Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/E47AE50893BD11EC8B2D9A58C4F9AE02.roa
File:                     E47AE50893BD11EC8B2D9A58C4F9AE02.roa (raw, json)
Hash identifier:          9XFx1PCcv6bqFaMp2mNp9+9QD2UBcyG+e17f+lT4uL0=
Subject key identifier:   D3:0F:A5:09:08:0F:67:20:52:74:AC:7B:CA:B4:7E:29:D6:3F:68:88
Certificate issuer:       /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial:       3E37
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/E47AE50893BD11EC8B2D9A58C4F9AE02.roa
Signing time:             Tue 12 Sep 2023 02:40:38 +0000
ROA not before:           Tue 12 Sep 2023 02:40:38 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     131127
IP address blocks:        183.91.160.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
                          rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 02:50:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15927 (0x3e37)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
        Validity
            Not Before: Sep 12 02:40:38 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=64ffcfa6-a6bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:d8:07:86:7c:97:07:9f:da:0e:fe:38:44:2e:
                    1e:ce:2d:12:cf:ad:61:79:af:73:b7:b6:c6:8a:8b:
                    7e:30:df:83:57:32:56:dd:d3:da:79:61:5c:ae:16:
                    6c:70:c3:41:d0:8a:a1:79:93:e6:59:f1:96:f4:6a:
                    a1:c3:2c:75:88:66:bc:c9:7d:86:1a:92:67:d7:64:
                    b4:b6:d4:02:9c:c9:78:37:69:33:b4:49:43:16:3c:
                    a8:bf:68:c4:67:e3:08:09:26:4d:c0:8a:b6:e4:9d:
                    24:ee:83:b3:f5:f0:26:45:e4:b8:11:42:9d:af:bc:
                    00:67:ab:77:7d:e2:35:d7:b5:9f:03:05:17:65:ac:
                    16:15:d8:2c:f5:74:82:0b:b2:21:b0:13:50:11:5c:
                    1d:a2:a3:db:22:eb:f8:61:a9:48:c8:b1:63:44:97:
                    58:4c:aa:b3:da:61:31:66:88:86:85:d8:94:9c:e8:
                    40:d3:a2:fd:2e:eb:54:e5:e2:0a:9f:a8:97:e4:56:
                    58:88:82:ac:b0:36:c3:5d:7a:25:e8:98:08:61:d6:
                    50:6c:92:b4:5a:26:95:f4:15:f2:fb:ed:2b:1b:b7:
                    c7:82:7d:15:4d:ed:92:56:9d:c3:80:1b:14:d4:9c:
                    fa:9a:86:c6:a6:5a:42:85:4c:37:31:34:e9:cc:ee:
                    b2:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:0F:A5:09:08:0F:67:20:52:74:AC:7B:CA:B4:7E:29:D6:3F:68:88
            X509v3 Authority Key Identifier:
                keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/E47AE50893BD11EC8B2D9A58C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  183.91.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         81:e5:17:e6:2f:f5:8f:f6:b2:04:22:83:a8:ec:a7:80:78:9a:
         cc:26:28:c2:c1:97:21:eb:e3:c8:a8:91:9f:32:06:b3:44:ea:
         33:ad:cc:ab:5d:06:2f:7c:67:26:be:7d:9e:30:0f:ee:a6:b6:
         56:e3:0c:a7:7e:94:ad:40:b6:66:49:c6:39:a2:35:79:95:bd:
         02:09:e9:75:f6:db:e7:26:e2:33:1d:eb:9f:d0:40:17:25:cb:
         91:2d:38:fa:f1:93:76:3e:ea:5c:d2:8a:57:d6:29:f8:e0:29:
         06:cf:4e:26:f0:0b:6d:d3:af:d5:00:67:11:bf:f2:31:98:c8:
         0e:40:bb:7c:af:e9:5c:7a:51:e0:cf:d5:b7:72:5e:e7:3e:e7:
         92:b1:bf:d1:8e:2c:f4:1b:78:28:0c:3c:e0:6e:05:60:60:cb:
         a7:59:94:ca:7d:2f:eb:ef:4d:bd:a1:c7:e3:8b:58:af:18:7f:
         62:d7:c1:fc:3d:00:6a:10:ee:ea:4d:84:20:19:18:42:51:8b:
         4b:34:e0:17:5a:da:56:56:71:ce:2f:e6:6f:02:3e:ad:16:83:
         50:ef:bb:df:07:ee:a7:76:1c:5c:40:fd:56:dd:e5:c1:72:eb:
         30:4e:f6:29:02:cd:e8:16:7c:c9:0f:2a:e1:88:0c:a6:3d:68:
         40:5f:5f:d7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICPjcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjMwOTEyMDI0MDM4WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGZmY2ZhNi1hNmJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAktgHhnyXB5/aDv44RC4ezi0Sz61hea9zt7bGiot+MN+DVzJW3dPaeWFcrhZs
cMNB0IqheZPmWfGW9Gqhwyx1iGa8yX2GGpJn12S0ttQCnMl4N2kztElDFjyov2jE
Z+MICSZNwIq25J0k7oOz9fAmReS4EUKdr7wAZ6t3feI117WfAwUXZawWFdgs9XSC
C7IhsBNQEVwdoqPbIuv4YalIyLFjRJdYTKqz2mExZoiGhdiUnOhA06L9LutU5eIK
n6iX5FZYiIKssDbDXXol6JgIYdZQbJK0WiaV9BXy++0rG7fHgn0VTe2SVp3DgBsU
1Jz6mobGplpChUw3MTTpzO6yfQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNMPpQkI
D2cgUnSse8q0finWP2iIMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvRTQ3QUU1MDg5
M0JEMTFFQzhCMkQ5QTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAW3W6AwDQYJKoZIhvcNAQELBQADggEBAIHlF+Yv9Y/2sgQi
g6jsp4B4mswmKMLBlyHr48iokZ8yBrNE6jOtzKtdBi98Zya+fZ4wD+6mtlbjDKd+
lK1AtmZJxjmiNXmVvQIJ6XX22+cm4jMd65/QQBcly5EtOPrxk3Y+6lzSilfWKfjg
KQbPTibwC23Tr9UAZxG/8jGYyA5Au3yv6Vx6UeDP1bdyXuc+55Kxv9GOLPQbeCgM
POBuBWBgy6dZlMp9L+vvTb2hx+OLWK8Yf2LXwfw9AGoQ7upNhCAZGEJRi0s04Bda
2lZWcc4v5m8CPq0Wg1Dvu98H7qd2HFxA/Vbd5cFy6zBO9ikCzegWfMkPKuGIDKY9
aEBfX9c=
-----END CERTIFICATE-----
Generated at Sat Jun 15 06:34:17 2024 by rpki-client on console-ams.rpki-client.org