Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9185896/E122727CF67C11EDA1C53986C4F9AE02/1C46B158029711EEB8410455C4F9AE02.roa
File:                     1C46B158029711EEB8410455C4F9AE02.roa (raw, json)
Hash identifier:          VOFQT/A85G7ejOlbJrTPJEP9gzT4RIbiS8v9oGv3OB0=
Subject key identifier:   6B:81:4E:14:31:83:81:96:8A:21:F1:9E:20:11:91:98:2B:2E:EC:C9
Certificate issuer:       /CN=A9185896/serialNumber=1AB6BAE793AB8AACA3BFD66C6C29B0AD5103F090
Certificate serial:       0C
Authority key identifier: 1A:B6:BA:E7:93:AB:8A:AC:A3:BF:D6:6C:6C:29:B0:AD:51:03:F0:90
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gra655Oriqyjv9ZsbCmwrVED8JA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9185896/E122727CF67C11EDA1C53986C4F9AE02/1C46B158029711EEB8410455C4F9AE02.roa
Signing time:             Sun 04 Jun 2023 05:17:33 +0000
ROA not before:           Sun 04 Jun 2023 05:17:33 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     151339
IP address blocks:        103.139.52.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9185896/E122727CF67C11EDA1C53986C4F9AE02/Gra655Oriqyjv9ZsbCmwrVED8JA.crl
                          rsync://rpki.apnic.net/member_repository/A9185896/E122727CF67C11EDA1C53986C4F9AE02/Gra655Oriqyjv9ZsbCmwrVED8JA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gra655Oriqyjv9ZsbCmwrVED8JA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 20 Jun 2024 06:14:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12 (0xc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9185896/serialNumber=1AB6BAE793AB8AACA3BFD66C6C29B0AD5103F090
        Validity
            Not Before: Jun  4 05:17:33 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=647c1e6d-f031
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:8e:df:55:42:c5:a4:67:81:ab:3e:f8:ac:c3:
                    cb:f1:0c:87:56:ef:15:c5:d5:1d:64:fc:3b:fd:9e:
                    14:d0:5a:2d:33:16:fd:57:7e:f0:0d:18:69:a7:74:
                    6a:f7:aa:d8:c2:9a:2f:0f:a6:58:ca:66:0e:1c:3f:
                    c6:b2:87:c1:9e:22:f6:3f:a5:dc:c5:de:d5:92:08:
                    88:4f:6a:f9:2b:d0:2c:4e:bc:14:54:e7:ee:03:d7:
                    46:10:b0:1f:32:bf:c6:34:f9:f6:47:6a:1d:8d:04:
                    e7:ff:b2:c0:6d:da:12:7d:e3:a6:c3:25:8a:8c:ac:
                    a6:1b:74:8c:46:34:86:9b:ed:e2:1e:9f:14:00:d6:
                    a9:c2:97:fd:80:c7:ab:0f:a4:af:d8:3e:64:b9:17:
                    d5:0e:76:2d:bf:41:3d:77:0b:a2:60:61:83:c8:22:
                    a2:60:d5:7f:b7:75:10:98:e2:c0:f5:1d:8e:8f:be:
                    2a:45:0a:80:77:8c:73:42:6d:fa:2f:21:73:8a:ee:
                    88:a3:53:2a:3c:81:2b:c9:45:67:86:4f:24:f6:e3:
                    a9:c5:a2:5c:67:73:8a:7b:3a:4b:85:04:ef:57:c8:
                    15:fc:4d:bf:df:c2:36:fb:2a:38:eb:de:1f:ed:09:
                    e6:58:46:90:7e:47:59:9d:77:6b:e5:1c:22:e1:90:
                    69:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:81:4E:14:31:83:81:96:8A:21:F1:9E:20:11:91:98:2B:2E:EC:C9
            X509v3 Authority Key Identifier:
                keyid:1A:B6:BA:E7:93:AB:8A:AC:A3:BF:D6:6C:6C:29:B0:AD:51:03:F0:90

