Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913C928/77F546EC2A4311EB89923753C4F9AE02/08D6D5122A4511EBA2903755C4F9AE02.roa
File:                     08D6D5122A4511EBA2903755C4F9AE02.roa (raw, json)
Hash identifier:          +HMl7Jwr99xlhs1LDIF8vmMtZlmMQpAibI4QXW01B9Y=
Subject key identifier:   35:79:85:21:17:A8:12:90:63:28:CC:40:6D:B4:B9:3D:DE:43:27:A0
Certificate issuer:       /CN=A913C928/serialNumber=6BB229B506442FA048A4F79D3CB44FA0E0047941
Certificate serial:       0641
Authority key identifier: 6B:B2:29:B5:06:44:2F:A0:48:A4:F7:9D:3C:B4:4F:A0:E0:04:79:41
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a7IptQZEL6BIpPedPLRPoOAEeUE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913C928/77F546EC2A4311EB89923753C4F9AE02/08D6D5122A4511EBA2903755C4F9AE02.roa
Signing time:             Thu 04 Jan 2024 23:21:54 +0000
ROA not before:           Thu 04 Jan 2024 23:21:54 +0000
ROA not after:            Sun 02 Mar 2025 00:00:00 +0000
asID:                     141422
IP address blocks:        103.158.232.0/23 maxlen: 23
                          103.158.232.0/24 maxlen: 24
                          103.158.233.0/24 maxlen: 24
                          2001:df5:6980::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A913C928/77F546EC2A4311EB89923753C4F9AE02/a7IptQZEL6BIpPedPLRPoOAEeUE.crl
                          rsync://rpki.apnic.net/member_repository/A913C928/77F546EC2A4311EB89923753C4F9AE02/a7IptQZEL6BIpPedPLRPoOAEeUE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a7IptQZEL6BIpPedPLRPoOAEeUE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 21 Jun 2024 23:50:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1601 (0x641)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913C928/serialNumber=6BB229B506442FA048A4F79D3CB44FA0E0047941
        Validity
            Not Before: Jan  4 23:21:54 2024 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=65973d92-5328
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:e4:8d:f3:7f:e3:8b:7f:92:ba:48:34:f0:12:
                    b1:be:e2:3a:2f:13:09:a2:c6:9b:87:52:24:62:b8:
                    a0:00:08:8a:ce:5e:f4:83:13:9c:e0:57:10:11:14:
                    45:c2:b5:4e:78:44:05:9f:70:8d:13:9d:a1:9d:c0:
                    a7:71:31:b5:41:bf:b8:09:9d:ad:6c:d3:71:5b:1d:
                    82:02:28:0a:2a:d2:69:ae:c9:b6:86:5c:1c:00:4b:
                    eb:04:c5:b4:a3:ff:46:83:9b:d5:e9:bd:f4:e8:20:
                    e4:82:c1:56:45:c5:03:86:9b:76:b0:04:91:f8:87:
                    8b:26:83:3b:e1:5d:2f:c9:4a:6b:6a:a1:90:a3:8e:
                    e5:5f:fe:49:f8:c8:c8:d0:a5:3e:6a:2c:ae:80:02:
                    04:f3:11:f5:0f:86:20:59:f1:c0:e2:67:42:4a:07:
                    1a:cf:9e:a4:4a:a0:f7:43:5f:2a:60:54:d3:3e:78:
                    00:13:95:92:20:d9:3b:09:73:9e:42:43:c5:61:a8:
                    fd:70:a9:6a:c7:f9:e8:be:66:22:bd:44:3c:bf:6b:
                    a4:49:47:22:36:80:75:15:c0:6f:86:6c:59:08:96:
                    21:f4:a1:a0:46:4b:01:bf:d2:d3:f0:eb:8b:4f:0a:
                    0a:4c:1f:6b:b6:06:f9:54:98:dc:f8:ce:6f:20:6f:
                    9d:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:79:85:21:17:A8:12:90:63:28:CC:40:6D:B4:B9:3D:DE:43:27:A0
            X509v3 Authority Key Identifier:
                keyid:6B:B2:29:B5:06:44:2F:A0:48:A4:F7:9D:3C:B4:4F:A0:E0:04:79:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913C928/77F546EC2A4311EB89923753C4F9AE02/a7IptQZEL6BIpPedPLRPoOAEeUE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a7IptQZEL6BIpPedPLRPoOAEeUE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C928/77F546EC2A4311EB89923753C4F9AE02/08D6D5122A4511EBA2903755C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.158.232.0/23
                IPv6:
                  2001:df5:6980::/48

    Signature Algorithm: sha256WithRSAEncryption
         0f:47:2c:6c:3b:86:47:b4:d7:bf:57:9e:c9:25:0c:c9:15:90:
         12:f3:5c:8e:75:af:d2:cf:42:35:bb:d8:ba:9e:69:c3:de:0d:
         79:77:97:d5:74:01:6e:1e:a6:ae:de:9c:6b:e8:0d:d8:47:0b:
         93:60:b9:33:62:b3:72:3b:16:9c:48:51:f9:0e:3e:4c:97:68:
         46:20:15:03:65:18:06:02:34:4e:3b:d3:7a:6c:bc:d0:96:80:
         f8:15:3a:08:40:0c:fa:42:60:b6:40:85:8b:d6:60:b7:91:62:
         6f:22:79:43:78:86:fe:b9:f3:9f:39:2a:bf:d2:ba:af:0b:1d:
         25:d7:e0:26:d9:09:23:fc:5a:2b:f3:62:16:82:63:bc:46:99:
         09:7f:ef:dd:d5:97:cf:68:0b:55:fc:7a:c2:1c:3e:ab:13:7d:
         87:ad:79:6e:35:43:8d:fe:37:20:6d:9e:90:d9:92:a3:05:a3:
         49:e7:76:3e:5d:ac:2e:69:83:fd:d0:80:e3:cf:90:99:a8:f4:
         b9:d0:96:c1:44:11:f0:74:e4:25:20:51:32:31:3a:73:a1:50:
         9e:fc:82:fd:91:21:d3:0d:c8:62:68:f8:55:25:c8:c0:96:ed:
         94:85:01:34:01:ec:45:ea:39:1e:ad:8e:04:6f:ad:ca:1a:6a:
         e9:6c:a0:66
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBkEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0M5MjgxMTAvBgNVBAUTKDZCQjIyOUI1MDY0NDJGQTA0OEE0Rjc5RDNDQjQ0RkEw
RTAwNDc5NDEwHhcNMjQwMTA0MjMyMTU0WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk3M2Q5Mi01MzI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6uSN83/ji3+Sukg08BKxvuI6LxMJosabh1IkYrigAAiKzl70gxOc4FcQERRF
wrVOeEQFn3CNE52hncCncTG1Qb+4CZ2tbNNxWx2CAigKKtJprsm2hlwcAEvrBMW0
o/9Gg5vV6b306CDkgsFWRcUDhpt2sASR+IeLJoM74V0vyUpraqGQo47lX/5J+MjI
0KU+aiyugAIE8xH1D4YgWfHA4mdCSgcaz56kSqD3Q18qYFTTPngAE5WSINk7CXOe
QkPFYaj9cKlqx/novmYivUQ8v2ukSUciNoB1FcBvhmxZCJYh9KGgRksBv9LT8OuL
TwoKTB9rtgb5VJjc+M5vIG+d6QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDV5hSEX
qBKQYyjMQG20uT3eQyegMB8GA1UdIwQYMBaAFGuyKbUGRC+gSKT3nTy0T6DgBHlB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzkyOC83N0Y1NDZFQzJB
NDMxMUVCODk5MjM3NTNDNEY5QUUwMi9hN0lwdFFaRUw2QklwUGVkUExSUG9PQUVl
VUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2E3SXB0UVpFTDZCSXBQZWRQTFJQb09BRWVVRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0M5MjgvNzdGNTQ2RUMyQTQzMTFFQjg5OTIzNzUzQzRGOUFFMDIvMDhENkQ1MTIy
QTQ1MTFFQkEyOTAzNzU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnnugwDwQCAAIwCQMHACABDfVpgDANBgkqhkiG9w0BAQsF
AAOCAQEAD0csbDuGR7TXv1eeySUMyRWQEvNcjnWv0s9CNbvYup5pw94NeXeX1XQB
bh6mrt6ca+gN2EcLk2C5M2KzcjsWnEhR+Q4+TJdoRiAVA2UYBgI0TjvTemy80JaA
+BU6CEAM+kJgtkCFi9Zgt5FibyJ5Q3iG/rnznzkqv9K6rwsdJdfgJtkJI/xaK/Ni
FoJjvEaZCX/v3dWXz2gLVfx6whw+qxN9h615bjVDjf43IG2ekNmSowWjSed2Pl2s
LmmD/dCA48+Qmaj0udCWwUQR8HTkJSBRMjE6c6FQnvyC/ZEh0w3IYmj4VSXIwJbt
lIUBNAHsReo5Hq2OBG+tyhpq6WygZg==
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:03:20 2024 by rpki-client on console-fra.rpki-client.org