Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/3508C1BA343611EE8150CB80C4F9AE02.roa
File:                     3508C1BA343611EE8150CB80C4F9AE02.roa (raw, json)
Hash identifier:          aD4ChZ3bd9bxB+YXMB67KI0nmBGQEArk85PIUwarODg=
Subject key identifier:   07:2F:1A:2F:34:3B:04:9F:DD:E3:DD:11:BF:AF:E9:C4:01:CC:F7:8A
Certificate issuer:       /CN=A91B9C52/serialNumber=7905553FECA59030D51918372F1EE17274949FB5
Certificate serial:       03C7
Authority key identifier: 79:05:55:3F:EC:A5:90:30:D5:19:18:37:2F:1E:E1:72:74:94:9F:B5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/3508C1BA343611EE8150CB80C4F9AE02.roa
Signing time:             Sun 06 Aug 2023 08:49:52 +0000
ROA not before:           Sun 06 Aug 2023 08:49:52 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     150750
IP address blocks:        103.151.236.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.crl
                          rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:52:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 967 (0x3c7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B9C52/serialNumber=7905553FECA59030D51918372F1EE17274949FB5
        Validity
            Not Before: Aug  6 08:49:52 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=64cf5eb0-ac97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:46:54:c4:38:be:da:99:83:49:0c:2f:ba:82:
                    f8:5c:10:73:db:3b:ec:99:4b:e2:9e:ae:46:3e:8b:
                    5a:5d:c1:cc:37:17:a2:70:9e:55:d1:7c:83:fd:4f:
                    16:5b:a3:6d:94:d6:9d:d3:94:65:1f:62:3c:9a:7b:
                    ee:de:fb:eb:a0:3e:e8:aa:8a:53:72:a1:84:1d:88:
                    40:11:9d:a2:d0:0a:c7:3f:2c:14:a6:48:be:45:b7:
                    74:ee:b1:69:59:9c:ab:67:b1:1f:ba:66:e6:e6:7e:
                    98:81:51:66:f2:23:0b:4e:9e:76:a3:a4:80:d5:20:
                    bc:57:a1:dd:83:f0:b5:e4:10:4f:12:79:94:90:a0:
                    3c:c3:83:08:56:59:fb:73:f4:89:29:24:07:07:fe:
                    20:37:e8:38:4e:29:a3:cf:08:0a:ce:37:48:9c:55:
                    fa:7e:51:c9:6b:7a:ee:29:12:a2:6f:ec:7d:f1:78:
                    19:8b:3f:bc:3d:64:7f:47:56:c1:6a:50:b5:df:f2:
                    ba:56:7b:6a:f6:82:26:c4:dc:46:97:11:6f:91:e3:
                    d1:ab:bc:8f:f3:4c:47:11:60:5a:1e:97:76:18:48:
                    5f:04:61:e4:5f:5c:9a:f5:91:cb:1e:c2:a8:7c:fe:
                    ef:17:ec:89:9a:c1:13:64:1e:3a:75:ab:61:8a:5a:
                    6a:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:2F:1A:2F:34:3B:04:9F:DD:E3:DD:11:BF:AF:E9:C4:01:CC:F7:8A
            X509v3 Authority Key Identifier:
                keyid:79:05:55:3F:EC:A5:90:30:D5:19:18:37:2F:1E:E1:72:74:94:9F:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/3508C1BA343611EE8150CB80C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.151.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:a4:cb:25:99:43:ba:d8:3f:c6:d7:cc:fa:4e:2b:76:8d:5b:
         dd:cc:62:11:33:13:bc:03:d0:2d:17:03:01:26:7b:0c:54:e6:
         b8:71:76:a7:70:6c:07:78:36:8d:a1:23:5d:6c:54:ea:f8:c6:
         0b:21:a8:dd:43:ba:41:25:33:ab:4a:cb:ef:6b:08:c9:c7:64:
         df:1e:b6:f1:9c:5f:fe:76:9c:98:47:92:6d:8c:d1:51:8e:0e:
         4b:30:df:fe:95:8a:22:2d:7e:a7:08:c4:fb:4b:20:7c:40:dd:
         72:00:fd:a8:e1:64:62:56:4c:0c:64:bc:49:07:92:7f:b9:7f:
         68:25:e8:e9:36:fa:07:2b:d6:75:f5:d4:8f:12:55:57:df:f9:
         20:83:bd:46:d1:d5:27:87:46:52:3a:c6:a2:ec:1e:74:5e:0f:
         ab:23:bd:7c:fc:5f:79:54:2b:b6:de:b3:12:ca:f7:1b:3f:dd:
         a1:55:c8:59:15:03:ed:d9:b7:23:d6:ad:a4:5c:4a:79:fa:52:
         29:7a:78:11:3d:67:e8:c2:34:98:09:e9:64:89:9a:5b:f8:1c:
         ac:b1:ce:33:83:65:39:06:2e:f0:e7:ba:5c:44:e3:36:11:ea:
         d4:f4:2e:e3:91:b4:23:ab:82:2c:f8:88:2e:60:a8:42:e8:09:
         38:2e:4d:a6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA8cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlDNTIxMTAvBgNVBAUTKDc5MDU1NTNGRUNBNTkwMzBENTE5MTgzNzJGMUVFMTcy
NzQ5NDlGQjUwHhcNMjMwODA2MDg0OTUyWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNmNWViMC1hYzk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtUZUxDi+2pmDSQwvuoL4XBBz2zvsmUvinq5GPotaXcHMNxeicJ5V0XyD/U8W
W6NtlNad05RlH2I8mnvu3vvroD7oqopTcqGEHYhAEZ2i0ArHPywUpki+Rbd07rFp
WZyrZ7Efumbm5n6YgVFm8iMLTp52o6SA1SC8V6Hdg/C15BBPEnmUkKA8w4MIVln7
c/SJKSQHB/4gN+g4TimjzwgKzjdInFX6flHJa3ruKRKib+x98XgZiz+8PWR/R1bB
alC13/K6Vntq9oImxNxGlxFvkePRq7yP80xHEWBaHpd2GEhfBGHkX1ya9ZHLHsKo
fP7vF+yJmsETZB46dathilpqzQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAcvGi80
OwSf3ePdEb+v6cQBzPeKMB8GA1UdIwQYMBaAFHkFVT/spZAw1RkYNy8e4XJ0lJ+1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUM1Mi82QjcxNTE2MjBE
N0UxMUVDOUMwQjVGNzVDNEY5QUUwMi9lUVZWUC15bGtERFZHUmczTHg3aGNuU1Vu
N1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VRVlZQLXlsa0REVkdSZzNMeDdoY25TVW43VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjlDNTIvNkI3MTUxNjIwRDdFMTFFQzlDMEI1Rjc1QzRGOUFFMDIvMzUwOEMxQkEz
NDM2MTFFRTgxNTBDQjgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnl+wwDQYJKoZIhvcNAQELBQADggEBAGukyyWZQ7rYP8bX
zPpOK3aNW93MYhEzE7wD0C0XAwEmewxU5rhxdqdwbAd4No2hI11sVOr4xgshqN1D
ukElM6tKy+9rCMnHZN8etvGcX/52nJhHkm2M0VGODksw3/6ViiItfqcIxPtLIHxA
3XIA/ajhZGJWTAxkvEkHkn+5f2gl6Ok2+gcr1nX11I8SVVff+SCDvUbR1SeHRlI6
xqLsHnReD6sjvXz8X3lUK7besxLK9xs/3aFVyFkVA+3ZtyPWraRcSnn6Uil6eBE9
Z+jCNJgJ6WSJmlv4HKyxzjODZTkGLvDnulxE4zYR6tT0LuORtCOrgiz4iC5gqELo
CTguTaY=
-----END CERTIFICATE-----
Generated at Sat Jun 15 03:05:59 2024 by rpki-client on console-fra.rpki-client.org