Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C799C/A2DFB336135711EB8D13B215C4F9AE02/9F5F0EC6135911EBBC97C718C4F9AE02.roa
File:                     9F5F0EC6135911EBBC97C718C4F9AE02.roa (download)
Hash identifier:          tVpnx0R8tDp2lcOkmZvo57XJfCxahgKy3k14+xHLtHk=
Subject key identifier:   45:00:3A:61:06:66:C4:9E:0C:85:6D:71:C2:B5:1B:2C:D5:ED:E6:33
Certificate issuer:       /CN=A91C799C/serialNumber=DC21F86737B2397DD2B2609E8FB40686E3C8F761
Certificate serial:       05A7
Authority key identifier: DC:21:F8:67:37:B2:39:7D:D2:B2:60:9E:8F:B4:06:86:E3:C8:F7:61
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3CH4ZzeyOX3SsmCej7QGhuPI92E.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C799C/A2DFB336135711EB8D13B215C4F9AE02/9F5F0EC6135911EBBC97C718C4F9AE02.roa
ROA valid until:          Dec 30 00:00:00 2023 GMT
asID:                     141356
IP address blocks:
    1: 103.156.178.0/23 maxlen: 23

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1447 (0x5a7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C799C/serialNumber=DC21F86737B2397DD2B2609E8FB40686E3C8F761
        Validity
            Not Before: Nov 24 23:49:50 2022 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=6380031e-84e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:dc:aa:b6:c9:ab:f5:3b:b8:5b:42:0c:8e:81:
                    05:c4:8f:f2:68:9a:b0:a7:fa:57:24:eb:5b:4f:6d:
                    00:be:d1:56:93:e0:d1:30:59:0e:8f:f0:a6:63:e3:
                    22:a5:14:ae:e4:4e:6a:cd:fc:10:da:92:34:d5:e3:
                    26:27:ee:8f:3f:4e:6d:19:16:5b:08:7b:57:39:da:
                    e7:69:d3:e7:20:72:74:e8:ee:ff:f1:af:44:5f:e4:
                    62:e5:60:36:2e:0c:04:34:11:13:92:fe:87:28:14:
                    42:24:39:92:93:59:d2:03:7d:de:d4:77:55:35:4d:
                    00:50:03:fa:e6:9b:c9:cd:9f:f8:75:08:49:d1:1e:
                    35:99:0d:e8:66:f9:37:ad:f8:0c:9c:92:07:17:87:
                    e8:f1:16:4a:42:5f:63:20:0b:d5:b7:46:1b:24:94:
                    78:b3:6d:eb:ec:f8:70:7a:33:c3:1c:41:67:e2:ba:
                    fa:87:26:e6:3c:6f:a1:a3:46:ea:67:6e:8d:95:47:
                    f9:29:86:d0:08:70:06:be:e8:d9:ff:4a:ab:fe:39:
                    1d:96:c2:bc:2e:7d:d0:37:af:78:a3:f9:c0:89:e3:
                    5b:cf:ec:2b:91:9f:61:3a:28:02:f2:e3:d6:3d:04:
                    30:59:97:6a:ae:a5:c0:4d:e8:3e:32:85:42:36:25:
                    9d:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                45:00:3A:61:06:66:C4:9E:0C:85:6D:71:C2:B5:1B:2C:D5:ED:E6:33
            X509v3 Authority Key Identifier: 
