Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9186E81/16CF7566B17F11ED9684DC45C4F9AE02/8213ED86B18211ED961BC348C4F9AE02.roa
File:                     8213ED86B18211ED961BC348C4F9AE02.roa (raw, json)
Hash identifier:          +QnI0UZrS5ENO1HfW4khSuI3IyC9iYQtxaK38tT932I=
Subject key identifier:   D6:8A:70:62:62:44:F0:A0:15:07:A7:F5:2C:62:1A:AF:A2:D8:83:BE
Certificate issuer:       /CN=A9186E81/serialNumber=9DE4448AD9FCC73FAA2D2755F4BF549D31427005
Certificate serial:       C8
Authority key identifier: 9D:E4:44:8A:D9:FC:C7:3F:AA:2D:27:55:F4:BF:54:9D:31:42:70:05
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/neREitn8xz-qLSdV9L9UnTFCcAU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9186E81/16CF7566B17F11ED9684DC45C4F9AE02/8213ED86B18211ED961BC348C4F9AE02.roa
Signing time:             Sun 03 Mar 2024 05:37:38 +0000
ROA not before:           Sun 03 Mar 2024 05:37:38 +0000
ROA not after:            Thu 01 May 2025 00:00:00 +0000
asID:                     136784
IP address blocks:        103.80.8.0/24 maxlen: 24
                          103.80.9.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9186E81/16CF7566B17F11ED9684DC45C4F9AE02/neREitn8xz-qLSdV9L9UnTFCcAU.crl
                          rsync://rpki.apnic.net/member_repository/A9186E81/16CF7566B17F11ED9684DC45C4F9AE02/neREitn8xz-qLSdV9L9UnTFCcAU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/neREitn8xz-qLSdV9L9UnTFCcAU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:32:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 200 (0xc8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9186E81/serialNumber=9DE4448AD9FCC73FAA2D2755F4BF549D31427005
        Validity
            Not Before: Mar  3 05:37:38 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=65e40ca1-fdec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:ba:49:6c:99:6c:56:96:ad:eb:02:71:4e:de:
                    e2:44:64:8d:ca:79:8c:da:a7:f5:ef:2a:c2:e8:b3:
                    ee:62:a0:ae:80:7d:b4:09:32:ac:31:62:b5:97:ff:
                    7f:ef:3b:e7:0e:8b:56:77:60:f1:5d:8a:c8:f4:e9:
                    c6:b4:f3:ed:db:ed:bd:86:01:44:65:57:15:bc:78:
                    2b:d6:8a:09:7e:7d:fe:0e:bd:de:1c:76:d2:f0:2a:
                    7b:b8:0f:f5:69:b5:dd:31:64:fc:f7:8c:68:4f:64:
                    d2:b7:cb:1c:7d:40:7d:52:1b:12:cf:f4:4b:12:ef:
                    eb:f0:b0:b8:97:51:a5:25:9c:e2:03:2f:4c:47:f8:
                    3f:d5:85:e3:35:2c:d5:a8:7a:9c:75:24:82:77:16:
                    c9:92:53:18:78:78:fd:33:91:5d:03:19:56:8f:af:
                    9b:14:06:2f:fe:fe:0a:5b:6f:a1:3f:ed:b2:e0:70:
                    57:e1:11:c4:13:de:e2:b2:c8:4c:b0:11:2a:fe:5c:
                    79:92:b7:4b:f6:2f:f0:5f:f4:38:24:a3:69:6e:ba:
                    df:7f:39:ed:80:fd:fe:5b:ed:68:dc:e2:0c:94:40:
                    83:65:e7:55:94:06:a1:dd:87:59:c2:42:9d:bf:05:
                    c7:e0:89:7c:e9:9a:bb:43:21:23:fe:6a:a5:34:42:
                    b0:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:8A:70:62:62:44:F0:A0:15:07:A7:F5:2C:62:1A:AF:A2:D8:83:BE
            X509v3 Authority Key Identifier:
                keyid:9D:E4:44:8A:D9:FC:C7:3F:AA:2D:27:55:F4:BF:54:9D:31:42:70:05

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9186E81/16CF7566B17F11ED9684DC45C4F9AE02/neREitn8xz-qLSdV9L9UnTFCcAU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/neREitn8xz-qLSdV9L9UnTFCcAU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186E81/16CF7566B17F11ED9684DC45C4F9AE02/8213ED86B18211ED961BC348C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.80.8.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b2:98:2f:c6:1e:b1:66:73:b4:55:74:b7:eb:66:b2:9e:26:6a:
         fe:2a:47:da:33:74:f4:7f:e7:6d:de:1a:b2:c6:e8:a1:0b:c2:
         43:23:be:1a:ac:6a:b2:0e:97:b9:8e:e6:f2:6e:48:6a:f0:3e:
         f4:32:5d:72:5a:f8:4f:a6:ba:f0:73:42:a3:a0:b7:0a:52:dc:
         df:5c:ca:83:51:29:9d:77:69:58:80:54:b9:17:ad:de:bc:cd:
         dd:40:4a:b8:67:71:9e:40:45:d6:2e:43:9c:7d:bc:02:94:eb:
         42:72:df:48:d1:1e:a0:74:97:29:c4:bb:9a:e3:0f:6a:5c:3f:
         b3:85:98:70:68:26:48:e0:0c:61:23:10:85:1f:03:fa:1a:58:
         ce:6f:88:5c:f5:1b:7a:9b:af:99:05:74:38:2b:27:2d:72:64:
         84:7b:f2:fb:af:47:b6:d8:d5:5a:04:f9:17:da:a7:32:5a:2a:
         2a:b7:50:f0:29:98:fb:01:2e:b8:10:4e:a9:08:5f:b9:5e:94:
         ec:3a:5d:32:37:9b:20:cc:4c:44:5a:50:76:8a:79:bd:27:54:
         bc:6f:03:e3:bd:8d:18:3f:12:36:36:c7:24:58:93:e9:2f:b1:
         75:fe:05:45:f2:01:0f:b2:54:a4:fa:44:4c:4c:df:2c:0d:01:
         b5:bf:11:ae
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODZFODExMTAvBgNVBAUTKDlERTQ0NDhBRDlGQ0M3M0ZBQTJEMjc1NUY0QkY1NDlE
MzE0MjcwMDUwHhcNMjQwMzAzMDUzNzM4WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWU0MGNhMS1mZGVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkbpJbJlsVpat6wJxTt7iRGSNynmM2qf17yrC6LPuYqCugH20CTKsMWK1l/9/
7zvnDotWd2DxXYrI9OnGtPPt2+29hgFEZVcVvHgr1ooJfn3+Dr3eHHbS8Cp7uA/1
abXdMWT894xoT2TSt8scfUB9UhsSz/RLEu/r8LC4l1GlJZziAy9MR/g/1YXjNSzV
qHqcdSSCdxbJklMYeHj9M5FdAxlWj6+bFAYv/v4KW2+hP+2y4HBX4RHEE97isshM
sBEq/lx5krdL9i/wX/Q4JKNpbrrffzntgP3+W+1o3OIMlECDZedVlAah3YdZwkKd
vwXH4Il86Zq7QyEj/mqlNEKwjwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNaKcGJi
RPCgFQen9SxiGq+i2IO+MB8GA1UdIwQYMBaAFJ3kRIrZ/Mc/qi0nVfS/VJ0xQnAF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NkU4MS8xNkNGNzU2NkIx
N0YxMUVEOTY4NERDNDVDNEY5QUUwMi9uZVJFaXRuOHh6LXFMU2RWOUw5VW5URkNj
QVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25lUkVpdG44eHotcUxTZFY5TDlVblRGQ2NBVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODZFODEvMTZDRjc1NjZCMTdGMTFFRDk2ODREQzQ1QzRGOUFFMDIvODIxM0VEODZC
MTgyMTFFRDk2MUJDMzQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnUAgwDQYJKoZIhvcNAQELBQADggEBALKYL8YesWZztFV0
t+tmsp4mav4qR9ozdPR/523eGrLG6KELwkMjvhqsarIOl7mO5vJuSGrwPvQyXXJa
+E+muvBzQqOgtwpS3N9cyoNRKZ13aViAVLkXrd68zd1ASrhncZ5ARdYuQ5x9vAKU
60Jy30jRHqB0lynEu5rjD2pcP7OFmHBoJkjgDGEjEIUfA/oaWM5viFz1G3qbr5kF
dDgrJy1yZIR78vuvR7bY1VoE+RfapzJaKiq3UPApmPsBLrgQTqkIX7lelOw6XTI3
myDMTERaUHaKeb0nVLxvA+O9jRg/EjY2xyRYk+kvsXX+BUXyAQ+yVKT6RExM3ywN
AbW/Ea4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:58:44 2024 by rpki-client on console-ams.rpki-client.org