Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/243E2854305711ED9363AB84C4F9AE02.roa
File:                     243E2854305711ED9363AB84C4F9AE02.roa (raw, json)
Hash identifier:          WpO+fRkUl7X9dtXBch9ybiHqHpPGS2GJqACeKL7CQok=
Subject key identifier:   82:69:B5:14:74:28:FB:70:A8:E5:90:9F:22:49:5A:B0:1B:4C:F1:FF
Certificate issuer:       /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial:       4229
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/243E2854305711ED9363AB84C4F9AE02.roa
Signing time:             Thu 07 Mar 2024 08:17:16 +0000
ROA not before:           Thu 07 Mar 2024 08:17:16 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     135912
IP address blocks:        103.90.223.0/24 maxlen: 24
                          103.183.109.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
                          rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 02:50:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16937 (0x4229)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
        Validity
            Not Before: Mar  7 08:17:16 2024 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=65e9780c-8965
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:55:a7:6b:3b:cd:81:ea:8a:0b:e5:41:f2:68:
                    07:a5:4f:f8:33:53:e6:a7:b7:08:8e:98:f7:d2:48:
                    e2:38:ed:01:d3:53:fa:3f:ab:f7:fc:06:47:d1:82:
                    49:12:54:81:60:e3:a5:9c:54:d6:71:ee:57:ea:17:
                    0a:75:87:83:f9:2f:eb:da:d7:1a:08:73:e0:59:21:
                    13:06:cb:77:f3:5e:05:fc:ba:54:c8:11:50:14:19:
                    d3:ff:42:f9:5f:2e:4f:57:6d:53:24:ed:04:02:7f:
                    43:3b:98:c4:ae:1b:bf:85:aa:59:f2:fd:d0:4b:19:
                    eb:a0:8b:0c:38:bc:19:cd:f2:40:28:82:11:62:53:
                    9f:f8:42:7c:0c:c9:22:3c:ea:07:f3:90:44:22:3f:
                    f3:22:1b:aa:27:6b:65:bc:12:b3:d5:ee:3f:02:43:
                    ad:a2:cc:ac:21:b4:b8:58:07:bb:51:29:4b:08:c5:
                    6c:42:56:8a:9b:3d:ed:fc:c2:f9:87:d2:f6:5b:1e:
                    c0:26:0c:af:45:86:cc:53:3d:2e:d9:80:1f:d2:60:
                    fa:9f:6d:c9:d3:99:d9:01:6c:68:9c:de:d5:21:62:
                    e9:95:67:24:d9:4e:9b:e8:12:29:ef:cb:43:0e:bd:
                    b2:90:41:c7:ff:f3:a7:71:85:c8:99:54:74:75:62:
                    8b:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:69:B5:14:74:28:FB:70:A8:E5:90:9F:22:49:5A:B0:1B:4C:F1:FF
            X509v3 Authority Key Identifier:
                keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/243E2854305711ED9363AB84C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.90.223.0/24
                  103.183.109.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:16:b0:83:19:63:6c:4f:3d:5c:dd:22:e3:02:05:c5:2e:57:
         fb:6a:da:34:8c:c1:9a:24:63:73:3a:a1:d0:56:97:f7:99:6a:
         63:72:2b:f1:90:90:22:ec:92:01:20:77:df:6d:5e:73:8c:a8:
         e7:02:fa:e0:ce:0e:79:16:50:ab:7a:16:7b:14:7b:c5:3e:49:
         f0:46:76:ce:19:31:2b:64:89:4a:df:84:27:00:09:09:33:ba:
         b8:81:0d:b0:bd:de:e0:5c:9c:6a:bb:e8:48:7a:df:ea:2a:15:
         cd:4f:2e:7a:a7:cf:89:6a:66:63:75:1a:8d:87:76:5b:d4:a1:
         4d:6b:28:c4:69:c2:8d:80:2c:f5:8c:ef:73:90:3e:71:9f:02:
         61:91:99:2a:70:c8:11:9f:47:17:56:30:92:cb:ad:c9:ab:d0:
         74:27:32:f6:e4:82:b6:e0:47:25:13:d2:29:70:de:57:5b:05:
         3b:ec:b4:f9:6a:47:08:bf:63:08:8d:53:5c:de:02:dd:5d:7d:
         fd:eb:5e:55:ea:ec:29:10:0a:09:cc:bd:72:0b:86:6e:98:d9:
         d7:e2:05:f5:d9:d4:2a:8c:0d:9b:36:33:5d:50:1e:c7:9f:39:
         23:a5:55:44:a6:98:16:a1:bd:c2:3a:9c:0e:34:33:53:c6:98:
         ca:60:ef:7a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICQikwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwMzA3MDgxNzE2WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWU5NzgwYy04OTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArlWnazvNgeqKC+VB8mgHpU/4M1Pmp7cIjpj30kjiOO0B01P6P6v3/AZH0YJJ
ElSBYOOlnFTWce5X6hcKdYeD+S/r2tcaCHPgWSETBst3814F/LpUyBFQFBnT/0L5
Xy5PV21TJO0EAn9DO5jErhu/hapZ8v3QSxnroIsMOLwZzfJAKIIRYlOf+EJ8DMki
POoH85BEIj/zIhuqJ2tlvBKz1e4/AkOtosysIbS4WAe7USlLCMVsQlaKmz3t/ML5
h9L2Wx7AJgyvRYbMUz0u2YAf0mD6n23J05nZAWxonN7VIWLplWck2U6b6BIp78tD
Dr2ykEHH//OncYXImVR0dWKLNQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIJptRR0
KPtwqOWQnyJJWrAbTPH/MB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvMjQzRTI4NTQz
MDU3MTFFRDkzNjNBQjg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnWt8DBABnt20wDQYJKoZIhvcNAQELBQADggEBACsWsIMZ
Y2xPPVzdIuMCBcUuV/tq2jSMwZokY3M6odBWl/eZamNyK/GQkCLskgEgd99tXnOM
qOcC+uDODnkWUKt6FnsUe8U+SfBGds4ZMStkiUrfhCcACQkzuriBDbC93uBcnGq7
6Eh63+oqFc1PLnqnz4lqZmN1Go2HdlvUoU1rKMRpwo2ALPWM73OQPnGfAmGRmSpw
yBGfRxdWMJLLrcmr0HQnMvbkgrbgRyUT0ilw3ldbBTvstPlqRwi/YwiNU1zeAt1d
ff3rXlXq7CkQCgnMvXILhm6Y2dfiBfXZ1CqMDZs2M11QHsefOSOlVUSmmBahvcI6
nA40M1PGmMpg73o=
-----END CERTIFICATE-----
Generated at Sat Jun 15 05:33:24 2024 by rpki-client on console-fra.rpki-client.org