Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919F53A/36B52DFA2FC011EBA25FE982C4F9AE02/72BCBB042FC211EBB8550B0AC4F9AE02.roa
File:                     72BCBB042FC211EBB8550B0AC4F9AE02.roa (raw, json)
Hash identifier:          W74p/U+ZKm+i2aa6ytxthZ3GiXWBjWMUpOEQvBU+HkI=
Subject key identifier:   8A:7F:8E:44:FC:B2:ED:F6:29:1F:0A:95:63:42:A7:26:40:30:2E:29
Certificate issuer:       /CN=A919F53A/serialNumber=AF85788B8C52D128D5340A75095B8F0F11779C48
Certificate serial:       061D
Authority key identifier: AF:85:78:8B:8C:52:D1:28:D5:34:0A:75:09:5B:8F:0F:11:77:9C:48
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r4V4i4xS0SjVNAp1CVuPDxF3nEg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919F53A/36B52DFA2FC011EBA25FE982C4F9AE02/72BCBB042FC211EBB8550B0AC4F9AE02.roa
Signing time:             Tue 28 Nov 2023 23:31:37 +0000
ROA not before:           Tue 28 Nov 2023 23:31:37 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     132877
IP address blocks:        103.157.44.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919F53A/36B52DFA2FC011EBA25FE982C4F9AE02/r4V4i4xS0SjVNAp1CVuPDxF3nEg.crl
                          rsync://rpki.apnic.net/member_repository/A919F53A/36B52DFA2FC011EBA25FE982C4F9AE02/r4V4i4xS0SjVNAp1CVuPDxF3nEg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r4V4i4xS0SjVNAp1CVuPDxF3nEg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1565 (0x61d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919F53A/serialNumber=AF85788B8C52D128D5340A75095B8F0F11779C48
        Validity
            Not Before: Nov 28 23:31:37 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=65667859-e35b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:73:b4:43:96:87:de:b7:86:2c:ab:95:1c:60:
                    99:a9:18:cf:4d:25:91:a6:f7:aa:3a:63:55:d3:23:
                    19:24:90:fa:67:88:89:a6:8a:ff:8d:18:e5:62:c6:
                    d2:b9:98:01:12:2f:00:ad:10:c1:5e:8e:34:b9:9e:
                    ca:32:b1:cc:de:0e:6a:7c:6b:2b:2d:24:2e:5c:a4:
                    1f:85:94:66:0f:9e:fc:11:7d:12:99:9e:38:0b:7a:
                    a0:86:74:43:ec:70:76:ac:ba:eb:e9:63:28:8a:58:
                    26:df:1b:33:3b:f1:86:72:cd:1d:61:14:ed:06:37:
                    75:cd:d8:e3:2e:a1:43:78:6e:b1:79:1a:37:34:6d:
                    ef:23:1c:27:4a:0e:1e:db:8d:91:ef:37:7f:9a:81:
                    a3:09:1e:a5:fb:f3:72:ab:0b:d6:f1:4b:53:86:6c:
                    cd:7e:e2:da:54:a8:5b:45:e7:61:74:e7:9c:f6:aa:
                    0b:f7:6d:af:b6:dd:fe:00:10:7b:d3:9c:5d:98:23:
                    fe:5a:82:f7:93:5a:07:ba:c4:96:59:2f:3d:62:3f:
                    b4:53:89:b7:72:57:46:b3:01:7e:04:02:c9:95:e1:
                    52:0f:be:67:d3:f9:2c:fb:36:af:04:d9:35:bb:79:
                    f0:c3:c2:9f:d1:42:1a:59:11:0a:bf:5b:0a:e3:e6:
                    e6:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:7F:8E:44:FC:B2:ED:F6:29:1F:0A:95:63:42:A7:26:40:30:2E:29
            X509v3 Authority Key Identifier:
                keyid:AF:85:78:8B:8C:52:D1:28:D5:34:0A:75:09:5B:8F:0F:11:77:9C:48