                keyid:DC:21:F8:67:37:B2:39:7D:D2:B2:60:9E:8F:B4:06:86:E3:C8:F7:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C799C/A2DFB336135711EB8D13B215C4F9AE02/3CH4ZzeyOX3SsmCej7QGhuPI92E.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3CH4ZzeyOX3SsmCej7QGhuPI92E.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C799C/A2DFB336135711EB8D13B215C4F9AE02/9F5F0EC6135911EBBC97C718C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.156.178.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1d:66:c2:96:22:7f:77:cd:91:f6:c2:9a:a3:de:3a:c0:8f:b1:
         0c:71:c1:4c:2f:38:b4:c3:37:62:06:73:70:f3:18:6e:d4:28:
         97:a9:e6:e4:ad:28:48:d4:29:ef:03:c8:5b:2d:28:a7:52:2a:
         30:69:1f:82:2e:ea:a2:a0:94:33:55:bc:b4:b2:6b:56:03:60:
         0a:3d:78:52:fb:9c:93:3e:3a:78:8f:5f:63:0d:6c:8e:59:ae:
         62:5e:51:31:10:d5:41:d6:de:f1:b1:40:d1:1e:e5:2c:1b:2e:
         72:ca:27:c6:0e:65:99:00:4d:71:bb:0b:dc:42:ba:0a:30:04:
         44:68:0b:be:ad:df:bf:25:8f:bd:18:92:82:d6:9d:07:c2:e3:
         79:3e:49:01:14:a2:09:97:b3:90:c5:ba:2b:00:15:f3:1d:fb:
         37:98:f7:8c:ec:8a:3d:11:a7:84:9d:79:f1:58:3f:d9:8c:f5:
         b5:1f:2a:86:dd:b3:1d:96:8b:1a:16:11:10:dc:fb:e3:30:21:
         8c:67:90:69:a4:0b:51:56:0d:4a:77:f7:3e:c6:c5:45:35:55:
         17:27:ae:7f:62:39:19:28:76:04:b2:31:46:c3:0c:3d:6b:a0:
         85:60:4e:f9:51:09:4d:1b:95:8d:26:0e:d9:72:75:6a:84:86:
         69:23:7b:4f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBacwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qzc5OUMxMTAvBgNVBAUTKERDMjFGODY3MzdCMjM5N0REMkIyNjA5RThGQjQwNjg2
RTNDOEY3NjEwHhcNMjIxMTI0MjM0OTUwWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzgwMDMxZS04NGU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoNyqtsmr9Tu4W0IMjoEFxI/yaJqwp/pXJOtbT20AvtFWk+DRMFkOj/CmY+Mi
pRSu5E5qzfwQ2pI01eMmJ+6PP05tGRZbCHtXOdrnadPnIHJ06O7/8a9EX+Ri5WA2
LgwENBETkv6HKBRCJDmSk1nSA33e1HdVNU0AUAP65pvJzZ/4dQhJ0R41mQ3oZvk3
rfgMnJIHF4fo8RZKQl9jIAvVt0YbJJR4s23r7PhwejPDHEFn4rr6hybmPG+ho0bq
Z26NlUf5KYbQCHAGvujZ/0qr/jkdlsK8Ln3QN694o/nAieNbz+wrkZ9hOigC8uPW
PQQwWZdqrqXATeg+MoVCNiWdTQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEUAOmEG
ZsSeDIVtccK1GyzV7eYzMB8GA1UdIwQYMBaAFNwh+Gc3sjl90rJgno+0BobjyPdh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzk5Qy9BMkRGQjMzNjEz
NTcxMUVCOEQxM0IyMTVDNEY5QUUwMi8zQ0g0WnpleU9YM1NzbUNlajdRR2h1UEk5
MkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNDSDRaemV5T1gzU3NtQ2VqN1FHaHVQSTkyRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qzc5OUMvQTJERkIzMzYxMzU3MTFFQjhEMTNCMjE1QzRGOUFFMDIvOUY1RjBFQzYx
MzU5MTFFQkJDOTdDNzE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnnLIwDQYJKoZIhvcNAQELBQADggEBAB1mwpYif3fNkfbC
mqPeOsCPsQxxwUwvOLTDN2IGc3DzGG7UKJep5uStKEjUKe8DyFstKKdSKjBpH4Iu
6qKglDNVvLSya1YDYAo9eFL7nJM+OniPX2MNbI5ZrmJeUTEQ1UHW3vGxQNEe5Swb
LnLKJ8YOZZkATXG7C9xCugowBERoC76t378lj70YkoLWnQfC43k+SQEUogmXs5DF
uisAFfMd+zeY94zsij0Rp4SdefFYP9mM9bUfKobdsx2WixoWERDc++MwIYxnkGmk
C1FWDUp39z7GxUU1VRcnrn9iORkodgSyMUbDDD1roIVgTvlRCU0blY0mDtlydWqE
hmkje08=
-----END CERTIFICATE-----
Generated at Thu Dec 8 07:16:44 2022 by rpki-client.