Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91810E3/339314C8717D11EE89EF6236C4F9AE02/A56F3A8A718811EEADDA430AC4F9AE02.roa
File:                     A56F3A8A718811EEADDA430AC4F9AE02.roa (raw, json)
Hash identifier:          k94xftsmS29G5Ki6l7RDKyar+9tisgQaPG/llPqEy08=
Subject key identifier:   10:5A:FB:2E:EE:C2:56:BF:9E:D7:FD:A2:79:FD:D5:C8:E4:CC:39:72
Certificate issuer:       /CN=A91810E3/serialNumber=9DB7AB93AE33F64616822DF03FFD817768F1E98F
Certificate serial:       07
Authority key identifier: 9D:B7:AB:93:AE:33:F6:46:16:82:2D:F0:3F:FD:81:77:68:F1:E9:8F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nberk64z9kYWgi3wP_2Bd2jx6Y8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91810E3/339314C8717D11EE89EF6236C4F9AE02/A56F3A8A718811EEADDA430AC4F9AE02.roa
Signing time:             Mon 23 Oct 2023 09:43:40 +0000
ROA not before:           Mon 23 Oct 2023 09:43:40 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     151978
IP address blocks:        103.67.70.0/23 maxlen: 24
                          2001:df3:dc0::/48 maxlen: 56

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91810E3/339314C8717D11EE89EF6236C4F9AE02/nberk64z9kYWgi3wP_2Bd2jx6Y8.crl
                          rsync://rpki.apnic.net/member_repository/A91810E3/339314C8717D11EE89EF6236C4F9AE02/nberk64z9kYWgi3wP_2Bd2jx6Y8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nberk64z9kYWgi3wP_2Bd2jx6Y8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 24 Jun 2024 07:25:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7 (0x7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91810E3/serialNumber=9DB7AB93AE33F64616822DF03FFD817768F1E98F
        Validity
            Not Before: Oct 23 09:43:40 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=6536404c-def5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:23:2c:4e:6f:c9:cd:ff:05:1f:74:b5:c4:10:
                    62:07:3c:26:cf:04:8f:c7:00:6d:20:a5:45:52:67:
                    97:db:ff:63:76:f7:2f:52:00:94:55:64:c1:81:1d:
                    75:1d:88:e8:2f:77:85:e8:a2:8f:9e:5c:9b:1f:c2:
                    4a:3b:1f:ea:d7:56:03:c0:83:b5:df:15:86:5f:da:
                    e9:2e:f8:55:5e:d2:b9:91:54:ab:68:d9:9f:c5:b1:
                    31:11:84:6c:dc:8d:fa:68:ff:0c:eb:c3:fd:70:09:
                    99:08:6b:9d:45:fb:23:80:a2:89:a7:49:b5:2c:42:
                    53:bd:c3:e5:cb:88:a5:38:9d:dd:60:9a:1d:d2:a6:
                    e1:22:f7:68:66:eb:43:a4:f9:e8:0a:19:61:9f:15:
                    4c:87:70:db:d7:18:98:97:b6:9c:67:1e:5b:a7:6c:
                    1a:f6:c4:e7:47:e9:52:bc:18:cc:87:9d:42:05:91:
                    ec:08:72:f9:a9:22:9f:63:a6:c4:09:6c:6d:a2:a4:
                    51:04:a2:5d:b5:b1:10:64:e7:6d:9e:c4:cc:ce:f3:
                    e9:fa:0b:19:2e:9e:6c:a2:cb:c2:d9:3d:02:37:e5:
                    35:17:92:5d:23:57:69:7b:81:37:27:9e:c0:04:31:
                    dd:23:ed:5c:b4:a5:3a:5e:d8:db:6e:19:54:b5:24:
                    df:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:5A:FB:2E:EE:C2:56:BF:9E:D7:FD:A2:79:FD:D5:C8:E4:CC:39:72
            X509v3 Authority Key Identifier:
                keyid:9D:B7:AB:93:AE:33:F6:46:16:82:2D:F0:3F:FD:81:77:68:F1:E9:8F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91810E3/339314C8717D11EE89EF6236C4F9AE02/nberk64z9kYWgi3wP_2Bd2jx6Y8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nberk64z9kYWgi3wP_2Bd2jx6Y8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91810E3/339314C8717D11EE89EF6236C4F9AE02/A56F3A8A718811EEADDA430AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.67.70.0/23
                IPv6:
                  2001:df3:dc0::/48

    Signature Algorithm: sha256WithRSAEncryption
         5d:7e:42:94:6b:0f:fc:96:c4:c4:e3:54:53:ea:4c:b9:42:48:
         46:b5:f0:5d:d8:01:2d:41:b3:cf:76:97:00:f1:15:b4:54:8c:
         1b:42:94:8e:b1:33:89:03:97:3b:c0:46:e3:41:e1:2e:4f:4c:
         73:ce:8c:37:b2:bd:85:8d:d3:4b:76:a8:ed:39:a5:e6:a1:c7:
         dd:6d:5b:25:ba:85:1a:8f:66:db:88:2c:27:b7:88:73:ac:30:
         c9:2d:55:ed:8a:fa:90:89:af:de:c5:dd:9b:fc:02:88:25:4c:
         44:af:5e:e1:cb:42:ab:97:e5:b1:d4:c5:bb:2a:cf:88:bb:b0:
         ca:3b:42:2a:50:4a:c8:ac:2b:cd:42:b2:c5:3f:3f:0c:fd:39:
         fb:6b:e7:4d:6b:df:29:09:bd:3f:d4:0b:c2:41:61:9f:7f:4e:
         33:bf:74:38:ce:01:41:7e:92:6a:4e:b1:56:79:d5:a9:96:ff:
         b1:c3:0c:35:e2:62:c4:dc:53:d7:35:f8:20:86:15:3c:be:32:
         51:f1:f5:e4:99:6c:28:b7:42:af:b3:3d:32:e0:6f:8a:ed:9f:
         04:bb:88:16:83:66:fd:75:dc:49:36:99:74:8b:de:e5:0d:1c:
         4d:08:39:61:7d:cf:95:fe:f6:08:ed:c8:55:c7:41:b7:e1:b5:
         38:e1:86:b9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
MTBFMzExMC8GA1UEBRMoOURCN0FCOTNBRTMzRjY0NjE2ODIyREYwM0ZGRDgxNzc2
OEYxRTk4RjAeFw0yMzEwMjMwOTQzNDBaFw0yNTAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MzY0MDRjLWRlZjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCtIyxOb8nN/wUfdLXEEGIHPCbPBI/HAG0gpUVSZ5fb/2N29y9SAJRVZMGBHXUd
iOgvd4Xooo+eXJsfwko7H+rXVgPAg7XfFYZf2uku+FVe0rmRVKto2Z/FsTERhGzc
jfpo/wzrw/1wCZkIa51F+yOAoomnSbUsQlO9w+XLiKU4nd1gmh3SpuEi92hm60Ok
+egKGWGfFUyHcNvXGJiXtpxnHlunbBr2xOdH6VK8GMyHnUIFkewIcvmpIp9jpsQJ
bG2ipFEEol21sRBk522exMzO8+n6Cxkunmyiy8LZPQI35TUXkl0jV2l7gTcnnsAE
Md0j7Vy0pTpe2NtuGVS1JN+hAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUEFr7Lu7C
Vr+e1/2ief3VyOTMOXIwHwYDVR0jBBgwFoAUnberk64z9kYWgi3wP/2Bd2jx6Y8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTgxMEUzLzMzOTMxNEM4NzE3
RDExRUU4OUVGNjIzNkM0RjlBRTAyL25iZXJrNjR6OWtZV2dpM3dQXzJCZDJqeDZZ
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbmJlcms2NHo5a1lXZ2kzd1BfMkJkMmp4Nlk4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
MTBFMy8zMzkzMTRDODcxN0QxMUVFODlFRjYyMzZDNEY5QUUwMi9BNTZGM0E4QTcx
ODgxMUVFQUREQTQzMEFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWdDRjAPBAIAAjAJAwcAIAEN8w3AMA0GCSqGSIb3DQEBCwUA
A4IBAQBdfkKUaw/8lsTE41RT6ky5QkhGtfBd2AEtQbPPdpcA8RW0VIwbQpSOsTOJ
A5c7wEbjQeEuT0xzzow3sr2FjdNLdqjtOaXmocfdbVsluoUaj2bbiCwnt4hzrDDJ
LVXtivqQia/exd2b/AKIJUxEr17hy0Krl+Wx1MW7Ks+Iu7DKO0IqUErIrCvNQrLF
Pz8M/Tn7a+dNa98pCb0/1AvCQWGff04zv3Q4zgFBfpJqTrFWedWplv+xwww14mLE
3FPXNfgghhU8vjJR8fXkmWwot0Kvsz0y4G+K7Z8Eu4gWg2b9ddxJNpl0i97lDRxN
CDlhfc+V/vYI7chVx0G34bU44Ya5
-----END CERTIFICATE-----
Generated at Mon Jun 17 08:43:19 2024 by rpki-client on console-ams.rpki-client.org