Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E756E/AD86CAAA554111EB864CB87DC4F9AE02/F515761C554311EBAAB65382C4F9AE02.roa
File:                     F515761C554311EBAAB65382C4F9AE02.roa (raw, json)
Hash identifier:          Lo7ST7msAw+VbXSq/mG+XAyKJromzHBAr6bVZJIuUi0=
Subject key identifier:   24:F2:96:D0:89:94:2C:C8:6D:BC:26:D3:ED:A3:11:B3:FE:D7:1D:54
Certificate issuer:       /CN=A91E756E/serialNumber=4AD66F8DFCDEA17F2567CA381454205F38068F60
Certificate serial:       05E7
Authority key identifier: 4A:D6:6F:8D:FC:DE:A1:7F:25:67:CA:38:14:54:20:5F:38:06:8F:60
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/StZvjfzeoX8lZ8o4FFQgXzgGj2A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E756E/AD86CAAA554111EB864CB87DC4F9AE02/F515761C554311EBAAB65382C4F9AE02.roa
Signing time:             Mon 12 Feb 2024 23:42:24 +0000
ROA not before:           Mon 12 Feb 2024 23:42:24 +0000
ROA not after:            Thu 01 May 2025 00:00:00 +0000
asID:                     9381
IP address blocks:        45.124.8.0/22 maxlen: 24
                          103.247.140.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E756E/AD86CAAA554111EB864CB87DC4F9AE02/StZvjfzeoX8lZ8o4FFQgXzgGj2A.crl
                          rsync://rpki.apnic.net/member_repository/A91E756E/AD86CAAA554111EB864CB87DC4F9AE02/StZvjfzeoX8lZ8o4FFQgXzgGj2A.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/StZvjfzeoX8lZ8o4FFQgXzgGj2A.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 19 Jun 2024 22:27:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1511 (0x5e7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E756E/serialNumber=4AD66F8DFCDEA17F2567CA381454205F38068F60
        Validity
            Not Before: Feb 12 23:42:24 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=65caace0-40f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:1b:9c:08:08:3a:73:51:b3:45:e8:4b:b9:e6:
                    f4:66:d7:6a:16:5a:06:03:47:63:0a:f0:37:d6:dc:
                    54:65:2c:f3:cd:9c:10:a1:14:9b:d2:c6:6e:a2:97:
                    f2:16:1e:a2:ee:6c:60:6e:ee:f5:5f:0f:21:a0:4b:
                    bf:76:f3:9f:57:a5:c1:5a:0e:3c:21:b2:83:eb:c5:
                    47:6e:ad:a6:d2:5c:e3:a9:84:45:bd:8e:14:19:7f:
                    a6:72:40:b1:30:df:5a:6e:b3:f0:1d:45:f6:82:50:
                    4d:a5:2c:e0:d2:89:1a:51:f3:16:a2:77:cd:1f:35:
                    02:7c:70:29:08:61:06:83:8e:03:45:6b:c6:ad:b3:
                    7c:0b:92:86:84:8f:06:02:e8:e6:d6:98:66:6a:53:
                    68:9b:bd:85:d2:a7:1e:65:17:c8:61:4c:4b:b4:26:
                    59:b4:4f:0e:96:ef:b8:bd:a7:33:d3:aa:f3:dd:1f:
                    89:af:ed:57:64:f3:08:1d:71:61:34:8b:4c:ae:c8:
                    53:d5:de:57:a7:b8:b7:2a:44:da:d5:30:e0:d2:cf:
                    fc:2f:32:27:10:43:c7:13:be:e8:15:54:f5:7b:33:
                    4a:10:6c:0a:d6:e6:27:1d:41:fc:cf:63:db:79:34:
                    81:5d:f3:78:d6:1d:77:e2:18:56:97:36:b5:fa:18:
                    da:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:F2:96:D0:89:94:2C:C8:6D:BC:26:D3:ED:A3:11:B3:FE:D7:1D:54
            X509v3 Authority Key Identifier:
                keyid:4A:D6:6F:8D:FC:DE:A1:7F:25:67:CA:38:14:54:20:5F:38:06:8F:60

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E756E/AD86CAAA554111EB864CB87DC4F9AE02/StZvjfzeoX8lZ8o4FFQgXzgGj2A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/StZvjfzeoX8lZ8o4FFQgXzgGj2A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E756E/AD86CAAA554111EB864CB87DC4F9AE02/F515761C554311EBAAB65382C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.124.8.0/22
                  103.247.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         80:b4:24:26:3d:95:5b:f8:28:fd:a4:98:f6:0b:4e:1a:f7:f8:
         c5:a6:b9:f0:44:aa:2e:d8:e0:ca:7c:76:8e:94:95:89:6e:93:
         d6:85:ac:2e:43:a6:4f:44:36:9f:b4:4b:a0:60:7f:54:17:f2:
         e3:d0:16:42:7a:f4:59:92:f6:f3:52:5e:ae:ec:dd:e9:8e:3a:
         b4:57:8a:ea:26:ff:eb:82:8d:18:86:52:20:9d:fd:83:1d:3b:
         e2:56:43:5e:08:1d:d2:f4:70:d6:22:25:1d:79:f9:8d:13:29:
         86:96:b7:7b:64:19:b6:a7:32:14:5c:a1:6c:0a:ea:3e:fc:00:
         2c:50:52:6c:e4:8d:77:62:87:7b:81:3b:46:df:6d:da:8a:5f:
         05:68:a6:d1:14:c8:f0:49:6c:9f:51:32:c6:12:91:ce:d3:5e:
         47:fb:05:b8:b6:6f:aa:57:41:3f:b5:60:0b:27:86:73:39:29:
         2c:98:8b:69:ea:46:8a:2e:80:98:15:08:17:f8:7e:18:94:df:
         06:e2:a6:d8:6a:f2:2f:d2:b2:be:db:f1:78:27:6f:1b:86:2d:
         6a:24:94:df:60:e2:c1:27:07:f6:5a:06:9f:61:7d:78:f0:2e:
         56:34:3b:ec:69:33:3e:a2:04:37:1d:bc:98:64:59:3d:e9:3f:
         ec:3a:2d:dd
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBecwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTc1NkUxMTAvBgNVBAUTKDRBRDY2RjhERkNERUExN0YyNTY3Q0EzODE0NTQyMDVG
MzgwNjhGNjAwHhcNMjQwMjEyMjM0MjI0WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWNhYWNlMC00MGYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5RucCAg6c1GzRehLueb0ZtdqFloGA0djCvA31txUZSzzzZwQoRSb0sZuopfy
Fh6i7mxgbu71Xw8hoEu/dvOfV6XBWg48IbKD68VHbq2m0lzjqYRFvY4UGX+mckCx
MN9abrPwHUX2glBNpSzg0okaUfMWonfNHzUCfHApCGEGg44DRWvGrbN8C5KGhI8G
Aujm1phmalNom72F0qceZRfIYUxLtCZZtE8Olu+4vacz06rz3R+Jr+1XZPMIHXFh
NItMrshT1d5Xp7i3KkTa1TDg0s/8LzInEEPHE77oFVT1ezNKEGwK1uYnHUH8z2Pb
eTSBXfN41h134hhWlza1+hjaZwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCTyltCJ
lCzIbbwm0+2jEbP+1x1UMB8GA1UdIwQYMBaAFErWb4383qF/JWfKOBRUIF84Bo9g
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzU2RS9BRDg2Q0FBQTU1
NDExMUVCODY0Q0I4N0RDNEY5QUUwMi9TdFp2amZ6ZW9YOGxaOG80RkZRZ1h6Z0dq
MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1N0WnZqZnplb1g4bFo4bzRGRlFnWHpnR2oyQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTc1NkUvQUQ4NkNBQUE1NTQxMTFFQjg2NENCODdEQzRGOUFFMDIvRjUxNTc2MUM1
NTQzMTFFQkFBQjY1MzgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAItfAgDBAJn94wwDQYJKoZIhvcNAQELBQADggEBAIC0JCY9
lVv4KP2kmPYLThr3+MWmufBEqi7Y4Mp8do6UlYluk9aFrC5Dpk9ENp+0S6Bgf1QX
8uPQFkJ69FmS9vNSXq7s3emOOrRXiuom/+uCjRiGUiCd/YMdO+JWQ14IHdL0cNYi
JR15+Y0TKYaWt3tkGbanMhRcoWwK6j78ACxQUmzkjXdih3uBO0bfbdqKXwVoptEU
yPBJbJ9RMsYSkc7TXkf7Bbi2b6pXQT+1YAsnhnM5KSyYi2nqRoougJgVCBf4fhiU
3wbipthq8i/Ssr7b8XgnbxuGLWoklN9g4sEnB/ZaBp9hfXjwLlY0O+xpMz6iBDcd
vJhkWT3pP+w6Ld0=
-----END CERTIFICATE-----
Generated at Thu Jun 13 00:18:49 2024 by rpki-client on console-fra.rpki-client.org