Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9189599/74B3B8561B5211EBB6489A69C4F9AE02/1C9AC81A1B5411EB99C9EE6DC4F9AE02.roa
File:                     1C9AC81A1B5411EB99C9EE6DC4F9AE02.roa (raw, json)
Hash identifier:          WLw2gLQVSrqgLkHXytyNlHZE1+cACJ0aT8RfJDpK7zo=
Subject key identifier:   45:66:38:3A:FF:6B:E7:1F:A4:3A:F6:13:F2:39:95:5C:D2:2B:EE:1D
Certificate issuer:       /CN=A9189599/serialNumber=9FD1BE7174E2B050933BC1A2C5E9C865471605F2
Certificate serial:       0609
Authority key identifier: 9F:D1:BE:71:74:E2:B0:50:93:3B:C1:A2:C5:E9:C8:65:47:16:05:F2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n9G-cXTisFCTO8GixenIZUcWBfI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9189599/74B3B8561B5211EBB6489A69C4F9AE02/1C9AC81A1B5411EB99C9EE6DC4F9AE02.roa
Signing time:             Mon 10 Jul 2023 22:39:20 +0000
ROA not before:           Mon 10 Jul 2023 22:39:20 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     133533
IP address blocks:        103.125.186.0/24 maxlen: 24
                          103.233.183.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9189599/74B3B8561B5211EBB6489A69C4F9AE02/n9G-cXTisFCTO8GixenIZUcWBfI.crl
                          rsync://rpki.apnic.net/member_repository/A9189599/74B3B8561B5211EBB6489A69C4F9AE02/n9G-cXTisFCTO8GixenIZUcWBfI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n9G-cXTisFCTO8GixenIZUcWBfI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 20:06:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1545 (0x609)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9189599/serialNumber=9FD1BE7174E2B050933BC1A2C5E9C865471605F2
        Validity
            Not Before: Jul 10 22:39:20 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=64ac8897-61e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:83:76:7a:d5:e3:e6:84:06:8c:5b:90:c1:9b:
                    37:21:e1:e2:dd:ed:fb:91:5c:f8:ba:c3:8b:e5:d4:
                    71:fe:55:ae:cd:fb:af:56:9e:45:a1:63:99:58:dd:
                    04:93:f6:f4:f6:d5:ee:f2:aa:b7:cb:13:3d:3c:40:
                    8e:d7:7d:21:c8:05:66:e0:c3:4e:9d:fb:db:99:be:
                    54:48:fa:e5:f1:5e:5f:9b:e4:05:06:57:e5:ea:44:
                    a4:68:04:1b:38:2e:56:40:9c:30:13:7f:93:f6:cf:
                    e8:6f:11:63:74:32:aa:5b:dd:f0:a8:16:7f:f2:29:
                    79:4c:b4:ed:fc:1a:4c:e5:43:df:88:32:84:b7:ed:
                    c5:79:79:2c:26:24:c5:25:6e:7d:38:d5:41:80:24:
                    24:39:1c:2b:9b:9b:1d:7f:96:05:0c:da:87:08:93:
                    63:0d:57:c6:26:57:f0:c5:76:11:cf:57:84:84:d5:
                    9d:8b:82:98:e0:1e:2e:86:7b:f4:92:85:85:26:8d:
                    80:22:00:10:a5:ec:a7:f1:c5:ba:18:06:ad:25:e5:
                    e1:dd:5c:a7:22:8e:6f:43:94:81:1e:9b:9e:b0:47:
                    8f:24:b5:33:c7:88:dd:11:05:1c:20:ca:bd:79:6b:
                    4f:59:ac:30:86:a0:a9:da:a1:c9:f7:83:ac:e8:40:
                    59:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:66:38:3A:FF:6B:E7:1F:A4:3A:F6:13:F2:39:95:5C:D2:2B:EE:1D
            X509v3 Authority Key Identifier:
                keyid:9F:D1:BE:71:74:E2:B0:50:93:3B:C1:A2:C5:E9:C8:65:47:16:05:F2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9189599/74B3B8561B5211EBB6489A69C4F9AE02/n9G-cXTisFCTO8GixenIZUcWBfI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n9G-cXTisFCTO8GixenIZUcWBfI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9189599/74B3B8561B5211EBB6489A69C4F9AE02/1C9AC81A1B5411EB99C9EE6DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.125.186.0/24
                  103.233.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:56:a6:9a:da:09:f2:eb:34:a0:14:d9:31:e3:42:a1:a4:f4:
         f6:71:6e:24:7d:aa:94:69:a7:7d:be:9a:f9:f7:f3:1e:26:4f:
         e1:7c:67:06:6f:8f:4e:9b:c1:a5:c9:d9:f6:9c:f3:45:98:fe:
         55:97:bb:e7:c3:93:66:c1:e7:e3:e7:d0:27:36:df:81:1c:43:
         22:cd:45:f8:2c:89:17:25:be:49:99:b3:e4:6e:34:37:d3:6a:
         50:fe:a7:3f:64:d0:45:a0:37:ae:81:96:80:eb:8c:37:3e:71:
         19:93:22:55:80:0a:8c:6b:79:6f:15:dd:16:49:59:36:e8:b1:
         29:36:17:be:65:2d:b1:8c:a3:88:ce:36:76:8f:ad:6e:27:7f:
         ec:b4:bf:65:58:28:33:f0:db:c8:93:e9:96:bb:91:23:64:2f:
         2b:1d:26:be:bc:8a:ab:78:45:52:23:b4:4b:ca:11:59:2b:19:
         cc:c0:75:8f:84:c2:aa:ff:b9:7a:65:07:19:34:3f:99:e7:0b:
         6b:f4:80:9c:c0:9c:a1:a8:bf:fe:f2:2b:53:3c:84:7d:64:27:
         76:66:2a:1f:bc:31:21:2e:24:3e:3c:3d:80:b6:86:8a:37:f2:
         cf:a7:9a:eb:be:f4:32:d3:06:be:57:9b:e7:ad:65:3b:3a:d8:
         c1:24:4a:4c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBgkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODk1OTkxMTAvBgNVBAUTKDlGRDFCRTcxNzRFMkIwNTA5MzNCQzFBMkM1RTlDODY1
NDcxNjA1RjIwHhcNMjMwNzEwMjIzOTIwWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGFjODg5Ny02MWU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8oN2etXj5oQGjFuQwZs3IeHi3e37kVz4usOL5dRx/lWuzfuvVp5FoWOZWN0E
k/b09tXu8qq3yxM9PECO130hyAVm4MNOnfvbmb5USPrl8V5fm+QFBlfl6kSkaAQb
OC5WQJwwE3+T9s/obxFjdDKqW93wqBZ/8il5TLTt/BpM5UPfiDKEt+3FeXksJiTF
JW59ONVBgCQkORwrm5sdf5YFDNqHCJNjDVfGJlfwxXYRz1eEhNWdi4KY4B4uhnv0
koWFJo2AIgAQpeyn8cW6GAatJeXh3VynIo5vQ5SBHpuesEePJLUzx4jdEQUcIMq9
eWtPWawwhqCp2qHJ94Os6EBZMQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEVmODr/
a+cfpDr2E/I5lVzSK+4dMB8GA1UdIwQYMBaAFJ/RvnF04rBQkzvBosXpyGVHFgXy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OTU5OS83NEIzQjg1NjFC
NTIxMUVCQjY0ODlBNjlDNEY5QUUwMi9uOUctY1hUaXNGQ1RPOEdpeGVuSVpVY1dC
ZkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL245Ry1jWFRpc0ZDVE84R2l4ZW5JWlVjV0JmSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODk1OTkvNzRCM0I4NTYxQjUyMTFFQkI2NDg5QTY5QzRGOUFFMDIvMUM5QUM4MUEx
QjU0MTFFQjk5QzlFRTZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnfboDBABn6bcwDQYJKoZIhvcNAQELBQADggEBAEBWppra
CfLrNKAU2THjQqGk9PZxbiR9qpRpp32+mvn38x4mT+F8ZwZvj06bwaXJ2fac80WY
/lWXu+fDk2bB5+Pn0Cc234EcQyLNRfgsiRclvkmZs+RuNDfTalD+pz9k0EWgN66B
loDrjDc+cRmTIlWACoxreW8V3RZJWTbosSk2F75lLbGMo4jONnaPrW4nf+y0v2VY
KDPw28iT6Za7kSNkLysdJr68iqt4RVIjtEvKEVkrGczAdY+Ewqr/uXplBxk0P5nn
C2v0gJzAnKGov/7yK1M8hH1kJ3ZmKh+8MSEuJD48PYC2hoo38s+nmuu+9DLTBr5X
m+etZTs62MEkSkw=
-----END CERTIFICATE-----
Generated at Mon Jun 17 00:19:02 2024 by rpki-client on console-fra.rpki-client.org