Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913D1EA/9C932B48173A11EBA3B97E7FC4F9AE02/244B9D1874CB11EEB3C0267DC4F9AE02.roa
File:                     244B9D1874CB11EEB3C0267DC4F9AE02.roa (raw, json)
Hash identifier:          /EEOrDgvngiGPFP7Kk9nMw/8lg7ExLhK+TvT1WlGKVI=
Subject key identifier:   3D:F4:E5:7A:3E:E9:CF:F7:37:E1:CE:F1:A3:D1:7D:0C:CD:0C:57:32
Certificate issuer:       /CN=A913D1EA/serialNumber=E692C5B60B3EF1C2044439FC390AD56DC3CBCD63
Certificate serial:       065A
Authority key identifier: E6:92:C5:B6:0B:3E:F1:C2:04:44:39:FC:39:0A:D5:6D:C3:CB:CD:63
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5pLFtgs-8cIERDn8OQrVbcPLzWM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913D1EA/9C932B48173A11EBA3B97E7FC4F9AE02/244B9D1874CB11EEB3C0267DC4F9AE02.roa
Signing time:             Fri 27 Oct 2023 13:17:31 +0000
ROA not before:           Fri 27 Oct 2023 13:17:31 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     19970
IP address blocks:        61.245.10.0/24 maxlen: 24
                          61.245.11.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A913D1EA/9C932B48173A11EBA3B97E7FC4F9AE02/5pLFtgs-8cIERDn8OQrVbcPLzWM.crl
                          rsync://rpki.apnic.net/member_repository/A913D1EA/9C932B48173A11EBA3B97E7FC4F9AE02/5pLFtgs-8cIERDn8OQrVbcPLzWM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5pLFtgs-8cIERDn8OQrVbcPLzWM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 21 Jun 2024 23:34:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1626 (0x65a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913D1EA/serialNumber=E692C5B60B3EF1C2044439FC390AD56DC3CBCD63
        Validity
            Not Before: Oct 27 13:17:31 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=653bb86b-e22e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:f7:0d:55:8b:c5:e5:14:a9:ef:85:19:fb:fa:
                    1f:0a:fd:6e:6a:46:85:a6:25:21:56:a2:c8:50:f4:
                    b0:99:57:14:ff:3e:51:d4:e1:35:cc:cc:27:56:92:
                    0b:6c:af:aa:67:e1:33:3a:3f:a6:f3:a5:f4:70:a6:
                    ab:44:41:cb:07:47:44:42:db:49:ab:38:ce:1b:ee:
                    91:58:86:59:11:ee:ec:34:6d:dc:f5:2e:48:49:c2:
                    83:8d:1e:56:8c:5b:30:95:0c:fd:bd:41:a7:63:35:
                    8d:42:48:44:70:89:27:20:40:9a:4c:16:29:8d:9a:
                    69:a4:b3:03:1f:c3:03:87:f9:34:1b:f0:44:15:c5:
                    3c:03:ab:4a:18:fe:6b:64:56:c8:5e:da:ca:dc:cf:
                    9a:d8:cf:31:c3:cf:f8:60:ae:a0:b3:7c:68:36:b4:
                    8c:1d:b9:6e:0a:e1:6f:84:49:23:16:6f:d8:48:f3:
                    71:5c:5c:76:77:e4:16:43:c1:34:93:d9:5b:0d:b7:
                    6d:05:9f:3d:52:3d:8f:f5:86:29:0d:5c:cb:9b:15:
                    a2:b0:f2:1b:c4:28:7c:0e:35:6b:67:63:f1:e9:c1:
                    61:28:8b:93:3b:28:41:90:ff:98:b1:cc:ca:01:06:
                    25:95:26:24:8d:dc:b5:e4:bb:2c:fd:77:58:bc:cd:
                    0b:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:F4:E5:7A:3E:E9:CF:F7:37:E1:CE:F1:A3:D1:7D:0C:CD:0C:57:32
            X509v3 Authority Key Identifier:
                keyid:E6:92:C5:B6:0B:3E:F1:C2:04:44:39:FC:39:0A:D5:6D:C3:CB:CD:63

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913D1EA/9C932B48173A11EBA3B97E7FC4F9AE02/5pLFtgs-8cIERDn8OQrVbcPLzWM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5pLFtgs-8cIERDn8OQrVbcPLzWM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913D1EA/9C932B48173A11EBA3B97E7FC4F9AE02/244B9D1874CB11EEB3C0267DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.245.10.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7b:43:97:65:cd:07:e3:09:15:9d:aa:96:fa:f8:27:dd:97:d6:
         5c:e5:dc:80:92:8d:77:e1:8a:b6:41:d6:88:86:b9:af:e9:d4:
         c2:5d:b8:14:c6:8a:be:00:cf:99:3d:95:fb:dc:e1:93:d2:66:
         92:80:3d:8f:28:9e:bd:b9:e5:5d:c3:2f:ca:8c:1f:14:28:cf:
         9d:de:76:82:e6:4d:86:bc:52:ae:3d:74:54:53:cb:7e:22:8e:
         bb:7c:28:e2:1d:36:a4:4d:83:f0:ec:e6:a5:78:48:18:2d:a1:
         83:77:c7:c0:eb:8a:31:bd:a8:13:2a:48:39:ae:53:15:36:a3:
         be:65:47:47:cf:3a:04:62:14:3c:99:71:28:0a:ce:bd:43:c9:
         7d:eb:3c:2b:0e:bb:85:8b:7f:db:57:b8:48:5a:03:1d:58:a8:
         6a:b3:f5:6f:e9:a6:88:9d:d1:ba:08:ba:8f:64:41:79:bc:24:
         1f:4f:fc:35:97:66:e1:ad:f1:29:c4:6c:6a:f1:27:f0:33:b1:
         d9:6f:e5:48:7a:ba:7d:11:9f:5a:81:23:ab:d2:1d:2c:a3:60:
         e1:6d:f3:8c:bb:e9:d8:a4:b6:ea:da:57:73:72:bc:ef:a4:dd:
         f6:2b:ce:9a:73:d5:78:cc:5a:8c:e4:69:eb:dd:82:9f:7d:e3:
         56:fe:d5:27
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBlowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0QxRUExMTAvBgNVBAUTKEU2OTJDNUI2MEIzRUYxQzIwNDQ0MzlGQzM5MEFENTZE
QzNDQkNENjMwHhcNMjMxMDI3MTMxNzMxWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTNiYjg2Yi1lMjJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv/cNVYvF5RSp74UZ+/ofCv1uakaFpiUhVqLIUPSwmVcU/z5R1OE1zMwnVpIL
bK+qZ+EzOj+m86X0cKarREHLB0dEQttJqzjOG+6RWIZZEe7sNG3c9S5IScKDjR5W
jFswlQz9vUGnYzWNQkhEcIknIECaTBYpjZpppLMDH8MDh/k0G/BEFcU8A6tKGP5r
ZFbIXtrK3M+a2M8xw8/4YK6gs3xoNrSMHbluCuFvhEkjFm/YSPNxXFx2d+QWQ8E0
k9lbDbdtBZ89Uj2P9YYpDVzLmxWisPIbxCh8DjVrZ2Px6cFhKIuTOyhBkP+YsczK
AQYllSYkjdy15Lss/XdYvM0L4wIDAQABo4IClTCCApEwHQYDVR0OBBYEFD305Xo+
6c/3N+HO8aPRfQzNDFcyMB8GA1UdIwQYMBaAFOaSxbYLPvHCBEQ5/DkK1W3Dy81j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRDFFQS85QzkzMkI0ODE3
M0ExMUVCQTNCOTdFN0ZDNEY5QUUwMi81cExGdGdzLThjSUVSRG44T1FyVmJjUEx6
V00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVwTEZ0Z3MtOGNJRVJEbjhPUXJWYmNQTHpXTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0QxRUEvOUM5MzJCNDgxNzNBMTFFQkEzQjk3RTdGQzRGOUFFMDIvMjQ0QjlEMTg3
NENCMTFFRUIzQzAyNjdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAE99QowDQYJKoZIhvcNAQELBQADggEBAHtDl2XNB+MJFZ2q
lvr4J92X1lzl3ICSjXfhirZB1oiGua/p1MJduBTGir4Az5k9lfvc4ZPSZpKAPY8o
nr255V3DL8qMHxQoz53edoLmTYa8Uq49dFRTy34ijrt8KOIdNqRNg/Ds5qV4SBgt
oYN3x8DrijG9qBMqSDmuUxU2o75lR0fPOgRiFDyZcSgKzr1DyX3rPCsOu4WLf9tX
uEhaAx1YqGqz9W/ppoid0boIuo9kQXm8JB9P/DWXZuGt8SnEbGrxJ/Azsdlv5Uh6
un0Rn1qBI6vSHSyjYOFt84y76dikturaV3NyvO+k3fYrzppz1XjMWozkaevdgp99
41b+1Sc=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:03:20 2024 by rpki-client on console-fra.rpki-client.org