Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9140467/9AA980D6F1E011EA8D4A9E32C4F9AE02/02E60C72F1E211EAA2361B34C4F9AE02.roa
File:                     02E60C72F1E211EAA2361B34C4F9AE02.roa (raw, json)
Hash identifier:          NVCXbcFvHq2CdsPgLWHDiKusyLYs2euJqKNXNgfWerU=
Subject key identifier:   63:45:D4:DD:8D:09:27:E6:80:06:7C:A8:A2:C9:9C:41:AB:DA:F7:DA
Certificate issuer:       /CN=A9140467/serialNumber=B8C32FC4D7931AD4241407306A0B996AC8C99FEB
Certificate serial:       071C
Authority key identifier: B8:C3:2F:C4:D7:93:1A:D4:24:14:07:30:6A:0B:99:6A:C8:C9:9F:EB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uMMvxNeTGtQkFAcwaguZasjJn-s.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9140467/9AA980D6F1E011EA8D4A9E32C4F9AE02/02E60C72F1E211EAA2361B34C4F9AE02.roa
Signing time:             Tue 28 May 2024 23:03:38 +0000
ROA not before:           Tue 28 May 2024 23:03:38 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     139036
IP address blocks:        103.138.190.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9140467/9AA980D6F1E011EA8D4A9E32C4F9AE02/uMMvxNeTGtQkFAcwaguZasjJn-s.crl
                          rsync://rpki.apnic.net/member_repository/A9140467/9AA980D6F1E011EA8D4A9E32C4F9AE02/uMMvxNeTGtQkFAcwaguZasjJn-s.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uMMvxNeTGtQkFAcwaguZasjJn-s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 21 Jun 2024 22:51:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1820 (0x71c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9140467/serialNumber=B8C32FC4D7931AD4241407306A0B996AC8C99FEB
        Validity
            Not Before: May 28 23:03:38 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=665662ca-4726
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:bf:0b:b4:af:4f:12:02:dd:26:be:36:94:dc:
                    1a:54:6f:2a:d3:9f:3b:11:a9:69:32:70:10:d8:44:
                    53:4a:a8:a7:5f:e9:e5:46:8a:f1:7f:e3:95:a9:24:
                    a0:c5:dc:a7:73:04:32:39:bd:ee:31:0f:1d:d8:78:
                    bb:e0:a9:97:66:84:b4:16:6a:c8:22:51:d9:18:21:
                    a8:0e:d3:6f:03:6f:5b:b0:0d:02:5e:f5:38:57:fe:
                    80:87:92:c5:ae:c9:fc:b0:8c:45:27:15:09:48:55:
                    22:9c:f1:a0:3b:61:c5:99:97:a4:2d:6f:0c:2f:30:
                    97:a6:5d:ad:a7:fc:0d:f0:74:85:71:10:63:14:23:
                    9e:12:f2:b5:da:dc:b4:62:00:13:64:af:9b:14:c6:
                    fb:c7:a6:2d:2b:50:9d:6c:a6:fe:c4:02:7f:cd:5b:
                    32:53:23:9e:43:a7:8f:32:eb:6a:73:5d:26:0e:a4:
                    ae:bf:2c:38:d5:64:e1:99:49:10:5b:05:09:05:9b:
                    9e:60:c1:3a:4d:11:b5:d8:5c:b8:c8:e3:b2:13:bd:
                    08:38:75:7d:78:83:97:cb:85:ab:6e:a2:f2:b2:06:
                    04:f5:96:df:f2:b7:a5:30:62:e5:02:fc:8d:4b:cf:
                    d8:12:75:74:af:6c:8d:4e:36:b9:3d:ab:30:6a:bb:
                    cc:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:45:D4:DD:8D:09:27:E6:80:06:7C:A8:A2:C9:9C:41:AB:DA:F7:DA
            X509v3 Authority Key Identifier:
                keyid:B8:C3:2F:C4:D7:93:1A:D4:24:14:07:30:6A:0B:99:6A:C8:C9:9F:EB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9140467/9AA980D6F1E011EA8D4A9E32C4F9AE02/uMMvxNeTGtQkFAcwaguZasjJn-s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uMMvxNeTGtQkFAcwaguZasjJn-s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9140467/9AA980D6F1E011EA8D4A9E32C4F9AE02/02E60C72F1E211EAA2361B34C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.138.190.0/23

    Signature Algorithm: sha256WithRSAEncryption
         44:48:57:0b:e0:52:73:6f:6b:26:b8:9a:4d:36:f0:59:e4:7e:
         c4:71:65:1a:ba:f5:f0:2d:ef:90:af:73:8d:f0:27:a3:c6:f4:
         75:76:4b:b2:e7:9c:d3:84:bf:6c:a9:3d:8d:60:e4:22:f6:b4:
         ef:71:5a:aa:01:3a:9c:e6:c8:48:91:4e:86:cd:91:1a:f4:d2:
         5b:47:96:84:10:f5:4a:9e:91:53:cf:48:49:61:2b:5d:0d:81:
         e5:4a:96:5d:15:4b:4f:4e:66:84:3a:b4:48:46:98:1c:99:d9:
         08:bb:b1:a1:35:90:8d:ee:fd:00:e4:2f:f7:17:6c:d8:25:ea:
         eb:46:5b:41:ad:ae:b3:08:6a:c2:22:ec:6c:f7:cd:fd:1f:8f:
         3f:72:50:f7:5e:7e:5a:e4:83:af:37:79:56:2d:24:55:d9:59:
         c8:78:94:a6:f9:c1:ad:22:74:96:df:b3:0e:21:da:9f:c7:ef:
         e6:1e:7f:b8:fe:c1:c7:d3:bd:bd:53:b6:4e:ee:d2:1f:74:db:
         3a:c4:bf:ac:e9:5c:dc:fd:13:9b:6d:9d:9c:8f:3a:44:5c:47:
         4d:90:d1:05:5b:89:96:68:3b:d9:b6:0d:85:c6:53:9d:40:7b:
         d3:bf:9c:9b:88:05:a6:c4:9d:27:38:82:43:75:6b:2d:83:82:
         41:10:e0:a9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBxwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA0NjcxMTAvBgNVBAUTKEI4QzMyRkM0RDc5MzFBRDQyNDE0MDczMDZBMEI5OTZB
QzhDOTlGRUIwHhcNMjQwNTI4MjMwMzM4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU2NjJjYS00NzI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzb8LtK9PEgLdJr42lNwaVG8q0587EalpMnAQ2ERTSqinX+nlRorxf+OVqSSg
xdyncwQyOb3uMQ8d2Hi74KmXZoS0FmrIIlHZGCGoDtNvA29bsA0CXvU4V/6Ah5LF
rsn8sIxFJxUJSFUinPGgO2HFmZekLW8MLzCXpl2tp/wN8HSFcRBjFCOeEvK12ty0
YgATZK+bFMb7x6YtK1CdbKb+xAJ/zVsyUyOeQ6ePMutqc10mDqSuvyw41WThmUkQ
WwUJBZueYME6TRG12Fy4yOOyE70IOHV9eIOXy4WrbqLysgYE9Zbf8relMGLlAvyN
S8/YEnV0r2yNTja5PaswarvMbwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGNF1N2N
CSfmgAZ8qKLJnEGr2vfaMB8GA1UdIwQYMBaAFLjDL8TXkxrUJBQHMGoLmWrIyZ/r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDQ2Ny85QUE5ODBENkYx
RTAxMUVBOEQ0QTlFMzJDNEY5QUUwMi91TU12eE5lVEd0UWtGQWN3YWd1WmFzakpu
LXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VNTXZ4TmVUR3RRa0ZBY3dhZ3VaYXNqSm4tcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA0NjcvOUFBOTgwRDZGMUUwMTFFQThENEE5RTMyQzRGOUFFMDIvMDJFNjBDNzJG
MUUyMTFFQUEyMzYxQjM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnir4wDQYJKoZIhvcNAQELBQADggEBAERIVwvgUnNvaya4
mk028FnkfsRxZRq69fAt75Cvc43wJ6PG9HV2S7LnnNOEv2ypPY1g5CL2tO9xWqoB
OpzmyEiRTobNkRr00ltHloQQ9UqekVPPSElhK10NgeVKll0VS09OZoQ6tEhGmByZ
2Qi7saE1kI3u/QDkL/cXbNgl6utGW0GtrrMIasIi7Gz3zf0fjz9yUPdeflrkg683
eVYtJFXZWch4lKb5wa0idJbfsw4h2p/H7+Yef7j+wcfTvb1Ttk7u0h902zrEv6zp
XNz9E5ttnZyPOkRcR02Q0QVbiZZoO9m2DYXGU51Ae9O/nJuIBabEnSc4gkN1ay2D
gkEQ4Kk=
-----END CERTIFICATE-----
Generated at Fri Jun 14 23:58:20 2024 by rpki-client on console-fra.rpki-client.org