Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916269D/78BF945032A111EA862BD517C4F9AE02/EDA2987A32A211EA87A1561DC4F9AE02.roa
File:                     EDA2987A32A211EA87A1561DC4F9AE02.roa (raw, json)
Hash identifier:          Rb0mrBAhcgxptwAduOv5tg/4P6wlnoF3pah8TBCeTwM=
Subject key identifier:   3C:0A:5A:04:53:ED:8E:D3:D0:F6:DE:A9:C8:A3:8A:73:C3:64:1C:68
Certificate issuer:       /CN=A916269D/serialNumber=FC3DF810BFC29BF1CFBF0AAFA56397EB9B4CAB77
Certificate serial:       0A37
Authority key identifier: FC:3D:F8:10:BF:C2:9B:F1:CF:BF:0A:AF:A5:63:97:EB:9B:4C:AB:77
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_D34EL_Cm_HPvwqvpWOX65tMq3c.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916269D/78BF945032A111EA862BD517C4F9AE02/EDA2987A32A211EA87A1561DC4F9AE02.roa
Signing time:             Wed 08 Nov 2023 20:08:41 +0000
ROA not before:           Wed 08 Nov 2023 20:08:41 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     58895
IP address blocks:        103.94.244.0/24 maxlen: 24
                          103.102.38.0/24 maxlen: 24
                          103.102.40.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A916269D/78BF945032A111EA862BD517C4F9AE02/_D34EL_Cm_HPvwqvpWOX65tMq3c.crl
                          rsync://rpki.apnic.net/member_repository/A916269D/78BF945032A111EA862BD517C4F9AE02/_D34EL_Cm_HPvwqvpWOX65tMq3c.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_D34EL_Cm_HPvwqvpWOX65tMq3c.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 20:11:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2615 (0xa37)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916269D/serialNumber=FC3DF810BFC29BF1CFBF0AAFA56397EB9B4CAB77
        Validity
            Not Before: Nov  8 20:08:41 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=654beac8-6b45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:09:55:2d:fa:75:fc:a8:49:83:04:fd:ab:9b:
                    79:61:81:c6:9d:0d:3b:d4:74:a8:fd:28:d4:cc:43:
                    f0:8c:30:8d:41:bc:81:6b:48:62:82:51:80:bf:76:
                    ec:e9:df:ef:58:3a:47:af:67:84:24:47:e2:6e:d5:
                    cf:cb:ed:74:f2:8f:0b:60:eb:c9:b8:e3:b9:bc:4b:
                    da:33:b6:15:a9:21:44:8f:44:51:a0:82:85:1d:1a:
                    70:75:f3:6a:35:6a:d9:4a:b6:17:1b:d3:c2:ea:3d:
                    b9:9a:e2:0a:39:80:eb:c7:1d:bb:65:5f:5a:53:f0:
                    6c:01:b5:3e:38:a5:4e:a0:2c:81:2e:14:3a:16:55:
                    99:e0:cc:b1:a7:40:58:a7:68:40:e5:69:f1:ad:07:
                    0c:ef:50:02:53:cc:7a:2d:1f:0c:37:4a:ac:0b:49:
                    9d:bb:36:91:83:0c:56:1c:41:3f:cd:c6:ad:05:0b:
                    dd:c6:f6:3a:3e:17:6e:e2:5c:f0:87:3a:89:e2:74:
                    19:b7:2f:03:7f:37:41:05:0a:1c:70:d7:e5:a1:97:
                    75:80:d1:5d:97:4f:7e:80:43:03:82:82:fb:a3:a9:
                    72:1d:a9:83:f5:07:94:de:af:fe:68:6e:6f:eb:fc:
                    50:07:1c:d4:e4:5a:c1:38:31:05:61:e4:61:0f:5d:
                    a0:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:0A:5A:04:53:ED:8E:D3:D0:F6:DE:A9:C8:A3:8A:73:C3:64:1C:68
            X509v3 Authority Key Identifier:
                keyid:FC:3D:F8:10:BF:C2:9B:F1:CF:BF:0A:AF:A5:63:97:EB:9B:4C:AB:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916269D/78BF945032A111EA862BD517C4F9AE02/_D34EL_Cm_HPvwqvpWOX65tMq3c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_D34EL_Cm_HPvwqvpWOX65tMq3c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916269D/78BF945032A111EA862BD517C4F9AE02/EDA2987A32A211EA87A1561DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.94.244.0/24
                  103.102.38.0/24
                  103.102.40.0/23

    Signature Algorithm: sha256WithRSAEncryption
         05:1f:b1:37:85:4c:cb:67:8f:6b:4b:37:ad:35:34:49:93:5b:
         ac:d6:93:98:e8:75:cd:2c:e2:a6:fc:65:e8:c9:3b:4b:62:69:
         01:7c:07:84:b1:8b:3e:f0:46:cc:a0:2e:3e:d8:9f:05:2c:21:
         d2:13:0c:5e:a0:a9:f7:55:00:2b:cc:3e:64:e1:f4:99:c6:54:
         e9:28:7f:f2:66:b5:5b:6c:b6:59:bb:2a:b8:84:71:0d:90:be:
         83:a0:fa:76:ee:86:8f:39:24:2a:d8:5d:6a:f2:8e:1a:ed:44:
         62:eb:24:cb:0f:c3:d7:3a:f7:5c:89:2e:9d:91:57:51:77:3f:
         06:eb:f4:f7:a3:2a:dc:ce:67:d6:89:17:48:18:25:2b:45:f9:
         8a:e3:00:65:a3:84:47:8a:2a:3b:00:55:1e:a6:a5:29:29:e8:
         66:d5:e3:24:c2:be:6c:37:67:7e:95:49:fe:cf:67:fe:a1:64:
         f9:a6:ff:e0:3c:e0:da:f2:73:fc:d5:76:7b:98:db:a9:97:03:
         f7:86:b3:c9:97:cf:15:1c:4f:33:75:96:83:a8:54:20:68:a7:
         1c:d6:8d:ae:74:aa:14:61:73:0f:22:5a:4c:fe:63:7f:e9:c3:
         8a:c5:47:a0:36:82:84:b6:b2:6d:11:fb:b8:be:5c:1f:7d:bf:
         63:0d:5a:a6
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCjcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjI2OUQxMTAvBgNVBAUTKEZDM0RGODEwQkZDMjlCRjFDRkJGMEFBRkE1NjM5N0VC
OUI0Q0FCNzcwHhcNMjMxMTA4MjAwODQxWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTRiZWFjOC02YjQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArQlVLfp1/KhJgwT9q5t5YYHGnQ071HSo/SjUzEPwjDCNQbyBa0higlGAv3bs
6d/vWDpHr2eEJEfibtXPy+108o8LYOvJuOO5vEvaM7YVqSFEj0RRoIKFHRpwdfNq
NWrZSrYXG9PC6j25muIKOYDrxx27ZV9aU/BsAbU+OKVOoCyBLhQ6FlWZ4Myxp0BY
p2hA5WnxrQcM71ACU8x6LR8MN0qsC0mduzaRgwxWHEE/zcatBQvdxvY6Phdu4lzw
hzqJ4nQZty8DfzdBBQoccNfloZd1gNFdl09+gEMDgoL7o6lyHamD9QeU3q/+aG5v
6/xQBxzU5FrBODEFYeRhD12gTwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFDwKWgRT
7Y7T0PbeqcijinPDZBxoMB8GA1UdIwQYMBaAFPw9+BC/wpvxz78Kr6Vjl+ubTKt3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjY5RC83OEJGOTQ1MDMy
QTExMUVBODYyQkQ1MTdDNEY5QUUwMi9fRDM0RUxfQ21fSFB2d3F2cFdPWDY1dE1x
M2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19EMzRFTF9DbV9IUHZ3cXZwV09YNjV0TXEzYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjI2OUQvNzhCRjk0NTAzMkExMTFFQTg2MkJENTE3QzRGOUFFMDIvRURBMjk4N0Ez
MkEyMTFFQTg3QTE1NjFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABnXvQDBABnZiYDBAFnZigwDQYJKoZIhvcNAQELBQADggEB
AAUfsTeFTMtnj2tLN601NEmTW6zWk5jodc0s4qb8ZejJO0tiaQF8B4Sxiz7wRsyg
Lj7YnwUsIdITDF6gqfdVACvMPmTh9JnGVOkof/JmtVtstlm7KriEcQ2QvoOg+nbu
ho85JCrYXWryjhrtRGLrJMsPw9c691yJLp2RV1F3Pwbr9PejKtzOZ9aJF0gYJStF
+YrjAGWjhEeKKjsAVR6mpSkp6GbV4yTCvmw3Z36VSf7PZ/6hZPmm/+A84Nryc/zV
dnuY26mXA/eGs8mXzxUcTzN1loOoVCBopxzWja50qhRhcw8iWkz+Y3/pw4rFR6A2
goS2sm0R+7i+XB99v2MNWqY=
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:24:04 2024 by rpki-client on console-fra.rpki-client.org