Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9165456/2378E0805EE511EAAA52DE47C4F9AE02/5A15EA040D7A11EB9D346C48C4F9AE02.roa
File:                     5A15EA040D7A11EB9D346C48C4F9AE02.roa (raw, json)
Hash identifier:          9fqzd3vvP8c0S6SsCwgCIrhZmr97quNpOsKxeDvdK6A=
Subject key identifier:   2A:EB:0F:A4:3E:50:1B:54:D0:1B:23:D3:1A:02:CD:AC:E8:64:E8:90
Certificate issuer:       /CN=A9165456/serialNumber=2CE11008D2E03FEB3E637AD4F7E7272EDC60D53B
Certificate serial:       0933
Authority key identifier: 2C:E1:10:08:D2:E0:3F:EB:3E:63:7A:D4:F7:E7:27:2E:DC:60:D5:3B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LOEQCNLgP-s-Y3rU9-cnLtxg1Ts.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9165456/2378E0805EE511EAAA52DE47C4F9AE02/5A15EA040D7A11EB9D346C48C4F9AE02.roa
Signing time:             Sat 12 Aug 2023 20:37:31 +0000
ROA not before:           Sat 12 Aug 2023 20:37:31 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     139190
IP address blocks:        2404:f340:4000::/34 maxlen: 34

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9165456/2378E0805EE511EAAA52DE47C4F9AE02/LOEQCNLgP-s-Y3rU9-cnLtxg1Ts.crl
                          rsync://rpki.apnic.net/member_repository/A9165456/2378E0805EE511EAAA52DE47C4F9AE02/LOEQCNLgP-s-Y3rU9-cnLtxg1Ts.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LOEQCNLgP-s-Y3rU9-cnLtxg1Ts.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 21 Jun 2024 20:56:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2355 (0x933)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9165456/serialNumber=2CE11008D2E03FEB3E637AD4F7E7272EDC60D53B
        Validity
            Not Before: Aug 12 20:37:31 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=64d7ed8a-d318
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:d6:1f:c5:e1:02:00:8e:31:ba:7f:70:b6:29:
                    d8:88:88:3c:6a:42:99:92:6e:fe:e2:ba:9a:59:c3:
                    16:92:6d:3c:2d:ff:dc:70:65:8f:b6:b1:b2:76:3f:
                    ab:ee:69:0f:66:c3:33:ea:7e:09:49:9c:6d:9c:79:
                    48:09:7d:bb:1f:d7:43:b5:81:a3:b1:f0:fe:f9:42:
                    e0:8b:46:86:23:c2:25:79:89:a1:09:de:f5:5d:d2:
                    00:43:bf:68:e5:52:f6:d4:ac:d0:88:d8:dc:e6:ae:
                    1a:7d:e0:83:08:21:3e:10:7d:b3:b5:62:b4:b3:9c:
                    ee:63:b8:ef:45:02:5a:1f:0b:61:25:67:c7:e0:da:
                    1c:dd:5e:96:51:7e:6c:61:c7:96:47:27:db:81:c2:
                    4e:09:df:23:74:c0:3f:aa:6a:5b:ab:62:56:0c:c7:
                    7b:eb:cf:d3:9c:9b:c8:ef:ab:8e:15:16:d8:81:cc:
                    11:35:67:50:a3:9f:ef:3e:35:e3:fa:dd:f7:20:f7:
                    a6:e8:10:fa:07:10:5f:03:22:b7:02:09:5b:c3:a3:
                    2d:16:f9:30:f7:30:79:35:ae:74:90:74:26:b1:2b:
                    79:4b:d4:ae:99:05:d0:18:f6:ec:19:ed:f7:a9:81:
                    16:db:23:28:40:2a:65:db:98:51:7c:89:9c:fa:55:
                    8e:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:EB:0F:A4:3E:50:1B:54:D0:1B:23:D3:1A:02:CD:AC:E8:64:E8:90
            X509v3 Authority Key Identifier:
                keyid:2C:E1:10:08:D2:E0:3F:EB:3E:63:7A:D4:F7:E7:27:2E:DC:60:D5:3B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9165456/2378E0805EE511EAAA52DE47C4F9AE02/LOEQCNLgP-s-Y3rU9-cnLtxg1Ts.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LOEQCNLgP-s-Y3rU9-cnLtxg1Ts.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165456/2378E0805EE511EAAA52DE47C4F9AE02/5A15EA040D7A11EB9D346C48C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:f340:4000::/34

    Signature Algorithm: sha256WithRSAEncryption
         7c:2d:c8:3c:70:63:53:6e:be:5a:28:56:54:43:6c:ec:c0:2b:
         80:f8:0f:92:ba:09:ec:6f:37:d1:23:b8:af:f2:f0:4f:3a:3b:
         11:05:88:f0:d4:f7:e9:eb:4e:2b:b2:1a:d8:77:b9:57:9d:57:
         09:aa:04:f7:c7:d9:39:75:01:1b:af:11:41:b9:2d:2b:1a:2f:
         81:e2:2e:e8:85:c8:52:0d:e5:34:40:6a:90:76:11:74:72:89:
         ec:21:36:0d:74:98:2f:47:59:49:bb:7a:38:f2:5c:18:d0:c4:
         1f:c8:4f:9a:bf:d1:5a:3f:4d:60:0a:c2:b8:fb:6a:ad:7a:b3:
         cc:9f:a6:58:98:be:81:13:80:d8:05:0c:7d:b0:ac:2d:75:c3:
         2c:1a:0a:78:d7:b4:31:30:61:ad:ab:f2:a5:fc:58:1d:33:c0:
         e5:19:30:ee:3d:89:13:0f:3e:e1:db:37:31:83:2a:fe:14:3f:
         29:a7:b3:ff:40:df:9f:80:3c:ca:ba:79:0c:5e:be:43:27:36:
         85:81:f7:11:5e:5c:32:37:08:ce:3f:56:08:5e:5c:4f:f0:1c:
         60:72:27:52:ed:f8:17:37:02:ca:b3:81:81:f2:d4:34:9d:a9:
         e2:11:75:f4:09:64:9b:a7:6a:23:ae:ae:1a:72:33:00:91:e3:
         93:70:b2:78
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgICCTMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU0NTYxMTAvBgNVBAUTKDJDRTExMDA4RDJFMDNGRUIzRTYzN0FENEY3RTcyNzJF
REM2MEQ1M0IwHhcNMjMwODEyMjAzNzMxWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQ3ZWQ4YS1kMzE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6tYfxeECAI4xun9wtinYiIg8akKZkm7+4rqaWcMWkm08Lf/ccGWPtrGydj+r
7mkPZsMz6n4JSZxtnHlICX27H9dDtYGjsfD++ULgi0aGI8IleYmhCd71XdIAQ79o
5VL21KzQiNjc5q4afeCDCCE+EH2ztWK0s5zuY7jvRQJaHwthJWfH4Noc3V6WUX5s
YceWRyfbgcJOCd8jdMA/qmpbq2JWDMd768/TnJvI76uOFRbYgcwRNWdQo5/vPjXj
+t33IPem6BD6BxBfAyK3Aglbw6MtFvkw9zB5Na50kHQmsSt5S9SumQXQGPbsGe33
qYEW2yMoQCpl25hRfImc+lWOiQIDAQABo4IClzCCApMwHQYDVR0OBBYEFCrrD6Q+
UBtU0Bsj0xoCzazoZOiQMB8GA1UdIwQYMBaAFCzhEAjS4D/rPmN61PfnJy7cYNU7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTQ1Ni8yMzc4RTA4MDVF
RTUxMUVBQUE1MkRFNDdDNEY5QUUwMi9MT0VRQ05MZ1Atcy1ZM3JVOS1jbkx0eGcx
VHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xPRVFDTkxnUC1zLVkzclU5LWNuTHR4ZzFUcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU0NTYvMjM3OEUwODA1RUU1MTFFQUFBNTJERTQ3QzRGOUFFMDIvNUExNUVBMDQw
RDdBMTFFQjlEMzQ2QzQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgYkBPNAQDANBgkqhkiG9w0BAQsFAAOCAQEAfC3IPHBjU26+
WihWVENs7MArgPgPkroJ7G830SO4r/LwTzo7EQWI8NT36etOK7Ia2He5V51XCaoE
98fZOXUBG68RQbktKxovgeIu6IXIUg3lNEBqkHYRdHKJ7CE2DXSYL0dZSbt6OPJc
GNDEH8hPmr/RWj9NYArCuPtqrXqzzJ+mWJi+gROA2AUMfbCsLXXDLBoKeNe0MTBh
ravypfxYHTPA5Rkw7j2JEw8+4ds3MYMq/hQ/Kaez/0Dfn4A8yrp5DF6+Qyc2hYH3
EV5cMjcIzj9WCF5cT/AcYHInUu34FzcCyrOBgfLUNJ2p4hF19Alkm6dqI66uGnIz
AJHjk3CyeA==
-----END CERTIFICATE-----
Generated at Fri Jun 14 21:52:15 2024 by rpki-client on console-fra.rpki-client.org