Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913BEF9/4E02D68C99D811ECAB6C5C6FC4F9AE02/2D45FF2E20A911EEBEC77485C4F9AE02.roa
File:                     2D45FF2E20A911EEBEC77485C4F9AE02.roa (raw, json)
Hash identifier:          qC9kf33wqjsQKlRR+1/x9+FleLqm5INMPpMOlniO6Ug=
Subject key identifier:   2B:4F:3F:9D:B5:F3:8F:C9:3B:9D:7D:A6:CC:D2:19:F1:96:B6:FE:1A
Certificate issuer:       /CN=A913BEF9/serialNumber=0555D04D6AA7CD08907385B9EFAF7FECE6C35E18
Certificate serial:       02EA
Authority key identifier: 05:55:D0:4D:6A:A7:CD:08:90:73:85:B9:EF:AF:7F:EC:E6:C3:5E:18
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BVXQTWqnzQiQc4W5769_7ObDXhg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913BEF9/4E02D68C99D811ECAB6C5C6FC4F9AE02/2D45FF2E20A911EEBEC77485C4F9AE02.roa
Signing time:             Wed 01 May 2024 04:06:48 +0000
ROA not before:           Wed 01 May 2024 04:06:48 +0000
ROA not after:            Thu 29 Aug 2024 00:00:00 +0000
asID:                     149629
IP address blocks:        103.182.246.0/24 maxlen: 24
                          2001:df0:8040::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A913BEF9/4E02D68C99D811ECAB6C5C6FC4F9AE02/BVXQTWqnzQiQc4W5769_7ObDXhg.crl
                          rsync://rpki.apnic.net/member_repository/A913BEF9/4E02D68C99D811ECAB6C5C6FC4F9AE02/BVXQTWqnzQiQc4W5769_7ObDXhg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BVXQTWqnzQiQc4W5769_7ObDXhg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 02:50:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 746 (0x2ea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913BEF9/serialNumber=0555D04D6AA7CD08907385B9EFAF7FECE6C35E18
        Validity
            Not Before: May  1 04:06:48 2024 GMT
            Not After : Aug 29 00:00:00 2024 GMT
        Subject: CN=6631bfd7-e0b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:e0:e8:e9:5a:a5:c0:89:d2:d6:5a:e8:f1:1f:
                    9e:d7:20:c5:8b:a7:ef:fa:e9:05:b3:c3:2e:74:ee:
                    3e:33:11:1d:a6:7b:45:94:ef:f0:fe:c9:56:1a:02:
                    df:a9:bf:c0:0a:b7:43:ce:d5:45:d6:61:3f:96:28:
                    a1:83:52:23:f7:77:59:d7:4e:23:06:52:77:58:f0:
                    b3:b0:d4:e1:65:b4:a4:1f:d7:44:81:9a:db:0e:b5:
                    61:6a:48:f4:ea:13:22:4d:c1:0f:d1:f5:b3:58:65:
                    c2:dd:82:31:38:db:f7:72:64:21:72:32:6e:e2:00:
                    e7:2a:71:91:76:bf:a0:d2:1d:ba:94:b2:b2:9f:e6:
                    a7:eb:ad:84:ea:ac:94:47:56:f4:f5:09:e5:b3:00:
                    32:43:e2:58:e1:a7:0f:5a:69:66:c1:f5:b1:a9:a6:
                    62:47:93:73:83:e4:da:27:90:61:95:25:7d:2b:ca:
                    ac:41:94:64:d5:26:25:a1:04:bb:50:04:24:31:4c:
                    75:50:0e:51:5a:0f:5b:8a:e2:79:78:4a:a3:39:9b:
                    db:aa:ae:6d:08:15:b0:96:d5:58:79:ee:59:12:b6:
                    49:bd:2e:e4:61:0e:f2:07:9d:b8:3e:48:5a:35:f3:
                    fb:7a:af:bb:bb:28:30:09:19:fd:8c:6a:59:2e:b3:
                    df:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:4F:3F:9D:B5:F3:8F:C9:3B:9D:7D:A6:CC:D2:19:F1:96:B6:FE:1A
            X509v3 Authority Key Identifier:
                keyid:05:55:D0:4D:6A:A7:CD:08:90:73:85:B9:EF:AF:7F:EC:E6:C3:5E:18

