Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9110AD1/5A83A58482CE11EBBB694F87C4F9AE02/5F38A4F082D611EB802C1A55C4F9AE02.roa
File:                     5F38A4F082D611EB802C1A55C4F9AE02.roa (raw, json)
Hash identifier:          UOjR0c6GhcTb/ztzkw/K5+yS24Iwi0A/h+4yO2s04cE=
Subject key identifier:   18:53:EB:D0:8A:70:7B:4B:2A:81:10:0F:68:43:43:FD:48:05:D9:0C
Certificate issuer:       /CN=A9110AD1/serialNumber=5854C6D886AE80570ECE62474D54199C4E829CAB
Certificate serial:       05A0
Authority key identifier: 58:54:C6:D8:86:AE:80:57:0E:CE:62:47:4D:54:19:9C:4E:82:9C:AB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WFTG2IaugFcOzmJHTVQZnE6CnKs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9110AD1/5A83A58482CE11EBBB694F87C4F9AE02/5F38A4F082D611EB802C1A55C4F9AE02.roa
Signing time:             Sat 11 May 2024 00:33:59 +0000
ROA not before:           Sat 11 May 2024 00:33:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     64090
IP address blocks:        203.13.41.0/24 maxlen: 24
                          2001:df6:3980::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9110AD1/5A83A58482CE11EBBB694F87C4F9AE02/WFTG2IaugFcOzmJHTVQZnE6CnKs.crl
                          rsync://rpki.apnic.net/member_repository/A9110AD1/5A83A58482CE11EBBB694F87C4F9AE02/WFTG2IaugFcOzmJHTVQZnE6CnKs.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WFTG2IaugFcOzmJHTVQZnE6CnKs.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1440 (0x5a0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9110AD1/serialNumber=5854C6D886AE80570ECE62474D54199C4E829CAB
        Validity
            Not Before: May 11 00:33:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=663ebcf7-592b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:e6:ba:54:8a:b9:a2:60:db:38:70:24:5f:80:
                    c6:d2:3f:0b:27:21:12:41:c4:39:58:a4:6c:f0:c2:
                    ef:36:37:08:20:08:ac:6f:64:9b:0e:8c:f6:44:53:
                    87:03:e5:dc:bb:0c:75:23:46:d8:01:1f:78:13:d9:
                    d0:0c:06:05:c9:8a:59:96:72:0e:f7:e8:c0:b1:67:
                    4e:9d:f0:b5:eb:f3:87:9f:eb:86:fd:64:00:e9:e7:
                    19:7e:58:aa:4c:fb:f9:8f:24:a7:bc:84:ae:bf:1b:
                    e2:d7:9e:bf:71:1d:ea:f1:78:c8:ae:87:c8:43:77:
                    8c:87:35:1f:5f:f1:d7:2a:cc:0a:8f:f7:a2:65:70:
                    4f:e4:a5:e5:05:42:7f:76:f2:06:a0:17:a6:8a:32:
                    ae:7d:fb:09:5d:54:c4:61:33:96:bc:49:2d:3c:58:
                    05:a7:de:53:c4:24:d9:b7:4c:b9:a6:7d:a8:10:92:
                    21:27:27:57:19:50:b2:75:91:06:26:5a:18:86:d3:
                    83:8a:4d:d9:9a:48:c0:6f:00:bf:a7:0b:11:06:64:
                    1c:95:2b:1f:ad:53:3f:44:57:dc:7f:c6:d4:e6:c8:
                    4e:35:b1:2f:59:08:44:72:4f:a2:0a:f0:f4:b2:4f:
                    b6:5a:2c:81:12:11:17:22:db:3d:da:ac:1c:45:01:
                    8a:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:53:EB:D0:8A:70:7B:4B:2A:81:10:0F:68:43:43:FD:48:05:D9:0C
            X509v3 Authority Key Identifier:
                keyid:58:54:C6:D8:86:AE:80:57:0E:CE:62:47:4D:54:19:9C:4E:82:9C:AB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9110AD1/5A83A58482CE11EBBB694F87C4F9AE02/WFTG2IaugFcOzmJHTVQZnE6CnKs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WFTG2IaugFcOzmJHTVQZnE6CnKs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9110AD1/5A83A58482CE11EBBB694F87C4F9AE02/5F38A4F082D611EB802C1A55C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.13.41.0/24
                IPv6:
                  2001:df6:3980::/48

    Signature Algorithm: sha256WithRSAEncryption
         88:01:fe:08:0f:1d:a0:96:b0:53:d1:80:90:43:81:5d:a1:21:
         42:2c:c6:a9:02:dd:cc:90:4f:e0:16:88:7a:32:1d:2b:c2:96:
         16:5e:0d:ef:2f:25:85:75:ff:77:b7:a8:98:9e:ac:9b:2d:b1:
         24:f1:02:7e:60:22:0c:a9:7b:a4:f5:58:50:ed:41:27:14:a8:
         07:12:3c:f0:a7:8e:64:7b:4a:94:1d:10:bf:f8:fa:2c:92:ff:
         29:ae:d5:47:12:da:f4:2c:e0:79:ac:4c:1d:8f:23:1a:a1:75:
         6d:05:da:1c:65:e3:97:0b:a4:3b:13:1c:14:82:9d:99:28:c1:
         cc:9e:ac:52:46:2f:e2:48:d8:ed:ff:7d:ac:34:b9:e3:4e:a7:
         3e:3b:0b:4d:d9:8a:f2:0c:b3:b6:68:13:8d:00:07:c1:57:37:
         1a:c8:e2:0b:11:ce:4d:e1:d6:89:3a:c8:21:6b:71:e4:90:3b:
         e4:db:81:03:1c:f3:88:a1:28:56:6a:59:4a:bd:35:fd:31:57:
         0d:ea:15:59:7a:08:f4:7c:32:07:5f:76:76:0b:e6:a0:99:a9:
         dd:d9:a3:57:6f:c1:6a:33:3f:ca:a5:54:f2:71:ce:a1:ad:d6:
         79:6c:84:5a:28:5f:f8:b3:d7:8f:8d:06:92:ab:ba:57:5c:37:
         04:38:d5:70
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBaAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTBBRDExMTAvBgNVBAUTKDU4NTRDNkQ4ODZBRTgwNTcwRUNFNjI0NzRENTQxOTlD
NEU4MjlDQUIwHhcNMjQwNTExMDAzMzU5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNlYmNmNy01OTJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxea6VIq5omDbOHAkX4DG0j8LJyESQcQ5WKRs8MLvNjcIIAisb2SbDoz2RFOH
A+Xcuwx1I0bYAR94E9nQDAYFyYpZlnIO9+jAsWdOnfC16/OHn+uG/WQA6ecZfliq
TPv5jySnvISuvxvi156/cR3q8XjIrofIQ3eMhzUfX/HXKswKj/eiZXBP5KXlBUJ/
dvIGoBemijKuffsJXVTEYTOWvEktPFgFp95TxCTZt0y5pn2oEJIhJydXGVCydZEG
JloYhtODik3ZmkjAbwC/pwsRBmQclSsfrVM/RFfcf8bU5shONbEvWQhEck+iCvD0
sk+2WiyBEhEXIts92qwcRQGKzQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFBhT69CK
cHtLKoEQD2hDQ/1IBdkMMB8GA1UdIwQYMBaAFFhUxtiGroBXDs5iR01UGZxOgpyr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMEFEMS81QTgzQTU4NDgy
Q0UxMUVCQkI2OTRGODdDNEY5QUUwMi9XRlRHMklhdWdGY096bUpIVFZRWm5FNkNu
S3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dGVEcySWF1Z0ZjT3ptSkhUVlFabkU2Q25Lcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTBBRDEvNUE4M0E1ODQ4MkNFMTFFQkJCNjk0Rjg3QzRGOUFFMDIvNUYzOEE0RjA4
MkQ2MTFFQjgwMkMxQTU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBADLDSkwDwQCAAIwCQMHACABDfY5gDANBgkqhkiG9w0BAQsF
AAOCAQEAiAH+CA8doJawU9GAkEOBXaEhQizGqQLdzJBP4BaIejIdK8KWFl4N7y8l
hXX/d7eomJ6smy2xJPECfmAiDKl7pPVYUO1BJxSoBxI88KeOZHtKlB0Qv/j6LJL/
Ka7VRxLa9CzgeaxMHY8jGqF1bQXaHGXjlwukOxMcFIKdmSjBzJ6sUkYv4kjY7f99
rDS5406nPjsLTdmK8gyztmgTjQAHwVc3GsjiCxHOTeHWiTrIIWtx5JA75NuBAxzz
iKEoVmpZSr01/TFXDeoVWXoI9HwyB192dgvmoJmp3dmjV2/BajM/yqVU8nHOoa3W
eWyEWihf+LPXj40Gkqu6V1w3BDjVcA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:39:22 2024 by rpki-client on console-fra.rpki-client.org