Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/F42B1508CA5111EBBAD2D42AC4F9AE02.roa
File:                     F42B1508CA5111EBBAD2D42AC4F9AE02.roa (raw, json)
Hash identifier:          F0MncTmtBu3OcPv/6ENIy6dSWfPgWq9Jnkmi3ma24sY=
Subject key identifier:   A2:97:D5:AD:CC:1A:E8:BF:40:5D:99:A7:EB:B1:FB:1F:C2:38:CE:6C
Certificate issuer:       /CN=A912176D/serialNumber=96F42E19F69D596A0318921590A17DD53233E595
Certificate serial:       06D2
Authority key identifier: 96:F4:2E:19:F6:9D:59:6A:03:18:92:15:90:A1:7D:D5:32:33:E5:95
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lvQuGfadWWoDGJIVkKF91TIz5ZU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/F42B1508CA5111EBBAD2D42AC4F9AE02.roa
Signing time:             Wed 24 Jan 2024 01:08:27 +0000
ROA not before:           Wed 24 Jan 2024 01:08:27 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     55720
IP address blocks:        14.192.67.0/24 maxlen: 24
                          14.192.68.0/24 maxlen: 24
                          14.192.69.0/24 maxlen: 24
                          43.225.36.0/24 maxlen: 24
                          43.225.37.0/24 maxlen: 24
                          43.225.38.0/24 maxlen: 24
                          43.225.39.0/24 maxlen: 24
                          45.116.160.0/24 maxlen: 24
                          45.116.161.0/24 maxlen: 24
                          45.116.162.0/24 maxlen: 24
                          45.116.163.0/24 maxlen: 24
                          45.120.52.0/24 maxlen: 24
                          45.120.53.0/24 maxlen: 24
                          45.120.54.0/24 maxlen: 24
                          45.120.55.0/24 maxlen: 24
                          61.4.96.0/24 maxlen: 24
                          61.4.97.0/24 maxlen: 24
                          61.4.98.0/24 maxlen: 24
                          61.4.99.0/24 maxlen: 24
                          61.4.100.0/22 maxlen: 24
                          61.4.104.0/22 maxlen: 24
                          61.4.108.0/24 maxlen: 24
                          61.4.109.0/24 maxlen: 24
                          61.4.110.0/24 maxlen: 24
                          61.4.111.0/24 maxlen: 24
                          103.4.28.0/24 maxlen: 24
                          103.4.29.0/24 maxlen: 24
                          103.4.30.0/24 maxlen: 24
                          103.4.31.0/24 maxlen: 24
                          103.21.88.0/24 maxlen: 24
                          103.21.89.0/24 maxlen: 24
                          103.21.90.0/24 maxlen: 24
                          103.21.91.0/24 maxlen: 24
                          103.23.46.0/24 maxlen: 24
                          103.23.47.0/24 maxlen: 24
                          103.71.176.0/24 maxlen: 24
                          103.71.177.0/24 maxlen: 24
                          103.71.178.0/24 maxlen: 24
                          103.71.179.0/24 maxlen: 24
                          103.243.212.0/24 maxlen: 24
                          103.243.213.0/24 maxlen: 24
                          103.243.214.0/24 maxlen: 24
                          103.243.215.0/24 maxlen: 24
                          103.246.112.0/24 maxlen: 24
                          103.246.113.0/24 maxlen: 24
                          103.246.114.0/24 maxlen: 24
                          103.246.115.0/24 maxlen: 24
                          118.107.212.0/24 maxlen: 24
                          118.107.213.0/24 maxlen: 24
                          118.107.214.0/24 maxlen: 24
                          118.107.215.0/24 maxlen: 24
                          118.107.216.0/24 maxlen: 24
                          118.107.217.0/24 maxlen: 24
                          118.107.218.0/24 maxlen: 24
                          118.107.219.0/24 maxlen: 24
                          118.107.220.0/24 maxlen: 24
                          118.107.221.0/24 maxlen: 24
                          118.107.222.0/24 maxlen: 24
                          118.107.223.0/24 maxlen: 24
                          150.107.76.0/24 maxlen: 24
