Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9156255/9162084C507311ED9B8C142DC4F9AE02/5637146C507611EDB59D9E2EC4F9AE02.roa
File:                     5637146C507611EDB59D9E2EC4F9AE02.roa (raw, json)
Hash identifier:          OY0zr2n6spxnIHGbL3oStlwDmEG60mOZ/pJc1RRwfOk=
Subject key identifier:   1F:27:DC:2D:89:C1:87:DD:D1:62:21:FE:7A:60:FE:7B:0D:6E:6C:C4
Certificate issuer:       /CN=A9156255/serialNumber=5F6C8FA3A658740231B2C4B13481BE11500ADC76
Certificate serial:       C9
Authority key identifier: 5F:6C:8F:A3:A6:58:74:02:31:B2:C4:B1:34:81:BE:11:50:0A:DC:76
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2yPo6ZYdAIxssSxNIG-EVAK3HY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9156255/9162084C507311ED9B8C142DC4F9AE02/5637146C507611EDB59D9E2EC4F9AE02.roa
Signing time:             Tue 07 Nov 2023 05:16:55 +0000
ROA not before:           Tue 07 Nov 2023 05:16:55 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     142420
IP address blocks:        103.12.96.0/23 maxlen: 23
                          2001:df1:69c0::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9156255/9162084C507311ED9B8C142DC4F9AE02/X2yPo6ZYdAIxssSxNIG-EVAK3HY.crl
                          rsync://rpki.apnic.net/member_repository/A9156255/9162084C507311ED9B8C142DC4F9AE02/X2yPo6ZYdAIxssSxNIG-EVAK3HY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2yPo6ZYdAIxssSxNIG-EVAK3HY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 24 Jun 2024 05:22:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 201 (0xc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9156255/serialNumber=5F6C8FA3A658740231B2C4B13481BE11500ADC76
        Validity
            Not Before: Nov  7 05:16:55 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=6549c846-4ae7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:df:a5:bc:38:02:2a:4e:df:02:fa:d9:27:60:
                    4e:4e:2b:50:29:34:07:40:74:fa:e9:81:49:08:47:
                    c2:23:54:a0:7b:84:40:46:5d:f1:70:65:a5:12:21:
                    7d:2a:82:60:85:df:40:5d:69:b7:d7:88:b4:96:c9:
                    a2:68:f1:af:b2:18:e2:2d:77:dc:5b:5e:81:bf:be:
                    ee:17:a3:4a:68:1b:07:57:3e:c9:1a:50:b3:f6:b8:
                    c6:f1:a9:1e:36:82:a2:fb:81:1d:ad:7e:d2:57:49:
                    21:1e:79:57:57:0c:2c:f5:a3:27:ed:24:46:56:ba:
                    7f:93:71:2b:a6:b4:c9:83:95:82:51:c8:31:1d:ae:
                    b4:ac:10:18:77:4b:31:df:aa:1d:24:7e:c2:14:6b:
                    10:31:72:e0:5a:1b:15:8d:9a:53:71:1c:d8:04:66:
                    c4:aa:73:94:a0:ad:29:60:4f:9a:27:c0:af:8b:6d:
                    17:e6:38:1d:3e:24:2f:52:42:3b:d7:b4:06:58:c5:
                    d1:36:a1:e2:6a:19:db:38:a6:fe:3c:c0:46:8f:da:
                    5d:c4:42:49:43:f4:79:7d:d1:7d:81:fb:a4:21:29:
                    10:ff:66:df:a6:bb:b1:2a:31:f0:4f:ef:44:86:c9:
                    70:9f:bf:0f:55:c1:77:aa:ff:8e:71:8a:4a:df:5e:
                    c4:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:27:DC:2D:89:C1:87:DD:D1:62:21:FE:7A:60:FE:7B:0D:6E:6C:C4
            X509v3 Authority Key Identifier:
                keyid:5F:6C:8F:A3:A6:58:74:02:31:B2:C4:B1:34:81:BE:11:50:0A:DC:76

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9156255/9162084C507311ED9B8C142DC4F9AE02/X2yPo6ZYdAIxssSxNIG-EVAK3HY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2yPo6ZYdAIxssSxNIG-EVAK3HY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156255/9162084C507311ED9B8C142DC4F9AE02/5637146C507611EDB59D9E2EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.12.96.0/23
                IPv6:
                  2001:df1:69c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         5f:bf:52:de:68:1b:2c:d1:70:51:85:4b:b0:d8:93:a9:5c:29:
         dd:0d:a9:d7:84:8f:bb:07:89:22:99:30:4b:42:d5:ec:0b:46:
         6e:ec:e4:69:25:97:9d:a6:23:55:8a:5c:44:22:ce:c4:ed:27:
         05:3b:8d:ee:52:b0:80:76:75:80:f4:a7:31:a5:19:31:a9:46:
         02:22:4e:6b:cc:ea:72:1b:98:62:08:3b:bc:7c:4b:17:5b:9e:
         57:40:df:63:30:7a:55:fa:5c:3a:27:4c:70:88:0b:3b:ff:b5:
         6d:85:fd:70:b8:ac:93:84:9c:8e:a8:94:67:74:68:67:00:cf:
         a2:85:74:98:2b:c1:b4:80:60:36:ae:a6:fc:12:67:1d:94:71:
         e8:15:b9:70:51:df:af:7c:13:e9:8f:b1:61:f2:2d:25:ec:9a:
         52:fe:b7:73:db:f4:3c:23:42:4e:a0:62:d1:63:de:59:2b:a0:
         67:12:a3:e0:b2:5f:c0:e9:16:d7:75:a2:20:a1:e6:60:e4:21:
         37:99:6b:d0:2e:d0:4f:71:f7:15:08:1b:20:2c:2d:bd:db:1f:
         d2:a1:f8:11:42:91:df:18:c8:da:4a:99:6d:dc:12:ea:46:dd:
         be:43:3d:f1:36:88:a5:a7:31:25:c1:67:ba:01:cf:3f:76:41:
         74:74:0b:b9
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTYyNTUxMTAvBgNVBAUTKDVGNkM4RkEzQTY1ODc0MDIzMUIyQzRCMTM0ODFCRTEx
NTAwQURDNzYwHhcNMjMxMTA3MDUxNjU1WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ5Yzg0Ni00YWU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArt+lvDgCKk7fAvrZJ2BOTitQKTQHQHT66YFJCEfCI1Sge4RARl3xcGWlEiF9
KoJghd9AXWm314i0lsmiaPGvshjiLXfcW16Bv77uF6NKaBsHVz7JGlCz9rjG8ake
NoKi+4EdrX7SV0khHnlXVwws9aMn7SRGVrp/k3ErprTJg5WCUcgxHa60rBAYd0sx
36odJH7CFGsQMXLgWhsVjZpTcRzYBGbEqnOUoK0pYE+aJ8Cvi20X5jgdPiQvUkI7
17QGWMXRNqHiahnbOKb+PMBGj9pdxEJJQ/R5fdF9gfukISkQ/2bfpruxKjHwT+9E
hslwn78PVcF3qv+OcYpK317E4QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFB8n3C2J
wYfd0WIh/npg/nsNbmzEMB8GA1UdIwQYMBaAFF9sj6OmWHQCMbLEsTSBvhFQCtx2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjI1NS85MTYyMDg0QzUw
NzMxMUVEOUI4QzE0MkRDNEY5QUUwMi9YMnlQbzZaWWRBSXhzc1N4TklHLUVWQUsz
SFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1gyeVBvNlpZZEFJeHNzU3hOSUctRVZBSzNIWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTYyNTUvOTE2MjA4NEM1MDczMTFFRDlCOEMxNDJEQzRGOUFFMDIvNTYzNzE0NkM1
MDc2MTFFREI1OUQ5RTJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnDGAwDwQCAAIwCQMHACABDfFpwDANBgkqhkiG9w0BAQsF
AAOCAQEAX79S3mgbLNFwUYVLsNiTqVwp3Q2p14SPuweJIpkwS0LV7AtGbuzkaSWX
naYjVYpcRCLOxO0nBTuN7lKwgHZ1gPSnMaUZMalGAiJOa8zqchuYYgg7vHxLF1ue
V0DfYzB6VfpcOidMcIgLO/+1bYX9cLisk4ScjqiUZ3RoZwDPooV0mCvBtIBgNq6m
/BJnHZRx6BW5cFHfr3wT6Y+xYfItJeyaUv63c9v0PCNCTqBi0WPeWSugZxKj4LJf
wOkW13WiIKHmYOQhN5lr0C7QT3H3FQgbICwtvdsf0qH4EUKR3xjI2kqZbdwS6kbd
vkM98TaIpacxJcFnugHPP3ZBdHQLuQ==
-----END CERTIFICATE-----
Generated at Mon Jun 17 08:43:15 2024 by rpki-client on console-ams.rpki-client.org