Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DB04D/E958AFE6019C11EC91644B7BC4F9AE02/5913DBAA01A011ECBFF72849C4F9AE02.roa
File:                     5913DBAA01A011ECBFF72849C4F9AE02.roa (raw, json)
Hash identifier:          lQ+1jqh0wfjJhsVaKK8sy3efDGbMHWeel7kX3lnMMu8=
Subject key identifier:   F6:BC:B8:62:E6:DC:2E:0D:73:14:AD:EA:40:3F:1A:E4:45:EC:4C:FA
Certificate issuer:       /CN=A91DB04D/serialNumber=AA13A8F62A6FD27E9B99EE386B14519E6FCC8632
Certificate serial:       0407
Authority key identifier: AA:13:A8:F6:2A:6F:D2:7E:9B:99:EE:38:6B:14:51:9E:6F:CC:86:32
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qhOo9ipv0n6bme44axRRnm_MhjI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DB04D/E958AFE6019C11EC91644B7BC4F9AE02/5913DBAA01A011ECBFF72849C4F9AE02.roa
Signing time:             Sat 25 Nov 2023 01:32:38 +0000
ROA not before:           Sat 25 Nov 2023 01:32:38 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     138340
IP address blocks:        103.130.140.0/24 maxlen: 24
                          103.130.141.0/24 maxlen: 24
                          103.130.142.0/24 maxlen: 24
                          103.130.143.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91DB04D/E958AFE6019C11EC91644B7BC4F9AE02/qhOo9ipv0n6bme44axRRnm_MhjI.crl
                          rsync://rpki.apnic.net/member_repository/A91DB04D/E958AFE6019C11EC91644B7BC4F9AE02/qhOo9ipv0n6bme44axRRnm_MhjI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qhOo9ipv0n6bme44axRRnm_MhjI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1031 (0x407)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DB04D/serialNumber=AA13A8F62A6FD27E9B99EE386B14519E6FCC8632
        Validity
            Not Before: Nov 25 01:32:38 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=65614eb5-7363
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:82:b8:ba:6b:d8:d9:12:38:e0:68:bc:eb:fd:
                    62:26:8e:98:6f:ff:67:c6:2b:96:65:90:3e:85:fc:
                    da:9b:f8:b6:dd:13:12:08:b2:70:01:77:b8:25:2d:
                    2a:6a:af:b4:b6:3f:41:6d:0f:83:92:47:8c:43:62:
                    c2:a3:6f:8e:76:d5:ce:e1:e4:86:c3:58:8c:42:e7:
                    59:2b:5c:74:2f:6b:82:dc:17:82:63:9e:12:63:1c:
                    89:67:25:53:22:d4:2e:75:e3:e3:eb:72:52:8e:c6:
                    97:7e:65:c6:0c:cb:bb:01:2d:b8:bd:3e:74:b5:93:
                    0c:03:3b:2e:25:0d:20:c9:c4:7b:96:09:a8:17:66:
                    93:a4:af:8f:95:e5:4e:ff:6b:aa:ae:60:cb:7f:37:
                    14:17:6a:0c:c0:6a:8c:fb:ea:b8:67:d1:c4:b5:1e:
                    f8:fb:1d:cc:4a:6a:86:fa:ff:e8:cc:4a:97:3e:d5:
                    9e:0d:3e:a8:c2:ee:24:00:7e:60:c5:6b:81:2f:69:
                    6a:bf:88:c8:fd:8e:2a:8b:16:d4:e1:12:30:42:7d:
                    f7:f9:d2:22:2e:65:78:47:28:7d:41:28:15:80:6b:
                    d4:32:fd:0e:3d:5b:33:a5:ad:6e:d2:8e:54:01:72:
                    b7:b8:cd:7c:99:0c:7d:69:fc:39:68:6d:46:26:53:
                    f3:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:BC:B8:62:E6:DC:2E:0D:73:14:AD:EA:40:3F:1A:E4:45:EC:4C:FA
            X509v3 Authority Key Identifier:
                keyid:AA:13:A8:F6:2A:6F:D2:7E:9B:99:EE:38:6B:14:51:9E:6F:CC:86:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DB04D/E958AFE6019C11EC91644B7BC4F9AE02/qhOo9ipv0n6bme44axRRnm_MhjI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qhOo9ipv0n6bme44axRRnm_MhjI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DB04D/E958AFE6019C11EC91644B7BC4F9AE02/5913DBAA01A011ECBFF72849C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.130.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         cc:03:73:57:ba:85:a2:df:3e:82:57:43:0d:af:bc:f6:61:59:
         52:5f:99:62:9b:fe:c0:c6:1c:44:be:bd:b7:8b:03:d2:01:85:
         13:d2:7d:2e:bd:c8:12:8f:dd:6a:e3:68:26:27:9c:b8:60:59:
         ee:b0:4d:90:18:21:14:bf:69:54:91:34:6f:2c:39:37:d2:bc:
         40:b5:fd:3a:59:ac:79:1c:2d:a9:e9:77:46:aa:cf:c2:43:7b:
         be:67:c2:cb:fe:3e:80:cd:2a:1a:29:20:77:ce:18:0b:ba:fc:
         cc:27:84:54:ad:71:f4:5b:e9:fb:81:20:be:0a:34:e4:2f:ce:
         19:90:d8:a5:7b:69:be:49:c0:ec:e1:f8:09:39:99:75:e6:ec:
         c9:c9:eb:9b:a6:c0:75:ae:3c:8a:6e:86:82:f3:9c:a5:22:ce:
         fc:fb:45:96:29:82:82:11:c9:f6:e2:b1:b9:3c:90:af:e5:39:
         36:64:e6:b2:e0:b9:38:68:19:8b:ae:1b:65:fa:b2:b4:a0:cd:
         e8:ff:06:2f:f1:e5:c2:f4:a3:a8:aa:25:30:c0:12:3e:48:fd:
         91:bd:3f:61:46:57:54:25:a9:e3:dc:f5:5c:24:e8:3f:72:c0:
         a3:da:b0:6d:c0:1f:88:14:4e:a8:b2:f5:01:0b:dd:40:53:ac:
         be:25:d2:ba
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBAcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REIwNEQxMTAvBgNVBAUTKEFBMTNBOEY2MkE2RkQyN0U5Qjk5RUUzODZCMTQ1MTlF
NkZDQzg2MzIwHhcNMjMxMTI1MDEzMjM4WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTYxNGViNS03MzYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnoK4umvY2RI44Gi86/1iJo6Yb/9nxiuWZZA+hfzam/i23RMSCLJwAXe4JS0q
aq+0tj9BbQ+DkkeMQ2LCo2+OdtXO4eSGw1iMQudZK1x0L2uC3BeCY54SYxyJZyVT
ItQudePj63JSjsaXfmXGDMu7AS24vT50tZMMAzsuJQ0gycR7lgmoF2aTpK+PleVO
/2uqrmDLfzcUF2oMwGqM++q4Z9HEtR74+x3MSmqG+v/ozEqXPtWeDT6owu4kAH5g
xWuBL2lqv4jI/Y4qixbU4RIwQn33+dIiLmV4Ryh9QSgVgGvUMv0OPVszpa1u0o5U
AXK3uM18mQx9afw5aG1GJlPzcQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPa8uGLm
3C4NcxSt6kA/GuRF7Ez6MB8GA1UdIwQYMBaAFKoTqPYqb9J+m5nuOGsUUZ5vzIYy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQjA0RC9FOTU4QUZFNjAx
OUMxMUVDOTE2NDRCN0JDNEY5QUUwMi9xaE9vOWlwdjBuNmJtZTQ0YXhSUm5tX01o
akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FoT285aXB2MG42Ym1lNDRheFJSbm1fTWhqSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REIwNEQvRTk1OEFGRTYwMTlDMTFFQzkxNjQ0QjdCQzRGOUFFMDIvNTkxM0RCQUEw
MUEwMTFFQ0JGRjcyODQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJngowwDQYJKoZIhvcNAQELBQADggEBAMwDc1e6haLfPoJX
Qw2vvPZhWVJfmWKb/sDGHES+vbeLA9IBhRPSfS69yBKP3WrjaCYnnLhgWe6wTZAY
IRS/aVSRNG8sOTfSvEC1/TpZrHkcLanpd0aqz8JDe75nwsv+PoDNKhopIHfOGAu6
/MwnhFStcfRb6fuBIL4KNOQvzhmQ2KV7ab5JwOzh+Ak5mXXm7MnJ65umwHWuPIpu
hoLznKUizvz7RZYpgoIRyfbisbk8kK/lOTZk5rLguThoGYuuG2X6srSgzej/Bi/x
5cL0o6iqJTDAEj5I/ZG9P2FGV1QlqePc9Vwk6D9ywKPasG3AH4gUTqiy9QEL3UBT
rL4l0ro=
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:27:28 2024 by rpki-client on console-ams.rpki-client.org