                          150.107.77.0/24 maxlen: 24
                          150.107.78.0/24 maxlen: 24
                          150.107.79.0/24 maxlen: 24
                          202.9.36.0/24 maxlen: 24
                          202.9.37.0/24 maxlen: 24
                          202.9.38.0/24 maxlen: 24
                          202.9.39.0/24 maxlen: 24
                          202.73.12.0/24 maxlen: 24
                          202.73.13.0/24 maxlen: 24
                          202.73.14.0/24 maxlen: 24
                          202.73.15.0/24 maxlen: 24
                          202.87.220.0/24 maxlen: 24
                          202.87.221.0/24 maxlen: 24
                          202.87.222.0/24 maxlen: 24
                          202.87.223.0/24 maxlen: 24
                          223.25.240.0/24 maxlen: 24
                          223.25.241.0/24 maxlen: 24
                          223.25.242.0/24 maxlen: 24
                          223.25.243.0/24 maxlen: 24
                          223.25.244.0/24 maxlen: 24
                          223.25.245.0/24 maxlen: 24
                          223.25.246.0/24 maxlen: 24
                          223.25.247.0/24 maxlen: 24
                          2402:9500::/32 maxlen: 32
                          2402:9500::/48 maxlen: 48
                          2402:9500:a00::/48 maxlen: 48
                          2402:9500:b00::/48 maxlen: 48
                          2402:9500:c00::/48 maxlen: 48
                          2402:9500:d00::/48 maxlen: 48
                          2402:9500:1000::/48 maxlen: 48
                          2402:9500:2000::/48 maxlen: 48
                          2402:9500:3000::/48 maxlen: 48
                          2402:9500:4000::/48 maxlen: 48
                          2402:9500:5000::/48 maxlen: 48
                          2402:9500:6000::/48 maxlen: 48
                          2402:9500:7000::/48 maxlen: 48
                          2402:9500:8000::/48 maxlen: 48
                          2402:9500:9000::/48 maxlen: 48
                          2402:9500:e000::/48 maxlen: 48
                          2402:9500:f000::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/lvQuGfadWWoDGJIVkKF91TIz5ZU.crl
                          rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/lvQuGfadWWoDGJIVkKF91TIz5ZU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lvQuGfadWWoDGJIVkKF91TIz5ZU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 22:49:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1746 (0x6d2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912176D/serialNumber=96F42E19F69D596A0318921590A17DD53233E595
        Validity
            Not Before: Jan 24 01:08:27 2024 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=65b0630b-4f53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:13:a0:be:69:69:69:ff:0f:90:25:a7:fb:9b:
                    16:17:ff:17:95:d4:78:92:ee:58:6c:7d:da:8a:54:
                    a8:72:ec:1e:ab:7a:01:e6:80:30:42:7f:9a:74:8d:
                    6a:24:ed:4b:6d:c6:a7:51:2a:a5:a6:15:d2:4e:c6:
                    6e:53:7d:eb:6e:c3:07:d6:d6:22:54:81:a0:18:f7:
                    80:b7:75:db:05:7f:f8:36:95:a6:3b:d6:71:5c:af:
                    22:88:66:3f:4c:5b:47:f3:eb:39:0c:ae:c3:1e:c2:
                    8b:6a:c3:16:a6:68:e7:77:ec:3a:72:3e:23:d4:f4:
                    d9:b4:2b:9d:32:c3:39:b9:7c:cc:40:1c:d7:ad:28:
                    1a:f6:86:b8:f1:02:cc:dc:af:a2:09:8a:01:30:bd:
                    06:1b:02:49:09:61:7a:0b:ae:db:e1:52:56:79:f1:
                    0a:f2:c7:74:46:51:cb:17:b9:70:c4:b4:a7:1e:ea:
                    fa:25:99:f8:34:c4:3a:e9:aa:0a:55:1b:49:15:6d:
                    b7:a9:4e:14:2f:b2:22:d2:29:dd:71:67:ff:ab:a5:
                    44:41:66:34:08:83:21:6c:7e:2c:f8:c6:b3:2c:1c:
                    41:f0:63:80:94:4c:a8:1b:83:46:0e:12:d0:9b:42:
                    8f:05:02:b4:7e:cb:62:f3:88:ae:15:c1:62:fe:c2:
                    a0:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:97:D5:AD:CC:1A:E8:BF:40:5D:99:A7:EB:B1:FB:1F:C2:38:CE:6C
            X509v3 Authority Key Identifier:
                keyid:96:F4:2E:19:F6:9D:59:6A:03:18:92:15:90:A1:7D:D5:32:33:E5:95

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/lvQuGfadWWoDGJIVkKF91TIz5ZU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lvQuGfadWWoDGJIVkKF91TIz5ZU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/F42B1508CA5111EBBAD2D42AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  14.192.67.0-14.192.69.255
                  43.225.36.0/22
                  45.116.160.0/22
                  45.120.52.0/22
                  61.4.96.0/20
                  103.4.28.0/22
                  103.21.88.0/22
                  103.23.46.0/23
                  103.71.176.0/22
                  103.243.212.0/22
                  103.246.112.0/22
                  118.107.212.0-118.107.223.255
                  150.107.76.0/22
                  202.9.36.0/22
                  202.73.12.0/22
                  202.87.220.0/22
                  223.25.240.0/21
                IPv6:
                  2402:9500::/32

    Signature Algorithm: sha256WithRSAEncryption
         83:8e:c4:87:fc:ee:ac:22:03:14:4c:c4:78:d8:40:6e:e4:96:
         6a:c7:3d:f8:aa:dc:0b:10:4d:0f:96:5e:1b:08:ce:6a:14:17:
         f4:1e:7f:41:e2:f9:94:2c:39:9b:11:d2:2b:99:01:cf:e6:81:
         f7:33:24:6e:76:fb:9b:a3:05:4d:3a:78:53:39:ce:22:04:1d:
         a1:f2:a4:2b:1b:a4:0c:a6:c3:b9:41:45:6f:07:2c:88:89:bb:
         85:25:f7:8e:b4:93:cc:e8:10:7d:23:31:db:62:d5:fd:95:44:
         77:36:8d:7f:1b:9d:69:42:a7:30:cb:32:e3:47:6c:f3:f0:9a:
         b5:0f:8c:a1:b0:fb:da:d8:6b:9d:41:9c:ea:b8:ee:fa:51:63:
         50:25:ba:0e:72:86:98:af:6b:9d:e1:57:f8:30:02:14:09:bd:
         e4:4f:69:6c:98:d7:49:7c:4c:d8:27:3a:ca:7c:72:f9:1a:1c:
         76:c3:23:35:7d:21:59:74:24:90:64:ea:06:de:ab:96:bb:89:
         c0:34:77:5c:3c:4c:44:bb:b4:a3:a4:5b:cd:48:d0:e7:20:46:
         85:05:4f:44:0a:36:a1:9e:3a:f1:9a:95:ab:16:28:34:be:14:
         29:32:21:25:51:05:9b:b1:fb:b9:c6:74:4b:b4:3b:e6:a1:08:
         d3:07:32:4b
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgICBtIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjE3NkQxMTAvBgNVBAUTKDk2RjQyRTE5RjY5RDU5NkEwMzE4OTIxNTkwQTE3REQ1
MzIzM0U1OTUwHhcNMjQwMTI0MDEwODI3WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWIwNjMwYi00ZjUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxhOgvmlpaf8PkCWn+5sWF/8XldR4ku5YbH3ailSocuweq3oB5oAwQn+adI1q
JO1LbcanUSqlphXSTsZuU33rbsMH1tYiVIGgGPeAt3XbBX/4NpWmO9ZxXK8iiGY/
TFtH8+s5DK7DHsKLasMWpmjnd+w6cj4j1PTZtCudMsM5uXzMQBzXrSga9oa48QLM
3K+iCYoBML0GGwJJCWF6C67b4VJWefEK8sd0RlHLF7lwxLSnHur6JZn4NMQ66aoK
VRtJFW23qU4UL7Ii0indcWf/q6VEQWY0CIMhbH4s+MazLBxB8GOAlEyoG4NGDhLQ
m0KPBQK0fsti84iuFcFi/sKg8wIDAQABo4IDFzCCAxMwHQYDVR0OBBYEFKKX1a3M
Gui/QF2Zp+ux+x/COM5sMB8GA1UdIwQYMBaAFJb0Lhn2nVlqAxiSFZChfdUyM+WV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMTc2RC85M0QxN0NEMDA2
QTAxMUVCQjQwOTA4NTlDNEY5QUUwMi9sdlF1R2ZhZFdXb0RHSklWa0tGOTFUSXo1
WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2x2UXVHZmFkV1dvREdKSVZrS0Y5MVRJejVaVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjE3NkQvOTNEMTdDRDAwNkEwMTFFQkI0MDkwODU5QzRGOUFFMDIvRjQyQjE1MDhD
QTUxMTFFQkJBRDJENDJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaAGCCsGAQUFBwEHAQH/
BIGQMIGNMHwEAgABMHYwDAMEAA7AQwMEAQ7ARAMEAivhJAMEAi10oAMEAi14NAME
BD0EYAMEAmcEHAMEAmcVWAMEAWcXLgMEAmdHsAMEAmfz1AMEAmf2cDAMAwQCdmvU
AwQFdmvAAwQClmtMAwQCygkkAwQCykkMAwQCylfcAwQD3xnwMA0EAgACMAcDBQAk
ApUAMA0GCSqGSIb3DQEBCwUAA4IBAQCDjsSH/O6sIgMUTMR42EBu5JZqxz34qtwL
EE0Pll4bCM5qFBf0Hn9B4vmULDmbEdIrmQHP5oH3MyRudvubowVNOnhTOc4iBB2h
8qQrG6QMpsO5QUVvByyIibuFJfeOtJPM6BB9IzHbYtX9lUR3No1/G51pQqcwyzLj
R2zz8Jq1D4yhsPva2GudQZzquO76UWNQJboOcoaYr2ud4Vf4MAIUCb3kT2lsmNdJ
fEzYJzrKfHL5Ghx2wyM1fSFZdCSQZOoG3quWu4nANHdcPExEu7SjpFvNSNDnIEaF
BU9ECjahnjrxmpWrFig0vhQpMiElUQWbsfu5xnRLtDvmoQjTBzJL
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:49:56 2024 by rpki-client on console-ams.rpki-client.org