Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A914781A/4EEC5B7EA6B411E8B43A1467C4F9AE02/E53A0A54450911EBBA450A64C4F9AE02.roa
File:                     E53A0A54450911EBBA450A64C4F9AE02.roa (raw, json)
Hash identifier:          aKhRdtJmaNOhR8gGmXyz52Y12otJGS1izbDkyoRgHFs=
Subject key identifier:   3D:AC:2E:7A:E2:02:DA:19:4C:EF:D6:EA:0D:00:7F:D0:F4:E4:C4:BC
Certificate issuer:       /CN=A914781A/serialNumber=59314703092845FCBD0BFBAEEF87D83FC66ED1D7
Certificate serial:       127B
Authority key identifier: 59:31:47:03:09:28:45:FC:BD:0B:FB:AE:EF:87:D8:3F:C6:6E:D1:D7
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WTFHAwkoRfy9C_uu74fYP8Zu0dc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914781A/4EEC5B7EA6B411E8B43A1467C4F9AE02/E53A0A54450911EBBA450A64C4F9AE02.roa
Signing time:             Sat 02 Mar 2024 15:20:53 +0000
ROA not before:           Sat 02 Mar 2024 15:20:53 +0000
ROA not after:            Thu 01 May 2025 00:00:00 +0000
asID:                     141180
IP address blocks:        167.179.255.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914781A/4EEC5B7EA6B411E8B43A1467C4F9AE02/WTFHAwkoRfy9C_uu74fYP8Zu0dc.crl
                          rsync://rpki.apnic.net/member_repository/A914781A/4EEC5B7EA6B411E8B43A1467C4F9AE02/WTFHAwkoRfy9C_uu74fYP8Zu0dc.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WTFHAwkoRfy9C_uu74fYP8Zu0dc.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 21 Jun 2024 15:09:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4731 (0x127b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914781A/serialNumber=59314703092845FCBD0BFBAEEF87D83FC66ED1D7
        Validity
            Not Before: Mar  2 15:20:53 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=65e343d5-9665
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:b9:d4:bc:bd:32:e5:52:0a:d6:62:5e:fa:77:
                    0d:56:6e:b8:cc:bc:85:71:60:00:c6:a6:3b:33:bf:
                    ba:93:9d:80:89:d1:21:31:63:fb:8c:bb:91:73:72:
                    74:74:cc:5b:7f:9d:87:cc:8e:7c:a2:1d:c3:5d:7e:
                    31:51:e5:6c:33:9e:01:92:7e:6a:2c:d1:29:48:e1:
                    a2:01:6e:2b:b9:9b:01:45:91:95:fc:fd:f7:2c:3b:
                    d3:93:4d:d0:b5:bc:5f:63:79:82:90:8f:d5:5e:11:
                    a0:c6:0b:3d:57:1c:9d:88:ca:44:ca:41:8d:43:29:
                    78:01:d7:66:3d:0e:f4:da:ad:aa:22:44:f7:31:5e:
                    9b:f1:3b:a0:a4:d3:5c:12:bf:2b:0d:b7:7e:31:00:
                    a2:22:fa:5b:6b:97:77:5d:6a:69:af:82:23:51:3d:
                    f2:bb:fe:fc:73:ea:64:d5:df:5b:40:e0:21:95:4f:
                    a3:49:5d:4f:0f:d6:91:65:ea:fe:aa:7b:f3:62:f2:
                    cc:69:68:3d:84:d9:d1:da:d0:53:48:46:52:37:ab:
                    06:8b:41:1b:82:f7:36:88:0a:9f:72:1b:1f:17:b7:
                    d1:97:e6:a0:e7:28:5c:e9:36:bf:2c:61:b7:d9:9f:
                    91:08:00:57:56:0a:b6:d8:9b:1b:71:27:59:3a:91:
                    88:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:AC:2E:7A:E2:02:DA:19:4C:EF:D6:EA:0D:00:7F:D0:F4:E4:C4:BC
            X509v3 Authority Key Identifier:
                keyid:59:31:47:03:09:28:45:FC:BD:0B:FB:AE:EF:87:D8:3F:C6:6E:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914781A/4EEC5B7EA6B411E8B43A1467C4F9AE02/WTFHAwkoRfy9C_uu74fYP8Zu0dc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WTFHAwkoRfy9C_uu74fYP8Zu0dc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914781A/4EEC5B7EA6B411E8B43A1467C4F9AE02/E53A0A54450911EBBA450A64C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.179.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:96:88:ad:e2:3b:c1:78:bf:77:94:cc:67:c0:eb:c3:db:2b:
         ab:41:6d:e7:02:66:fe:5b:7d:38:d8:dc:bf:14:2d:f7:db:8f:
         8e:a5:ff:ef:ae:aa:9f:a3:9f:3a:5c:a4:05:54:52:d2:cb:dc:
         63:24:77:04:cb:ce:61:a2:ae:84:ab:7c:e4:7f:63:c9:c7:59:
         f9:ef:27:b2:5c:a5:ec:e9:50:6b:63:ba:9d:89:14:f4:49:c5:
         ba:4c:f9:a9:05:ab:58:81:ce:2e:48:bf:17:ae:5c:b8:14:10:
         9e:e3:47:2c:87:08:97:36:ed:7f:28:56:eb:81:6e:45:6f:ae:
         17:16:e2:c0:de:23:a3:44:19:de:bc:b0:78:d0:ca:f8:18:cd:
         9e:28:ae:44:c1:44:1d:0d:a8:4e:52:2b:b2:bb:64:b6:08:b8:
         f6:4e:ee:51:10:fa:df:19:99:55:1b:52:7f:5a:94:04:c7:28:
         90:0b:88:81:5a:da:03:ab:c8:31:40:4d:43:ef:8c:4f:14:fb:
         e0:9b:31:66:a1:fe:99:71:e0:a5:a7:95:ed:f5:7b:8b:e4:b0:
         47:d6:2a:d3:c9:06:a5:1f:12:77:cf:b3:53:88:6c:d7:0c:e8:
         c0:00:99:bd:81:46:f1:40:25:34:af:fe:2f:57:2c:4a:5d:2c:
         13:44:e8:20
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICEnswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDc4MUExMTAvBgNVBAUTKDU5MzE0NzAzMDkyODQ1RkNCRDBCRkJBRUVGODdEODNG
QzY2RUQxRDcwHhcNMjQwMzAyMTUyMDUzWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUzNDNkNS05NjY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvLnUvL0y5VIK1mJe+ncNVm64zLyFcWAAxqY7M7+6k52AidEhMWP7jLuRc3J0
dMxbf52HzI58oh3DXX4xUeVsM54Bkn5qLNEpSOGiAW4ruZsBRZGV/P33LDvTk03Q
tbxfY3mCkI/VXhGgxgs9VxydiMpEykGNQyl4AddmPQ702q2qIkT3MV6b8TugpNNc
Er8rDbd+MQCiIvpba5d3XWppr4IjUT3yu/78c+pk1d9bQOAhlU+jSV1PD9aRZer+
qnvzYvLMaWg9hNnR2tBTSEZSN6sGi0Ebgvc2iAqfchsfF7fRl+ag5yhc6Ta/LGG3
2Z+RCABXVgq22JsbcSdZOpGIswIDAQABo4IClTCCApEwHQYDVR0OBBYEFD2sLnri
AtoZTO/W6g0Af9D05MS8MB8GA1UdIwQYMBaAFFkxRwMJKEX8vQv7ru+H2D/GbtHX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzgxQS80RUVDNUI3RUE2
QjQxMUU4QjQzQTE0NjdDNEY5QUUwMi9XVEZIQXdrb1JmeTlDX3V1NzRmWVA4WnUw
ZGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1dURkhBd2tvUmZ5OUNfdXU3NGZZUDhadTBkYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDc4MUEvNEVFQzVCN0VBNkI0MTFFOEI0M0ExNDY3QzRGOUFFMDIvRTUzQTBBNTQ0
NTA5MTFFQkJBNDUwQTY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACns/8wDQYJKoZIhvcNAQELBQADggEBAJ+WiK3iO8F4v3eU
zGfA68PbK6tBbecCZv5bfTjY3L8ULffbj46l/++uqp+jnzpcpAVUUtLL3GMkdwTL
zmGiroSrfOR/Y8nHWfnvJ7JcpezpUGtjup2JFPRJxbpM+akFq1iBzi5IvxeuXLgU
EJ7jRyyHCJc27X8oVuuBbkVvrhcW4sDeI6NEGd68sHjQyvgYzZ4orkTBRB0NqE5S
K7K7ZLYIuPZO7lEQ+t8ZmVUbUn9alATHKJALiIFa2gOryDFATUPvjE8U++CbMWah
/plx4KWnle31e4vksEfWKtPJBqUfEnfPs1OIbNcM6MAAmb2BRvFAJTSv/i9XLEpd
LBNE6CA=
-----END CERTIFICATE-----
Generated at Fri Jun 14 19:09:20 2024 by rpki-client on console-ams.rpki-client.org