Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/E4BB99E2336E11EA94623E18C4F9AE02.roa
File:                     E4BB99E2336E11EA94623E18C4F9AE02.roa (raw, json)
Hash identifier:          mhtlL/9IwO2U7Cm3tnQ6f0X8LzgIxwGszfyHNQNqAyk=
Subject key identifier:   70:E4:C6:07:3F:18:67:00:BB:F1:36:0C:26:16:70:12:83:94:35:2C
Certificate issuer:       /CN=A91C6B27/serialNumber=9ECB22ACDE0967A05837E58FC731D357E37637F8
Certificate serial:       0A0A
Authority key identifier: 9E:CB:22:AC:DE:09:67:A0:58:37:E5:8F:C7:31:D3:57:E3:76:37:F8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nssirN4JZ6BYN-WPxzHTV-N2N_g.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/E4BB99E2336E11EA94623E18C4F9AE02.roa
Signing time:             Tue 04 Jul 2023 19:46:28 +0000
ROA not before:           Tue 04 Jul 2023 19:46:28 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        202.52.43.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/nssirN4JZ6BYN-WPxzHTV-N2N_g.crl
                          rsync://rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/nssirN4JZ6BYN-WPxzHTV-N2N_g.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nssirN4JZ6BYN-WPxzHTV-N2N_g.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 02 Apr 2024 19:32:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2570 (0xa0a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C6B27/serialNumber=9ECB22ACDE0967A05837E58FC731D357E37637F8
        Validity
            Not Before: Jul  4 19:46:28 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=64a47713-5bcb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:27:db:d2:74:83:7f:9a:34:bf:b2:37:51:20:
                    ea:b4:fc:64:b1:a6:d7:eb:02:0e:e3:16:25:e3:14:
                    b3:85:85:b5:9f:c9:0b:5a:b0:cc:0c:ee:2e:ca:e4:
                    72:75:aa:44:03:f2:cb:3f:77:91:b8:97:f3:d0:d9:
                    74:f4:7b:c3:67:53:6f:16:6b:74:2b:00:28:d3:27:
                    ea:d7:ed:d6:1c:7c:7a:2c:ba:91:e1:05:78:76:af:
                    43:7c:9e:17:81:a7:e4:d3:0b:f4:dc:e7:86:ff:bf:
                    17:9e:a9:0b:4d:d5:8b:1d:af:95:d7:72:44:01:0c:
                    a1:f0:64:25:4f:ac:23:70:c3:05:51:3f:f8:75:ad:
                    e5:8b:95:64:84:4d:34:95:47:52:8c:d4:fa:3f:cc:
                    79:b3:d5:cf:34:74:14:7e:ca:4b:6a:00:6e:c0:a9:
                    29:99:b6:e2:52:f8:9e:af:61:15:f7:44:8f:83:dc:
                    2a:f6:f8:90:ab:1b:c7:ac:92:1a:3b:ca:c3:8b:45:
                    d8:fd:0d:d7:23:dd:14:b4:1c:18:93:7c:b2:cc:32:
                    bf:0c:5b:49:0b:e2:dd:bd:3d:e2:22:28:65:0c:29:
                    15:8f:53:1b:48:90:2b:96:79:17:8e:de:38:c6:ec:
                    38:ef:14:26:de:2a:a2:5b:9c:d7:04:b3:d8:20:fd:
                    e9:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:E4:C6:07:3F:18:67:00:BB:F1:36:0C:26:16:70:12:83:94:35:2C
            X509v3 Authority Key Identifier:
                keyid:9E:CB:22:AC:DE:09:67:A0:58:37:E5:8F:C7:31:D3:57:E3:76:37:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/nssirN4JZ6BYN-WPxzHTV-N2N_g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nssirN4JZ6BYN-WPxzHTV-N2N_g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/E4BB99E2336E11EA94623E18C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.52.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:15:2f:44:d1:7e:1b:8e:74:cd:53:c4:67:ca:39:f7:69:91:
         f9:01:0c:08:fe:e7:37:84:21:e8:d0:5c:02:9b:78:60:e6:38:
         60:d8:c8:fd:fd:27:87:22:dc:a0:25:30:eb:4c:f8:ce:4e:b5:
         80:fe:d7:e5:16:48:1e:98:0d:22:dd:62:fa:f6:ba:9a:02:07:
         7b:98:c4:61:bd:3a:1a:10:e3:2e:22:32:6b:15:92:51:ca:a9:
         fb:76:c2:0e:74:f0:c2:b9:69:e6:45:9f:a7:5e:2a:34:c8:af:
         35:e9:06:e2:94:27:b7:b7:0c:11:01:59:c6:58:03:3b:cd:8a:
         b7:da:a5:39:da:80:63:50:73:a1:f6:93:8a:81:aa:c7:63:3e:
         34:67:c1:8c:7d:fe:73:c2:71:c5:bf:58:5b:06:fc:46:3e:7c:
         5e:7e:8e:f3:ce:c3:d2:51:19:01:b3:6c:17:72:1d:74:84:94:
         64:24:ac:c2:b1:c2:f2:7f:af:ba:1c:ea:a7:a4:4a:ad:e3:d5:
         8a:9c:b8:c0:25:04:83:3b:3f:31:21:68:16:69:bf:85:62:a9:
         0a:1c:d5:ef:e1:1c:b9:70:0c:3b:df:2c:5a:2b:71:72:48:f0:
         46:af:32:bf:55:58:b2:21:4f:00:8d:bd:82:a2:d8:76:ef:74:
         8a:1c:96:4c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCgowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzZCMjcxMTAvBgNVBAUTKDlFQ0IyMkFDREUwOTY3QTA1ODM3RTU4RkM3MzFEMzU3
RTM3NjM3RjgwHhcNMjMwNzA0MTk0NjI4WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE0NzcxMy01YmNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Sfb0nSDf5o0v7I3USDqtPxksabX6wIO4xYl4xSzhYW1n8kLWrDMDO4uyuRy
dapEA/LLP3eRuJfz0Nl09HvDZ1NvFmt0KwAo0yfq1+3WHHx6LLqR4QV4dq9DfJ4X
gafk0wv03OeG/78XnqkLTdWLHa+V13JEAQyh8GQlT6wjcMMFUT/4da3li5VkhE00
lUdSjNT6P8x5s9XPNHQUfspLagBuwKkpmbbiUvier2EV90SPg9wq9viQqxvHrJIa
O8rDi0XY/Q3XI90UtBwYk3yyzDK/DFtJC+LdvT3iIihlDCkVj1MbSJArlnkXjt44
xuw47xQm3iqiW5zXBLPYIP3pwwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHDkxgc/
GGcAu/E2DCYWcBKDlDUsMB8GA1UdIwQYMBaAFJ7LIqzeCWegWDflj8cx01fjdjf4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNkIyNy84MkJGMkJGNDMw
NTQxMUVBQUZDOTExNkVDNEY5QUUwMi9uc3Npck40Slo2QllOLVdQeHpIVFYtTjJO
X2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25zc2lyTjRKWjZCWU4tV1B4ekhUVi1OMk5fZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzZCMjcvODJCRjJCRjQzMDU0MTFFQUFGQzkxMTZFQzRGOUFFMDIvRTRCQjk5RTIz
MzZFMTFFQTk0NjIzRTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKNCswDQYJKoZIhvcNAQELBQADggEBALEVL0TRfhuOdM1T
xGfKOfdpkfkBDAj+5zeEIejQXAKbeGDmOGDYyP39J4ci3KAlMOtM+M5OtYD+1+UW
SB6YDSLdYvr2upoCB3uYxGG9OhoQ4y4iMmsVklHKqft2wg508MK5aeZFn6deKjTI
rzXpBuKUJ7e3DBEBWcZYAzvNirfapTnagGNQc6H2k4qBqsdjPjRnwYx9/nPCccW/
WFsG/EY+fF5+jvPOw9JRGQGzbBdyHXSElGQkrMKxwvJ/r7oc6qekSq3j1YqcuMAl
BIM7PzEhaBZpv4ViqQoc1e/hHLlwDDvfLForcXJI8EavMr9VWLIhTwCNvYKi2Hbv
dIoclkw=
-----END CERTIFICATE-----
Generated at Tue Mar 26 20:43:12 2024 by rpki-client on console-ams.rpki-client.org