Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/5FC52CF470F911EE9992480DC4F9AE02.roa
File:                     5FC52CF470F911EE9992480DC4F9AE02.roa (raw, json)
Hash identifier:          Tg/75Gz0Tc9vcYluwLJ6x71YpUK4fJCr3LIJWa/ibUI=
Subject key identifier:   34:40:A7:DC:BC:EF:90:3B:BA:8C:76:EA:9A:CA:E2:58:70:E2:1A:19
Certificate issuer:       /CN=A918D808/serialNumber=0725F2491801505185C9069A4013635C38B56B72
Certificate serial:       060E
Authority key identifier: 07:25:F2:49:18:01:50:51:85:C9:06:9A:40:13:63:5C:38:B5:6B:72
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ByXySRgBUFGFyQaaQBNjXDi1a3I.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/5FC52CF470F911EE9992480DC4F9AE02.roa
Signing time:             Sat 04 Nov 2023 19:06:42 +0000
ROA not before:           Sat 04 Nov 2023 19:06:42 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     150335
IP address blocks:        103.104.141.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/ByXySRgBUFGFyQaaQBNjXDi1a3I.crl
                          rsync://rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/ByXySRgBUFGFyQaaQBNjXDi1a3I.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ByXySRgBUFGFyQaaQBNjXDi1a3I.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 11 Jun 2024 19:19:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1550 (0x60e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918D808/serialNumber=0725F2491801505185C9069A4013635C38B56B72
        Validity
            Not Before: Nov  4 19:06:42 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=65469641-57bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:93:11:7a:8b:9b:c6:2e:60:95:13:1d:03:ec:
                    26:50:e0:b1:09:a9:16:55:27:bd:f0:7f:6d:ab:80:
                    59:6b:73:d4:7b:0c:f0:e1:98:de:98:5c:b4:9a:95:
                    a9:b1:44:20:42:02:4f:41:e8:32:82:99:e5:88:70:
                    5a:f3:1a:8b:57:fc:c4:02:0b:cb:5d:44:29:2d:83:
                    dc:6b:df:f1:58:c6:42:e5:22:11:56:f0:f0:4d:17:
                    50:9a:fc:69:70:84:46:25:db:55:17:d4:ae:4f:fd:
                    26:07:8b:ac:f6:a3:ec:d1:1b:67:01:55:b4:1c:d0:
                    a4:59:75:21:37:a8:8a:7e:96:d1:1e:17:2f:1a:a5:
                    32:45:f1:ee:83:0d:c7:31:3d:4d:99:6e:6f:61:02:
                    4b:ca:03:37:01:ea:2b:93:61:84:6b:8a:44:4a:28:
                    e8:c3:cf:1c:10:32:3c:6d:0d:d1:fa:d4:a7:44:85:
                    e7:b0:06:47:d3:4f:6b:10:6b:40:41:2e:52:34:39:
                    d5:c7:56:c8:bf:f2:02:95:40:43:75:93:df:ab:6f:
                    81:a1:31:c9:0b:a3:0f:ef:3c:20:a5:0a:a4:de:e2:
                    5a:f2:f6:de:8e:69:b0:af:9b:74:c7:88:4f:ec:81:
                    b6:54:23:82:05:c0:04:0d:15:47:3f:95:1a:76:87:
                    9c:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:40:A7:DC:BC:EF:90:3B:BA:8C:76:EA:9A:CA:E2:58:70:E2:1A:19
            X509v3 Authority Key Identifier:
                keyid:07:25:F2:49:18:01:50:51:85:C9:06:9A:40:13:63:5C:38:B5:6B:72

