Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/26FD4E0C705311EE8723E92AC4F9AE02.roa
File:                     26FD4E0C705311EE8723E92AC4F9AE02.roa (raw, json)
Hash identifier:          bUSE0gUZMQuQSO65Czv3NWH/el/tbBx+Kis8SIWiAkc=
Subject key identifier:   46:8F:DE:73:03:55:F3:C8:5E:9F:58:47:83:60:8B:69:84:DF:03:D6
Certificate issuer:       /CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Certificate serial:       0666
Authority key identifier: D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/26FD4E0C705311EE8723E92AC4F9AE02.roa
Signing time:             Sat 21 Oct 2023 20:48:13 +0000
ROA not before:           Sat 21 Oct 2023 20:48:13 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     10111
IP address blocks:        45.114.189.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1eU68RWZfH-juGVS-V9RFK80Bek.crl
                          rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1eU68RWZfH-juGVS-V9RFK80Bek.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 21 Jun 2024 23:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1638 (0x666)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
        Validity
            Not Before: Oct 21 20:48:13 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=6534390d-33e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:37:ac:ac:a1:24:5d:1a:bc:21:22:7c:46:42:
                    54:b9:f9:02:53:32:29:80:e4:0d:ab:75:ef:38:ba:
                    4d:af:7b:e5:e8:e7:ea:2c:5c:c5:98:b4:b1:d9:5b:
                    fb:02:f9:a3:9b:6e:34:42:1f:46:25:1c:65:dd:cc:
                    b0:26:5a:14:f6:fa:7f:04:a7:a3:00:50:fc:aa:bd:
                    52:51:48:a5:c3:ea:20:ab:7a:32:9a:0b:6b:11:3d:
                    ea:0c:ef:da:35:45:db:92:97:97:be:b5:e1:ee:40:
                    87:d7:23:84:7a:f6:7f:0e:4d:c3:1b:40:a2:00:1d:
                    ac:65:9f:48:5a:eb:f7:a8:ed:19:e8:ba:9c:1b:a0:
                    73:bd:52:04:67:c0:74:49:e0:b2:ce:d2:d5:ea:15:
                    67:7b:82:39:07:a6:dd:22:9e:44:33:46:7d:6f:4c:
                    12:7a:78:07:fc:1c:a3:01:02:3d:d6:ec:c0:aa:bf:
                    3c:2d:47:6d:bb:c1:b1:7a:8b:49:e2:77:af:1b:a1:
                    86:20:10:f3:24:99:18:f9:4c:29:0e:6c:1f:48:96:
                    0b:17:8b:a9:14:2e:2b:ff:f0:a9:91:a4:eb:ef:19:
                    e0:95:3a:ed:ad:57:08:5b:ac:c1:90:7d:81:e6:a5:
                    19:7a:32:13:11:5e:d8:1b:50:c7:04:fd:95:72:fb:
                    91:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:8F:DE:73:03:55:F3:C8:5E:9F:58:47:83:60:8B:69:84:DF:03:D6
            X509v3 Authority Key Identifier:
