Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/19DD2D2A8F6911EE96E34B3FC4F9AE02.roa
File:                     19DD2D2A8F6911EE96E34B3FC4F9AE02.roa (raw, json)
Hash identifier:          b63O5Ckj/agt7TqK+Tkq+N+8YMbztgu420L6B8WC7zY=
Subject key identifier:   05:C0:C8:75:72:49:7B:26:DA:56:1B:90:68:7A:D7:C9:62:6C:31:45
Certificate issuer:       /CN=A9198996/serialNumber=692135608683755E94D8ECA57D8B0B358ECE1718
Certificate serial:       028E
Authority key identifier: 69:21:35:60:86:83:75:5E:94:D8:EC:A5:7D:8B:0B:35:8E:CE:17:18
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aSE1YIaDdV6U2OylfYsLNY7OFxg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/19DD2D2A8F6911EE96E34B3FC4F9AE02.roa
Signing time:             Sun 09 Jun 2024 05:01:16 +0000
ROA not before:           Sun 09 Jun 2024 05:01:16 +0000
ROA not after:            Sun 31 Aug 2025 00:00:00 +0000
asID:                     149522
IP address blocks:        103.115.140.0/24 maxlen: 24
                          103.115.141.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/aSE1YIaDdV6U2OylfYsLNY7OFxg.crl
                          rsync://rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/aSE1YIaDdV6U2OylfYsLNY7OFxg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aSE1YIaDdV6U2OylfYsLNY7OFxg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 24 Jun 2024 03:40:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 654 (0x28e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9198996/serialNumber=692135608683755E94D8ECA57D8B0B358ECE1718
        Validity
            Not Before: Jun  9 05:01:16 2024 GMT
            Not After : Aug 31 00:00:00 2025 GMT
        Subject: CN=6665371c-e40f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:af:9e:9b:ed:99:c7:ce:42:99:52:a9:8f:31:
                    67:35:cf:71:8e:b8:28:db:c3:58:a2:52:a3:01:2b:
                    dc:9c:1d:0c:db:42:b8:d4:8b:7b:85:6b:f8:c0:10:
                    8f:21:37:e5:ef:f8:0e:54:28:cc:e2:65:f2:0e:cb:
                    f1:c2:86:6d:f7:3e:e6:fd:c3:52:4f:87:a1:f3:5c:
                    b9:88:9d:d1:f9:f7:a0:6e:1e:ce:9c:62:e4:b1:6c:
                    4f:4c:a9:e5:25:48:b9:ed:e7:c1:bf:bb:8f:fe:76:
                    db:50:ab:5e:d6:87:c1:70:78:9f:47:06:ac:14:60:
                    00:55:ab:fe:b5:68:44:03:ad:47:a0:d4:ab:30:58:
                    f6:af:c8:00:59:b8:33:04:f0:c2:3b:4b:45:6e:b2:
                    15:16:e8:ae:87:8e:03:e5:53:5f:b2:1e:45:c7:0d:
                    48:49:ac:fe:75:ff:9e:c6:3f:9e:0c:d7:46:4e:a7:
                    28:86:1c:d5:c9:3e:be:9b:0b:2b:bb:d2:a3:43:d5:
                    fd:80:da:bf:7a:6e:91:45:00:85:ca:af:ff:f4:2e:
                    6e:50:0f:77:68:42:6b:95:db:7f:4d:b6:0a:aa:5c:
                    40:27:bd:50:b7:d2:af:80:15:94:4c:39:f2:be:39:
                    ff:af:71:cb:d3:0f:7e:f6:ca:2d:3e:17:77:37:82:
                    ee:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:C0:C8:75:72:49:7B:26:DA:56:1B:90:68:7A:D7:C9:62:6C:31:45
            X509v3 Authority Key Identifier:
                keyid:69:21:35:60:86:83:75:5E:94:D8:EC:A5:7D:8B:0B:35:8E:CE:17:18

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/aSE1YIaDdV6U2OylfYsLNY7OFxg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aSE1YIaDdV6U2OylfYsLNY7OFxg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/19DD2D2A8F6911EE96E34B3FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.115.140.0/23

    Signature Algorithm: sha256WithRSAEncryption
         10:68:b5:0c:3a:14:6b:23:c6:41:5d:6a:ea:ab:50:17:10:ee:
         8a:6e:6e:3f:42:2f:21:18:b0:ed:6a:3e:91:83:5b:d1:9a:be:
         96:84:2d:9a:af:ba:a1:2e:fc:a1:21:96:05:54:b3:a3:88:3f:
         6e:21:04:b6:9d:1a:41:30:4c:7e:17:d9:d2:27:e6:60:07:cc:
         24:3c:18:fd:67:fa:55:02:23:ac:64:5f:2f:97:74:7e:f9:a4:
         60:d7:54:a4:df:d8:5c:60:74:45:99:bc:3c:14:3a:ac:df:28:
         2f:ea:16:7d:61:8d:46:9f:30:32:4d:22:63:86:12:86:19:35:
         b2:c5:6b:d0:22:d1:65:84:4d:98:df:52:57:12:69:5e:8b:10:
         29:72:c2:05:37:8b:26:58:de:a2:73:77:d2:c4:ab:47:b0:52:
         8f:89:e3:cc:d2:1f:1d:98:68:01:64:1e:8a:80:0b:b5:c8:20:
         19:92:54:9a:12:c6:9d:bb:89:a4:9d:e0:3b:fd:21:1e:be:8e:
         82:e0:0b:1f:68:6a:4a:f5:82:6d:5b:71:39:1f:25:5e:c5:9b:
         68:47:6b:ba:c1:db:5a:a1:2b:f0:05:ab:47:12:aa:b5:32:51:
         f2:ff:24:11:9a:1d:69:47:d2:f2:30:58:a0:0a:cb:dd:a1:b9:
         5a:83:bd:01
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAo4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTg5OTYxMTAvBgNVBAUTKDY5MjEzNTYwODY4Mzc1NUU5NEQ4RUNBNTdEOEIwQjM1
OEVDRTE3MTgwHhcNMjQwNjA5MDUwMTE2WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjY1MzcxYy1lNDBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr6+em+2Zx85CmVKpjzFnNc9xjrgo28NYolKjASvcnB0M20K41It7hWv4wBCP
ITfl7/gOVCjM4mXyDsvxwoZt9z7m/cNST4eh81y5iJ3R+fegbh7OnGLksWxPTKnl
JUi57efBv7uP/nbbUKte1ofBcHifRwasFGAAVav+tWhEA61HoNSrMFj2r8gAWbgz
BPDCO0tFbrIVFuiuh44D5VNfsh5Fxw1ISaz+df+exj+eDNdGTqcohhzVyT6+mwsr
u9KjQ9X9gNq/em6RRQCFyq//9C5uUA93aEJrldt/TbYKqlxAJ71Qt9KvgBWUTDny
vjn/r3HL0w9+9sotPhd3N4LuOwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAXAyHVy
SXsm2lYbkGh618libDFFMB8GA1UdIwQYMBaAFGkhNWCGg3VelNjspX2LCzWOzhcY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODk5Ni82NjAzMEY1RUQw
NjAxMUVDQkE0MEZDODNDNEY5QUUwMi9hU0UxWUlhRGRWNlUyT3lsZllzTE5ZN09G
eGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FTRTFZSWFEZFY2VTJPeWxmWXNMTlk3T0Z4Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTg5OTYvNjYwMzBGNUVEMDYwMTFFQ0JBNDBGQzgzQzRGOUFFMDIvMTlERDJEMkE4
RjY5MTFFRTk2RTM0QjNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnc4wwDQYJKoZIhvcNAQELBQADggEBABBotQw6FGsjxkFd
auqrUBcQ7opubj9CLyEYsO1qPpGDW9GavpaELZqvuqEu/KEhlgVUs6OIP24hBLad
GkEwTH4X2dIn5mAHzCQ8GP1n+lUCI6xkXy+XdH75pGDXVKTf2FxgdEWZvDwUOqzf
KC/qFn1hjUafMDJNImOGEoYZNbLFa9Ai0WWETZjfUlcSaV6LEClywgU3iyZY3qJz
d9LEq0ewUo+J48zSHx2YaAFkHoqAC7XIIBmSVJoSxp27iaSd4Dv9IR6+joLgCx9o
akr1gm1bcTkfJV7Fm2hHa7rB21qhK/AFq0cSqrUyUfL/JBGaHWlH0vIwWKAKy92h
uVqDvQE=
-----END CERTIFICATE-----
Generated at Mon Jun 17 04:54:45 2024 by rpki-client on console-fra.rpki-client.org