Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91162DE/176794D4155A11EDB0A12720C4F9AE02/C303879E415111EDBC3A1D19C4F9AE02.roa
File:                     C303879E415111EDBC3A1D19C4F9AE02.roa (raw, json)
Hash identifier:          Yr1KNAkLzDpZRegIBEQ2u2eVP4pnvdjTpj7fxC6N4aU=
Subject key identifier:   6C:CA:5F:AD:82:6D:D3:03:00:C0:56:7A:F4:5F:B6:37:BF:F8:51:B9
Certificate issuer:       /CN=A91162DE/serialNumber=DF826CB3BB7A8BB2A11EE4BAE2E087EAC3A721D2
Certificate serial:       012E
Authority key identifier: DF:82:6C:B3:BB:7A:8B:B2:A1:1E:E4:BA:E2:E0:87:EA:C3:A7:21:D2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/34Jss7t6i7KhHuS64uCH6sOnIdI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91162DE/176794D4155A11EDB0A12720C4F9AE02/C303879E415111EDBC3A1D19C4F9AE02.roa
Signing time:             Tue 05 Sep 2023 03:33:29 +0000
ROA not before:           Tue 05 Sep 2023 03:33:29 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     0
IP address blocks:        103.55.161.0/24 maxlen: 24
                          2001:dec:c000::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91162DE/176794D4155A11EDB0A12720C4F9AE02/34Jss7t6i7KhHuS64uCH6sOnIdI.crl
                          rsync://rpki.apnic.net/member_repository/A91162DE/176794D4155A11EDB0A12720C4F9AE02/34Jss7t6i7KhHuS64uCH6sOnIdI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/34Jss7t6i7KhHuS64uCH6sOnIdI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 02:50:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 302 (0x12e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91162DE/serialNumber=DF826CB3BB7A8BB2A11EE4BAE2E087EAC3A721D2
        Validity
            Not Before: Sep  5 03:33:29 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=64f6a189-75db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:3e:2b:44:09:c9:27:59:8c:a7:98:d6:45:0c:
                    99:df:ff:c4:86:2b:3a:da:de:52:c0:b5:df:10:b1:
                    ef:a5:df:39:be:3b:c7:5c:a6:69:01:23:8b:7f:48:
                    a3:a4:61:94:7d:c6:be:f8:6f:0a:5c:c5:61:08:34:
                    57:5a:e9:02:a3:6c:92:be:95:2b:80:ec:ff:e0:a6:
                    34:71:99:33:0f:6a:25:18:c0:e8:e0:2a:9f:ee:86:
                    b3:70:65:6c:8f:45:7d:26:ed:e5:1f:21:e6:bd:6d:
                    2b:da:b6:e9:18:ea:95:27:34:8c:6f:09:61:7d:bc:
                    01:bd:3d:bf:d5:b8:bb:12:84:84:02:85:4e:1c:67:
                    c4:52:55:f9:87:25:73:eb:ad:62:44:f1:5a:c7:f6:
                    a0:a0:b2:e0:cd:66:e4:a6:3d:cf:e7:40:2e:29:a2:
                    0e:b5:9e:11:d9:e0:8d:ec:6a:71:70:9d:0e:06:a6:
                    e4:3d:e6:fd:64:88:ea:e9:5d:54:27:02:b2:33:56:
                    15:3d:fc:83:f5:f1:99:ae:61:7f:d7:71:27:42:92:
                    2c:ec:b9:33:69:9c:3c:bf:c8:10:9c:22:b3:fe:56:
                    51:06:dd:e2:ca:7e:9f:6a:61:e1:87:91:d0:f3:34:
                    48:86:57:2f:1c:e7:93:26:45:b4:4d:7c:a1:2a:0b:
                    d9:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:CA:5F:AD:82:6D:D3:03:00:C0:56:7A:F4:5F:B6:37:BF:F8:51:B9
            X509v3 Authority Key Identifier:
                keyid:DF:82:6C:B3:BB:7A:8B:B2:A1:1E:E4:BA:E2:E0:87:EA:C3:A7:21:D2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91162DE/176794D4155A11EDB0A12720C4F9AE02/34Jss7t6i7KhHuS64uCH6sOnIdI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/34Jss7t6i7KhHuS64uCH6sOnIdI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91162DE/176794D4155A11EDB0A12720C4F9AE02/C303879E415111EDBC3A1D19C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.55.161.0/24
                IPv6:
                  2001:dec:c000::/48

    Signature Algorithm: sha256WithRSAEncryption
         11:d2:27:d1:15:86:44:9e:1c:30:3d:1a:0f:7b:2a:56:44:d6:
         6f:58:04:69:9c:76:a8:c1:02:1a:38:b5:00:b6:63:82:f8:c5:
         3d:4c:3b:d4:ed:8f:61:31:5c:68:bd:7f:49:a1:72:9e:3f:46:
         3b:ad:f5:1b:7f:30:54:f5:08:f6:c1:40:79:33:ae:9e:8a:9f:
         6a:b6:a3:e6:d0:c5:fa:40:61:27:9c:26:fe:81:96:71:c6:d6:
         c3:57:62:96:16:69:c6:c0:5f:8e:c9:af:46:2e:2a:ed:ee:73:
         da:72:77:c5:42:de:1a:05:ff:7c:23:0b:94:a0:2e:9a:62:66:
         78:85:f8:ab:47:49:42:6e:6b:c7:78:20:ca:cf:a9:f6:d2:26:
         77:63:35:a2:ab:67:53:00:3e:7e:e9:b5:2b:0f:b3:69:b2:56:
         1b:b9:ae:46:b4:7c:d6:7f:7d:95:31:68:30:30:3f:02:fa:b8:
         5f:7d:d7:0f:57:40:c1:06:a2:e6:68:f9:21:60:29:aa:95:c0:
         74:f6:4b:55:bb:4d:19:da:b5:20:39:52:a3:65:bb:b0:b3:52:
         b2:45:95:38:ef:d8:29:fa:27:9c:2b:20:fe:f3:c6:ee:7a:40:
         50:d7:00:c0:13:8b:cc:03:dc:bf:bd:5d:e2:e1:25:8e:a6:ea:
         b0:e8:af:27
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAS4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTYyREUxMTAvBgNVBAUTKERGODI2Q0IzQkI3QThCQjJBMTFFRTRCQUUyRTA4N0VB
QzNBNzIxRDIwHhcNMjMwOTA1MDMzMzI5WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY2YTE4OS03NWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5D4rRAnJJ1mMp5jWRQyZ3//Ehis62t5SwLXfELHvpd85vjvHXKZpASOLf0ij
pGGUfca++G8KXMVhCDRXWukCo2ySvpUrgOz/4KY0cZkzD2olGMDo4Cqf7oazcGVs
j0V9Ju3lHyHmvW0r2rbpGOqVJzSMbwlhfbwBvT2/1bi7EoSEAoVOHGfEUlX5hyVz
661iRPFax/agoLLgzWbkpj3P50AuKaIOtZ4R2eCN7GpxcJ0OBqbkPeb9ZIjq6V1U
JwKyM1YVPfyD9fGZrmF/13EnQpIs7LkzaZw8v8gQnCKz/lZRBt3iyn6famHhh5HQ
8zRIhlcvHOeTJkW0TXyhKgvZpwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFGzKX62C
bdMDAMBWevRftje/+FG5MB8GA1UdIwQYMBaAFN+CbLO7eouyoR7kuuLgh+rDpyHS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjJERS8xNzY3OTRENDE1
NUExMUVEQjBBMTI3MjBDNEY5QUUwMi8zNEpzczd0Nmk3S2hIdVM2NHVDSDZzT25J
ZEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzM0SnNzN3Q2aTdLaEh1UzY0dUNINnNPbklkSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTYyREUvMTc2Nzk0RDQxNTVBMTFFREIwQTEyNzIwQzRGOUFFMDIvQzMwMzg3OUU0
MTUxMTFFREJDM0ExRDE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnN6EwDwQCAAIwCQMHACABDezAADANBgkqhkiG9w0BAQsF
AAOCAQEAEdIn0RWGRJ4cMD0aD3sqVkTWb1gEaZx2qMECGji1ALZjgvjFPUw71O2P
YTFcaL1/SaFynj9GO631G38wVPUI9sFAeTOunoqfaraj5tDF+kBhJ5wm/oGWccbW
w1dilhZpxsBfjsmvRi4q7e5z2nJ3xULeGgX/fCMLlKAummJmeIX4q0dJQm5rx3gg
ys+p9tImd2M1oqtnUwA+fum1Kw+zabJWG7muRrR81n99lTFoMDA/Avq4X33XD1dA
wQai5mj5IWApqpXAdPZLVbtNGdq1IDlSo2W7sLNSskWVOO/YKfonnCsg/vPG7npA
UNcAwBOLzAPcv71d4uEljqbqsOivJw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:00:23 2024 by rpki-client on console-fra.rpki-client.org