Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C27E8/692F72F2F9BA11E7A4C2943BC4F9AE02/BAD2356E153411E892E6D468C4F9AE02.roa
File:                     BAD2356E153411E892E6D468C4F9AE02.roa (raw, json)
Hash identifier:          JUGvP0VfYGf1cQNe0da3Yd6T9iCGabpJpXti+sDdJ20=
Subject key identifier:   E6:3A:88:C5:AA:C3:AF:59:46:71:77:67:11:F8:75:BA:A3:E6:C6:8C
Certificate issuer:       /CN=A91C27E8/serialNumber=A9752599840D6EECAA1BF68C0905AD7DF469A2E7
Certificate serial:       15B9
Authority key identifier: A9:75:25:99:84:0D:6E:EC:AA:1B:F6:8C:09:05:AD:7D:F4:69:A2:E7
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qXUlmYQNbuyqG_aMCQWtffRpouc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C27E8/692F72F2F9BA11E7A4C2943BC4F9AE02/BAD2356E153411E892E6D468C4F9AE02.roa
Signing time:             Thu 18 Jan 2024 17:24:52 +0000
ROA not before:           Thu 18 Jan 2024 17:24:52 +0000
ROA not after:            Mon 31 Mar 2025 00:00:00 +0000
asID:                     137244
IP address blocks:        103.105.198.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C27E8/692F72F2F9BA11E7A4C2943BC4F9AE02/qXUlmYQNbuyqG_aMCQWtffRpouc.crl
                          rsync://rpki.apnic.net/member_repository/A91C27E8/692F72F2F9BA11E7A4C2943BC4F9AE02/qXUlmYQNbuyqG_aMCQWtffRpouc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qXUlmYQNbuyqG_aMCQWtffRpouc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 21 Jun 2024 17:21:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5561 (0x15b9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C27E8/serialNumber=A9752599840D6EECAA1BF68C0905AD7DF469A2E7
        Validity
            Not Before: Jan 18 17:24:52 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=65a95ee4-bc0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:ac:7f:66:03:84:87:b8:05:4f:4c:d7:99:76:
                    fa:56:4f:29:6f:73:25:fa:d9:01:c5:60:62:9d:ed:
                    db:0b:cd:91:a0:eb:5d:ec:7b:0b:26:65:18:8e:c5:
                    49:9e:f6:d4:9a:2d:21:60:6b:a4:c7:4c:60:44:2e:
                    6c:53:98:e1:00:9e:bd:66:87:00:90:09:76:0f:95:
                    db:49:54:d3:ea:73:9a:0a:b4:a7:b0:e7:1a:5d:56:
                    ca:59:bf:90:c7:0a:6d:c6:79:ee:d2:03:75:b7:83:
                    d3:67:2a:f7:e3:67:d4:9b:c1:fb:ea:a8:4e:a7:b6:
                    e5:3d:7b:6f:7e:2c:58:08:45:b6:e9:8e:da:9d:02:
                    a9:b2:a3:ac:b9:7f:4f:22:1c:d3:34:80:da:22:03:
                    fc:aa:03:17:d3:48:87:e5:60:4a:60:da:67:69:63:
                    6f:ef:68:7f:b4:7d:85:f6:73:8e:57:dc:5f:43:48:
                    17:bb:c6:5b:58:51:51:52:ea:62:7e:ca:b3:ba:31:
                    2c:b8:62:1f:a8:d6:83:92:c1:f5:ff:76:6e:a7:64:
                    5a:c6:bb:2b:45:b9:e0:25:c3:da:7f:18:68:63:62:
                    64:14:bb:c1:e2:6b:0e:4e:48:fc:4e:62:c3:a6:70:
                    45:11:ab:ee:04:c8:ff:b0:58:83:3c:d9:49:cf:20:
                    4f:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:3A:88:C5:AA:C3:AF:59:46:71:77:67:11:F8:75:BA:A3:E6:C6:8C
            X509v3 Authority Key Identifier:
                keyid:A9:75:25:99:84:0D:6E:EC:AA:1B:F6:8C:09:05:AD:7D:F4:69:A2:E7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C27E8/692F72F2F9BA11E7A4C2943BC4F9AE02/qXUlmYQNbuyqG_aMCQWtffRpouc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qXUlmYQNbuyqG_aMCQWtffRpouc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C27E8/692F72F2F9BA11E7A4C2943BC4F9AE02/BAD2356E153411E892E6D468C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.105.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:ff:41:ec:f6:dd:c1:dd:1f:41:51:c8:bc:fa:69:32:35:e8:
         93:97:4b:55:0a:43:cf:36:9a:96:37:7a:81:79:9a:ab:5e:88:
         48:0f:2d:46:8f:a8:c3:75:9b:a3:ef:ca:58:82:d1:f8:b6:a4:
         72:18:b8:e4:b7:d8:70:d4:91:ae:d3:d1:42:bc:34:b5:d1:31:
         d4:26:0d:02:3d:16:0c:9e:a8:db:6b:8d:ab:84:71:48:8e:09:
         29:56:91:74:27:21:67:fa:34:91:4c:59:26:c0:33:0c:06:9b:
         d3:92:95:e1:57:50:ce:0d:d1:7a:56:0e:97:b3:d1:13:13:72:
         69:da:c1:46:6e:19:c8:a5:1e:9a:8c:ed:8b:96:21:1b:82:2d:
         e7:28:43:36:ad:ea:4c:ad:ae:f1:eb:a9:44:46:ec:ff:b6:21:
         10:8a:81:cf:bb:65:2f:64:11:4f:53:7f:55:23:32:0d:43:53:
         f0:27:65:c3:84:94:93:b4:50:33:1a:2d:5c:32:55:63:db:14:
         2d:54:71:d6:79:55:50:73:84:af:17:c5:e2:30:6c:84:61:32:
         b4:38:f6:6e:ae:a4:56:6c:56:4c:45:37:bf:6a:2a:6c:be:1b:
         dd:1e:da:a3:e0:dd:5d:4a:df:0d:90:12:ba:a7:81:dd:36:10:
         14:af:3f:24
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICFbkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzI3RTgxMTAvBgNVBAUTKEE5NzUyNTk5ODQwRDZFRUNBQTFCRjY4QzA5MDVBRDdE
RjQ2OUEyRTcwHhcNMjQwMTE4MTcyNDUyWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWE5NWVlNC1iYzBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3qx/ZgOEh7gFT0zXmXb6Vk8pb3Ml+tkBxWBine3bC82RoOtd7HsLJmUYjsVJ
nvbUmi0hYGukx0xgRC5sU5jhAJ69ZocAkAl2D5XbSVTT6nOaCrSnsOcaXVbKWb+Q
xwptxnnu0gN1t4PTZyr342fUm8H76qhOp7blPXtvfixYCEW26Y7anQKpsqOsuX9P
IhzTNIDaIgP8qgMX00iH5WBKYNpnaWNv72h/tH2F9nOOV9xfQ0gXu8ZbWFFRUupi
fsqzujEsuGIfqNaDksH1/3Zup2RaxrsrRbngJcPafxhoY2JkFLvB4msOTkj8TmLD
pnBFEavuBMj/sFiDPNlJzyBPLQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOY6iMWq
w69ZRnF3ZxH4dbqj5saMMB8GA1UdIwQYMBaAFKl1JZmEDW7sqhv2jAkFrX30aaLn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMjdFOC82OTJGNzJGMkY5
QkExMUU3QTRDMjk0M0JDNEY5QUUwMi9xWFVsbVlRTmJ1eXFHX2FNQ1FXdGZmUnBv
dWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FYVWxtWVFOYnV5cUdfYU1DUVd0ZmZScG91Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzI3RTgvNjkyRjcyRjJGOUJBMTFFN0E0QzI5NDNCQzRGOUFFMDIvQkFEMjM1NkUx
NTM0MTFFODkyRTZENDY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnacYwDQYJKoZIhvcNAQELBQADggEBAID/Qez23cHdH0FR
yLz6aTI16JOXS1UKQ882mpY3eoF5mqteiEgPLUaPqMN1m6PvyliC0fi2pHIYuOS3
2HDUka7T0UK8NLXRMdQmDQI9FgyeqNtrjauEcUiOCSlWkXQnIWf6NJFMWSbAMwwG
m9OSleFXUM4N0XpWDpez0RMTcmnawUZuGcilHpqM7YuWIRuCLecoQzat6kytrvHr
qURG7P+2IRCKgc+7ZS9kEU9Tf1UjMg1DU/AnZcOElJO0UDMaLVwyVWPbFC1UcdZ5
VVBzhK8XxeIwbIRhMrQ49m6upFZsVkxFN79qKmy+G90e2qPg3V1K3w2QErqngd02
EBSvPyQ=
-----END CERTIFICATE-----
Generated at Fri Jun 14 18:52:13 2024 by rpki-client on console-fra.rpki-client.org