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9185896/E122727CF67C11EDA1C53986C4F9AE02/Gra655Oriqyjv9ZsbCmwrVED8JA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gra655Oriqyjv9ZsbCmwrVED8JA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185896/E122727CF67C11EDA1C53986C4F9AE02/1C46B158029711EEB8410455C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.139.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:6c:47:f6:45:3a:8b:ce:c8:30:25:3c:b4:8e:64:2e:78:60:
         89:db:cf:2c:91:79:03:f1:1b:90:87:a1:e7:85:69:f2:67:94:
         0f:4c:c9:ca:4e:d1:7f:76:7d:93:5c:3b:c7:1d:d6:1f:56:0f:
         a7:da:c1:3c:16:13:a5:20:fc:09:65:74:1c:79:4f:ee:80:24:
         17:10:b4:4b:3f:3c:a3:04:ba:dc:4d:39:18:e6:1a:90:34:9c:
         28:f2:87:67:3f:1f:a0:c1:20:f3:b0:55:0f:50:9d:e6:5f:2e:
         2b:af:0b:2a:43:33:81:31:70:1c:5b:d2:dc:82:70:4d:25:f7:
         20:c0:31:ea:34:78:c6:80:23:93:7b:c5:f9:02:87:15:f1:cf:
         84:5a:63:3c:4c:d4:24:f7:03:fe:84:0c:48:87:30:0e:63:a8:
         b0:83:dd:89:e9:35:04:9e:5a:4a:be:6b:7a:5a:7d:fd:ef:c2:
         11:16:81:db:e3:53:8c:a4:21:f1:f2:2d:29:8d:98:41:8e:eb:
         66:3f:fa:18:2c:c8:4d:a7:3c:4d:b5:2a:4a:16:0d:fa:bb:e3:
         9b:88:be:82:cd:41:2a:47:0e:e0:9b:0d:07:08:22:86:e3:8f:
         fc:b7:e2:13:13:5c:2d:de:ed:e4:12:71:7a:92:98:ee:a4:f9:
         ba:04:80:10
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBDDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
NTg5NjExMC8GA1UEBRMoMUFCNkJBRTc5M0FCOEFBQ0EzQkZENjZDNkMyOUIwQUQ1
MTAzRjA5MDAeFw0yMzA2MDQwNTE3MzNaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0N2MxZTZkLWYwMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCbjt9VQsWkZ4GrPvisw8vxDIdW7xXF1R1k/Dv9nhTQWi0zFv1XfvANGGmndGr3
qtjCmi8PpljKZg4cP8ayh8GeIvY/pdzF3tWSCIhPavkr0CxOvBRU5+4D10YQsB8y
v8Y0+fZHah2NBOf/ssBt2hJ946bDJYqMrKYbdIxGNIab7eIenxQA1qnCl/2Ax6sP
pK/YPmS5F9UOdi2/QT13C6JgYYPIIqJg1X+3dRCY4sD1HY6PvipFCoB3jHNCbfov
IXOK7oijUyo8gSvJRWeGTyT246nFolxnc4p7OkuFBO9XyBX8Tb/fwjb7Kjjr3h/t
CeZYRpB+R1mdd2vlHCLhkGl1AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUa4FOFDGD
gZaKIfGeIBGRmCsu7MkwHwYDVR0jBBgwFoAUGra655Oriqyjv9ZsbCmwrVED8JAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg1ODk2L0UxMjI3MjdDRjY3
QzExRURBMUM1Mzk4NkM0RjlBRTAyL0dyYTY1NU9yaXF5anY5WnNiQ213clZFRDhK
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvR3JhNjU1T3JpcXlqdjlac2JDbXdyVkVEOEpBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NTg5Ni9FMTIyNzI3Q0Y2N0MxMUVEQTFDNTM5ODZDNEY5QUUwMi8xQzQ2QjE1ODAy
OTcxMUVFQjg0MTA0NTVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGeLNDANBgkqhkiG9w0BAQsFAAOCAQEARmxH9kU6i87IMCU8
tI5kLnhgidvPLJF5A/EbkIeh54Vp8meUD0zJyk7Rf3Z9k1w7xx3WH1YPp9rBPBYT
pSD8CWV0HHlP7oAkFxC0Sz88owS63E05GOYakDScKPKHZz8foMEg87BVD1Cd5l8u
K68LKkMzgTFwHFvS3IJwTSX3IMAx6jR4xoAjk3vF+QKHFfHPhFpjPEzUJPcD/oQM
SIcwDmOosIPdiek1BJ5aSr5relp9/e/CERaB2+NTjKQh8fItKY2YQY7rZj/6GCzI
Tac8TbUqShYN+rvjm4i+gs1BKkcO4JsNBwgihuOP/LfiExNcLd7t5BJxepKY7qT5
ugSAEA==
-----END CERTIFICATE-----
Generated at Thu Jun 13 08:01:44 2024 by rpki-client on console-ams.rpki-client.org