Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/E54A930293BD11EC8B2D9A58C4F9AE02.roa
File:                     E54A930293BD11EC8B2D9A58C4F9AE02.roa (raw, json)
Hash identifier:          hF0c+A2RdCscUlqekmOiBPrqfVn1oR8TWr/kVCifVT0=
Subject key identifier:   69:57:2C:B2:64:00:B8:EF:23:D1:99:D7:C5:E9:91:E7:EB:58:BD:5E
Certificate issuer:       /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial:       3E47
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/E54A930293BD11EC8B2D9A58C4F9AE02.roa
Signing time:             Tue 12 Sep 2023 02:40:52 +0000
ROA not before:           Tue 12 Sep 2023 02:40:52 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     131376
IP address blocks:        103.148.158.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
                          rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 21 Jun 2024 14:37:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15943 (0x3e47)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
        Validity
            Not Before: Sep 12 02:40:52 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=64ffcfb3-ade5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:44:ed:07:ca:a6:b5:3c:40:8e:5d:01:40:1a:
                    2c:70:95:55:34:31:b9:76:b9:64:18:77:15:b0:0a:
                    bc:d5:e2:6e:3f:78:87:2e:00:3e:b8:5f:f7:f0:0e:
                    d9:d7:93:7a:60:49:b4:24:43:15:00:8b:08:35:b5:
                    d8:36:19:ff:5a:cc:10:00:4f:73:51:1f:b8:b2:d0:
                    62:f6:02:18:cd:4c:d2:b5:62:6b:05:02:b6:1f:6f:
                    be:ee:44:8f:9f:74:bc:13:89:92:bc:11:be:3b:e9:
                    ec:3f:8b:48:75:bb:14:18:75:4c:18:1c:31:db:c5:
                    6e:0b:d1:e4:a7:cf:1d:ac:e5:3c:b3:75:35:36:5d:
                    aa:df:3b:0c:e3:ba:8c:85:56:4b:40:ac:96:fa:ef:
                    97:8f:20:27:c5:7b:62:31:42:c6:e9:5a:37:dd:68:
                    c6:40:99:d5:6b:fd:3b:8f:7f:c8:c8:f8:49:3a:d0:
                    82:12:ad:41:fe:bf:1d:75:2e:4a:16:a8:ed:c1:d0:
                    4a:45:18:de:53:92:83:b5:56:da:62:69:ab:d5:7d:
                    4e:72:20:27:62:39:30:30:41:13:f4:18:d8:6f:6b:
                    bd:2c:7b:bb:b2:08:1d:8b:e4:9d:9c:4e:b0:89:76:
                    db:10:24:e1:d8:4e:e7:a0:cf:30:ea:98:9e:3c:46:
                    46:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:57:2C:B2:64:00:B8:EF:23:D1:99:D7:C5:E9:91:E7:EB:58:BD:5E
            X509v3 Authority Key Identifier:
                keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/E54A930293BD11EC8B2D9A58C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.148.158.0/23

    Signature Algorithm: sha256WithRSAEncryption
         41:d1:47:b7:40:b6:ea:08:8f:69:2c:dd:f0:ea:76:d3:d5:fc:
         38:3e:4a:2a:7b:16:ef:d2:4e:fd:d4:c0:ea:e8:65:00:ef:9f:
         f5:5c:a2:27:88:42:49:51:58:ed:6f:63:b9:85:0a:b7:b5:e8:
         15:b5:8d:4e:13:09:07:a8:a5:1c:3e:93:c7:85:9c:5d:bf:57:
         70:a2:2b:e6:a4:b4:8c:82:a7:15:6e:58:e9:48:b1:12:84:43:
         72:9d:70:a2:92:0b:be:06:5c:b4:35:5f:4f:64:6f:cf:07:fd:
         35:85:a0:bf:d5:bc:a2:32:60:05:24:23:19:11:21:b7:f1:2c:
         84:83:36:cc:4f:79:15:cc:69:aa:49:86:1c:a1:0e:4a:a7:a5:
         2f:37:bf:c5:ce:3a:69:18:97:8e:57:20:07:6b:5a:bd:ed:65:
         1a:3d:df:59:c2:e2:58:3c:3f:88:f7:ea:9b:6c:74:40:d9:7f:
         ce:24:a3:91:bc:77:a7:74:3f:cc:1d:8c:5a:b2:df:18:84:12:
         f4:60:7e:3e:d9:95:31:57:49:4d:96:f5:23:25:f8:20:e7:de:
         7f:4b:2c:96:62:44:53:96:7a:74:69:c0:c7:9c:00:fd:63:c0:
         0d:a1:a4:71:b6:32:bd:ca:e3:05:d1:c8:10:b8:9c:eb:68:05:
         e9:df:31:ec
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICPkcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjMwOTEyMDI0MDUyWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGZmY2ZiMy1hZGU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApkTtB8qmtTxAjl0BQBoscJVVNDG5drlkGHcVsAq81eJuP3iHLgA+uF/38A7Z
15N6YEm0JEMVAIsINbXYNhn/WswQAE9zUR+4stBi9gIYzUzStWJrBQK2H2++7kSP
n3S8E4mSvBG+O+nsP4tIdbsUGHVMGBwx28VuC9Hkp88drOU8s3U1Nl2q3zsM47qM
hVZLQKyW+u+XjyAnxXtiMULG6Vo33WjGQJnVa/07j3/IyPhJOtCCEq1B/r8ddS5K
FqjtwdBKRRjeU5KDtVbaYmmr1X1OciAnYjkwMEET9BjYb2u9LHu7sggdi+SdnE6w
iXbbECTh2E7noM8w6piePEZGMQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGlXLLJk
ALjvI9GZ18XpkefrWL1eMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvRTU0QTkzMDI5
M0JEMTFFQzhCMkQ5QTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnlJ4wDQYJKoZIhvcNAQELBQADggEBAEHRR7dAtuoIj2ks
3fDqdtPV/Dg+Sip7Fu/STv3UwOroZQDvn/VcoieIQklRWO1vY7mFCre16BW1jU4T
CQeopRw+k8eFnF2/V3CiK+aktIyCpxVuWOlIsRKEQ3KdcKKSC74GXLQ1X09kb88H
/TWFoL/VvKIyYAUkIxkRIbfxLISDNsxPeRXMaapJhhyhDkqnpS83v8XOOmkYl45X
IAdrWr3tZRo931nC4lg8P4j36ptsdEDZf84ko5G8d6d0P8wdjFqy3xiEEvRgfj7Z
lTFXSU2W9SMl+CDn3n9LLJZiRFOWenRpwMecAP1jwA2hpHG2Mr3K4wXRyBC4nOto
BenfMew=
-----END CERTIFICATE-----
Generated at Fri Jun 14 16:49:42 2024 by rpki-client on console-fra.rpki-client.org