Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/F126F04A11A911EBB5A4DD83C4F9AE02.roa
File:                     F126F04A11A911EBB5A4DD83C4F9AE02.roa (raw, json)
Hash identifier:          gbzQKBwFAV/QVtRGQ1XjoisEC6G6KDgdJdLY0qtEDRc=
Subject key identifier:   73:3E:70:81:E2:AA:7C:49:8C:CD:2A:0D:F3:DF:FC:63:C5:6F:CC:D0
Certificate issuer:       /CN=A917DA4A/serialNumber=088691F1F78BD9CEFED80D36D650D67767A6BDB0
Certificate serial:       0628
Authority key identifier: 08:86:91:F1:F7:8B:D9:CE:FE:D8:0D:36:D6:50:D6:77:67:A6:BD:B0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/F126F04A11A911EBB5A4DD83C4F9AE02.roa
Signing time:             Thu 06 Jul 2023 22:18:56 +0000
ROA not before:           Thu 06 Jul 2023 22:18:56 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     131188
IP address blocks:        103.1.12.0/24 maxlen: 24
                          103.1.13.0/24 maxlen: 24
                          103.1.14.0/24 maxlen: 24
                          103.1.15.0/24 maxlen: 24
                          111.91.236.0/24 maxlen: 24
                          111.91.237.0/24 maxlen: 24
                          111.91.238.0/24 maxlen: 24
                          111.91.239.0/24 maxlen: 24
                          2403:4900:1::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.crl
                          rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 21 Jun 2024 22:51:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1576 (0x628)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917DA4A/serialNumber=088691F1F78BD9CEFED80D36D650D67767A6BDB0
        Validity
            Not Before: Jul  6 22:18:56 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=64a73dd0-caf3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:4b:20:12:03:20:cb:78:c4:47:f0:72:16:81:
                    22:52:4e:97:e4:15:60:92:25:ec:8c:a4:1d:c1:e2:
                    ca:6f:62:4b:ec:f1:94:9c:f8:08:e0:55:ad:78:2c:
                    89:af:e9:51:57:61:37:ad:37:2e:05:3a:12:fb:a0:
                    62:95:bc:91:17:3d:85:04:7e:d8:df:b1:b8:80:47:
                    06:47:b9:f5:3f:cc:5f:04:59:01:68:84:14:cb:70:
                    99:47:69:cb:95:12:b8:81:c4:14:aa:18:e7:74:5c:
                    01:cd:84:6f:93:a7:0f:84:bd:d0:2e:1e:14:19:21:
                    75:78:60:5d:8c:2b:c0:3c:d3:52:39:be:55:29:46:
                    f0:28:f2:c1:17:56:8e:06:25:af:7d:42:ac:97:e9:
                    c8:71:52:fc:7b:78:2e:b6:bd:27:ac:43:6a:ca:fc:
                    3a:19:6b:40:1b:11:c9:2a:1d:c8:6a:a1:e3:bc:4b:
                    3f:a8:ff:15:8b:d1:36:8d:c5:6b:0a:28:37:f8:3b:
                    df:d4:3a:81:4a:50:16:6c:6a:13:2d:e4:6c:9e:72:
                    5b:eb:f8:c5:0a:4f:a7:80:3e:0c:90:0a:77:a6:20:
                    4b:60:6d:7b:6e:ec:56:1d:23:e0:1d:af:86:8e:35:
                    69:0b:09:ae:1d:9f:fe:26:30:9d:15:9f:26:46:b0:
                    74:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:3E:70:81:E2:AA:7C:49:8C:CD:2A:0D:F3:DF:FC:63:C5:6F:CC:D0
            X509v3 Authority Key Identifier:
                keyid:08:86:91:F1:F7:8B:D9:CE:FE:D8:0D:36:D6:50:D6:77:67:A6:BD:B0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/F126F04A11A911EBB5A4DD83C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.1.12.0/22
                  111.91.236.0/22
                IPv6:
                  2403:4900:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         68:60:48:ca:51:0e:31:95:f4:ab:d4:d7:2d:84:b9:77:5d:eb:
         b5:04:8c:1e:f8:95:f9:18:ce:69:4d:f4:28:e8:15:6a:0e:3d:
         46:72:4e:ff:51:18:25:43:44:bc:7f:67:5b:ed:41:77:63:15:
         c7:63:ae:30:6b:01:6d:83:03:4b:f7:ff:05:83:9f:e3:3b:f2:
         16:93:ce:72:31:f6:37:65:13:8f:be:51:94:8e:df:6e:5e:c2:
         16:70:de:03:47:27:6b:8a:e4:d7:63:12:11:da:16:bf:89:20:
         0a:00:c8:7c:b5:da:18:ea:0c:6a:5c:4f:35:f3:c0:d4:c8:b7:
         77:42:3a:f0:9b:62:a4:bc:0e:34:72:69:c0:f4:4d:23:08:82:
         c7:8e:52:5d:56:ce:7c:a0:83:79:35:2e:48:de:56:4b:5a:1e:
         d9:12:be:34:96:f9:12:f4:99:b4:5e:2c:55:e6:3b:05:a5:71:
         f2:d4:77:a3:f1:08:39:c9:d2:bd:f8:38:d5:2a:99:5b:40:a8:
         ba:9c:c5:11:1c:4e:7a:66:81:ee:02:a1:a0:c9:f6:3a:ef:2c:
         fd:e7:dc:84:03:c6:b2:ae:8f:5b:99:fe:64:1b:6f:69:27:ac:
         78:b1:18:07:8a:27:01:cc:0d:96:8e:f3:54:72:d6:73:c2:8c:
         19:6a:f8:89
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICBigwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0RBNEExMTAvBgNVBAUTKDA4ODY5MUYxRjc4QkQ5Q0VGRUQ4MEQzNkQ2NTBENjc3
NjdBNkJEQjAwHhcNMjMwNzA2MjIxODU2WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE3M2RkMC1jYWYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwksgEgMgy3jER/ByFoEiUk6X5BVgkiXsjKQdweLKb2JL7PGUnPgI4FWteCyJ
r+lRV2E3rTcuBToS+6BilbyRFz2FBH7Y37G4gEcGR7n1P8xfBFkBaIQUy3CZR2nL
lRK4gcQUqhjndFwBzYRvk6cPhL3QLh4UGSF1eGBdjCvAPNNSOb5VKUbwKPLBF1aO
BiWvfUKsl+nIcVL8e3gutr0nrENqyvw6GWtAGxHJKh3IaqHjvEs/qP8Vi9E2jcVr
Cig3+Dvf1DqBSlAWbGoTLeRsnnJb6/jFCk+ngD4MkAp3piBLYG17buxWHSPgHa+G
jjVpCwmuHZ/+JjCdFZ8mRrB0lQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFHM+cIHi
qnxJjM0qDfPf/GPFb8zQMB8GA1UdIwQYMBaAFAiGkfH3i9nO/tgNNtZQ1ndnpr2w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REE0QS8wNTFEQUY1QTBE
QzUxMUVCOUM2QkJEMUNDNEY5QUUwMi9DSWFSOGZlTDJjNy0yQTAyMWxEV2QyZW12
YkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NJYVI4ZmVMMmM3LTJBMDIxbERXZDJlbXZiQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0RBNEEvMDUxREFGNUEwREM1MTFFQjlDNkJCRDFDQzRGOUFFMDIvRjEyNkYwNEEx
MUE5MTFFQkI1QTRERDgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAJnAQwDBAJvW+wwDwQCAAIwCQMHACQDSQAAATANBgkqhkiG
9w0BAQsFAAOCAQEAaGBIylEOMZX0q9TXLYS5d13rtQSMHviV+RjOaU30KOgVag49
RnJO/1EYJUNEvH9nW+1Bd2MVx2OuMGsBbYMDS/f/BYOf4zvyFpPOcjH2N2UTj75R
lI7fbl7CFnDeA0cna4rk12MSEdoWv4kgCgDIfLXaGOoMalxPNfPA1Mi3d0I68Jti
pLwONHJpwPRNIwiCx45SXVbOfKCDeTUuSN5WS1oe2RK+NJb5EvSZtF4sVeY7BaVx
8tR3o/EIOcnSvfg41SqZW0CoupzFERxOemaB7gKhoMn2Ou8s/efchAPGsq6PW5n+
ZBtvaSeseLEYB4onAcwNlo7zVHLWc8KMGWr4iQ==
-----END CERTIFICATE-----
Generated at Fri Jun 14 23:58:21 2024 by rpki-client on console-fra.rpki-client.org