Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2677/6457DFD8D83711ED8C096629C4F9AE02/5A1F332618A211EEB9517111C4F9AE02.roa
File:                     5A1F332618A211EEB9517111C4F9AE02.roa (raw, json)
Hash identifier:          L46j7D5JqRMEtMeerHLvKLCnSiPpfI4fJUlK6SBHvHs=
Subject key identifier:   4E:C2:9B:03:E5:27:45:F8:F2:0A:D5:83:55:9B:D1:BE:00:84:56:87
Certificate issuer:       /CN=A91C2677/serialNumber=0A9538527DA532FE31D750D13696E5CEAF2A9BCF
Certificate serial:       CF
Authority key identifier: 0A:95:38:52:7D:A5:32:FE:31:D7:50:D1:36:96:E5:CE:AF:2A:9B:CF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CpU4Un2lMv4x11DRNpblzq8qm88.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C2677/6457DFD8D83711ED8C096629C4F9AE02/5A1F332618A211EEB9517111C4F9AE02.roa
Signing time:             Sat 11 May 2024 06:39:52 +0000
ROA not before:           Sat 11 May 2024 06:39:52 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     63526
IP address blocks:        103.122.142.0/23 maxlen: 23
                          103.122.142.0/24 maxlen: 24
                          103.122.143.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C2677/6457DFD8D83711ED8C096629C4F9AE02/CpU4Un2lMv4x11DRNpblzq8qm88.crl
                          rsync://rpki.apnic.net/member_repository/A91C2677/6457DFD8D83711ED8C096629C4F9AE02/CpU4Un2lMv4x11DRNpblzq8qm88.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CpU4Un2lMv4x11DRNpblzq8qm88.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 24 Jun 2024 06:25:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 207 (0xcf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C2677/serialNumber=0A9538527DA532FE31D750D13696E5CEAF2A9BCF
        Validity
            Not Before: May 11 06:39:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=663f12b8-961f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:14:24:f1:e5:27:7f:a7:3f:5f:8f:0d:ae:10:
                    41:49:42:f2:32:a3:4d:e4:b3:bf:f9:78:9f:8e:b5:
                    2e:12:1d:5f:af:69:76:56:0d:95:eb:4e:47:db:96:
                    b1:94:b5:89:45:c8:41:40:8b:32:9c:96:87:b8:6e:
                    da:7d:ae:fd:ae:6e:85:ef:0d:0c:b1:ec:6f:d1:c0:
                    30:d3:66:e1:f4:fa:56:9d:67:13:b3:10:9f:86:12:
                    36:d5:76:ff:b7:40:f1:b4:90:8c:31:f7:21:27:56:
                    cb:d4:6f:1a:66:68:c5:57:78:39:e9:64:19:6a:db:
                    d9:4b:28:41:21:be:e5:e8:d5:82:5e:64:98:1d:97:
                    ab:81:dc:c7:b8:44:c8:8c:ce:c1:f5:10:9c:57:b6:
                    f3:02:b7:5d:50:bc:89:38:27:88:fa:86:fc:de:cd:
                    02:f8:ea:ac:53:9c:fb:c2:da:c3:02:8b:2a:f7:c5:
                    d2:ab:90:69:22:c0:ef:26:0d:44:cb:c1:96:b8:af:
                    bf:b6:29:e5:70:19:28:a9:08:36:97:d5:22:cd:2c:
                    eb:f4:1d:61:e8:18:8b:5b:49:11:10:6d:c6:2e:07:
                    d6:4d:0f:88:ee:80:d7:4c:18:d8:5a:b3:d5:35:27:
                    49:e6:4a:13:ab:fa:9f:92:20:32:18:66:0d:59:53:
                    76:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:C2:9B:03:E5:27:45:F8:F2:0A:D5:83:55:9B:D1:BE:00:84:56:87
            X509v3 Authority Key Identifier:
