Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91629AA/5F0693F4E74911EEBC526F29C4F9AE02/1E347CDCE74A11EE8602742BC4F9AE02.roa
File:                     1E347CDCE74A11EE8602742BC4F9AE02.roa (raw, json)
Hash identifier:          RDRsbI0QCe3WCyYIAxbPkTT+7Ici1TKwxRZtpP0NFiU=
Subject key identifier:   22:C1:7F:E8:FA:0F:BF:64:72:68:0D:A8:43:46:0E:A2:DC:B4:68:F5
Certificate issuer:       /CN=A91629AA/serialNumber=050147B94DC9D6CBE8C0B0F1AD0C0183A6077C34
Certificate serial:       5E
Authority key identifier: 05:01:47:B9:4D:C9:D6:CB:E8:C0:B0:F1:AD:0C:01:83:A6:07:7C:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQFHuU3J1svowLDxrQwBg6YHfDQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91629AA/5F0693F4E74911EEBC526F29C4F9AE02/1E347CDCE74A11EE8602742BC4F9AE02.roa
Signing time:             Wed 11 Sep 2024 09:10:12 +0000
ROA not before:           Wed 11 Sep 2024 09:10:12 +0000
ROA not after:            Tue 30 Sep 2025 00:00:00 +0000
asID:                     131282
IP address blocks:        103.68.178.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91629AA/5F0693F4E74911EEBC526F29C4F9AE02/BQFHuU3J1svowLDxrQwBg6YHfDQ.crl
                          rsync://rpki.apnic.net/member_repository/A91629AA/5F0693F4E74911EEBC526F29C4F9AE02/BQFHuU3J1svowLDxrQwBg6YHfDQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQFHuU3J1svowLDxrQwBg6YHfDQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 94 (0x5e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91629AA/serialNumber=050147B94DC9D6CBE8C0B0F1AD0C0183A6077C34
        Validity
            Not Before: Sep 11 09:10:12 2024 GMT
            Not After : Sep 30 00:00:00 2025 GMT
        Subject: CN=66e15e73-bfee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:18:82:b0:db:98:8e:e2:48:3d:23:2c:49:c0:
                    e0:bc:35:16:f1:19:d0:fd:23:09:cb:2f:40:98:e1:
                    d0:93:9a:7e:ab:3d:a2:eb:b1:bf:b7:e1:b3:ea:e4:
                    9b:8e:e9:8b:24:f4:3a:9b:91:28:25:f0:b0:a3:21:
                    ab:3e:bb:01:b4:cd:8a:e2:93:97:de:33:6f:0b:a5:
                    97:02:7e:7f:ef:0e:29:f6:01:09:12:3f:0f:7d:6f:
                    8b:c8:5c:d3:39:30:b5:b8:06:74:ca:d9:fa:c1:73:
                    6f:bd:5d:bc:d4:9c:62:74:9e:bf:a6:a0:2a:e7:f0:
                    73:33:74:15:ef:24:33:68:38:cb:e8:40:6e:ac:70:
                    50:29:2c:a0:51:53:d5:b8:02:4f:71:d3:47:2f:78:
                    bd:ea:a2:d2:0a:8e:b9:35:0a:69:56:8f:ed:98:21:
                    f0:da:31:33:1f:3c:d5:d8:33:ad:9f:62:48:df:bd:
                    4e:3e:cf:cd:4a:ba:21:93:5e:32:12:db:ee:70:4f:
                    f6:a6:c0:b2:f1:e3:90:b9:b0:f0:9e:a6:f9:3f:66:
                    36:fe:82:8c:eb:2b:45:19:7b:18:c0:63:98:26:13:
                    1a:b2:9d:0d:22:61:43:2a:57:53:7b:81:a1:e9:87:
                    c7:36:46:6c:26:ad:06:14:84:14:98:c0:5d:75:a2:
                    1e:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:C1:7F:E8:FA:0F:BF:64:72:68:0D:A8:43:46:0E:A2:DC:B4:68:F5
            X509v3 Authority Key Identifier:
                keyid:05:01:47:B9:4D:C9:D6:CB:E8:C0:B0:F1:AD:0C:01:83:A6:07:7C:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91629AA/5F0693F4E74911EEBC526F29C4F9AE02/BQFHuU3J1svowLDxrQwBg6YHfDQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQFHuU3J1svowLDxrQwBg6YHfDQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91629AA/5F0693F4E74911EEBC526F29C4F9AE02/1E347CDCE74A11EE8602742BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.68.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:8e:46:0d:61:0f:05:d5:da:6f:65:16:ed:ef:e3:3f:91:37:
         ed:31:fd:62:34:f5:50:28:36:0c:eb:ce:6b:bb:51:c3:28:84:
         95:77:39:d0:ee:55:2c:c1:8d:93:e6:27:6c:7e:83:5f:06:cc:
         e4:09:78:a6:28:66:9e:93:7e:93:ed:fc:38:ad:19:70:1d:ec:
         32:4e:1d:fb:ed:ba:2b:99:18:6d:a9:bd:14:7f:99:c2:bf:8b:
         fa:55:4a:9e:4d:bf:e0:69:20:25:94:82:e8:74:2d:c4:90:0d:
         c4:7e:eb:77:e4:14:50:53:4e:be:35:e0:95:5d:90:01:6c:5b:
         1f:c5:78:5a:b7:21:b7:4b:ee:5f:cd:5c:d0:a2:22:d8:3f:23:
         a3:60:27:d3:1c:5e:4a:2d:59:46:e9:d4:0b:cd:3c:34:21:7a:
         e8:01:68:2b:5c:d8:2a:b6:86:39:2a:82:85:34:c1:72:32:ed:
         62:5b:03:1d:8c:ca:3a:db:2e:03:87:67:0b:21:7e:93:e7:b0:
         76:5f:77:50:11:15:d9:81:6b:1a:19:08:4e:88:59:96:fc:e4:
         27:8e:a6:7a:a5:45:95:83:e0:08:b9:20:6c:24:2e:16:c8:f5:
         e2:5d:ce:99:af:06:66:4a:48:c2:ce:db:bd:76:81:2c:26:8b:
         fa:86:d9:1a
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBXjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
MjlBQTExMC8GA1UEBRMoMDUwMTQ3Qjk0REM5RDZDQkU4QzBCMEYxQUQwQzAxODNB
NjA3N0MzNDAeFw0yNDA5MTEwOTEwMTJaFw0yNTA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZTE1ZTczLWJmZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDjGIKw25iO4kg9IyxJwOC8NRbxGdD9IwnLL0CY4dCTmn6rPaLrsb+34bPq5JuO
6Ysk9DqbkSgl8LCjIas+uwG0zYrik5feM28LpZcCfn/vDin2AQkSPw99b4vIXNM5
MLW4BnTK2frBc2+9XbzUnGJ0nr+moCrn8HMzdBXvJDNoOMvoQG6scFApLKBRU9W4
Ak9x00cveL3qotIKjrk1CmlWj+2YIfDaMTMfPNXYM62fYkjfvU4+z81KuiGTXjIS
2+5wT/amwLLx45C5sPCepvk/Zjb+gozrK0UZexjAY5gmExqynQ0iYUMqV1N7gaHp
h8c2RmwmrQYUhBSYwF11oh4lAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUIsF/6PoP
v2RyaA2oQ0YOoty0aPUwHwYDVR0jBBgwFoAUBQFHuU3J1svowLDxrQwBg6YHfDQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYyOUFBLzVGMDY5M0Y0RTc0
OTExRUVCQzUyNkYyOUM0RjlBRTAyL0JRRkh1VTNKMXN2b3dMRHhyUXdCZzZZSGZE
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQlFGSHVVM0oxc3Zvd0xEeHJRd0JnNllIZkRRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
MjlBQS81RjA2OTNGNEU3NDkxMUVFQkM1MjZGMjlDNEY5QUUwMi8xRTM0N0NEQ0U3
NEExMUVFODYwMjc0MkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdEsjANBgkqhkiG9w0BAQsFAAOCAQEAW45GDWEPBdXab2UW
7e/jP5E37TH9YjT1UCg2DOvOa7tRwyiElXc50O5VLMGNk+YnbH6DXwbM5Al4pihm
npN+k+38OK0ZcB3sMk4d++26K5kYbam9FH+Zwr+L+lVKnk2/4GkgJZSC6HQtxJAN
xH7rd+QUUFNOvjXglV2QAWxbH8V4Wrcht0vuX81c0KIi2D8jo2An0xxeSi1ZRunU
C808NCF66AFoK1zYKraGOSqChTTBcjLtYlsDHYzKOtsuA4dnCyF+k+ewdl93UBEV
2YFrGhkITohZlvzkJ46meqVFlYPgCLkgbCQuFsj14l3Oma8GZkpIws7bvXaBLCaL
+obZGg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:21:25 2024 by rpki-client on console-fra.rpki-client.org