Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA59D/563DE50E0D5611EBA3D15D2CC4F9AE02/0C98BB26325411ECB11CE73EC4F9AE02.roa
File:                     0C98BB26325411ECB11CE73EC4F9AE02.roa (download)
Hash identifier:          U8lnJcNTelkDcoGGljbEZEvdnWVYKB7W2KIoOXEITuE=
Subject key identifier:   EA:ED:CD:44:F1:0E:F5:E5:23:A1:DD:67:52:37:79:76:C6:5F:77:1E
Certificate issuer:       /CN=A91DA59D/serialNumber=751FA49E712F88CF844CCD179EBE29B97EA1AACC
Certificate serial:       04D9
Authority key identifier: 75:1F:A4:9E:71:2F:88:CF:84:4C:CD:17:9E:BE:29:B9:7E:A1:AA:CC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dR-knnEviM-ETM0Xnr4puX6hqsw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DA59D/563DE50E0D5611EBA3D15D2CC4F9AE02/0C98BB26325411ECB11CE73EC4F9AE02.roa
ROA valid until:          Aug 31 00:00:00 2023 GMT
asID:                     399546
IP address blocks:
    1: 103.138.188.0/24 maxlen: 24
    2: 103.138.189.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1241 (0x4d9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DA59D/serialNumber=751FA49E712F88CF844CCD179EBE29B97EA1AACC
        Validity
            Not Before: Jun 24 23:34:50 2022 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=62b64a1a-0208
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:00:94:0e:54:99:a7:8b:d8:81:50:55:ed:92:
                    fb:a8:30:49:1b:a2:3b:86:24:51:ed:30:08:e1:52:
                    49:eb:f8:fb:fd:58:66:b9:c8:b2:e8:04:4b:29:cb:
                    c9:0f:50:49:4c:c2:ae:8e:ff:c1:12:3e:74:09:f2:
                    cc:95:dc:29:94:dd:e8:5e:46:ec:75:24:87:59:b5:
                    9f:4c:b9:5d:db:8a:85:e0:69:c9:9a:6c:14:4c:90:
                    ea:2e:cc:cf:19:c9:34:97:24:7c:43:c1:95:00:8e:
                    2e:1d:dc:49:b0:29:a7:d3:cb:63:cd:cd:4a:a8:5e:
                    5e:f2:cb:3f:7c:84:f9:1a:99:88:29:d4:c2:22:14:
                    fc:b2:9a:9c:6b:a4:e6:f2:e7:ff:f4:83:45:d8:05:
                    8f:80:0e:62:46:5c:35:ad:3e:16:51:91:07:34:bf:
                    45:1b:6d:fd:02:30:b4:fb:76:1c:be:91:34:bc:9e:
                    a6:b6:99:ea:ec:2c:71:27:79:f8:17:d7:f9:c3:32:
                    8e:c3:b8:3c:14:66:74:d4:79:f9:fd:13:3d:36:47:
                    a4:03:4f:08:cc:6f:0b:b1:1c:4d:f9:6f:df:6c:25:
                    70:ec:ff:bc:bc:71:e0:66:08:0c:54:46:8b:a8:c5:
                    6b:56:20:3a:d5:08:66:85:16:07:3b:43:95:ae:de:
                    84:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                EA:ED:CD:44:F1:0E:F5:E5:23:A1:DD:67:52:37:79:76:C6:5F:77:1E
            X509v3 Authority Key Identifier: 
                keyid:75:1F:A4:9E:71:2F:88:CF:84:4C:CD:17:9E:BE:29:B9:7E:A1:AA:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DA59D/563DE50E0D5611EBA3D15D2CC4F9AE02/dR-knnEviM-ETM0Xnr4puX6hqsw.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dR-knnEviM-ETM0Xnr4puX6hqsw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA59D/563DE50E0D5611EBA3D15D2CC4F9AE02/0C98BB26325411ECB11CE73EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.138.188.0/23

