Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912FEAB/FDD899EC2F8411ED98B91B0AC4F9AE02/9082B9C42F8711ED90F1090CC4F9AE02.roa
File:                     9082B9C42F8711ED90F1090CC4F9AE02.roa (raw, json)
Hash identifier:          ESvF2zANeeoHFSP7kMO/U5RvLezUTjQbbdWpYH4pQ4o=
Subject key identifier:   98:E1:FC:82:34:CE:15:5F:E1:DD:43:39:0E:4C:21:96:26:D7:42:F3
Certificate issuer:       /CN=A912FEAB/serialNumber=1566434D7C6CC6591C90DC274ABF73DE00EB0501
Certificate serial:       011A
Authority key identifier: 15:66:43:4D:7C:6C:C6:59:1C:90:DC:27:4A:BF:73:DE:00:EB:05:01
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FWZDTXxsxlkckNwnSr9z3gDrBQE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912FEAB/FDD899EC2F8411ED98B91B0AC4F9AE02/9082B9C42F8711ED90F1090CC4F9AE02.roa
Signing time:             Sat 23 Dec 2023 04:15:25 +0000
ROA not before:           Sat 23 Dec 2023 04:15:25 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     63526
IP address blocks:        103.231.238.0/23 maxlen: 23
                          103.231.238.0/24 maxlen: 24
                          103.231.239.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A912FEAB/FDD899EC2F8411ED98B91B0AC4F9AE02/FWZDTXxsxlkckNwnSr9z3gDrBQE.crl
                          rsync://rpki.apnic.net/member_repository/A912FEAB/FDD899EC2F8411ED98B91B0AC4F9AE02/FWZDTXxsxlkckNwnSr9z3gDrBQE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FWZDTXxsxlkckNwnSr9z3gDrBQE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 282 (0x11a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912FEAB/serialNumber=1566434D7C6CC6591C90DC274ABF73DE00EB0501
        Validity
            Not Before: Dec 23 04:15:25 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=65865edd-5fbd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:b1:11:20:1b:f1:44:e6:ac:e6:5e:1b:97:09:
                    bb:55:ba:75:bf:3e:9d:c4:0c:f3:be:71:24:8a:35:
                    4e:b6:d4:f0:3c:f8:87:c4:32:38:96:56:e1:9b:8e:
                    56:b8:55:3a:b9:85:e8:60:fa:30:4d:d5:50:c1:eb:
                    39:d2:7f:13:5c:45:01:cf:7f:f1:72:5d:b1:bf:45:
                    dc:23:c8:1f:ad:94:b3:b9:dc:fe:99:04:14:a5:14:
                    a0:6c:18:e8:0c:95:1c:7f:5b:de:95:25:54:cb:af:
                    9f:44:97:01:8a:33:b3:6b:a5:68:58:31:f1:1b:b6:
                    35:37:c3:fb:a2:0b:9a:09:0c:b4:d1:8b:22:c6:9d:
                    1a:b4:00:f5:db:9e:e5:0b:90:4f:34:d8:bc:1c:45:
                    8a:34:6a:bd:f4:0a:5e:e3:4e:fb:54:d3:8b:5f:e3:
                    95:d2:93:78:f5:51:98:36:43:7c:be:25:f1:84:06:
                    4c:50:7a:fd:ca:09:d6:82:90:0b:26:88:05:68:95:
                    dc:54:a0:a6:7b:25:94:30:c7:4a:e9:ae:99:f5:7e:
                    90:cc:57:82:70:05:1f:e0:ce:50:78:e2:f1:2d:c7:
                    65:cb:90:6a:bd:ad:57:2a:b8:46:10:b6:48:ac:9b:
                    72:89:da:87:e3:36:5a:49:65:72:3d:b4:a3:23:37:
                    84:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:E1:FC:82:34:CE:15:5F:E1:DD:43:39:0E:4C:21:96:26:D7:42:F3
            X509v3 Authority Key Identifier:
                keyid:15:66:43:4D:7C:6C:C6:59:1C:90:DC:27:4A:BF:73:DE:00:EB:05:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912FEAB/FDD899EC2F8411ED98B91B0AC4F9AE02/FWZDTXxsxlkckNwnSr9z3gDrBQE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FWZDTXxsxlkckNwnSr9z3gDrBQE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FEAB/FDD899EC2F8411ED98B91B0AC4F9AE02/9082B9C42F8711ED90F1090CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.231.238.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1e:a6:f7:1a:a7:67:c0:13:3d:6b:da:6f:01:8e:ad:7d:a1:ce:
         d5:31:12:ef:38:76:28:9d:b0:b2:25:a4:18:45:f6:05:64:8c:
         fc:c2:7b:9c:12:3d:4b:bf:71:82:72:3b:f4:1d:be:0b:f2:04:
         12:c1:db:a4:d3:c2:42:1f:01:d8:53:83:6a:c0:87:51:39:c5:
         37:5d:e5:f5:10:a6:d0:54:bb:7d:67:8e:41:c1:99:8f:f8:6b:
         92:de:88:bc:ac:ed:be:ba:c9:05:a3:9e:2d:70:78:38:47:52:
         88:a7:6d:73:8f:74:33:1b:f5:18:59:45:64:a7:38:d8:b4:a3:
         e4:08:68:0f:e9:6c:7c:42:f2:4e:a9:d3:1c:f5:7d:ee:32:5b:
         d5:92:6f:4a:e1:3d:22:ff:31:eb:1a:30:1f:ec:a9:df:5c:80:
         2f:cc:84:8b:16:89:60:aa:d5:32:cf:f2:36:6b:0a:81:4c:48:
         56:5b:9e:56:cf:b9:d9:a1:7b:9c:3f:51:82:10:1a:b2:28:0f:
         0b:5d:87:d0:1d:e8:96:1d:ef:7a:10:3a:de:a6:44:77:5c:4b:
         c3:0e:36:b1:20:9c:03:4e:8a:ed:8a:83:87:3a:f1:77:e3:4b:
         26:63:fe:19:d0:81:c3:bd:6d:67:3a:5c:ac:6a:0f:0d:df:27:
         ad:8f:43:3f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICARowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZFQUIxMTAvBgNVBAUTKDE1NjY0MzREN0M2Q0M2NTkxQzkwREMyNzRBQkY3M0RF
MDBFQjA1MDEwHhcNMjMxMjIzMDQxNTI1WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTg2NWVkZC01ZmJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0bERIBvxROas5l4blwm7Vbp1vz6dxAzzvnEkijVOttTwPPiHxDI4llbhm45W
uFU6uYXoYPowTdVQwes50n8TXEUBz3/xcl2xv0XcI8gfrZSzudz+mQQUpRSgbBjo
DJUcf1velSVUy6+fRJcBijOza6VoWDHxG7Y1N8P7oguaCQy00Ysixp0atAD1257l
C5BPNNi8HEWKNGq99Ape4077VNOLX+OV0pN49VGYNkN8viXxhAZMUHr9ygnWgpAL
JogFaJXcVKCmeyWUMMdK6a6Z9X6QzFeCcAUf4M5QeOLxLcdly5Bqva1XKrhGELZI
rJtyidqH4zZaSWVyPbSjIzeEdQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJjh/II0
zhVf4d1DOQ5MIZYm10LzMB8GA1UdIwQYMBaAFBVmQ018bMZZHJDcJ0q/c94A6wUB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkVBQi9GREQ4OTlFQzJG
ODQxMUVEOThCOTFCMEFDNEY5QUUwMi9GV1pEVFh4c3hsa2NrTnduU3I5ejNnRHJC
UUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZXWkRUWHhzeGxrY2tOd25Tcjl6M2dEckJRRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZFQUIvRkREODk5RUMyRjg0MTFFRDk4QjkxQjBBQzRGOUFFMDIvOTA4MkI5QzQy
Rjg3MTFFRDkwRjEwOTBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn5+4wDQYJKoZIhvcNAQELBQADggEBAB6m9xqnZ8ATPWva
bwGOrX2hztUxEu84diidsLIlpBhF9gVkjPzCe5wSPUu/cYJyO/QdvgvyBBLB26TT
wkIfAdhTg2rAh1E5xTdd5fUQptBUu31njkHBmY/4a5LeiLys7b66yQWjni1weDhH
UoinbXOPdDMb9RhZRWSnONi0o+QIaA/pbHxC8k6p0xz1fe4yW9WSb0rhPSL/Mesa
MB/sqd9cgC/MhIsWiWCq1TLP8jZrCoFMSFZbnlbPudmhe5w/UYIQGrIoDwtdh9Ad
6JYd73oQOt6mRHdcS8MONrEgnANOiu2Kg4c68XfjSyZj/hnQgcO9bWc6XKxqDw3f
J62PQz8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:33:33 2024 by rpki-client on console-fra.rpki-client.org