Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9115480/96F28AC610DA11ED8A699E32C4F9AE02/D1D6719A10DD11EDBC7EA35FC4F9AE02.roa
File:                     D1D6719A10DD11EDBC7EA35FC4F9AE02.roa (raw, json)
Hash identifier:          frzjCs+Z/Mi4ZDgqYWFwqblODHyg9lLqa7tObDvQ7CE=
Subject key identifier:   A3:8F:16:D0:94:00:41:88:7E:5B:9A:12:E8:6B:69:C5:CD:BD:C4:8A
Certificate issuer:       /CN=A9115480/serialNumber=DBE1130BC7C6DBB2DB7CBBF14E01F6186FFDBD10
Certificate serial:       01EF
Authority key identifier: DB:E1:13:0B:C7:C6:DB:B2:DB:7C:BB:F1:4E:01:F6:18:6F:FD:BD:10
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-ETC8fG27LbfLvxTgH2GG_9vRA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9115480/96F28AC610DA11ED8A699E32C4F9AE02/D1D6719A10DD11EDBC7EA35FC4F9AE02.roa
Signing time:             Tue 17 Sep 2024 01:54:46 +0000
ROA not before:           Tue 17 Sep 2024 01:54:46 +0000
ROA not after:            Fri 31 Oct 2025 00:00:00 +0000
asID:                     139043
IP address blocks:        103.191.122.0/24 maxlen: 24
                          103.191.123.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9115480/96F28AC610DA11ED8A699E32C4F9AE02/2-ETC8fG27LbfLvxTgH2GG_9vRA.crl
                          rsync://rpki.apnic.net/member_repository/A9115480/96F28AC610DA11ED8A699E32C4F9AE02/2-ETC8fG27LbfLvxTgH2GG_9vRA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-ETC8fG27LbfLvxTgH2GG_9vRA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 01:33:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 495 (0x1ef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9115480/serialNumber=DBE1130BC7C6DBB2DB7CBBF14E01F6186FFDBD10
        Validity
            Not Before: Sep 17 01:54:46 2024 GMT
            Not After : Oct 31 00:00:00 2025 GMT
        Subject: CN=66e8e165-f8b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:6e:6f:eb:56:bb:61:e6:94:cd:e4:36:ed:2c:
                    bd:f1:6d:1f:10:71:9e:d8:4a:9f:35:b4:c6:64:f2:
                    3f:1d:57:6e:6f:02:e0:e9:76:7b:0f:34:a9:7b:5c:
                    b9:6a:2d:8f:17:f3:19:95:27:6c:82:b1:a4:f6:57:
                    ab:77:11:7a:a1:b7:77:bb:66:12:0e:ef:ad:50:15:
                    ab:87:6d:d9:2c:4a:f2:24:5f:6d:5c:35:47:fa:29:
                    c5:05:f0:44:55:37:44:98:41:a7:02:5d:c2:26:77:
                    92:29:e9:bb:4f:71:3e:d7:72:32:b7:18:1d:af:92:
                    83:5f:7b:41:22:21:73:3a:66:38:77:07:08:11:9d:
                    9c:70:32:f9:30:7b:0a:0f:8e:e0:b2:2e:87:b9:f0:
                    9f:ec:63:33:e1:39:d1:1d:cb:94:3c:53:09:b3:cb:
                    e0:1a:04:87:ee:92:b3:db:1f:82:c1:0a:8f:b5:af:
                    fb:08:7c:53:70:92:4b:84:eb:3c:8f:d8:50:69:8a:
                    fb:76:f3:86:ff:5e:2b:cc:9f:c1:a8:26:2e:44:28:
                    f9:0f:38:5c:01:b1:5f:97:f6:7d:7c:31:d5:c9:3d:
                    8d:3e:67:e6:57:9e:ff:30:fc:3e:79:93:64:c1:6b:
                    71:d4:b2:87:f7:32:fc:4d:90:f3:96:98:60:b3:2d:
                    82:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:8F:16:D0:94:00:41:88:7E:5B:9A:12:E8:6B:69:C5:CD:BD:C4:8A
            X509v3 Authority Key Identifier:
                keyid:DB:E1:13:0B:C7:C6:DB:B2:DB:7C:BB:F1:4E:01:F6:18:6F:FD:BD:10

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9115480/96F28AC610DA11ED8A699E32C4F9AE02/2-ETC8fG27LbfLvxTgH2GG_9vRA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-ETC8fG27LbfLvxTgH2GG_9vRA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9115480/96F28AC610DA11ED8A699E32C4F9AE02/D1D6719A10DD11EDBC7EA35FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.191.122.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0c:53:06:51:3e:26:06:f9:87:ce:a3:b8:e1:c5:e9:34:7a:f5:
         72:85:7c:5b:30:4f:68:e5:b2:02:39:8d:fd:ef:73:78:a6:43:
         cc:07:ac:fc:bc:f0:61:da:bd:c4:16:87:69:f6:88:30:e8:63:
         ca:6e:eb:ef:3f:70:a1:31:c8:dd:4f:53:cb:aa:ee:71:02:1e:
         91:02:8b:6c:85:a9:61:7e:6f:b8:65:f4:7a:50:63:13:88:e8:
         45:4b:bd:3c:9f:8e:6a:8b:10:c8:86:d1:bf:5c:6c:57:90:22:
         06:48:c4:38:c1:bf:ef:8f:1a:af:9e:ce:80:33:fd:2e:44:ce:
         c1:39:7c:15:5a:cb:6d:72:09:ca:95:c5:06:ec:57:fe:c0:27:
         c4:f5:db:51:c5:cc:62:46:42:a0:ac:61:8a:5e:bc:ba:dd:4b:
         2e:bb:5a:a3:d7:cf:87:cf:6d:f9:30:1b:4f:0b:c8:27:59:fb:
         cd:0e:4c:69:09:39:b2:29:ce:06:34:14:0f:17:b9:d6:75:1c:
         b0:a1:df:38:01:c9:9f:20:d4:1b:36:4c:c5:49:cc:42:a9:a5:
         68:28:7b:4d:a2:bb:cb:77:01:74:b1:06:65:ba:90:5f:06:82:
         2d:09:5c:e2:a4:66:e2:87:f5:45:79:9c:01:ba:4a:3a:77:56:
         23:85:fd:ea
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAe8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTU0ODAxMTAvBgNVBAUTKERCRTExMzBCQzdDNkRCQjJEQjdDQkJGMTRFMDFGNjE4
NkZGREJEMTAwHhcNMjQwOTE3MDE1NDQ2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmU4ZTE2NS1mOGI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8G5v61a7YeaUzeQ27Sy98W0fEHGe2EqfNbTGZPI/HVdubwLg6XZ7DzSpe1y5
ai2PF/MZlSdsgrGk9lerdxF6obd3u2YSDu+tUBWrh23ZLEryJF9tXDVH+inFBfBE
VTdEmEGnAl3CJneSKem7T3E+13Iytxgdr5KDX3tBIiFzOmY4dwcIEZ2ccDL5MHsK
D47gsi6HufCf7GMz4TnRHcuUPFMJs8vgGgSH7pKz2x+CwQqPta/7CHxTcJJLhOs8
j9hQaYr7dvOG/14rzJ/BqCYuRCj5DzhcAbFfl/Z9fDHVyT2NPmfmV57/MPw+eZNk
wWtx1LKH9zL8TZDzlphgsy2C2wIDAQABo4IClTCCApEwHQYDVR0OBBYEFKOPFtCU
AEGIfluaEuhracXNvcSKMB8GA1UdIwQYMBaAFNvhEwvHxtuy23y78U4B9hhv/b0Q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNTQ4MC85NkYyOEFDNjEw
REExMUVEOEE2OTlFMzJDNEY5QUUwMi8yLUVUQzhmRzI3TGJmTHZ4VGdIMkdHXzl2
UkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzItRVRDOGZHMjdMYmZMdnhUZ0gyR0dfOXZSQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTU0ODAvOTZGMjhBQzYxMERBMTFFRDhBNjk5RTMyQzRGOUFFMDIvRDFENjcxOUEx
MEREMTFFREJDN0VBMzVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnv3owDQYJKoZIhvcNAQELBQADggEBAAxTBlE+Jgb5h86j
uOHF6TR69XKFfFswT2jlsgI5jf3vc3imQ8wHrPy88GHavcQWh2n2iDDoY8pu6+8/
cKExyN1PU8uq7nECHpECi2yFqWF+b7hl9HpQYxOI6EVLvTyfjmqLEMiG0b9cbFeQ
IgZIxDjBv++PGq+ezoAz/S5EzsE5fBVay21yCcqVxQbsV/7AJ8T121HFzGJGQqCs
YYpevLrdSy67WqPXz4fPbfkwG08LyCdZ+80OTGkJObIpzgY0FA8XudZ1HLCh3zgB
yZ8g1Bs2TMVJzEKppWgoe02iu8t3AXSxBmW6kF8Ggi0JXOKkZuKH9UV5nAG6Sjp3
ViOF/eo=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:58:32 2024 by rpki-client on console-ams.rpki-client.org