Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED073/F4B4CA5264A411EDA0876B16C4F9AE02/6DDD4756EEC411EEA4BB703CC4F9AE02.roa
File:                     6DDD4756EEC411EEA4BB703CC4F9AE02.roa (raw, json)
Hash identifier:          XpmLyKEZccX3oZMxkkZa05gA6eBJQlT18dmW1jZ9ojM=
Subject key identifier:   05:FE:EA:9B:FE:5D:72:65:69:25:AA:9F:F9:4D:AC:E3:51:4E:70:7D
Certificate issuer:       /CN=A91ED073/serialNumber=08AED3E1DCB6ED7742303CEFF47DE02D92B3EDE5
Certificate serial:       0106
Authority key identifier: 08:AE:D3:E1:DC:B6:ED:77:42:30:3C:EF:F4:7D:E0:2D:92:B3:ED:E5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CK7T4dy27XdCMDzv9H3gLZKz7eU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91ED073/F4B4CA5264A411EDA0876B16C4F9AE02/6DDD4756EEC411EEA4BB703CC4F9AE02.roa
Signing time:             Sat 30 Mar 2024 18:36:32 +0000
ROA not before:           Sat 30 Mar 2024 18:36:32 +0000
ROA not after:            Sun 02 Mar 2025 00:00:00 +0000
asID:                     56264
IP address blocks:        103.37.184.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91ED073/F4B4CA5264A411EDA0876B16C4F9AE02/CK7T4dy27XdCMDzv9H3gLZKz7eU.crl
                          rsync://rpki.apnic.net/member_repository/A91ED073/F4B4CA5264A411EDA0876B16C4F9AE02/CK7T4dy27XdCMDzv9H3gLZKz7eU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CK7T4dy27XdCMDzv9H3gLZKz7eU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:03:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 262 (0x106)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91ED073/serialNumber=08AED3E1DCB6ED7742303CEFF47DE02D92B3EDE5
        Validity
            Not Before: Mar 30 18:36:32 2024 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=66085bb0-1e36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:7f:df:b2:be:96:ed:1b:b9:15:f1:bb:2d:ff:
                    99:c4:b6:40:ec:db:af:ca:56:75:39:26:e0:0d:eb:
                    ef:02:d9:ce:53:94:21:2c:e9:78:82:7f:79:07:04:
                    a4:43:29:f0:dc:60:fe:18:42:a8:b7:61:b1:58:4c:
                    64:5d:bb:6b:9c:7a:75:c7:eb:2c:ca:37:d2:2e:50:
                    5d:35:49:29:6b:44:ef:93:bd:3f:fb:0e:f9:2e:d1:
                    6e:e6:cf:0c:c6:92:98:9e:4f:54:a1:53:01:3b:a4:
                    e6:ab:ad:d8:f3:46:ab:3d:62:15:b2:12:84:2a:19:
                    92:c7:e8:c3:eb:98:0e:1b:af:6e:ed:bc:db:0f:bc:
                    54:dc:19:70:c9:77:da:0f:a1:39:8d:2e:d3:34:04:
                    c9:06:4f:b5:13:b6:b3:34:cf:ec:f8:4d:75:0d:98:
                    d2:a3:0c:11:77:ea:1f:cf:9f:70:d2:9e:0e:e7:f8:
                    a1:93:65:f9:4b:63:68:3e:55:9c:9e:a7:a9:11:df:
                    07:0a:1b:96:62:0c:47:fe:01:27:89:d1:68:13:0d:
                    c8:53:51:e9:cc:4e:c7:f9:95:65:36:97:75:be:27:
                    e6:b9:6b:9c:e5:1b:b2:99:e1:cf:c8:c7:2b:e3:51:
                    ed:f7:84:85:fc:fb:f5:92:11:49:b7:d5:40:57:8d:
                    a6:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:FE:EA:9B:FE:5D:72:65:69:25:AA:9F:F9:4D:AC:E3:51:4E:70:7D
            X509v3 Authority Key Identifier:
                keyid:08:AE:D3:E1:DC:B6:ED:77:42:30:3C:EF:F4:7D:E0:2D:92:B3:ED:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91ED073/F4B4CA5264A411EDA0876B16C4F9AE02/CK7T4dy27XdCMDzv9H3gLZKz7eU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CK7T4dy27XdCMDzv9H3gLZKz7eU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED073/F4B4CA5264A411EDA0876B16C4F9AE02/6DDD4756EEC411EEA4BB703CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.37.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:96:42:98:27:af:79:f6:06:6f:87:ac:a5:32:19:b2:17:02:
         2c:b1:fe:40:13:b4:a1:04:34:b9:2d:ce:86:44:a5:b3:b7:19:
         77:28:8c:c5:49:e2:42:2a:8a:7a:65:82:0d:a1:e9:62:98:3e:
         ac:50:7a:7f:35:83:01:23:25:be:45:b8:e5:b7:71:37:a2:b2:
         89:e6:7d:e8:ea:d3:80:ae:51:23:91:81:7a:53:af:b8:d4:13:
         3e:0c:cd:05:fb:1f:0b:bd:f1:8b:30:73:fd:0a:82:ee:1a:ed:
         8d:a6:c0:00:9f:8b:5a:95:8e:af:a7:2e:db:dc:dd:20:3d:ff:
         da:bf:9b:14:7d:c5:26:b0:82:08:62:75:80:42:2d:71:28:4b:
         1f:e4:8c:9c:86:27:c6:3c:c4:12:3f:82:bb:7c:e8:97:33:9c:
         15:27:cf:a4:f8:05:7e:08:2a:3f:b4:cb:dd:dd:2a:b3:95:a7:
         cb:5e:be:3c:b6:41:29:52:0c:a6:bf:0f:c3:52:0c:fa:6d:4d:
         fe:73:dc:97:68:c6:73:7e:a0:7b:0d:20:cc:18:cb:72:3d:47:
         65:b2:9f:1d:ed:a0:6b:7c:d4:c6:4a:c2:a3:79:2b:4a:f8:15:
         ce:81:e6:9d:8c:f2:12:4a:cb:fd:7f:d6:70:b8:3e:27:32:ad:
         a3:15:30:40
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAQYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUQwNzMxMTAvBgNVBAUTKDA4QUVEM0UxRENCNkVENzc0MjMwM0NFRkY0N0RFMDJE
OTJCM0VERTUwHhcNMjQwMzMwMTgzNjMyWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjA4NWJiMC0xZTM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA83/fsr6W7Ru5FfG7Lf+ZxLZA7NuvylZ1OSbgDevvAtnOU5QhLOl4gn95BwSk
Qynw3GD+GEKot2GxWExkXbtrnHp1x+ssyjfSLlBdNUkpa0Tvk70/+w75LtFu5s8M
xpKYnk9UoVMBO6Tmq63Y80arPWIVshKEKhmSx+jD65gOG69u7bzbD7xU3BlwyXfa
D6E5jS7TNATJBk+1E7azNM/s+E11DZjSowwRd+ofz59w0p4O5/ihk2X5S2NoPlWc
nqepEd8HChuWYgxH/gEnidFoEw3IU1HpzE7H+ZVlNpd1vifmuWuc5RuymeHPyMcr
41Ht94SF/Pv1khFJt9VAV42mkwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAX+6pv+
XXJlaSWqn/lNrONRTnB9MB8GA1UdIwQYMBaAFAiu0+Hctu13QjA87/R94C2Ss+3l
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRDA3My9GNEI0Q0E1MjY0
QTQxMUVEQTA4NzZCMTZDNEY5QUUwMi9DSzdUNGR5MjdYZENNRHp2OUgzZ0xaS3o3
ZVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NLN1Q0ZHkyN1hkQ01EenY5SDNnTFpLejdlVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUQwNzMvRjRCNENBNTI2NEE0MTFFREEwODc2QjE2QzRGOUFFMDIvNkRERDQ3NTZF
RUM0MTFFRUE0QkI3MDNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnJbgwDQYJKoZIhvcNAQELBQADggEBAKGWQpgnr3n2Bm+H
rKUyGbIXAiyx/kATtKEENLktzoZEpbO3GXcojMVJ4kIqinplgg2h6WKYPqxQen81
gwEjJb5FuOW3cTeisonmfejq04CuUSORgXpTr7jUEz4MzQX7Hwu98Yswc/0Kgu4a
7Y2mwACfi1qVjq+nLtvc3SA9/9q/mxR9xSawgghidYBCLXEoSx/kjJyGJ8Y8xBI/
grt86JcznBUnz6T4BX4IKj+0y93dKrOVp8tevjy2QSlSDKa/D8NSDPptTf5z3Jdo
xnN+oHsNIMwYy3I9R2Wynx3toGt81MZKwqN5K0r4Fc6B5p2M8hJKy/1/1nC4Picy
raMVMEA=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:58:58 2024 by rpki-client on console-ams.rpki-client.org