Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/7FA6B92E8AC711EE82F53656C4F9AE02.roa
File:                     7FA6B92E8AC711EE82F53656C4F9AE02.roa (raw, json)
Hash identifier:          mIVUlsdDDqqpKQ606rk76ezAydBg0GudeHKnzreCgYY=
Subject key identifier:   9D:D5:A0:43:CB:74:61:64:C5:9F:08:00:45:CE:3C:FD:EF:10:91:69
Certificate issuer:       /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial:       40B0
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/7FA6B92E8AC711EE82F53656C4F9AE02.roa
Signing time:             Fri 24 Nov 2023 12:46:34 +0000
ROA not before:           Fri 24 Nov 2023 12:46:34 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     150888
IP address blocks:        103.69.100.0/24 maxlen: 24
                          2401:3220::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
                          rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 02:50:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16560 (0x40b0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
        Validity
            Not Before: Nov 24 12:46:34 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=65609b2a-87c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:e9:af:90:70:82:f5:8c:d2:78:80:0b:a8:bc:
                    ea:ed:3e:b2:c6:39:36:3c:72:12:1a:6a:5a:ca:32:
                    8a:2f:e1:c7:cb:07:17:f8:f0:16:aa:01:b3:02:2d:
                    68:9a:bb:8b:22:15:88:aa:e4:f9:dc:e9:a1:89:a4:
                    24:f5:34:98:f6:d9:72:d9:76:3d:36:52:f4:ec:a5:
                    80:28:60:7b:1d:6f:7b:5b:40:f3:30:05:1c:58:14:
                    97:21:7c:39:24:6c:4e:19:1d:a7:00:3f:cc:1b:ef:
                    b9:3b:95:65:8f:35:12:e2:da:0a:94:16:44:34:b4:
                    f7:c7:63:9e:b1:8b:48:c2:44:60:dc:02:e2:7f:f8:
                    94:d7:85:2c:27:47:ba:f9:90:53:aa:2d:14:4c:5b:
                    d5:d9:a2:7e:55:69:0c:b9:bb:08:06:d3:38:5b:6f:
                    e0:d3:4e:6c:43:39:56:60:f2:b0:a9:2e:05:ed:f3:
                    1e:b3:54:ec:cd:e5:18:15:f2:10:f8:e9:1c:da:f0:
                    d5:cf:87:b5:8a:a6:13:cd:6c:6c:17:85:1a:3b:28:
                    e4:89:6b:50:02:d0:28:aa:28:19:6f:5a:d8:88:d5:
                    48:50:94:56:6d:56:e7:5e:bf:ad:af:f2:3b:a1:e4:
                    54:10:cf:8c:9e:8c:60:39:2f:42:6b:31:89:32:a4:
                    04:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:D5:A0:43:CB:74:61:64:C5:9F:08:00:45:CE:3C:FD:EF:10:91:69
            X509v3 Authority Key Identifier:
                keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/7FA6B92E8AC711EE82F53656C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.69.100.0/24
                IPv6:
                  2401:3220::/48

    Signature Algorithm: sha256WithRSAEncryption
         aa:11:fe:ef:6d:84:c0:5b:18:03:fc:49:3b:f4:97:b9:49:3b:
         09:c9:50:24:41:3d:55:c5:40:c7:fa:48:fd:0c:97:d4:15:d2:
         ce:c2:86:a0:29:9d:a1:4c:98:a9:f5:8c:8d:6a:d6:e9:6d:1c:
         75:9f:a5:90:47:d8:db:5f:63:a0:44:5c:97:7f:29:ec:e8:0a:
         bf:a9:40:31:a7:6f:1e:cc:61:61:7b:ff:2b:ff:23:a5:77:67:
         0d:4e:72:76:f4:ad:ff:67:da:01:89:8a:71:ea:09:d0:25:26:
         d9:c5:e6:53:ae:50:80:4d:a4:34:49:bd:f4:06:4b:30:32:83:
         57:64:6d:60:1e:fb:c1:4c:83:8c:b7:7f:51:bc:21:2b:fc:0c:
         1c:76:c0:dd:04:f6:60:38:eb:b5:08:d2:1d:1b:8d:44:c2:db:
         92:f8:ba:a4:70:bc:e1:2c:29:a6:36:f4:21:d1:c6:f9:ac:ad:
         83:b7:5c:3f:da:84:20:34:04:d8:0b:be:f6:e5:6a:e1:73:0e:
         03:39:b1:31:00:6e:5e:2d:be:d2:08:39:e5:78:a6:86:b3:ea:
         7f:27:b7:ce:91:00:df:b9:e5:ba:3f:5c:37:b4:a0:69:d4:f7:
         83:60:7b:45:da:ef:e3:e6:0c:06:a8:98:f2:a9:41:f5:a2:ad:
         d8:76:db:d1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICQLAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjMxMTI0MTI0NjM0WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTYwOWIyYS04N2M0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7emvkHCC9YzSeIALqLzq7T6yxjk2PHISGmpayjKKL+HHywcX+PAWqgGzAi1o
mruLIhWIquT53OmhiaQk9TSY9tly2XY9NlL07KWAKGB7HW97W0DzMAUcWBSXIXw5
JGxOGR2nAD/MG++5O5VljzUS4toKlBZENLT3x2OesYtIwkRg3ALif/iU14UsJ0e6
+ZBTqi0UTFvV2aJ+VWkMubsIBtM4W2/g005sQzlWYPKwqS4F7fMes1TszeUYFfIQ
+Okc2vDVz4e1iqYTzWxsF4UaOyjkiWtQAtAoqigZb1rYiNVIUJRWbVbnXr+tr/I7
oeRUEM+MnoxgOS9CazGJMqQE0wIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFJ3VoEPL
dGFkxZ8IAEXOPP3vEJFpMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvN0ZBNkI5MkU4
QUM3MTFFRTgyRjUzNjU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnRWQwDwQCAAIwCQMHACQBMiAAADANBgkqhkiG9w0BAQsF
AAOCAQEAqhH+722EwFsYA/xJO/SXuUk7CclQJEE9VcVAx/pI/QyX1BXSzsKGoCmd
oUyYqfWMjWrW6W0cdZ+lkEfY219joERcl38p7OgKv6lAMadvHsxhYXv/K/8jpXdn
DU5ydvSt/2faAYmKceoJ0CUm2cXmU65QgE2kNEm99AZLMDKDV2RtYB77wUyDjLd/
UbwhK/wMHHbA3QT2YDjrtQjSHRuNRMLbkvi6pHC84Swppjb0IdHG+aytg7dcP9qE
IDQE2Au+9uVq4XMOAzmxMQBuXi2+0gg55XimhrPqfye3zpEA37nluj9cN7SgadT3
g2B7Rdrv4+YMBqiY8qlB9aKt2Hbb0Q==
-----END CERTIFICATE-----
Generated at Sat Jun 15 06:34:16 2024 by rpki-client on console-ams.rpki-client.org