Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9121188/84BAA06C836311EEBC191B1EC4F9AE02/91FC411C836411EE80C08641C4F9AE02.roa
File:                     91FC411C836411EE80C08641C4F9AE02.roa (raw, json)
Hash identifier:          Ig/coMPIPbPWfq5557ThCTPPOBkbOYZiHHJV9OEcZtI=
Subject key identifier:   21:99:2E:59:80:8C:F3:19:91:75:C8:20:13:31:7A:50:FA:EE:B8:A0
Certificate issuer:       /CN=A9121188/serialNumber=1466407758A8D7B935694896D50275280679AF29
Certificate serial:       98
Authority key identifier: 14:66:40:77:58:A8:D7:B9:35:69:48:96:D5:02:75:28:06:79:AF:29
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FGZAd1io17k1aUiW1QJ1KAZ5ryk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9121188/84BAA06C836311EEBC191B1EC4F9AE02/91FC411C836411EE80C08641C4F9AE02.roa
Signing time:             Tue 03 Sep 2024 06:49:04 +0000
ROA not before:           Tue 03 Sep 2024 06:49:03 +0000
ROA not after:            Mon 01 Dec 2025 00:00:00 +0000
asID:                     151630
IP address blocks:        103.142.84.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9121188/84BAA06C836311EEBC191B1EC4F9AE02/FGZAd1io17k1aUiW1QJ1KAZ5ryk.crl
                          rsync://rpki.apnic.net/member_repository/A9121188/84BAA06C836311EEBC191B1EC4F9AE02/FGZAd1io17k1aUiW1QJ1KAZ5ryk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FGZAd1io17k1aUiW1QJ1KAZ5ryk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 04:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 152 (0x98)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9121188/serialNumber=1466407758A8D7B935694896D50275280679AF29
        Validity
            Not Before: Sep  3 06:49:03 2024 GMT
            Not After : Dec  1 00:00:00 2025 GMT
        Subject: CN=66d6b15f-6daa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:92:9e:67:a6:95:29:d6:d7:7b:ac:01:e2:e1:
                    9c:db:a9:c5:40:54:10:56:27:71:f2:17:4f:89:e6:
                    36:f9:27:99:76:67:01:f4:4b:49:23:b9:ee:d9:b0:
                    4f:b4:c8:69:14:6f:0f:7b:cf:bb:da:3b:26:4d:fe:
                    66:3c:a3:33:05:78:d0:5e:50:f0:70:8c:43:92:2b:
                    03:0d:2b:37:e1:88:f8:9d:43:b6:86:53:00:b3:0e:
                    c9:79:12:6b:a0:d3:1a:25:54:ae:68:d7:22:c7:a4:
                    d8:18:e1:5c:ac:f1:65:46:c6:63:7d:71:7f:47:e8:
                    46:fa:7e:53:de:ec:c6:8a:b9:2c:cb:a1:ac:3f:c6:
                    06:a1:e6:bc:85:e3:92:33:58:cb:63:ff:64:77:2f:
                    ef:0f:50:b9:e2:4e:9c:15:94:b9:de:b9:b0:89:cc:
                    ca:89:54:f4:7a:60:00:d8:91:a7:01:25:a4:63:40:
                    54:9c:58:4a:cf:33:8e:b9:86:66:9c:d4:79:a5:23:
                    3e:6e:2b:4c:46:3c:b6:60:37:48:ce:a1:b4:e0:e9:
                    f0:65:21:73:3d:55:08:48:cc:a7:59:a4:91:40:b3:
                    6a:6c:50:85:6a:07:05:a9:d4:df:85:7d:eb:4a:b4:
                    b3:41:22:ce:2e:cb:a3:8b:7b:ad:3a:95:19:83:de:
                    26:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:99:2E:59:80:8C:F3:19:91:75:C8:20:13:31:7A:50:FA:EE:B8:A0
            X509v3 Authority Key Identifier:
                keyid:14:66:40:77:58:A8:D7:B9:35:69:48:96:D5:02:75:28:06:79:AF:29

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9121188/84BAA06C836311EEBC191B1EC4F9AE02/FGZAd1io17k1aUiW1QJ1KAZ5ryk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FGZAd1io17k1aUiW1QJ1KAZ5ryk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9121188/84BAA06C836311EEBC191B1EC4F9AE02/91FC411C836411EE80C08641C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.142.84.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6a:22:80:41:89:21:80:ae:63:46:ee:51:47:1a:8b:bb:a2:81:
         ec:1c:78:a2:ed:c7:04:af:3e:fb:a5:e6:8f:c2:f9:6f:c1:ff:
         1e:88:ac:f3:1b:30:0c:60:7f:fb:91:26:9d:d3:8f:62:ad:17:
         39:e8:39:ea:98:08:eb:3c:88:c2:48:48:90:5e:1f:22:83:bd:
         42:ed:2f:08:fd:bc:a3:36:d2:07:53:09:14:b2:84:f4:af:86:
         0d:f4:df:7d:10:21:12:a8:89:a0:f0:fd:ff:ca:67:dd:cd:0c:
         50:ad:2e:25:52:be:70:a3:00:d5:f8:6b:50:19:fc:1c:46:38:
         08:a7:77:fd:73:b8:1d:47:36:c8:1e:a4:f9:7e:75:23:23:02:
         3e:88:0b:80:d8:8d:42:a7:d5:cb:40:b7:ab:46:6d:ea:2e:75:
         9b:8b:a4:c5:84:f3:30:73:78:c9:57:2b:e4:04:1a:4f:ba:77:
         3d:42:be:c2:07:ca:00:10:5d:12:67:19:fd:b8:9b:1b:a2:d2:
         6d:3f:ae:e7:aa:70:3e:45:85:87:d5:99:82:f8:d6:cc:42:d0:
         3e:68:e8:ec:fc:cc:ed:32:d5:ad:e6:c3:7e:90:1c:87:f9:68:
         97:7e:b4:60:14:b6:01:e3:ff:ec:73:e6:39:bb:ae:0b:d3:a5:
         2b:6c:1c:7e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAJgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjExODgxMTAvBgNVBAUTKDE0NjY0MDc3NThBOEQ3QjkzNTY5NDg5NkQ1MDI3NTI4
MDY3OUFGMjkwHhcNMjQwOTAzMDY0OTAzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ2YjE1Zi02ZGFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuZKeZ6aVKdbXe6wB4uGc26nFQFQQVidx8hdPieY2+SeZdmcB9EtJI7nu2bBP
tMhpFG8Pe8+72jsmTf5mPKMzBXjQXlDwcIxDkisDDSs34Yj4nUO2hlMAsw7JeRJr
oNMaJVSuaNcix6TYGOFcrPFlRsZjfXF/R+hG+n5T3uzGirksy6GsP8YGoea8heOS
M1jLY/9kdy/vD1C54k6cFZS53rmwiczKiVT0emAA2JGnASWkY0BUnFhKzzOOuYZm
nNR5pSM+bitMRjy2YDdIzqG04OnwZSFzPVUISMynWaSRQLNqbFCFagcFqdTfhX3r
SrSzQSLOLsuji3utOpUZg94mnwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCGZLlmA
jPMZkXXIIBMxelD67rigMB8GA1UdIwQYMBaAFBRmQHdYqNe5NWlIltUCdSgGea8p
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMTE4OC84NEJBQTA2Qzgz
NjMxMUVFQkMxOTFCMUVDNEY5QUUwMi9GR1pBZDFpbzE3azFhVWlXMVFKMUtBWjVy
eWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZHWkFkMWlvMTdrMWFVaVcxUUoxS0FaNXJ5ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjExODgvODRCQUEwNkM4MzYzMTFFRUJDMTkxQjFFQzRGOUFFMDIvOTFGQzQxMUM4
MzY0MTFFRTgwQzA4NjQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnjlQwDQYJKoZIhvcNAQELBQADggEBAGoigEGJIYCuY0bu
UUcai7uigewceKLtxwSvPvul5o/C+W/B/x6IrPMbMAxgf/uRJp3Tj2KtFznoOeqY
COs8iMJISJBeHyKDvULtLwj9vKM20gdTCRSyhPSvhg30330QIRKoiaDw/f/KZ93N
DFCtLiVSvnCjANX4a1AZ/BxGOAind/1zuB1HNsgepPl+dSMjAj6IC4DYjUKn1ctA
t6tGbeoudZuLpMWE8zBzeMlXK+QEGk+6dz1CvsIHygAQXRJnGf24mxui0m0/rueq
cD5FhYfVmYL41sxC0D5o6Oz8zO0y1a3mw36QHIf5aJd+tGAUtgHj/+xz5jm7rgvT
pStsHH4=
-----END CERTIFICATE-----
Generated at Thu Nov 21 05:05:53 2024 by rpki-client on console-fra.rpki-client.org