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913BEF9/4E02D68C99D811ECAB6C5C6FC4F9AE02/BVXQTWqnzQiQc4W5769_7ObDXhg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BVXQTWqnzQiQc4W5769_7ObDXhg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913BEF9/4E02D68C99D811ECAB6C5C6FC4F9AE02/2D45FF2E20A911EEBEC77485C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.182.246.0/24
                IPv6:
                  2001:df0:8040::/48

    Signature Algorithm: sha256WithRSAEncryption
         62:21:e0:91:a3:e6:3a:b5:80:a1:a2:ca:56:c2:34:b4:55:13:
         3b:db:cf:45:c0:2d:af:41:f1:38:85:65:ab:ed:44:5a:95:20:
         35:87:cf:84:ec:bb:24:ad:8a:c1:b3:ad:42:d4:67:2e:34:6b:
         d3:08:5c:8e:54:c9:60:7f:2d:20:ba:96:07:ec:d3:e7:8e:f5:
         99:98:fa:78:b9:e9:f3:a3:2c:24:c9:18:b4:b6:27:70:00:3f:
         5f:0c:78:f6:9e:57:1f:81:1a:f0:20:7f:83:b9:61:bd:03:9b:
         61:f6:34:f5:cc:51:c5:c1:1a:5f:b5:1d:20:46:a1:3b:58:56:
         9e:d1:58:08:30:11:5f:9a:c4:9b:46:99:48:f0:44:6d:d5:8d:
         bb:7b:f2:31:fd:aa:42:79:70:b1:ea:29:93:c9:35:9f:1d:5c:
         44:84:ea:17:68:c9:8f:97:18:8b:c3:8d:53:51:af:41:91:e7:
         f0:ef:88:c2:eb:80:6a:65:a3:a1:6e:d5:1d:d2:b5:66:ca:e2:
         45:9d:3e:75:c6:84:10:1c:d1:3d:92:b1:ee:35:9d:39:6b:55:
         1c:5b:81:83:d0:2f:d9:20:0b:48:ff:b4:20:40:42:d3:e9:51:
         c5:45:01:3a:8a:07:5a:7e:a7:f6:0d:d6:62:b0:6a:68:23:2e:
         fd:cc:8f:43
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAuowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0JFRjkxMTAvBgNVBAUTKDA1NTVEMDRENkFBN0NEMDg5MDczODVCOUVGQUY3RkVD
RTZDMzVFMTgwHhcNMjQwNTAxMDQwNjQ4WhcNMjQwODI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMxYmZkNy1lMGIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwuDo6VqlwInS1lro8R+e1yDFi6fv+ukFs8MudO4+MxEdpntFlO/w/slWGgLf
qb/ACrdDztVF1mE/liihg1Ij93dZ104jBlJ3WPCzsNThZbSkH9dEgZrbDrVhakj0
6hMiTcEP0fWzWGXC3YIxONv3cmQhcjJu4gDnKnGRdr+g0h26lLKyn+an662E6qyU
R1b09QnlswAyQ+JY4acPWmlmwfWxqaZiR5Nzg+TaJ5BhlSV9K8qsQZRk1SYloQS7
UAQkMUx1UA5RWg9biuJ5eEqjOZvbqq5tCBWwltVYee5ZErZJvS7kYQ7yB524Pkha
NfP7eq+7uygwCRn9jGpZLrPfDQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFCtPP521
84/JO519pszSGfGWtv4aMB8GA1UdIwQYMBaAFAVV0E1qp80IkHOFue+vf+zmw14Y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQkVGOS80RTAyRDY4Qzk5
RDgxMUVDQUI2QzVDNkZDNEY5QUUwMi9CVlhRVFdxbnpRaVFjNFc1NzY5XzdPYkRY
aGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JWWFFUV3FuelFpUWM0VzU3NjlfN09iRFhoZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0JFRjkvNEUwMkQ2OEM5OUQ4MTFFQ0FCNkM1QzZGQzRGOUFFMDIvMkQ0NUZGMkUy
MEE5MTFFRUJFQzc3NDg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABntvYwDwQCAAIwCQMHACABDfCAQDANBgkqhkiG9w0BAQsF
AAOCAQEAYiHgkaPmOrWAoaLKVsI0tFUTO9vPRcAtr0HxOIVlq+1EWpUgNYfPhOy7
JK2KwbOtQtRnLjRr0whcjlTJYH8tILqWB+zT5471mZj6eLnp86MsJMkYtLYncAA/
Xwx49p5XH4Ea8CB/g7lhvQObYfY09cxRxcEaX7UdIEahO1hWntFYCDARX5rEm0aZ
SPBEbdWNu3vyMf2qQnlwseopk8k1nx1cRITqF2jJj5cYi8ONU1GvQZHn8O+IwuuA
amWjoW7VHdK1ZsriRZ0+dcaEEBzRPZKx7jWdOWtVHFuBg9Av2SALSP+0IEBC0+lR
xUUBOooHWn6n9g3WYrBqaCMu/cyPQw==
-----END CERTIFICATE-----
Generated at Sat Jun 15 04:34:39 2024 by rpki-client on console-fra.rpki-client.org