Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91FB8C8/C44C04528EC911EE9F8E447FC4F9AE02/CA5B7DA48ECA11EEA3901581C4F9AE02.roa
File:                     CA5B7DA48ECA11EEA3901581C4F9AE02.roa (raw, json)
Hash identifier:          sSUygvO4tgmOpRgBbCAQ01iCPpNPh5y2xYEsG36MtWM=
Subject key identifier:   E9:66:40:61:52:E6:E7:DE:66:BE:30:96:E6:26:C6:A3:A9:E1:AD:37
Certificate issuer:       /CN=A91FB8C8/serialNumber=369B3E9B7B66E8F5BB979A6E2F2E7AACF500D3F1
Certificate serial:       02
Authority key identifier: 36:9B:3E:9B:7B:66:E8:F5:BB:97:9A:6E:2F:2E:7A:AC:F5:00:D3:F1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nps-m3tm6PW7l5puLy56rPUA0_E.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91FB8C8/C44C04528EC911EE9F8E447FC4F9AE02/CA5B7DA48ECA11EEA3901581C4F9AE02.roa
Signing time:             Wed 29 Nov 2023 15:20:12 +0000
ROA not before:           Wed 29 Nov 2023 15:20:12 +0000
ROA not after:            Sun 02 Mar 2025 00:00:00 +0000
asID:                     134564
IP address blocks:        36.50.30.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91FB8C8/C44C04528EC911EE9F8E447FC4F9AE02/Nps-m3tm6PW7l5puLy56rPUA0_E.crl
                          rsync://rpki.apnic.net/member_repository/A91FB8C8/C44C04528EC911EE9F8E447FC4F9AE02/Nps-m3tm6PW7l5puLy56rPUA0_E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nps-m3tm6PW7l5puLy56rPUA0_E.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FB8C8/serialNumber=369B3E9B7B66E8F5BB979A6E2F2E7AACF500D3F1
        Validity
            Not Before: Nov 29 15:20:12 2023 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=656756ac-f9b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:bd:ae:d9:1d:38:bd:81:7c:d9:31:ec:74:f8:
                    12:46:05:0d:2a:9d:a9:1f:07:15:d5:0d:20:c0:75:
                    55:ba:fd:ba:ed:89:fe:97:cc:5c:d9:23:c2:9e:41:
                    0e:f6:41:76:b3:0a:ed:3c:7d:37:40:d6:fd:ba:21:
                    77:f9:e6:ec:52:f2:1a:07:3c:0c:e4:b8:37:d3:59:
                    fd:dd:5d:f0:12:1e:48:f9:45:a8:62:4c:70:b5:83:
                    8c:c2:a3:46:a1:ed:03:8e:e0:a8:fb:31:13:ab:3f:
                    59:11:12:5e:8d:cc:97:10:b2:7e:ae:5b:18:fb:0f:
                    24:cd:e9:98:aa:ce:05:6b:b6:60:12:1d:18:94:dc:
                    18:4e:2e:25:75:79:57:46:41:11:d7:05:f0:0a:33:
                    46:f2:6a:6b:9d:70:21:b5:cc:07:66:da:ae:de:43:
                    08:ea:7d:0c:76:68:e7:b7:0a:41:e1:e4:1b:24:31:
                    b5:70:e0:10:00:dc:18:78:74:93:d0:2a:53:1a:50:
                    7a:3c:70:49:9d:d2:97:0d:02:b7:01:ad:3d:3f:35:
                    97:55:97:db:ed:24:27:04:cf:20:1c:d5:c8:dc:8f:
                    42:ab:ca:65:82:49:0b:a2:be:ca:7e:09:59:e7:0d:
                    85:f5:e5:e9:a3:34:54:0e:e1:64:9f:04:be:a8:78:
                    0b:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:66:40:61:52:E6:E7:DE:66:BE:30:96:E6:26:C6:A3:A9:E1:AD:37
            X509v3 Authority Key Identifier:
                keyid:36:9B:3E:9B:7B:66:E8:F5:BB:97:9A:6E:2F:2E:7A:AC:F5:00:D3:F1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91FB8C8/C44C04528EC911EE9F8E447FC4F9AE02/Nps-m3tm6PW7l5puLy56rPUA0_E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nps-m3tm6PW7l5puLy56rPUA0_E.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FB8C8/C44C04528EC911EE9F8E447FC4F9AE02/CA5B7DA48ECA11EEA3901581C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  36.50.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:0b:3b:42:68:0b:8b:65:d1:b1:80:70:ae:72:5b:ef:a1:6b:
         6f:60:6f:60:0a:03:f7:77:dd:5b:97:3d:8c:fe:1d:f4:98:a5:
         9d:aa:fc:c5:f5:c8:d3:bf:76:56:8b:26:a2:c5:66:e3:ec:70:
         08:86:64:e1:d5:97:73:f3:ab:f5:dd:1f:7c:87:1c:44:2d:e8:
         49:dc:37:f6:f1:40:1b:2b:54:0a:88:92:30:95:eb:e4:7e:00:
         22:04:47:92:a9:63:86:74:7d:ac:6b:bc:24:29:74:56:27:c4:
         14:b9:63:b9:f4:0d:0e:76:7a:a4:7c:cd:f5:a3:21:f8:e8:c7:
         70:29:fd:f4:d3:38:b9:60:aa:4c:6e:83:a6:89:fd:20:ec:32:
         8e:0f:fb:a6:97:37:a2:01:6f:12:fe:20:5c:9a:99:d1:62:62:
         d4:4c:93:3a:6f:3a:17:ce:32:28:c5:88:6e:21:c7:a3:ac:03:
         08:d1:0f:c6:e6:62:6d:b0:d2:ec:d9:cb:ba:46:04:c8:8a:d2:
         a5:df:70:e4:d0:5c:87:b0:0d:c1:90:ec:73:fa:07:12:19:85:
         4a:be:68:90:a1:2d:f0:39:93:17:30:f2:91:33:c6:ed:9a:da:
         4b:9a:2f:0a:1d:31:0b:28:9b:06:13:6b:b6:20:c6:d1:7b:15:
         e3:6e:be:b2
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
QjhDODExMC8GA1UEBRMoMzY5QjNFOUI3QjY2RThGNUJCOTc5QTZFMkYyRTdBQUNG
NTAwRDNGMTAeFw0yMzExMjkxNTIwMTJaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1Njc1NmFjLWY5YjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDIva7ZHTi9gXzZMex0+BJGBQ0qnakfBxXVDSDAdVW6/brtif6XzFzZI8KeQQ72
QXazCu08fTdA1v26IXf55uxS8hoHPAzkuDfTWf3dXfASHkj5RahiTHC1g4zCo0ah
7QOO4Kj7MROrP1kREl6NzJcQsn6uWxj7DyTN6ZiqzgVrtmASHRiU3BhOLiV1eVdG
QRHXBfAKM0byamudcCG1zAdm2q7eQwjqfQx2aOe3CkHh5BskMbVw4BAA3Bh4dJPQ
KlMaUHo8cEmd0pcNArcBrT0/NZdVl9vtJCcEzyAc1cjcj0KrymWCSQuivsp+CVnn
DYX15emjNFQO4WSfBL6oeAu7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU6WZAYVLm
595mvjCW5ibGo6nhrTcwHwYDVR0jBBgwFoAUNps+m3tm6PW7l5puLy56rPUA0/Ew
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZCOEM4L0M0NEMwNDUyOEVD
OTExRUU5RjhFNDQ3RkM0RjlBRTAyL05wcy1tM3RtNlBXN2w1cHVMeTU2clBVQTBf
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTnBzLW0zdG02UFc3bDVwdUx5NTZyUFVBMF9FLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
QjhDOC9DNDRDMDQ1MjhFQzkxMUVFOUY4RTQ0N0ZDNEY5QUUwMi9DQTVCN0RBNDhF
Q0ExMUVFQTM5MDE1ODFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEACQyHjANBgkqhkiG9w0BAQsFAAOCAQEACws7QmgLi2XRsYBw
rnJb76Frb2BvYAoD93fdW5c9jP4d9Jilnar8xfXI0792VosmosVm4+xwCIZk4dWX
c/Or9d0ffIccRC3oSdw39vFAGytUCoiSMJXr5H4AIgRHkqljhnR9rGu8JCl0VifE
FLljufQNDnZ6pHzN9aMh+OjHcCn99NM4uWCqTG6Dpon9IOwyjg/7ppc3ogFvEv4g
XJqZ0WJi1EyTOm86F84yKMWIbiHHo6wDCNEPxuZibbDS7NnLukYEyIrSpd9w5NBc
h7ANwZDsc/oHEhmFSr5okKEt8DmTFzDykTPG7ZraS5ovCh0xCyibBhNrtiDG0XsV
426+sg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:13:27 2024 by rpki-client on console-ams.rpki-client.org