Route Origin Authorization

$ cd rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/

$ rpki-client -vvf B2B2930C21C911EB991D562EC4F9AE02.roa
File:                     B2B2930C21C911EB991D562EC4F9AE02.roa (download)
Hash identifier:          dLtgGx7upFck3C27nadH7oRsfY1uPvz05EhZgcRZ4bE=
Subject key identifier:   F5:43:C5:F8:37:2A:98:4B:8E:A6:45:50:D0:96:5B:29:CD:37:CD:3D
Certificate issuer:       /CN=A91F3F02/serialNumber=AF44780813BB6C05E997545B08D37936FFAC4661
Certificate serial:       0CD6
Authority key identifier: AF:44:78:08:13:BB:6C:05:E9:97:54:5B:08:D3:79:36:FF:AC:46:61
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/B2B2930C21C911EB991D562EC4F9AE02.roa
ROA valid until:          Jul 30 00:00:00 2023 GMT
asID:                     135386
IP address blocks:
    1: 103.113.92.0/22 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3286 (0xcd6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F3F02/serialNumber=AF44780813BB6C05E997545B08D37936FFAC4661
        Validity
            Not Before: Jun 20 07:02:51 2022 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=62b01b9b-68d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:bd:76:11:d6:a6:3b:97:f5:1e:03:7c:b9:8d:
                    7d:48:77:4d:3a:48:f7:0c:2e:8f:96:ed:3a:a0:6e:
                    82:3d:64:c0:40:f5:09:4d:17:f1:03:49:9c:e4:3a:
                    e6:50:10:1a:38:26:45:05:b5:8c:3c:e9:6f:dc:55:
                    5a:f9:f3:12:f4:b2:34:e7:96:39:55:b4:60:c1:6a:
                    90:6f:e6:dd:f5:e9:a0:27:b7:7d:b6:4e:91:86:4f:
                    9f:2d:8b:32:88:93:be:c5:77:29:d6:6a:d5:86:55:
                    20:0a:07:22:5e:56:f2:82:8c:8d:34:3d:9b:2c:d4:
                    25:02:65:8c:81:d4:af:36:76:36:46:12:37:f8:a0:
                    60:38:1b:c9:29:1c:12:c5:06:f2:32:4b:69:2e:eb:
                    cb:7e:eb:f5:d0:c3:93:a6:cb:d2:43:f8:67:4c:55:
                    77:0f:cd:3c:18:8a:f2:25:56:90:af:2b:98:aa:55:
                    fa:39:87:09:18:b7:b4:be:ae:35:9a:05:da:3b:47:
                    f8:9f:0e:da:98:aa:e1:b9:81:65:7b:05:8f:16:3d:
                    ad:ff:08:61:67:e5:b9:44:ef:6f:15:7e:4a:2f:b4:
                    1d:32:42:0f:69:4c:da:f4:bc:cb:17:6c:47:6a:67:
                    b0:7f:31:be:de:99:e3:2f:8e:5e:a8:fd:f8:d4:79:
                    1e:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                F5:43:C5:F8:37:2A:98:4B:8E:A6:45:50:D0:96:5B:29:CD:37:CD:3D
            X509v3 Authority Key Identifier: 
                keyid:AF:44:78:08:13:BB:6C:05:E9:97:54:5B:08:D3:79:36:FF:AC:46:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/B2B2930C21C911EB991D562EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.113.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         39:0e:09:d8:7e:ba:8b:2a:ab:3e:fb:55:30:d4:dc:bd:36:f4:
