Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F823E/7D69A83CD5B111EC9351E620C4F9AE02/B3481ED4D5B611ECA61EEC28C4F9AE02.roa
File:                     B3481ED4D5B611ECA61EEC28C4F9AE02.roa (raw, json)
Hash identifier:          o8+kpkkcUlfY/bs7XStrTS+t+OkNW4hpa6KuuucmgCo=
Subject key identifier:   0F:D4:A9:76:A4:0C:55:7B:99:BE:46:73:F7:45:61:E4:08:98:23:AA
Certificate issuer:       /CN=A91F823E/serialNumber=3EEADF145AE29B48240A3FBA3AFBD949A8F1535D
Certificate serial:       01FA
Authority key identifier: 3E:EA:DF:14:5A:E2:9B:48:24:0A:3F:BA:3A:FB:D9:49:A8:F1:53:5D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PurfFFrim0gkCj-6OvvZSajxU10.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F823E/7D69A83CD5B111EC9351E620C4F9AE02/B3481ED4D5B611ECA61EEC28C4F9AE02.roa
Signing time:             Tue 19 Dec 2023 03:34:22 +0000
ROA not before:           Tue 19 Dec 2023 03:34:22 +0000
ROA not after:            Sun 02 Mar 2025 00:00:00 +0000
asID:                     4826
IP address blocks:        203.13.208.0/24 maxlen: 24
                          203.13.209.0/24 maxlen: 24
                          203.13.210.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91F823E/7D69A83CD5B111EC9351E620C4F9AE02/PurfFFrim0gkCj-6OvvZSajxU10.crl
                          rsync://rpki.apnic.net/member_repository/A91F823E/7D69A83CD5B111EC9351E620C4F9AE02/PurfFFrim0gkCj-6OvvZSajxU10.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PurfFFrim0gkCj-6OvvZSajxU10.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 24 Jun 2024 03:40:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 506 (0x1fa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F823E/serialNumber=3EEADF145AE29B48240A3FBA3AFBD949A8F1535D
        Validity
            Not Before: Dec 19 03:34:22 2023 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=65810f3e-980d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:12:e8:90:63:ee:9f:39:5c:d0:48:e0:a4:b4:
                    67:87:d3:8f:04:19:d5:54:cd:e3:40:07:f5:1f:71:
                    28:b9:df:84:97:9a:85:42:76:b4:a4:5c:ea:9c:d8:
                    55:be:dc:b9:64:9e:f2:f8:ba:7f:fa:bd:7d:8e:05:
                    e4:65:92:8c:c0:56:53:a6:93:cd:11:fa:47:b1:56:
                    b4:cf:d9:06:e0:54:91:a2:f3:1b:80:87:ff:16:17:
                    8f:56:c7:04:de:56:46:b5:9c:fa:52:b1:06:41:04:
                    e4:a7:e9:64:40:4d:0a:81:58:0a:b0:a2:da:b0:2e:
                    48:05:dd:1e:d5:3d:86:65:dc:3b:be:2e:96:35:f4:
                    6d:b3:17:98:70:77:49:a3:82:2b:99:96:6b:3c:d2:
                    4b:9f:01:fe:45:d4:d8:6c:26:c4:f7:56:12:09:ce:
                    d3:d9:14:8b:d6:cd:60:3b:01:3f:76:46:62:cc:32:
                    d4:00:27:ca:dc:cb:9a:5d:a3:d8:49:6b:25:65:ad:
                    fc:33:25:87:77:06:5c:88:86:fb:da:6e:c3:e5:c6:
                    d4:ad:12:11:8c:a3:d6:df:ed:f3:4e:21:1a:19:a8:
                    44:31:54:7d:2a:11:48:49:6f:58:66:c3:7b:6a:9d:
                    f6:af:89:74:a3:7c:9d:f3:3c:89:cd:4e:24:bc:f8:
                    e1:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:D4:A9:76:A4:0C:55:7B:99:BE:46:73:F7:45:61:E4:08:98:23:AA
            X509v3 Authority Key Identifier:
                keyid:3E:EA:DF:14:5A:E2:9B:48:24:0A:3F:BA:3A:FB:D9:49:A8:F1:53:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F823E/7D69A83CD5B111EC9351E620C4F9AE02/PurfFFrim0gkCj-6OvvZSajxU10.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PurfFFrim0gkCj-6OvvZSajxU10.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F823E/7D69A83CD5B111EC9351E620C4F9AE02/B3481ED4D5B611ECA61EEC28C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.13.208.0-203.13.210.255

    Signature Algorithm: sha256WithRSAEncryption
         5c:fc:08:96:3c:b3:43:1b:2b:37:cc:ae:fe:ad:15:20:a6:90:
         7f:13:dd:1d:e3:39:5b:d5:25:1a:28:c7:14:03:d7:4e:15:16:
         9b:15:20:f2:df:ea:21:d9:da:d7:f9:f2:04:52:19:11:28:80:
         a7:38:a4:8e:34:eb:c8:69:db:0f:99:2d:7f:57:77:76:8b:11:
         6b:ea:cc:c7:6d:1e:f9:94:53:f5:9c:87:70:3c:09:8e:3b:1a:
         df:4f:64:09:a5:63:84:1e:d7:5e:b1:21:e7:44:05:93:2f:fe:
         9a:48:f8:a9:5a:06:c1:19:89:08:8e:32:c4:bf:59:75:59:53:
         86:4b:30:7a:74:78:d8:39:62:96:52:ad:fb:5a:46:ce:a8:d4:
         eb:65:65:8e:b9:26:e9:14:3a:1f:a8:d6:e7:ca:23:72:78:0c:
         84:b5:a7:3f:d5:b3:b6:ea:c0:29:10:11:ea:8c:06:c0:b0:5d:
         26:dc:a6:72:fa:d9:01:67:5e:38:30:06:65:d1:4b:0b:e8:7a:
         f2:e3:19:01:a1:a2:0d:1c:40:04:62:54:23:c8:fa:3d:27:d9:
         8a:96:1d:78:a9:45:7d:84:4b:a4:2b:fa:5e:58:6b:f4:58:5e:
         98:cd:2a:64:db:e1:b3:9f:25:c5:d1:d1:6d:bc:69:64:00:78:
         43:bc:36:8c
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICAfowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjgyM0UxMTAvBgNVBAUTKDNFRUFERjE0NUFFMjlCNDgyNDBBM0ZCQTNBRkJEOTQ5
QThGMTUzNUQwHhcNMjMxMjE5MDMzNDIyWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTgxMGYzZS05ODBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzBLokGPunzlc0EjgpLRnh9OPBBnVVM3jQAf1H3Eoud+El5qFQna0pFzqnNhV
vty5ZJ7y+Lp/+r19jgXkZZKMwFZTppPNEfpHsVa0z9kG4FSRovMbgIf/FhePVscE
3lZGtZz6UrEGQQTkp+lkQE0KgVgKsKLasC5IBd0e1T2GZdw7vi6WNfRtsxeYcHdJ
o4IrmZZrPNJLnwH+RdTYbCbE91YSCc7T2RSL1s1gOwE/dkZizDLUACfK3MuaXaPY
SWslZa38MyWHdwZciIb72m7D5cbUrRIRjKPW3+3zTiEaGahEMVR9KhFISW9YZsN7
ap32r4l0o3yd8zyJzU4kvPjhRQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFA/UqXak
DFV7mb5Gc/dFYeQImCOqMB8GA1UdIwQYMBaAFD7q3xRa4ptIJAo/ujr72Umo8VNd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODIzRS83RDY5QTgzQ0Q1
QjExMUVDOTM1MUU2MjBDNEY5QUUwMi9QdXJmRkZyaW0wZ2tDai02T3Z2WlNhanhV
MTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1B1cmZGRnJpbTBna0NqLTZPdnZaU2FqeFUxMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjgyM0UvN0Q2OUE4M0NENUIxMTFFQzkzNTFFNjIwQzRGOUFFMDIvQjM0ODFFRDRE
NUI2MTFFQ0E2MUVFQzI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEBMsN0AMEAMsN0jANBgkqhkiG9w0BAQsFAAOCAQEAXPwI
ljyzQxsrN8yu/q0VIKaQfxPdHeM5W9UlGijHFAPXThUWmxUg8t/qIdna1/nyBFIZ
ESiApzikjjTryGnbD5ktf1d3dosRa+rMx20e+ZRT9ZyHcDwJjjsa309kCaVjhB7X
XrEh50QFky/+mkj4qVoGwRmJCI4yxL9ZdVlThkswenR42DlillKt+1pGzqjU62Vl
jrkm6RQ6H6jW58ojcngMhLWnP9WzturAKRAR6owGwLBdJtymcvrZAWdeODAGZdFL
C+h68uMZAaGiDRxABGJUI8j6PSfZipYdeKlFfYRLpCv6Xlhr9FhemM0qZNvhs58l
xdHRbbxpZAB4Q7w2jA==
-----END CERTIFICATE-----
Generated at Mon Jun 17 04:54:46 2024 by rpki-client on console-fra.rpki-client.org