Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/9B0C244C73B611EEB18A0385C4F9AE02.roa
File:                     9B0C244C73B611EEB18A0385C4F9AE02.roa (raw, json)
Hash identifier:          A2ghXqX96Mx1uhUOiKDYj1cFNvYrDt5jbB5+9b7umVc=
Subject key identifier:   BC:87:18:C9:1B:C0:7D:DB:CC:49:8C:B7:B3:4B:E6:D4:72:C4:37:49
Certificate issuer:       /CN=A91D1216/serialNumber=6DBD5C4D0121FCB318E78C451B6F567320986002
Certificate serial:       028E
Authority key identifier: 6D:BD:5C:4D:01:21:FC:B3:18:E7:8C:45:1B:6F:56:73:20:98:60:02
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bb1cTQEh_LMY54xFG29WcyCYYAI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/9B0C244C73B611EEB18A0385C4F9AE02.roa
Signing time:             Tue 05 Dec 2023 03:13:51 +0000
ROA not before:           Tue 05 Dec 2023 03:13:51 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     9224
IP address blocks:        58.96.128.0/19 maxlen: 19
                          123.50.144.0/20 maxlen: 20
                          125.254.64.0/19 maxlen: 19
                          125.254.96.0/19 maxlen: 19
                          202.191.8.0/21 maxlen: 21
                          210.56.224.0/19 maxlen: 19

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/bb1cTQEh_LMY54xFG29WcyCYYAI.crl
                          rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/bb1cTQEh_LMY54xFG29WcyCYYAI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bb1cTQEh_LMY54xFG29WcyCYYAI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 02:50:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 654 (0x28e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D1216/serialNumber=6DBD5C4D0121FCB318E78C451B6F567320986002
        Validity
            Not Before: Dec  5 03:13:51 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=656e956f-4347
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:2c:8f:b1:df:fc:d1:98:9b:07:51:a8:a4:64:
                    4f:37:71:81:01:44:20:92:67:54:b9:3a:c5:67:ad:
                    f5:0f:c3:bc:62:85:57:8d:f1:d8:72:73:bc:a9:a9:
                    48:f6:26:98:68:49:89:6a:4e:e5:7e:60:fa:83:37:
                    11:e2:ee:5b:3b:2d:4a:9d:19:f5:32:0e:57:59:8d:
                    0a:1b:38:bd:5f:5b:c7:c6:b6:25:ae:80:e8:d7:88:
                    18:43:a7:d7:f7:d5:04:fc:9e:d7:37:73:89:01:54:
                    f2:2b:01:8a:69:48:36:64:17:9e:fc:0b:1b:46:de:
                    31:32:28:6b:4d:21:ea:f1:f5:fe:f1:a0:89:8a:b5:
                    c6:db:7a:2a:65:96:90:ad:57:d0:84:a5:fa:ae:81:
                    28:b4:dd:49:de:1e:45:db:7e:99:ee:cf:d4:19:99:
                    2e:29:61:46:47:47:47:97:03:fb:c1:f1:28:c7:ab:
                    25:4b:ce:31:2a:89:d2:f6:f3:41:c0:f9:81:d4:2d:
                    74:4b:be:fa:1a:41:90:3c:1e:7f:92:33:c4:a0:8f:
                    24:13:1c:b3:28:d7:67:d4:98:28:72:e9:e7:db:b2:
                    c0:3e:00:0f:ee:24:57:db:72:ee:24:6f:d3:66:fe:
                    92:5c:1e:e4:e4:2c:90:e7:02:32:8c:93:e0:92:73:
                    a1:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:87:18:C9:1B:C0:7D:DB:CC:49:8C:B7:B3:4B:E6:D4:72:C4:37:49
            X509v3 Authority Key Identifier:
                keyid:6D:BD:5C:4D:01:21:FC:B3:18:E7:8C:45:1B:6F:56:73:20:98:60:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/bb1cTQEh_LMY54xFG29WcyCYYAI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bb1cTQEh_LMY54xFG29WcyCYYAI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/9B0C244C73B611EEB18A0385C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  58.96.128.0/19
                  123.50.144.0/20
                  125.254.64.0/18
                  202.191.8.0/21
                  210.56.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         50:f2:f9:1b:d9:3c:f4:60:72:13:ad:95:41:f1:b7:a3:27:29:
         6e:90:33:c9:b4:f4:c1:cc:1e:45:38:c0:45:5d:c5:62:5d:0c:
         4d:e2:c7:3b:c1:82:cb:b5:b5:8e:5a:1a:ea:8d:09:4a:a2:55:
         c0:29:3b:8b:9a:61:29:2f:01:7a:86:20:c8:e6:24:7c:1f:12:
         1e:cd:fc:db:0c:e4:f8:e2:69:23:2b:fc:98:58:4a:16:e6:f9:
         b6:1f:29:a1:ec:9d:5d:c2:b2:5a:29:41:c2:71:b2:75:90:78:
         fe:b6:05:e0:21:eb:e6:c9:3c:ca:ef:c3:82:8c:f3:36:76:ad:
         8b:a4:e7:35:37:c0:6d:ab:38:f3:97:e7:8c:4c:cc:c1:41:f3:
         ed:c1:55:0b:52:77:64:d4:96:06:27:ad:ba:0b:d7:48:1f:52:
         b6:71:9d:85:58:ab:ba:1b:5d:8f:2f:d5:8b:cc:74:f5:04:2c:
         0b:e8:5e:4e:42:2d:2a:82:c0:0e:eb:e9:81:51:bb:e2:02:cf:
         bd:c8:80:27:26:7f:48:e0:31:72:2d:0e:04:26:da:ac:64:7f:
         8a:1d:ac:26:e1:57:ec:b5:43:f8:02:6e:e0:a2:86:36:a0:e7:
         b2:cc:be:b1:1e:b9:9a:c6:95:5b:24:c2:2d:75:e2:64:24:b5:
         29:8d:ab:b8
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICAo4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDEyMTYxMTAvBgNVBAUTKDZEQkQ1QzREMDEyMUZDQjMxOEU3OEM0NTFCNkY1Njcz
MjA5ODYwMDIwHhcNMjMxMjA1MDMxMzUxWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTZlOTU2Zi00MzQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwCyPsd/80ZibB1GopGRPN3GBAUQgkmdUuTrFZ631D8O8YoVXjfHYcnO8qalI
9iaYaEmJak7lfmD6gzcR4u5bOy1KnRn1Mg5XWY0KGzi9X1vHxrYlroDo14gYQ6fX
99UE/J7XN3OJAVTyKwGKaUg2ZBee/AsbRt4xMihrTSHq8fX+8aCJirXG23oqZZaQ
rVfQhKX6roEotN1J3h5F236Z7s/UGZkuKWFGR0dHlwP7wfEox6slS84xKonS9vNB
wPmB1C10S776GkGQPB5/kjPEoI8kExyzKNdn1Jgocunn27LAPgAP7iRX23LuJG/T
Zv6SXB7k5CyQ5wIyjJPgknOhlQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFLyHGMkb
wH3bzEmMt7NL5tRyxDdJMB8GA1UdIwQYMBaAFG29XE0BIfyzGOeMRRtvVnMgmGAC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTIxNi9EQzc4MjY4Q0I5
NEIxMUVDODMyQjc0MTlDNEY5QUUwMi9iYjFjVFFFaF9MTVk1NHhGRzI5V2N5Q1lZ
QUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JiMWNUUUVoX0xNWTU0eEZHMjlXY3lDWVlBSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDEyMTYvREM3ODI2OENCOTRCMTFFQzgzMkI3NDE5QzRGOUFFMDIvOUIwQzI0NEM3
M0I2MTFFRUIxOEEwMzg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAU6YIADBAR7MpADBAZ9/kADBAPKvwgDBAXSOOAwDQYJKoZI
hvcNAQELBQADggEBAFDy+RvZPPRgchOtlUHxt6MnKW6QM8m09MHMHkU4wEVdxWJd
DE3ixzvBgsu1tY5aGuqNCUqiVcApO4uaYSkvAXqGIMjmJHwfEh7N/NsM5PjiaSMr
/JhYShbm+bYfKaHsnV3CslopQcJxsnWQeP62BeAh6+bJPMrvw4KM8zZ2rYuk5zU3
wG2rOPOX54xMzMFB8+3BVQtSd2TUlgYnrboL10gfUrZxnYVYq7obXY8v1YvMdPUE
LAvoXk5CLSqCwA7r6YFRu+ICz73IgCcmf0jgMXItDgQm2qxkf4odrCbhV+y1Q/gC
buCihjag57LMvrEeuZrGlVskwi114mQktSmNq7g=
-----END CERTIFICATE-----
Generated at Sat Jun 15 05:33:26 2024 by rpki-client on console-fra.rpki-client.org