Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC24F/3C130576671011EE9EC9A127C4F9AE02/E50B556868D011EE8509F75CC4F9AE02.roa
File:                     E50B556868D011EE8509F75CC4F9AE02.roa (raw, json)
Hash identifier:          67tMcBm5eVdUDPwNktyza5/lKXwHrTHlx6PSxFH97cM=
Subject key identifier:   CC:DA:6C:FB:DB:C3:EC:88:9C:E8:A2:65:A9:B7:0E:6E:BC:3D:48:D9
Certificate issuer:       /CN=A91DC24F/serialNumber=D26E22306218DA96C302FBEAAC9437275B1EC6ED
Certificate serial:       08
Authority key identifier: D2:6E:22:30:62:18:DA:96:C3:02:FB:EA:AC:94:37:27:5B:1E:C6:ED
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0m4iMGIY2pbDAvvqrJQ3J1sexu0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DC24F/3C130576671011EE9EC9A127C4F9AE02/E50B556868D011EE8509F75CC4F9AE02.roa
Signing time:             Thu 12 Oct 2023 07:28:10 +0000
ROA not before:           Thu 12 Oct 2023 07:28:10 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     151952
IP address blocks:        36.50.38.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91DC24F/3C130576671011EE9EC9A127C4F9AE02/0m4iMGIY2pbDAvvqrJQ3J1sexu0.crl
                          rsync://rpki.apnic.net/member_repository/A91DC24F/3C130576671011EE9EC9A127C4F9AE02/0m4iMGIY2pbDAvvqrJQ3J1sexu0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0m4iMGIY2pbDAvvqrJQ3J1sexu0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 20 Jun 2024 07:03:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8 (0x8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DC24F/serialNumber=D26E22306218DA96C302FBEAAC9437275B1EC6ED
        Validity
            Not Before: Oct 12 07:28:10 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=6527a00a-bd3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:f7:e2:87:63:f9:eb:c4:cc:ad:33:2f:1b:0c:
                    83:15:b1:4c:1a:11:8f:04:e3:17:23:07:1d:d1:4d:
                    95:a3:d3:32:32:fa:70:24:56:5b:bf:f9:50:b8:6f:
                    f9:6e:7d:d9:ac:a4:15:95:d2:ec:fb:67:3a:33:84:
                    79:ee:13:2e:17:08:66:53:1b:e9:03:6d:6e:20:0e:
                    ee:e2:cf:3e:bc:cc:20:45:3f:17:cc:1a:ec:83:3f:
                    65:52:3e:a2:bb:5c:68:c7:42:05:b1:3b:e0:1a:ab:
                    05:c8:10:c0:58:8d:06:dc:97:2d:44:99:9a:2a:49:
                    50:1f:cb:dc:c1:21:71:6a:f7:bb:f1:bc:46:39:7a:
                    5c:31:da:d7:29:77:ef:14:00:9b:39:c8:53:63:c8:
                    7e:1a:7d:1e:b8:0b:57:f4:cc:81:3b:d2:34:61:02:
                    a2:99:83:c1:0e:c8:53:ae:4a:a6:1d:44:12:34:12:
                    66:48:59:ae:f2:22:55:c0:61:37:c2:ef:c3:92:6c:
                    51:8b:85:d4:e3:5c:d1:37:80:04:cf:f6:85:8b:14:
                    f0:8f:6b:89:8c:bf:a1:66:46:d6:7f:76:68:e9:a8:
                    e9:b7:38:24:f3:03:96:bf:ea:5f:87:e2:f5:87:1c:
                    70:f1:a4:49:f5:96:2d:f4:cf:fa:a0:f9:56:8f:b5:
                    9e:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:DA:6C:FB:DB:C3:EC:88:9C:E8:A2:65:A9:B7:0E:6E:BC:3D:48:D9
            X509v3 Authority Key Identifier:
                keyid:D2:6E:22:30:62:18:DA:96:C3:02:FB:EA:AC:94:37:27:5B:1E:C6:ED

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DC24F/3C130576671011EE9EC9A127C4F9AE02/0m4iMGIY2pbDAvvqrJQ3J1sexu0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0m4iMGIY2pbDAvvqrJQ3J1sexu0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC24F/3C130576671011EE9EC9A127C4F9AE02/E50B556868D011EE8509F75CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  36.50.38.0/23

    Signature Algorithm: sha256WithRSAEncryption
         73:b6:06:db:43:ed:1f:96:80:2a:6c:88:ed:dc:9d:5e:a9:2e:
         ef:47:3c:ec:d4:9a:73:d9:df:d9:43:2f:bd:a2:b9:ff:62:0d:
         44:92:45:3e:4e:2b:67:8a:1a:af:51:a2:5e:cc:76:ec:2f:6f:
         9a:c5:19:94:ac:a4:fd:e1:81:4d:4f:be:91:fc:2a:5d:85:30:
         03:75:30:63:4c:7b:07:1a:59:c0:61:9d:eb:2e:dc:2e:4e:a5:
         cc:49:db:0f:07:17:a2:a7:1e:f3:6a:36:b0:5e:03:b7:4e:ab:
         f1:b0:dd:91:f5:2c:3b:76:7c:b6:64:0f:0e:dc:c9:65:d4:c7:
         f1:ea:a3:5a:fb:62:15:27:ca:b3:f2:39:7b:ea:7f:ef:f3:0b:
         8a:af:dc:9f:dd:05:41:3c:3f:bc:3d:26:46:f0:6c:56:06:84:
         15:ab:08:7e:e0:4b:01:a1:42:01:78:5a:eb:35:13:1a:ee:88:
         e3:5c:2b:03:5f:d8:70:9d:aa:35:ab:1e:6c:b8:b5:b6:1e:59:
         bd:54:5f:4e:df:8c:6d:6d:9b:3e:c1:fc:35:89:18:ec:3f:04:
         42:8a:a8:0b:6f:ed:8f:e6:5a:f0:18:4e:23:7b:6a:54:91:ee:
         cf:87:0d:b3:9c:0c:60:06:3f:88:d2:8a:71:0a:b8:e7:56:ce:
         04:34:39:16
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
QzI0RjExMC8GA1UEBRMoRDI2RTIyMzA2MjE4REE5NkMzMDJGQkVBQUM5NDM3Mjc1
QjFFQzZFRDAeFw0yMzEwMTIwNzI4MTBaFw0yNTAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MjdhMDBhLWJkM2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDY9+KHY/nrxMytMy8bDIMVsUwaEY8E4xcjBx3RTZWj0zIy+nAkVlu/+VC4b/lu
fdmspBWV0uz7ZzozhHnuEy4XCGZTG+kDbW4gDu7izz68zCBFPxfMGuyDP2VSPqK7
XGjHQgWxO+AaqwXIEMBYjQbcly1EmZoqSVAfy9zBIXFq97vxvEY5elwx2tcpd+8U
AJs5yFNjyH4afR64C1f0zIE70jRhAqKZg8EOyFOuSqYdRBI0EmZIWa7yIlXAYTfC
78OSbFGLhdTjXNE3gATP9oWLFPCPa4mMv6FmRtZ/dmjpqOm3OCTzA5a/6l+H4vWH
HHDxpEn1li30z/qg+VaPtZ7FAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUzNps+9vD
7Iic6KJlqbcObrw9SNkwHwYDVR0jBBgwFoAU0m4iMGIY2pbDAvvqrJQ3J1sexu0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURDMjRGLzNDMTMwNTc2Njcx
MDExRUU5RUM5QTEyN0M0RjlBRTAyLzBtNGlNR0lZMnBiREF2dnFySlEzSjFzZXh1
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMG00aU1HSVkycGJEQXZ2cXJKUTNKMXNleHUwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
QzI0Ri8zQzEzMDU3NjY3MTAxMUVFOUVDOUExMjdDNEY5QUUwMi9FNTBCNTU2ODY4
RDAxMUVFODUwOUY3NUNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEASQyJjANBgkqhkiG9w0BAQsFAAOCAQEAc7YG20PtH5aAKmyI
7dydXqku70c87NSac9nf2UMvvaK5/2INRJJFPk4rZ4oar1GiXsx27C9vmsUZlKyk
/eGBTU++kfwqXYUwA3UwY0x7BxpZwGGd6y7cLk6lzEnbDwcXoqce82o2sF4Dt06r
8bDdkfUsO3Z8tmQPDtzJZdTH8eqjWvtiFSfKs/I5e+p/7/MLiq/cn90FQTw/vD0m
RvBsVgaEFasIfuBLAaFCAXha6zUTGu6I41wrA1/YcJ2qNasebLi1th5ZvVRfTt+M
bW2bPsH8NYkY7D8EQoqoC2/tj+Za8BhOI3tqVJHuz4cNs5wMYAY/iNKKcQq451bO
BDQ5Fg==
-----END CERTIFICATE-----
Generated at Thu Jun 13 07:43:07 2024 by rpki-client on console-fra.rpki-client.org