Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918054D/6E0823B0198C11EBAFCB9459C4F9AE02/0CACB5AC198E11EBBDF60275C4F9AE02.roa
File:                     0CACB5AC198E11EBBDF60275C4F9AE02.roa (raw, json)
Hash identifier:          Y9+NByiMbC9ptSkq2x4xGob8Ju6FYekkoEtclUJbd3w=
Subject key identifier:   BD:B0:7D:F7:F3:83:40:92:90:51:3D:D2:EF:CD:D2:22:B5:D4:B6:15
Certificate issuer:       /CN=A918054D/serialNumber=CD827BF96458361F6098B22F758548D7EAEFA168
Certificate serial:       0642
Authority key identifier: CD:82:7B:F9:64:58:36:1F:60:98:B2:2F:75:85:48:D7:EA:EF:A1:68
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zYJ7-WRYNh9gmLIvdYVI1-rvoWg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918054D/6E0823B0198C11EBAFCB9459C4F9AE02/0CACB5AC198E11EBBDF60275C4F9AE02.roa
Signing time:             Wed 20 Sep 2023 22:40:30 +0000
ROA not before:           Wed 20 Sep 2023 22:40:30 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     141158
IP address blocks:        103.155.132.0/23 maxlen: 23
                          103.155.132.0/24 maxlen: 24
                          103.155.133.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918054D/6E0823B0198C11EBAFCB9459C4F9AE02/zYJ7-WRYNh9gmLIvdYVI1-rvoWg.crl
                          rsync://rpki.apnic.net/member_repository/A918054D/6E0823B0198C11EBAFCB9459C4F9AE02/zYJ7-WRYNh9gmLIvdYVI1-rvoWg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zYJ7-WRYNh9gmLIvdYVI1-rvoWg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 02 Apr 2024 22:58:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1602 (0x642)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918054D/serialNumber=CD827BF96458361F6098B22F758548D7EAEFA168
        Validity
            Not Before: Sep 20 22:40:30 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=650b74dd-ffb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:e3:f1:83:13:3c:93:df:07:85:a5:6b:4e:df:
                    1e:18:a4:00:3f:87:eb:30:ae:29:84:1f:8f:a3:03:
                    cb:6d:45:6d:e4:bc:eb:e4:72:16:b3:1b:23:07:9e:
                    58:22:57:45:83:2d:5e:f6:5e:78:3d:4d:a5:58:17:
                    6f:12:5f:59:0a:10:7f:7b:32:a6:4e:ce:72:ab:e4:
                    38:b5:85:bb:09:d9:24:11:c8:fe:68:84:39:52:18:
                    27:42:12:99:ba:f9:3d:68:48:3e:78:a7:93:a3:69:
                    1c:26:ea:91:40:e0:15:57:64:b7:77:75:e9:39:b4:
                    e5:27:b5:e6:ca:2d:f2:2a:ee:59:f6:1d:f4:a3:54:
                    b6:fa:bf:0b:ec:97:f5:df:7a:3f:3f:eb:17:cb:23:
                    50:8e:27:e9:b4:75:bf:e7:5b:f4:a1:31:11:0d:5e:
                    9a:c5:75:39:5b:4d:16:e2:4e:00:fb:8d:3e:7d:a9:
                    90:cb:30:cc:68:03:68:96:e8:f5:31:6b:a7:94:52:
                    9e:2a:c3:84:58:d0:3a:b5:4c:8c:59:d8:ae:ee:53:
                    82:43:67:9d:87:dc:22:7a:97:3a:c3:0a:a8:a9:9a:
                    a3:e3:e6:9f:50:84:d3:59:22:e2:f1:61:ab:bb:55:
                    00:cb:6b:7a:0e:5d:8e:20:a2:2f:6a:05:48:3b:a5:
                    89:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:B0:7D:F7:F3:83:40:92:90:51:3D:D2:EF:CD:D2:22:B5:D4:B6:15
            X509v3 Authority Key Identifier:
                keyid:CD:82:7B:F9:64:58:36:1F:60:98:B2:2F:75:85:48:D7:EA:EF:A1:68

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918054D/6E0823B0198C11EBAFCB9459C4F9AE02/zYJ7-WRYNh9gmLIvdYVI1-rvoWg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zYJ7-WRYNh9gmLIvdYVI1-rvoWg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918054D/6E0823B0198C11EBAFCB9459C4F9AE02/0CACB5AC198E11EBBDF60275C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.155.132.0/23

    Signature Algorithm: sha256WithRSAEncryption
         86:7e:77:fb:54:e6:e4:cd:88:3c:24:cb:aa:cd:80:05:2c:02:
         88:8b:60:a4:ec:f5:e2:ec:cd:02:b5:2f:53:fc:5e:af:aa:4a:
         1c:6a:07:a9:cb:86:ba:ca:60:cf:46:e2:7e:91:f3:0c:5a:7e:
         7b:37:2d:56:f5:98:38:16:f2:bc:cc:85:ce:d7:6f:56:c6:ec:
         f4:a9:d6:c1:b4:26:f1:48:48:cf:a2:8c:42:34:e5:5e:d5:9e:
         f7:b9:bb:da:5f:6b:6a:f2:4e:b9:79:71:a7:57:1b:66:38:e2:
         bc:ce:3a:31:6f:01:71:57:f3:8d:1d:2d:92:b3:32:85:07:f7:
         45:81:92:33:b0:d6:75:fa:0b:9c:b8:86:78:ed:4a:00:7c:f4:
         cc:ec:99:17:4e:93:7d:26:36:12:ae:3c:5b:3c:68:91:dc:7a:
         3a:16:01:8b:b7:21:ae:70:80:66:cd:7e:35:83:be:8f:f7:b4:
         63:a8:b1:48:74:f2:49:26:c3:f9:32:04:a5:d8:29:71:f2:00:
         09:a8:33:e8:d7:ae:de:0d:e3:d3:08:29:09:d8:ab:72:7b:0b:
         e6:ad:fd:78:6a:f0:6c:da:94:aa:82:80:83:e6:d3:6c:0d:1c:
         1a:5e:0e:5e:5f:29:73:40:34:85:2a:ac:1f:12:c6:94:6f:98:
         0d:3a:bb:81
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBkIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODA1NEQxMTAvBgNVBAUTKENEODI3QkY5NjQ1ODM2MUY2MDk4QjIyRjc1ODU0OEQ3
RUFFRkExNjgwHhcNMjMwOTIwMjI0MDMwWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTBiNzRkZC1mZmI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzePxgxM8k98HhaVrTt8eGKQAP4frMK4phB+PowPLbUVt5Lzr5HIWsxsjB55Y
IldFgy1e9l54PU2lWBdvEl9ZChB/ezKmTs5yq+Q4tYW7CdkkEcj+aIQ5UhgnQhKZ
uvk9aEg+eKeTo2kcJuqRQOAVV2S3d3XpObTlJ7Xmyi3yKu5Z9h30o1S2+r8L7Jf1
33o/P+sXyyNQjifptHW/51v0oTERDV6axXU5W00W4k4A+40+famQyzDMaANoluj1
MWunlFKeKsOEWNA6tUyMWdiu7lOCQ2edh9wiepc6wwqoqZqj4+afUITTWSLi8WGr
u1UAy2t6Dl2OIKIvagVIO6WJLwIDAQABo4IClTCCApEwHQYDVR0OBBYEFL2wfffz
g0CSkFE90u/N0iK11LYVMB8GA1UdIwQYMBaAFM2Ce/lkWDYfYJiyL3WFSNfq76Fo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDU0RC82RTA4MjNCMDE5
OEMxMUVCQUZDQjk0NTlDNEY5QUUwMi96WUo3LVdSWU5oOWdtTEl2ZFlWSTEtcnZv
V2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pZSjctV1JZTmg5Z21MSXZkWVZJMS1ydm9XZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODA1NEQvNkUwODIzQjAxOThDMTFFQkFGQ0I5NDU5QzRGOUFFMDIvMENBQ0I1QUMx
OThFMTFFQkJERjYwMjc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnm4QwDQYJKoZIhvcNAQELBQADggEBAIZ+d/tU5uTNiDwk
y6rNgAUsAoiLYKTs9eLszQK1L1P8Xq+qShxqB6nLhrrKYM9G4n6R8wxafns3LVb1
mDgW8rzMhc7Xb1bG7PSp1sG0JvFISM+ijEI05V7Vnve5u9pfa2ryTrl5cadXG2Y4
4rzOOjFvAXFX840dLZKzMoUH90WBkjOw1nX6C5y4hnjtSgB89MzsmRdOk30mNhKu
PFs8aJHcejoWAYu3Ia5wgGbNfjWDvo/3tGOosUh08kkmw/kyBKXYKXHyAAmoM+jX
rt4N49MIKQnYq3J7C+at/Xhq8GzalKqCgIPm02wNHBpeDl5fKXNANIUqrB8SxpRv
mA06u4E=
-----END CERTIFICATE-----
Generated at Tue Mar 26 23:50:14 2024 by rpki-client on console-fra.rpki-client.org