                keyid:D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1eU68RWZfH-juGVS-V9RFK80Bek.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/26FD4E0C705311EE8723E92AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.114.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:b6:27:d8:35:30:3d:34:25:3e:20:e3:17:b3:0a:dc:6d:38:
         0c:a5:31:98:1c:ae:2d:db:e4:ec:4a:4e:96:19:7e:f4:e9:57:
         52:a7:80:c1:f1:db:0e:6e:ee:f7:ea:5e:35:9d:2d:40:ef:3a:
         af:e4:af:2f:8d:f6:73:8d:0a:ef:df:26:aa:f5:8c:46:80:53:
         13:04:4a:bc:d0:43:f2:a8:ba:8e:d1:e0:dd:91:25:93:ad:61:
         6b:2e:2b:1f:a7:71:50:84:74:bb:e1:80:54:5a:61:e5:db:06:
         8e:ac:d5:5e:3d:54:f0:6b:a2:78:72:d4:aa:6c:7b:7b:f3:cf:
         32:f4:2e:9e:3d:b9:28:a4:f1:3e:82:2c:c0:77:70:40:11:18:
         1c:21:98:12:05:e8:de:7b:6e:17:d8:87:63:80:93:c6:20:0e:
         fd:e9:fc:50:1b:9d:75:5e:c9:4f:d1:b5:37:e4:2e:80:ac:e4:
         b0:f8:56:15:7b:a9:7b:47:03:0d:2a:b3:d2:8b:81:b3:a8:6a:
         77:36:54:8a:a9:33:e7:00:3c:7f:00:2a:e2:75:55:ee:8d:2d:
         1d:b2:fc:0f:7a:3c:6d:07:f3:34:ba:45:8a:98:cd:15:c8:32:
         e5:e0:13:69:32:e9:b3:f4:70:b3:0e:95:4d:f5:b2:c2:dd:7d:
         07:fd:ed:66
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBmYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQwRDIxMTAvBgNVBAUTKEQ1RTUzQUYxMTU5OTdDN0ZBM0I4NjU1MkY5NUY1MTE0
QUYzNDA1RTkwHhcNMjMxMDIxMjA0ODEzWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTM0MzkwZC0zM2U1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5DesrKEkXRq8ISJ8RkJUufkCUzIpgOQNq3XvOLpNr3vl6OfqLFzFmLSx2Vv7
Avmjm240Qh9GJRxl3cywJloU9vp/BKejAFD8qr1SUUilw+ogq3oymgtrET3qDO/a
NUXbkpeXvrXh7kCH1yOEevZ/Dk3DG0CiAB2sZZ9IWuv3qO0Z6LqcG6BzvVIEZ8B0
SeCyztLV6hVne4I5B6bdIp5EM0Z9b0wSengH/ByjAQI91uzAqr88LUdtu8GxeotJ
4nevG6GGIBDzJJkY+UwpDmwfSJYLF4upFC4r//CpkaTr7xnglTrtrVcIW6zBkH2B
5qUZejITEV7YG1DHBP2VcvuRHQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEaP3nMD
VfPIXp9YR4Ngi2mE3wPWMB8GA1UdIwQYMBaAFNXlOvEVmXx/o7hlUvlfURSvNAXp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDBEMi81OTM3RDQzRTM1
QUQxMUVCODFFRUFEMTJDNEY5QUUwMi8xZVU2OFJXWmZILWp1R1ZTLVY5UkZLODBC
ZWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFlVTY4UldaZkgtanVHVlMtVjlSRks4MEJlay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQwRDIvNTkzN0Q0M0UzNUFEMTFFQjgxRUVBRDEyQzRGOUFFMDIvMjZGRDRFMEM3
MDUzMTFFRTg3MjNFOTJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAtcr0wDQYJKoZIhvcNAQELBQADggEBAEW2J9g1MD00JT4g
4xezCtxtOAylMZgcri3b5OxKTpYZfvTpV1KngMHx2w5u7vfqXjWdLUDvOq/kry+N
9nONCu/fJqr1jEaAUxMESrzQQ/Kouo7R4N2RJZOtYWsuKx+ncVCEdLvhgFRaYeXb
Bo6s1V49VPBronhy1Kpse3vzzzL0Lp49uSik8T6CLMB3cEARGBwhmBIF6N57bhfY
h2OAk8YgDv3p/FAbnXVeyU/RtTfkLoCs5LD4VhV7qXtHAw0qs9KLgbOoanc2VIqp
M+cAPH8AKuJ1Ve6NLR2y/A96PG0H8zS6RYqYzRXIMuXgE2ky6bP0cLMOlU31ssLd
fQf97WY=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:03:24 2024 by rpki-client on console-fra.rpki-client.org