         20:94:75:71:72:66:67:d9:1e:a4:65:f9:3b:12:94:aa:4f:59:
         46:61:2e:e5:d7:8c:3b:40:ac:fe:ef:48:0b:20:cb:3d:f9:db:
         be:b4:67:e8:cd:63:cb:cf:82:05:29:81:d2:09:23:7a:d5:fe:
         35:08:d3:db:c8:16:f4:a2:d5:16:cc:bd:a6:f6:5f:13:6f:fe:
         40:2d:d1:f2:9f:6a:e3:7d:bc:41:8a:a2:27:07:c0:ec:a8:65:
         c9:35:45:00:16:87:79:d6:75:4a:7f:b2:35:03:f7:4b:26:19:
         3a:af:92:79:c8:10:3e:59:e0:8e:34:d9:f2:80:32:ea:5b:a4:
         fd:9d:29:c2:65:da:1e:76:fa:73:ac:1e:ce:1a:c1:52:63:f1:
         63:f1:46:59:1f:ff:43:1a:d6:b6:4b:cf:a6:5d:4d:9a:dc:8b:
         97:2a:9c:56:e5:b9:cb:b5:1f:2e:14:60:39:d7:7a:25:8e:ae:
         58:f7:58:17:23:c5:e8:be:25:ef:61:9d:c7:e9:41:e1:0e:7b:
         e2:cf:64:60:0e:2d:4b:c3:ed:5b:69:30:1d:2c:61:eb:5c:93:
         cd:a2:1b:19:4c:ec:3c:75:84:aa:74:f9:c5:02:44:01:c8:0a:
         07:45:78:8a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDNYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjNGMDIxMTAvBgNVBAUTKEFGNDQ3ODA4MTNCQjZDMDVFOTk3NTQ1QjA4RDM3OTM2
RkZBQzQ2NjEwHhcNMjIwNjIwMDcwMjUxWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmIwMWI5Yi02OGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArr12EdamO5f1HgN8uY19SHdNOkj3DC6Plu06oG6CPWTAQPUJTRfxA0mc5Drm
UBAaOCZFBbWMPOlv3FVa+fMS9LI055Y5VbRgwWqQb+bd9emgJ7d9tk6Rhk+fLYsy
iJO+xXcp1mrVhlUgCgciXlbygoyNND2bLNQlAmWMgdSvNnY2RhI3+KBgOBvJKRwS
xQbyMktpLuvLfuv10MOTpsvSQ/hnTFV3D808GIryJVaQryuYqlX6OYcJGLe0vq41
mgXaO0f4nw7amKrhuYFlewWPFj2t/whhZ+W5RO9vFX5KL7QdMkIPaUza9LzLF2xH
amewfzG+3pnjL45eqP341HkeXQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPVDxfg3
KphLjqZFUNCWWynNN809MB8GA1UdIwQYMBaAFK9EeAgTu2wF6ZdUWwjTeTb/rEZh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0YwMi9DQ0FCNTc1MDYz
RjAxMUU5QTlCQ0ExNDFDNEY5QUUwMi9yMFI0Q0JPN2JBWHBsMVJiQ05ONU52LXNS
bUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3IwUjRDQk83YkFYcGwxUmJDTk41TnYtc1JtRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjNGMDIvQ0NBQjU3NTA2M0YwMTFFOUE5QkNBMTQxQzRGOUFFMDIvQjJCMjkzMEMy
MUM5MTFFQjk5MUQ1NjJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJncVwwDQYJKoZIhvcNAQELBQADggEBADkOCdh+uosqqz77
VTDU3L029CCUdXFyZmfZHqRl+TsSlKpPWUZhLuXXjDtArP7vSAsgyz352760Z+jN
Y8vPggUpgdIJI3rV/jUI09vIFvSi1RbMvab2XxNv/kAt0fKfauN9vEGKoicHwOyo
Zck1RQAWh3nWdUp/sjUD90smGTqvknnIED5Z4I402fKAMupbpP2dKcJl2h52+nOs
Hs4awVJj8WPxRlkf/0Ma1rZLz6ZdTZrci5cqnFblucu1Hy4UYDnXeiWOrlj3WBcj
xei+Je9hncfpQeEOe+LPZGAOLUvD7VtpMB0sYetck82iGxlM7Dx1hKp0+cUCRAHI
CgdFeIo=
-----END CERTIFICATE-----
Generated at Sat Dec 3 19:12:46 2022 by rpki-client.