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919F53A/36B52DFA2FC011EBA25FE982C4F9AE02/r4V4i4xS0SjVNAp1CVuPDxF3nEg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r4V4i4xS0SjVNAp1CVuPDxF3nEg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F53A/36B52DFA2FC011EBA25FE982C4F9AE02/72BCBB042FC211EBB8550B0AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.157.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ba:82:be:07:33:27:40:a0:90:bc:f7:4f:b7:0f:f7:ed:f8:bc:
         d5:29:b9:51:21:f6:70:e0:cd:65:66:f0:54:bf:e3:48:3f:35:
         3e:20:15:71:79:e3:ab:26:3b:0e:22:ea:6b:d0:8f:e1:7b:4d:
         10:44:e1:ea:98:f9:ee:f0:1b:f8:2c:bf:f5:d4:f3:b2:58:ef:
         eb:5f:a8:28:5a:54:15:8f:68:92:36:c7:c9:9b:b3:f8:6a:17:
         72:12:46:e7:80:d5:64:72:86:7b:bf:57:f8:3f:07:df:65:ec:
         99:f0:7b:06:3f:a2:85:6c:54:6a:68:b3:64:8f:9f:a1:fe:40:
         d2:f3:8d:db:12:5a:60:cf:33:da:6c:04:11:cc:e5:fe:09:cf:
         b0:86:9e:61:b5:27:71:bf:01:8a:b0:53:76:17:27:ea:67:4e:
         95:ee:35:42:73:16:1d:1d:66:53:ea:2a:55:42:05:bf:f9:03:
         46:12:db:6c:7e:61:57:72:da:5b:b9:64:e8:dd:8d:9e:68:f0:
         a2:e6:fd:23:80:39:8a:11:b0:b5:de:af:f1:38:d8:f3:f3:3d:
         ca:96:1e:f3:0f:fc:bc:24:cc:af:c4:f5:cc:4c:73:c1:c5:73:
         38:9b:b1:d4:08:16:f6:3b:dc:e7:7b:bd:7a:55:79:1f:8b:3a:
         a3:15:4e:0d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBh0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUY1M0ExMTAvBgNVBAUTKEFGODU3ODhCOEM1MkQxMjhENTM0MEE3NTA5NUI4RjBG
MTE3NzlDNDgwHhcNMjMxMTI4MjMzMTM3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTY2Nzg1OS1lMzViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAznO0Q5aH3reGLKuVHGCZqRjPTSWRpveqOmNV0yMZJJD6Z4iJpor/jRjlYsbS
uZgBEi8ArRDBXo40uZ7KMrHM3g5qfGsrLSQuXKQfhZRmD578EX0SmZ44C3qghnRD
7HB2rLrr6WMoilgm3xszO/GGcs0dYRTtBjd1zdjjLqFDeG6xeRo3NG3vIxwnSg4e
242R7zd/moGjCR6l+/NyqwvW8UtThmzNfuLaVKhbRedhdOec9qoL922vtt3+ABB7
05xdmCP+WoL3k1oHusSWWS89Yj+0U4m3cldGswF+BALJleFSD75n0/ks+zavBNk1
u3nww8Kf0UIaWREKv1sK4+bmKwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIp/jkT8
su32KR8KlWNCpyZAMC4pMB8GA1UdIwQYMBaAFK+FeIuMUtEo1TQKdQlbjw8Rd5xI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RjUzQS8zNkI1MkRGQTJG
QzAxMUVCQTI1RkU5ODJDNEY5QUUwMi9yNFY0aTR4UzBTalZOQXAxQ1Z1UER4RjNu
RWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3I0VjRpNHhTMFNqVk5BcDFDVnVQRHhGM25FZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUY1M0EvMzZCNTJERkEyRkMwMTFFQkEyNUZFOTgyQzRGOUFFMDIvNzJCQ0JCMDQy
RkMyMTFFQkI4NTUwQjBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnnSwwDQYJKoZIhvcNAQELBQADggEBALqCvgczJ0CgkLz3
T7cP9+34vNUpuVEh9nDgzWVm8FS/40g/NT4gFXF546smOw4i6mvQj+F7TRBE4eqY
+e7wG/gsv/XU87JY7+tfqChaVBWPaJI2x8mbs/hqF3ISRueA1WRyhnu/V/g/B99l
7JnwewY/ooVsVGpos2SPn6H+QNLzjdsSWmDPM9psBBHM5f4Jz7CGnmG1J3G/AYqw
U3YXJ+pnTpXuNUJzFh0dZlPqKlVCBb/5A0YS22x+YVdy2lu5ZOjdjZ5o8KLm/SOA
OYoRsLXer/E42PPzPcqWHvMP/LwkzK/E9cxMc8HFczibsdQIFvY73Od7vXpVeR+L
OqMVTg0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:24:11 2024 by rpki-client on console-fra.rpki-client.org