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/ByXySRgBUFGFyQaaQBNjXDi1a3I.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ByXySRgBUFGFyQaaQBNjXDi1a3I.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/5FC52CF470F911EE9992480DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.104.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:65:8f:9b:fe:e6:e9:6b:9e:c1:78:43:7d:44:dc:b3:fe:e8:
         49:02:fe:23:21:d6:82:08:2a:c8:6f:d9:86:96:f1:dd:39:f6:
         2b:e1:3f:f0:a8:89:69:30:2b:b7:93:16:cd:cc:1b:24:92:90:
         97:00:66:3c:ce:76:79:28:0f:44:59:08:bf:f8:c2:08:a8:5b:
         b9:ae:9d:ec:0b:6e:51:a7:22:47:be:cb:bd:2b:7f:07:42:00:
         a2:32:de:6f:6c:d2:5e:60:10:68:f1:35:3b:30:e4:6c:db:ba:
         d2:4f:13:f2:1d:54:42:19:16:2a:06:b4:91:fc:ac:84:aa:d6:
         16:20:56:a7:25:21:c7:b1:2f:50:05:18:7c:e3:f5:d6:32:c7:
         db:4c:f8:74:d1:1a:2d:aa:c8:90:a8:ff:f4:3f:8b:36:a9:86:
         b0:88:c6:ee:0f:8f:28:e6:75:46:c8:33:06:d7:e2:cf:7b:a9:
         d1:47:84:a7:40:cc:3c:60:18:bc:e5:8d:0f:8c:fa:73:7b:13:
         49:1a:f1:ee:06:e1:0a:e0:ab:a4:1e:ca:d2:97:a1:5d:33:76:
         62:3e:8e:3c:52:8b:e7:8e:b3:61:cb:e0:95:88:e5:bc:13:8e:
         f2:64:4a:c5:38:23:b3:10:fd:9d:99:64:b7:20:7b:63:e2:10:
         e5:b3:ef:d6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBg4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQ4MDgxMTAvBgNVBAUTKDA3MjVGMjQ5MTgwMTUwNTE4NUM5MDY5QTQwMTM2MzVD
MzhCNTZCNzIwHhcNMjMxMTA0MTkwNjQyWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ2OTY0MS01N2JjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvZMReoubxi5glRMdA+wmUOCxCakWVSe98H9tq4BZa3PUewzw4ZjemFy0mpWp
sUQgQgJPQegygpnliHBa8xqLV/zEAgvLXUQpLYPca9/xWMZC5SIRVvDwTRdQmvxp
cIRGJdtVF9SuT/0mB4us9qPs0RtnAVW0HNCkWXUhN6iKfpbRHhcvGqUyRfHugw3H
MT1NmW5vYQJLygM3Aeork2GEa4pESijow88cEDI8bQ3R+tSnRIXnsAZH009rEGtA
QS5SNDnVx1bIv/IClUBDdZPfq2+BoTHJC6MP7zwgpQqk3uJa8vbejmmwr5t0x4hP
7IG2VCOCBcAEDRVHP5UadoecTwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDRAp9y8
75A7uox26prK4lhw4hoZMB8GA1UdIwQYMBaAFAcl8kkYAVBRhckGmkATY1w4tWty
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDgwOC9FMjZCNDY0MkY0
QjIxMUU5QkYzQ0U1NjNDNEY5QUUwMi9CeVh5U1JnQlVGR0Z5UWFhUUJOalhEaTFh
M0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0J5WHlTUmdCVUZHRnlRYWFRQk5qWERpMWEzSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEQ4MDgvRTI2QjQ2NDJGNEIyMTFFOUJGM0NFNTYzQzRGOUFFMDIvNUZDNTJDRjQ3
MEY5MTFFRTk5OTI0ODBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnaI0wDQYJKoZIhvcNAQELBQADggEBAHRlj5v+5ulrnsF4
Q31E3LP+6EkC/iMh1oIIKshv2YaW8d059ivhP/CoiWkwK7eTFs3MGySSkJcAZjzO
dnkoD0RZCL/4wgioW7munewLblGnIke+y70rfwdCAKIy3m9s0l5gEGjxNTsw5Gzb
utJPE/IdVEIZFioGtJH8rISq1hYgVqclIcexL1AFGHzj9dYyx9tM+HTRGi2qyJCo
//Q/izaphrCIxu4PjyjmdUbIMwbX4s97qdFHhKdAzDxgGLzljQ+M+nN7E0ka8e4G
4Qrgq6QeytKXoV0zdmI+jjxSi+eOs2HL4JWI5bwTjvJkSsU4I7MQ/Z2ZZLcge2Pi
EOWz79Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:26 2024 by rpki-client on console-ams.rpki-client.org