    Signature Algorithm: sha256WithRSAEncryption
         54:0b:4f:32:86:a2:b7:9b:82:d9:15:51:34:36:8c:ed:9c:d6:
         8d:eb:d7:ee:4e:7e:66:32:28:79:6f:5e:7c:7a:e5:0e:af:bd:
         45:ed:c0:27:de:54:8f:cf:77:89:a7:0d:e1:1b:47:18:12:f9:
         1c:ea:1a:2f:92:85:52:ba:88:41:97:85:9d:1d:5b:79:a1:6c:
         43:4b:25:4f:d1:77:e2:a1:12:10:1e:ec:c9:62:b6:bc:73:76:
         b8:4f:91:21:ad:95:ad:99:fa:3f:da:d8:e1:c1:6e:d2:f8:98:
         c9:12:6b:ee:03:45:ec:60:df:43:5f:00:12:9d:9b:a3:04:bf:
         2c:4e:d0:45:db:2c:53:c9:85:32:fe:42:c8:8a:80:e5:f7:c9:
         9a:d9:19:e4:72:f9:4b:a5:e0:96:1b:c3:f6:28:1d:34:3a:84:
         7e:1b:4a:12:8c:cb:42:96:80:d3:e2:6a:42:b1:9f:91:eb:ae:
         4e:2a:3b:12:22:96:40:74:1f:9d:d3:0b:58:21:70:9c:71:b0:
         30:9d:fc:7d:3d:c8:95:8b:3f:b2:84:22:32:8b:6e:dc:6b:ce:
         25:f6:87:c1:9c:21:49:32:cc:79:9d:6d:47:53:f1:be:44:4d:
         f1:75:d5:40:f2:e4:e6:90:a9:45:71:5d:53:3d:52:b8:76:b5:
         30:71:ea:47
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBNkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REE1OUQxMTAvBgNVBAUTKDc1MUZBNDlFNzEyRjg4Q0Y4NDRDQ0QxNzlFQkUyOUI5
N0VBMUFBQ0MwHhcNMjIwNjI0MjMzNDUwWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmI2NGExYS0wMjA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzQCUDlSZp4vYgVBV7ZL7qDBJG6I7hiRR7TAI4VJJ6/j7/Vhmuciy6ARLKcvJ
D1BJTMKujv/BEj50CfLMldwplN3oXkbsdSSHWbWfTLld24qF4GnJmmwUTJDqLszP
Gck0lyR8Q8GVAI4uHdxJsCmn08tjzc1KqF5e8ss/fIT5GpmIKdTCIhT8spqca6Tm
8uf/9INF2AWPgA5iRlw1rT4WUZEHNL9FG239AjC0+3YcvpE0vJ6mtpnq7CxxJ3n4
F9f5wzKOw7g8FGZ01Hn5/RM9NkekA08IzG8LsRxN+W/fbCVw7P+8vHHgZggMVEaL
qMVrViA61QhmhRYHO0OVrt6ECQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOrtzUTx
DvXlI6HdZ1I3eXbGX3ceMB8GA1UdIwQYMBaAFHUfpJ5xL4jPhEzNF56+Kbl+oarM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTU5RC81NjNERTUwRTBE
NTYxMUVCQTNEMTVEMkNDNEY5QUUwMi9kUi1rbm5FdmlNLUVUTTBYbnI0cHVYNmhx
c3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RSLWtubkV2aU0tRVRNMFhucjRwdVg2aHFzdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REE1OUQvNTYzREU1MEUwRDU2MTFFQkEzRDE1RDJDQzRGOUFFMDIvMEM5OEJCMjYz
MjU0MTFFQ0IxMUNFNzNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnirwwDQYJKoZIhvcNAQELBQADggEBAFQLTzKGorebgtkV
UTQ2jO2c1o3r1+5OfmYyKHlvXnx65Q6vvUXtwCfeVI/Pd4mnDeEbRxgS+RzqGi+S
hVK6iEGXhZ0dW3mhbENLJU/Rd+KhEhAe7MlitrxzdrhPkSGtla2Z+j/a2OHBbtL4
mMkSa+4DRexg30NfABKdm6MEvyxO0EXbLFPJhTL+QsiKgOX3yZrZGeRy+Uul4JYb
w/YoHTQ6hH4bShKMy0KWgNPiakKxn5Hrrk4qOxIilkB0H53TC1ghcJxxsDCd/H09
yJWLP7KEIjKLbtxrziX2h8GcIUkyzHmdbUdT8b5ETfF11UDy5OaQqUVxXVM9Urh2
tTBx6kc=
-----END CERTIFICATE-----
Generated at Wed Dec 7 02:28:28 2022 by rpki-client.