Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/2857F2E4111A11EF86332415C4F9AE02.roa
File:                     2857F2E4111A11EF86332415C4F9AE02.roa (raw, json)
Hash identifier:          d8stm93qiMJHuD7A7Kjf0EChjXZv6Yi1Blkv29w2AO0=
Subject key identifier:   1A:77:1F:37:ED:ED:24:9B:3D:20:9E:18:62:D9:6F:15:70:A4:02:C1
Certificate issuer:       /CN=A91C8F27/serialNumber=D1A36CD8ED2355082761A3DB13EDD30DFDA2CFD0
Certificate serial:       087E
Authority key identifier: D1:A3:6C:D8:ED:23:55:08:27:61:A3:DB:13:ED:D3:0D:FD:A2:CF:D0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0aNs2O0jVQgnYaPbE-3TDf2iz9A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/2857F2E4111A11EF86332415C4F9AE02.roa
Signing time:             Mon 13 May 2024 11:15:52 +0000
ROA not before:           Mon 13 May 2024 11:15:52 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62240
IP address blocks:        103.112.3.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/0aNs2O0jVQgnYaPbE-3TDf2iz9A.crl
                          rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/0aNs2O0jVQgnYaPbE-3TDf2iz9A.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0aNs2O0jVQgnYaPbE-3TDf2iz9A.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 21 Jun 2024 21:50:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2174 (0x87e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C8F27/serialNumber=D1A36CD8ED2355082761A3DB13EDD30DFDA2CFD0
        Validity
            Not Before: May 13 11:15:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6641f667-853d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:23:04:e5:2e:74:46:3e:46:6b:31:c2:e9:05:
                    86:a6:61:23:1e:ef:eb:de:cd:78:c6:d8:83:b0:68:
                    e3:0f:08:2f:30:ee:ea:0e:bb:b2:bc:ab:7c:0d:e7:
                    2b:4d:4b:6d:c1:53:ba:e5:03:66:5d:fb:79:45:7e:
                    a9:35:ad:9c:5a:4f:11:e1:c5:4a:e0:f6:6e:ef:64:
                    7e:eb:b4:8f:e9:38:a2:74:f1:46:cc:d7:d7:a3:5f:
                    7a:11:a7:85:27:6b:3c:1e:c0:90:99:89:2f:4e:cd:
                    17:a2:12:3b:f3:ae:22:63:36:9a:bf:e1:98:f0:e5:
                    3d:24:6a:16:34:ea:36:92:d0:0f:32:63:3f:c8:a4:
                    5c:6e:70:81:8d:c0:7c:1c:d2:b1:a8:59:cd:e4:a6:
                    5d:cc:b4:1c:00:18:3b:f8:47:12:3d:07:79:03:a6:
                    0f:d3:dd:f5:5d:c2:da:6f:ee:57:25:16:31:24:5c:
                    ea:eb:77:4c:97:55:e9:65:4b:6b:85:7c:c8:fe:41:
                    95:52:c3:a2:06:e9:07:ac:9a:d0:de:e2:03:b0:f9:
                    87:39:c2:b2:71:a2:69:31:25:f8:73:22:a1:1f:d1:
                    cf:a2:12:b1:f4:1c:4a:8c:46:1b:a6:e5:f4:5b:e5:
                    f9:fa:9e:f0:1d:8b:9c:3c:1e:f4:25:b7:ec:62:69:
                    e1:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:77:1F:37:ED:ED:24:9B:3D:20:9E:18:62:D9:6F:15:70:A4:02:C1
            X509v3 Authority Key Identifier:
                keyid:D1:A3:6C:D8:ED:23:55:08:27:61:A3:DB:13:ED:D3:0D:FD:A2:CF:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/0aNs2O0jVQgnYaPbE-3TDf2iz9A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0aNs2O0jVQgnYaPbE-3TDf2iz9A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/2857F2E4111A11EF86332415C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.112.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:5e:54:81:c7:2d:b6:73:e1:99:93:80:32:06:20:95:f8:d9:
         3c:f5:ab:55:bd:e8:af:88:6c:e4:cf:2b:2c:82:63:c0:38:75:
         86:6c:9e:39:d1:d3:df:7c:3d:be:e7:ee:8c:6b:ed:97:ac:5a:
         4e:de:a6:00:78:66:1c:18:32:1c:f8:f4:bc:30:0d:ad:b1:75:
         69:c1:b0:aa:5b:cf:02:fe:a9:c6:61:78:04:4c:92:83:26:e9:
         5f:88:c5:02:2d:f5:66:72:90:fb:b6:7b:5a:ed:fc:79:b2:a7:
         91:f3:6a:47:c8:c4:bc:a6:16:33:f0:4e:e6:eb:ba:10:61:b5:
         e5:91:74:bc:49:bc:ee:f7:0f:77:5d:a7:04:04:60:7d:46:ca:
         e8:d5:ab:b2:fb:f5:cf:ce:ae:d4:f1:2c:9f:71:19:a1:4f:ab:
         a8:80:f5:e2:14:81:70:da:5e:bf:c0:2c:f4:76:0d:3b:5d:1e:
         b1:99:81:94:9a:47:08:bd:71:5a:ad:4a:3f:7f:82:c4:dc:36:
         b2:88:7b:7a:c9:98:b1:f9:63:ca:05:e7:44:d5:a6:6d:fe:4c:
         ce:6d:5d:70:41:17:22:66:88:32:f3:d7:70:0f:b8:ea:4b:11:
         ae:57:2b:59:27:35:33:17:09:3e:94:33:f4:e6:c6:4a:6a:fc:
         f6:02:48:4d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCH4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzhGMjcxMTAvBgNVBAUTKEQxQTM2Q0Q4RUQyMzU1MDgyNzYxQTNEQjEzRUREMzBE
RkRBMkNGRDAwHhcNMjQwNTEzMTExNTUyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQxZjY2Ny04NTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0yME5S50Rj5GazHC6QWGpmEjHu/r3s14xtiDsGjjDwgvMO7qDruyvKt8Decr
TUttwVO65QNmXft5RX6pNa2cWk8R4cVK4PZu72R+67SP6TiidPFGzNfXo196EaeF
J2s8HsCQmYkvTs0XohI7864iYzaav+GY8OU9JGoWNOo2ktAPMmM/yKRcbnCBjcB8
HNKxqFnN5KZdzLQcABg7+EcSPQd5A6YP0931XcLab+5XJRYxJFzq63dMl1XpZUtr
hXzI/kGVUsOiBukHrJrQ3uIDsPmHOcKycaJpMSX4cyKhH9HPohKx9BxKjEYbpuX0
W+X5+p7wHYucPB70JbfsYmnhSwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBp3Hzft
7SSbPSCeGGLZbxVwpALBMB8GA1UdIwQYMBaAFNGjbNjtI1UIJ2Gj2xPt0w39os/Q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOEYyNy83RjUyMjlBOEIw
OTIxMUVBQjVEQkVDNThDNEY5QUUwMi8wYU5zMk8walZRZ25ZYVBiRS0zVERmMml6
OUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBhTnMyTzBqVlFnbllhUGJFLTNURGYyaXo5QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzhGMjcvN0Y1MjI5QThCMDkyMTFFQUI1REJFQzU4QzRGOUFFMDIvMjg1N0YyRTQx
MTFBMTFFRjg2MzMyNDE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABncAMwDQYJKoZIhvcNAQELBQADggEBAEReVIHHLbZz4ZmT
gDIGIJX42Tz1q1W96K+IbOTPKyyCY8A4dYZsnjnR0998Pb7n7oxr7ZesWk7epgB4
ZhwYMhz49LwwDa2xdWnBsKpbzwL+qcZheARMkoMm6V+IxQIt9WZykPu2e1rt/Hmy
p5HzakfIxLymFjPwTubruhBhteWRdLxJvO73D3ddpwQEYH1GyujVq7L79c/OrtTx
LJ9xGaFPq6iA9eIUgXDaXr/ALPR2DTtdHrGZgZSaRwi9cVqtSj9/gsTcNrKIe3rJ
mLH5Y8oF50TVpm3+TM5tXXBBFyJmiDLz13APuOpLEa5XK1knNTMXCT6UM/Tmxkpq
/PYCSE0=
-----END CERTIFICATE-----
Generated at Fri Jun 14 22:57:54 2024 by rpki-client on console-ams.rpki-client.org