                keyid:0A:95:38:52:7D:A5:32:FE:31:D7:50:D1:36:96:E5:CE:AF:2A:9B:CF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C2677/6457DFD8D83711ED8C096629C4F9AE02/CpU4Un2lMv4x11DRNpblzq8qm88.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CpU4Un2lMv4x11DRNpblzq8qm88.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2677/6457DFD8D83711ED8C096629C4F9AE02/5A1F332618A211EEB9517111C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.122.142.0/23

    Signature Algorithm: sha256WithRSAEncryption
         da:92:bb:c2:88:77:e3:7b:32:3a:b4:c6:6a:3e:0d:25:a3:2e:
         b1:19:a7:ce:79:9e:60:b4:b9:ca:e5:82:a1:6b:20:b4:be:6c:
         bf:10:55:6c:69:cc:6b:3b:61:34:93:c3:a2:bc:60:9d:ce:c5:
         1f:90:b6:d5:76:63:86:1e:36:2b:34:65:da:35:69:82:c9:89:
         df:7c:93:cb:83:7d:eb:99:aa:9d:1c:39:3a:ac:cd:07:3b:97:
         85:2c:87:b4:e0:4f:4c:02:c8:13:84:74:09:12:65:f4:d4:a2:
         f0:0d:e4:b9:7a:63:a9:3f:b2:a8:10:ec:96:2d:6a:41:4c:cd:
         d9:bf:f5:4c:02:94:5a:67:b4:87:26:d5:9d:e5:d8:ef:19:c3:
         a4:cb:95:53:63:e8:0b:57:7a:ca:ff:8d:10:a4:9a:93:5c:27:
         f2:1d:6f:98:76:f4:f5:40:76:66:f0:1c:ff:a2:59:f3:8f:73:
         e0:c5:6f:86:68:5b:de:ab:83:57:c9:3c:e9:46:b1:cb:d1:e7:
         0d:1c:57:78:6a:ca:dd:18:e0:f6:76:0c:8f:5b:6b:ec:b8:e7:
         81:84:4b:45:f6:7e:df:fc:b0:b1:29:d9:27:8d:06:b5:4f:5f:
         e4:ac:fe:f6:b6:49:24:03:7e:dd:b4:9f:4c:c3:c1:9b:39:4b:
         3a:dc:99:81
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAM8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzI2NzcxMTAvBgNVBAUTKDBBOTUzODUyN0RBNTMyRkUzMUQ3NTBEMTM2OTZFNUNF
QUYyQTlCQ0YwHhcNMjQwNTExMDYzOTUyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNmMTJiOC05NjFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtRQk8eUnf6c/X48NrhBBSULyMqNN5LO/+XifjrUuEh1fr2l2Vg2V605H25ax
lLWJRchBQIsynJaHuG7afa79rm6F7w0Msexv0cAw02bh9PpWnWcTsxCfhhI21Xb/
t0DxtJCMMfchJ1bL1G8aZmjFV3g56WQZatvZSyhBIb7l6NWCXmSYHZergdzHuETI
jM7B9RCcV7bzArddULyJOCeI+ob83s0C+OqsU5z7wtrDAosq98XSq5BpIsDvJg1E
y8GWuK+/tinlcBkoqQg2l9UizSzr9B1h6BiLW0kREG3GLgfWTQ+I7oDXTBjYWrPV
NSdJ5koTq/qfkiAyGGYNWVN2OwIDAQABo4IClTCCApEwHQYDVR0OBBYEFE7CmwPl
J0X48grVg1Wb0b4AhFaHMB8GA1UdIwQYMBaAFAqVOFJ9pTL+MddQ0TaW5c6vKpvP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMjY3Ny82NDU3REZEOEQ4
MzcxMUVEOEMwOTY2MjlDNEY5QUUwMi9DcFU0VW4ybE12NHgxMURSTnBibHpxOHFt
ODguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NwVTRVbjJsTXY0eDExRFJOcGJsenE4cW04OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzI2NzcvNjQ1N0RGRDhEODM3MTFFRDhDMDk2NjI5QzRGOUFFMDIvNUExRjMzMjYx
OEEyMTFFRUI5NTE3MTExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFneo4wDQYJKoZIhvcNAQELBQADggEBANqSu8KId+N7Mjq0
xmo+DSWjLrEZp855nmC0ucrlgqFrILS+bL8QVWxpzGs7YTSTw6K8YJ3OxR+QttV2
Y4YeNis0Zdo1aYLJid98k8uDfeuZqp0cOTqszQc7l4Ush7TgT0wCyBOEdAkSZfTU
ovAN5Ll6Y6k/sqgQ7JYtakFMzdm/9UwClFpntIcm1Z3l2O8Zw6TLlVNj6AtXesr/
jRCkmpNcJ/Idb5h29PVAdmbwHP+iWfOPc+DFb4ZoW96rg1fJPOlGscvR5w0cV3hq
yt0Y4PZ2DI9ba+y454GES0X2ft/8sLEp2SeNBrVPX+Ss/va2SSQDft20n0zDwZs5
SzrcmYE=
-----END CERTIFICATE-----
Generated at Mon Jun 17 07:36:41 2024 by rpki-client on console-fra.rpki-client.org