Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913EBFD/F7CE629A3A8E11EA80AF0E31C4F9AE02/B6EF8F5E3A9011EA957A6A34C4F9AE02.roa
File:                     B6EF8F5E3A9011EA957A6A34C4F9AE02.roa (raw, json)
Hash identifier:          ZETQhfk0Fp5f1qtcEW8kFkPD0k4F7OEMuFNGP6BOOho=
Subject key identifier:   34:A3:40:F4:D7:24:08:32:72:AA:8E:EB:A4:D2:E3:4C:2D:EC:BE:C3
Certificate issuer:       /CN=A913EBFD/serialNumber=B140AF04919B4513825A6EA57E1AB9E54379E3C8
Certificate serial:       0A43
Authority key identifier: B1:40:AF:04:91:9B:45:13:82:5A:6E:A5:7E:1A:B9:E5:43:79:E3:C8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sUCvBJGbRROCWm6lfhq55UN548g.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913EBFD/F7CE629A3A8E11EA80AF0E31C4F9AE02/B6EF8F5E3A9011EA957A6A34C4F9AE02.roa
Signing time:             Mon 12 Feb 2024 20:18:15 +0000
ROA not before:           Mon 12 Feb 2024 20:18:15 +0000
ROA not after:            Mon 31 Mar 2025 00:00:00 +0000
asID:                     138550
IP address blocks:        103.132.184.0/24 maxlen: 24
                          103.148.250.0/24 maxlen: 24
                          2001:df7:8300::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A913EBFD/F7CE629A3A8E11EA80AF0E31C4F9AE02/sUCvBJGbRROCWm6lfhq55UN548g.crl
                          rsync://rpki.apnic.net/member_repository/A913EBFD/F7CE629A3A8E11EA80AF0E31C4F9AE02/sUCvBJGbRROCWm6lfhq55UN548g.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sUCvBJGbRROCWm6lfhq55UN548g.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 20:06:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2627 (0xa43)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913EBFD/serialNumber=B140AF04919B4513825A6EA57E1AB9E54379E3C8
        Validity
            Not Before: Feb 12 20:18:15 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=65ca7d07-075d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:36:63:36:59:1a:b3:de:39:83:11:9f:17:60:
                    59:81:2a:91:a9:02:13:1f:65:1d:76:d9:e6:5f:93:
                    79:30:11:db:b7:80:21:5f:bd:9d:e4:df:2a:af:74:
                    92:e9:7d:3e:09:30:89:f3:0d:15:53:fc:2f:29:cc:
                    2e:55:ae:92:85:25:5e:82:3d:6c:46:8a:ff:91:3b:
                    a8:21:58:2b:92:34:c7:9e:79:c8:d8:23:bc:23:c4:
                    eb:61:4f:16:5a:de:ae:5e:d3:a6:87:6b:cd:98:3c:
                    a2:b7:d8:54:18:4e:f1:b4:87:7f:10:ed:df:3f:f9:
                    d1:7e:d2:d1:95:09:3b:66:ec:4d:5a:37:95:28:c5:
                    10:71:3b:d9:45:92:b8:06:44:f6:ac:fe:a9:fc:c9:
                    d4:25:cf:a9:19:dd:b0:44:05:27:e0:ce:98:4d:71:
                    8d:a4:ef:d9:da:aa:45:79:33:91:74:4b:a7:39:24:
                    7f:5b:e7:aa:f5:25:e1:40:7e:d3:cf:20:13:f3:ba:
                    29:74:75:ab:34:35:c7:65:6e:a5:b6:8e:21:86:9a:
                    ea:ac:cf:ca:8f:eb:07:ee:5d:5a:19:6e:85:0b:a9:
                    be:27:6b:f3:fb:cf:69:b9:2f:b8:3a:78:45:99:62:
                    c6:a8:45:bc:9e:04:fc:60:74:de:1e:25:39:e3:42:
                    22:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:A3:40:F4:D7:24:08:32:72:AA:8E:EB:A4:D2:E3:4C:2D:EC:BE:C3
            X509v3 Authority Key Identifier:
                keyid:B1:40:AF:04:91:9B:45:13:82:5A:6E:A5:7E:1A:B9:E5:43:79:E3:C8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913EBFD/F7CE629A3A8E11EA80AF0E31C4F9AE02/sUCvBJGbRROCWm6lfhq55UN548g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sUCvBJGbRROCWm6lfhq55UN548g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913EBFD/F7CE629A3A8E11EA80AF0E31C4F9AE02/B6EF8F5E3A9011EA957A6A34C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.132.184.0/24
                  103.148.250.0/24
                IPv6:
                  2001:df7:8300::/48

    Signature Algorithm: sha256WithRSAEncryption
         61:5d:27:db:3a:40:1d:a6:88:e0:ef:a6:ac:7c:2d:b9:c6:1e:
         10:ed:fe:30:2b:7f:c8:d5:fd:4f:6a:68:42:cd:9f:f8:ee:a7:
         99:61:e3:d6:57:32:2d:64:69:48:99:d2:51:3f:bf:23:06:55:
         a6:e3:ca:fa:34:26:6d:eb:a8:62:48:56:68:59:85:6e:8b:7e:
         5c:dd:18:63:a5:ef:9f:07:0b:80:36:95:b3:70:dd:3b:e8:ca:
         72:63:e9:2e:a9:40:d0:c5:5f:f9:03:68:b9:d0:42:e6:65:75:
         df:98:e8:d5:cd:38:93:40:8e:84:2a:0e:7b:a4:2b:43:5b:5d:
         06:5b:1f:d3:c0:b0:c7:6e:0f:13:35:35:e0:30:b4:b3:03:89:
         86:99:28:20:04:4e:b0:b1:76:db:a7:17:93:de:b9:d9:6c:ac:
         6a:59:0e:c6:6e:83:30:12:0f:33:43:96:40:1e:53:db:d1:4b:
         65:ee:06:a8:8a:d6:f7:7b:ce:f5:03:33:1f:16:77:71:89:31:
         bd:9d:6b:00:ca:8b:c1:28:74:16:90:9d:8f:c7:47:8f:4e:22:
         28:af:12:ad:bf:19:bf:b7:53:ef:5f:ad:8a:d7:0d:1b:e7:ce:
         2d:11:bf:0c:42:d5:28:92:c8:cf:ad:b8:d1:b6:bf:27:38:38:
         b0:32:89:92
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICCkMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0VCRkQxMTAvBgNVBAUTKEIxNDBBRjA0OTE5QjQ1MTM4MjVBNkVBNTdFMUFCOUU1
NDM3OUUzQzgwHhcNMjQwMjEyMjAxODE1WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWNhN2QwNy0wNzVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnDZjNlkas945gxGfF2BZgSqRqQITH2UddtnmX5N5MBHbt4AhX72d5N8qr3SS
6X0+CTCJ8w0VU/wvKcwuVa6ShSVegj1sRor/kTuoIVgrkjTHnnnI2CO8I8TrYU8W
Wt6uXtOmh2vNmDyit9hUGE7xtId/EO3fP/nRftLRlQk7ZuxNWjeVKMUQcTvZRZK4
BkT2rP6p/MnUJc+pGd2wRAUn4M6YTXGNpO/Z2qpFeTORdEunOSR/W+eq9SXhQH7T
zyAT87opdHWrNDXHZW6lto4hhprqrM/Kj+sH7l1aGW6FC6m+J2vz+89puS+4OnhF
mWLGqEW8ngT8YHTeHiU540IiuQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFDSjQPTX
JAgycqqO66TS40wt7L7DMB8GA1UdIwQYMBaAFLFArwSRm0UTglpupX4aueVDeePI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRUJGRC9GN0NFNjI5QTNB
OEUxMUVBODBBRjBFMzFDNEY5QUUwMi9zVUN2QkpHYlJST0NXbTZsZmhxNTVVTjU0
OGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NVQ3ZCSkdiUlJPQ1dtNmxmaHE1NVVONTQ4Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0VCRkQvRjdDRTYyOUEzQThFMTFFQTgwQUYwRTMxQzRGOUFFMDIvQjZFRjhGNUUz
QTkwMTFFQTk1N0E2QTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBABnhLgDBABnlPowDwQCAAIwCQMHACABDfeDADANBgkqhkiG
9w0BAQsFAAOCAQEAYV0n2zpAHaaI4O+mrHwtucYeEO3+MCt/yNX9T2poQs2f+O6n
mWHj1lcyLWRpSJnSUT+/IwZVpuPK+jQmbeuoYkhWaFmFbot+XN0YY6XvnwcLgDaV
s3DdO+jKcmPpLqlA0MVf+QNoudBC5mV135jo1c04k0COhCoOe6QrQ1tdBlsf08Cw
x24PEzU14DC0swOJhpkoIAROsLF226cXk9652WysalkOxm6DMBIPM0OWQB5T29FL
Ze4GqIrW93vO9QMzHxZ3cYkxvZ1rAMqLwSh0FpCdj8dHj04iKK8Srb8Zv7dT71+t
itcNG+fOLRG/DELVKJLIz6240ba/Jzg4sDKJkg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 23:13:00 2024 by rpki-client on console-ams.rpki-client.org