:84:b0:51:08:34:d5:d4:c8:42:
                    16:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                BD:C4:79:2F:C0:4E:93:AF:85:B9:10:6A:2B:57:C0:2C:CD:F7:52:95
            X509v3 Authority Key Identifier: 
                keyid:CA:96:0B:65:2B:78:67:0A:FA:3E:09:27:C2:84:99:89:F9:F9:54:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C4D7C/4CF65A86DE3C11EC954ECA59C4F9AE02/ypYLZSt4Zwr6PgknwoSZifn5VM4.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypYLZSt4Zwr6PgknwoSZifn5VM4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4D7C/4CF65A86DE3C11EC954ECA59C4F9AE02/38D281C4EE3B11EC8EE6DA63C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.171.26.0/23

    Signature Algorithm: sha256WithRSAEncryption
         04:0c:a9:73:a6:8a:d1:44:86:21:04:43:86:9f:d6:b8:6e:b8:
         35:52:e3:86:67:cc:c7:d8:74:1e:39:c6:ea:60:16:08:30:d2:
         cd:1c:c9:fd:ad:c8:05:aa:83:64:40:6d:46:74:39:8d:58:d7:
         0a:51:d4:2d:2b:8e:db:99:02:f2:e7:0a:6e:a4:70:2d:fc:8e:
         46:b9:d0:83:30:2b:13:44:57:0e:24:7c:59:07:3e:48:a7:80:
         3e:dd:18:bf:b5:75:db:2c:af:6c:7a:5d:ab:7b:e3:bf:12:6f:
         d7:d7:31:37:a1:ab:3e:aa:a9:53:b6:6d:04:b2:74:70:5e:22:
         1a:b6:e4:37:6a:98:ae:da:82:6a:60:62:e8:44:c6:16:69:cf:
         db:b6:9e:70:03:48:23:50:76:46:a7:40:ed:b0:16:33:99:10:
         d5:66:ba:d9:6b:93:91:1c:93:d9:27:7b:17:af:ab:0e:b6:ad:
         3f:b6:a7:5b:02:b3:df:e2:51:10:eb:43:1e:85:12:5e:ae:5d:
         c7:22:c3:99:8d:48:62:bf:68:cf:27:2c:f7:a1:32:ec:38:38:
         44:f8:6b:6f:d9:d0:5f:02:41:c0:71:1d:5c:bc:bd:00:fa:c1:
         a6:7a:8b:ff:c5:eb:1a:0f:e8:05:40:86:2d:4e:7c:a8:83:c0:
         b1:10:c7:06
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzREN0MxMTAvBgNVBAUTKENBOTYwQjY1MkI3ODY3MEFGQTNFMDkyN0MyODQ5OTg5
RjlGOTU0Q0UwHhcNMjIwODI5MDUyNDE3WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzBjNGQ4MS0xZmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6ReQUrcpAK7qL0Wx0mtaJzRBIebp84CFsugVxV8+Hk8FRjBoW6/2nzkHc8l9
JCrcV1f8TqF+q8GdIl9zt7N9h6/PDxz9NmOKfWF59W317e/99JBC3vkUZb/t9tEa
VHzltOP7Q2mc7nT2uO/CvYgCXsZvkfURW3DBeZE2hfrdieJFfLw/2rhaMhlrKB9U
S2PYs/yDF8nRmSiUeqCs8qKJOrcPntdVukmjjMYLoDmATi8H6tI5r5SMNYcPgHep
H9McIhkIBG19BP+YThN5fCz/KD2Kjl8gu8IQ5ciWNyvB3TNVK2o4zIOYkdnGYanJ
YD2J6oAQHk+EsFEINNXUyEIW/wIDAQABo4IClTCCApEwHQYDVR0OBBYEFL3EeS/A
TpOvhbkQaitXwCzN91KVMB8GA1UdIwQYMBaAFMqWC2UreGcK+j4JJ8KEmYn5+VTO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNEQ3Qy80Q0Y2NUE4NkRF
M0MxMUVDOTU0RUNBNTlDNEY5QUUwMi95cFlMWlN0NFp3cjZQZ2tud29TWmlmbjVW
TTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lwWUxaU3Q0WndyNlBna253b1NaaWZuNVZNNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzREN0MvNENGNjVBODZERTNDMTFFQzk1NEVDQTU5QzRGOUFFMDIvMzhEMjgxQzRF
RTNCMTFFQzhFRTZEQTYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnqxowDQYJKoZIhvcNAQELBQADggEBAAQMqXOmitFEhiEE
Q4af1rhuuDVS44ZnzMfYdB45xupgFggw0s0cyf2tyAWqg2RAbUZ0OY1Y1wpR1C0r
jtuZAvLnCm6kcC38jka50IMwKxNEVw4kfFkHPkingD7dGL+1ddssr2x6Xat7478S
b9fXMTehqz6qqVO2bQSydHBeIhq25DdqmK7agmpgYuhExhZpz9u2nnADSCNQdkan
QO2wFjOZENVmutlrk5Eck9knexevqw62rT+2p1sCs9/iURDrQx6FEl6uXcciw5mN
SGK/aM8nLPehMuw4OET4a2/Z0F8CQcBxHVy8vQD6waZ6i//F6xoP6AVAhi1OfKiD
wLEQxwY=
-----END CERTIFICATE-----
Generated at Wed Dec 7 03:05:57 2022 by rpki-client.