Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9112B4C/7BA542581A7511EAAE19E37AC4F9AE02/A80715221A7711EAA20A077FC4F9AE02.roa
File:                     A80715221A7711EAA20A077FC4F9AE02.roa (raw, json)
Hash identifier:          NtEvnTnXThzBa+0nC6A8IN/IDA6VYX2yo2eaoDvp82A=
Subject key identifier:   BB:F4:6F:56:68:D7:F8:54:26:E8:00:C7:AF:D9:0C:A4:15:0E:65:37
Certificate issuer:       /CN=A9112B4C/serialNumber=12008DBAB78CB31F2994E1484EA3F24274B9D1A8
Certificate serial:       0A40
Authority key identifier: 12:00:8D:BA:B7:8C:B3:1F:29:94:E1:48:4E:A3:F2:42:74:B9:D1:A8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EgCNureMsx8plOFITqPyQnS50ag.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9112B4C/7BA542581A7511EAAE19E37AC4F9AE02/A80715221A7711EAA20A077FC4F9AE02.roa
Signing time:             Wed 08 Mar 2023 20:47:12 +0000
ROA not before:           Wed 08 Mar 2023 20:47:12 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        103.85.213.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9112B4C/7BA542581A7511EAAE19E37AC4F9AE02/EgCNureMsx8plOFITqPyQnS50ag.crl
                          rsync://rpki.apnic.net/member_repository/A9112B4C/7BA542581A7511EAAE19E37AC4F9AE02/EgCNureMsx8plOFITqPyQnS50ag.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EgCNureMsx8plOFITqPyQnS50ag.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 19:51:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2624 (0xa40)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9112B4C/serialNumber=12008DBAB78CB31F2994E1484EA3F24274B9D1A8
        Validity
            Not Before: Mar  8 20:47:12 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=6408f44f-be81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:cd:2e:54:85:53:3e:8d:0e:f5:35:cc:29:12:
                    12:07:5b:0c:29:63:dd:03:9b:a9:a7:0d:a3:00:1d:
                    de:30:b9:0f:84:16:31:64:c7:5d:70:b6:48:fd:00:
                    a3:09:fe:a8:d5:68:d5:3b:c7:83:d0:71:e9:99:66:
                    3a:e0:a6:a0:49:ee:e8:00:78:2c:17:0d:c7:8a:ff:
                    13:27:72:8e:85:66:e0:d1:f3:52:90:39:11:f7:43:
                    2a:b1:e4:03:41:22:ae:ff:a9:4c:76:a5:48:35:94:
                    4c:07:d2:a6:49:03:dd:ae:8d:57:d0:36:2c:71:98:
                    e9:67:7e:af:94:c5:8e:02:63:75:e7:59:b1:79:45:
                    e8:c0:20:8d:31:22:45:3d:2b:e8:62:69:f4:d6:17:
                    b0:6e:76:75:ca:06:95:9d:a4:eb:9c:dd:9d:90:e4:
                    8d:94:4e:26:f9:48:6b:55:70:5b:5f:db:e0:4b:3d:
                    9d:9b:08:be:09:3c:1e:e3:c2:94:c4:b8:5e:6c:f8:
                    c9:c9:13:e6:c6:83:c6:d2:81:b8:45:bf:e5:e5:cf:
                    f9:73:5f:f9:0b:a7:6e:a9:0a:e1:b3:36:28:e0:55:
                    24:28:b2:9a:a4:6f:71:c2:15:cd:07:38:a6:f3:3c:
                    e6:08:f4:b8:7c:ea:b4:fe:e1:98:18:e6:b9:8a:06:
                    fd:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:F4:6F:56:68:D7:F8:54:26:E8:00:C7:AF:D9:0C:A4:15:0E:65:37
            X509v3 Authority Key Identifier:
                keyid:12:00:8D:BA:B7:8C:B3:1F:29:94:E1:48:4E:A3:F2:42:74:B9:D1:A8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9112B4C/7BA542581A7511EAAE19E37AC4F9AE02/EgCNureMsx8plOFITqPyQnS50ag.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EgCNureMsx8plOFITqPyQnS50ag.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9112B4C/7BA542581A7511EAAE19E37AC4F9AE02/A80715221A7711EAA20A077FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.85.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:d4:88:3b:6d:36:2b:e0:34:75:1f:95:23:17:4f:2b:54:a6:
         8d:ba:48:54:2b:78:a5:c2:8b:7f:a1:23:e0:df:14:96:db:11:
         23:35:fc:e6:18:3d:9b:30:5d:78:17:d5:32:4d:34:52:d5:8b:
         53:9a:71:1e:40:f2:c9:51:8e:d3:13:13:d4:5d:28:21:f5:20:
         b6:7c:33:13:30:fd:77:60:8b:5b:f1:08:75:4d:2e:cd:d7:6f:
         f5:3f:10:c4:b7:97:ef:68:d3:83:f9:dd:21:9d:29:57:99:d9:
         cc:40:0e:d6:30:11:72:f6:3e:0e:5f:a9:07:fa:db:37:71:17:
         c7:d4:45:ac:8f:bb:a4:90:89:2a:c6:36:37:50:35:17:51:4e:
         1a:33:a5:49:7e:db:08:ea:5d:b5:30:dc:14:f0:43:00:79:43:
         64:a0:c8:35:d5:19:85:e3:69:39:58:68:68:e7:fd:69:59:2c:
         36:48:33:be:fa:58:34:3f:a1:f8:4f:f2:b3:b3:24:1e:e6:18:
         db:2c:c4:a5:57:ce:51:5c:82:31:71:55:c6:4a:6e:dc:0f:60:
         9c:d0:44:d6:9f:d5:61:fc:aa:9b:6a:54:4f:64:39:a1:53:f5:
         f6:b7:51:cb:f4:d4:42:70:bc:b8:e6:e8:3b:5b:ea:bc:68:93:
         cf:c7:e3:02
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCkAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTJCNEMxMTAvBgNVBAUTKDEyMDA4REJBQjc4Q0IzMUYyOTk0RTE0ODRFQTNGMjQy
NzRCOUQxQTgwHhcNMjMwMzA4MjA0NzEyWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDA4ZjQ0Zi1iZTgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwc0uVIVTPo0O9TXMKRISB1sMKWPdA5uppw2jAB3eMLkPhBYxZMddcLZI/QCj
Cf6o1WjVO8eD0HHpmWY64KagSe7oAHgsFw3Hiv8TJ3KOhWbg0fNSkDkR90MqseQD
QSKu/6lMdqVINZRMB9KmSQPdro1X0DYscZjpZ36vlMWOAmN151mxeUXowCCNMSJF
PSvoYmn01hewbnZ1ygaVnaTrnN2dkOSNlE4m+UhrVXBbX9vgSz2dmwi+CTwe48KU
xLhebPjJyRPmxoPG0oG4Rb/l5c/5c1/5C6duqQrhszYo4FUkKLKapG9xwhXNBzim
8zzmCPS4fOq0/uGYGOa5igb9VwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLv0b1Zo
1/hUJugAx6/ZDKQVDmU3MB8GA1UdIwQYMBaAFBIAjbq3jLMfKZThSE6j8kJ0udGo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMkI0Qy83QkE1NDI1ODFB
NzUxMUVBQUUxOUUzN0FDNEY5QUUwMi9FZ0NOdXJlTXN4OHBsT0ZJVHFQeVFuUzUw
YWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VnQ051cmVNc3g4cGxPRklUcVB5UW5TNTBhZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTJCNEMvN0JBNTQyNTgxQTc1MTFFQUFFMTlFMzdBQzRGOUFFMDIvQTgwNzE1MjIx
QTc3MTFFQUEyMEEwNzdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnVdUwDQYJKoZIhvcNAQELBQADggEBAEzUiDttNivgNHUf
lSMXTytUpo26SFQreKXCi3+hI+DfFJbbESM1/OYYPZswXXgX1TJNNFLVi1OacR5A
8slRjtMTE9RdKCH1ILZ8MxMw/Xdgi1vxCHVNLs3Xb/U/EMS3l+9o04P53SGdKVeZ
2cxADtYwEXL2Pg5fqQf62zdxF8fURayPu6SQiSrGNjdQNRdRThozpUl+2wjqXbUw
3BTwQwB5Q2SgyDXVGYXjaTlYaGjn/WlZLDZIM776WDQ/ofhP8rOzJB7mGNssxKVX
zlFcgjFxVcZKbtwPYJzQRNaf1WH8qptqVE9kOaFT9fa3Ucv01EJwvLjm6Dtb6rxo
k8/H4wI=
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:23:57 2024 by rpki-client on console-fra.rpki-client.org