Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91221EF/6F2FEBD6891F11EA89B6277CC4F9AE02/D3037D06738E11ED8283FF53C4F9AE02.roa
File:                     D3037D06738E11ED8283FF53C4F9AE02.roa (raw, json)
Hash identifier:          sYwVE1L2S9DVLlLPiPsujA+9SMHdkm/oUQt4rK/izSo=
Subject key identifier:   35:20:49:1E:B1:54:96:85:E6:78:1F:C3:1D:12:2A:7B:1A:34:89:0C
Certificate issuer:       /CN=A91221EF/serialNumber=FF900F24BF9A8982D95F8447AA7B9BB4F7AC4639
Certificate serial:       0884
Authority key identifier: FF:90:0F:24:BF:9A:89:82:D9:5F:84:47:AA:7B:9B:B4:F7:AC:46:39
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_5APJL-aiYLZX4RHqnubtPesRjk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91221EF/6F2FEBD6891F11EA89B6277CC4F9AE02/D3037D06738E11ED8283FF53C4F9AE02.roa
Signing time:             Thu 02 Nov 2023 21:28:45 +0000
ROA not before:           Thu 02 Nov 2023 21:28:45 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     138350
IP address blocks:        103.130.207.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91221EF/6F2FEBD6891F11EA89B6277CC4F9AE02/_5APJL-aiYLZX4RHqnubtPesRjk.crl
                          rsync://rpki.apnic.net/member_repository/A91221EF/6F2FEBD6891F11EA89B6277CC4F9AE02/_5APJL-aiYLZX4RHqnubtPesRjk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_5APJL-aiYLZX4RHqnubtPesRjk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 20:06:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2180 (0x884)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91221EF/serialNumber=FF900F24BF9A8982D95F8447AA7B9BB4F7AC4639
        Validity
            Not Before: Nov  2 21:28:45 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=6544148d-6f40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b5:bb:a4:a5:7a:9d:ba:dd:97:33:39:f8:40:
                    1b:db:f7:1e:70:56:6b:be:9a:95:2b:9d:dc:d1:32:
                    b6:82:c2:3b:8a:b6:4b:91:68:67:b4:c3:ab:f4:9a:
                    65:eb:73:36:8f:cb:64:2e:39:8a:8f:7e:fc:0c:6f:
                    0c:62:55:ed:07:b8:9e:8b:85:49:ba:f5:9a:72:8c:
                    21:8e:9c:d4:a0:d7:58:c0:17:0a:a1:ad:9d:3b:b9:
                    9a:0c:aa:6b:c8:25:e3:e9:70:92:48:c1:9f:b5:00:
                    c0:f7:9d:40:6b:47:f9:04:d9:bf:d6:e9:48:44:4f:
                    41:aa:42:07:79:c3:47:58:e0:18:0d:76:46:32:f9:
                    ee:14:a7:aa:d0:6f:53:db:54:ca:d7:9d:e2:8d:a6:
                    7b:fa:ae:eb:d2:7a:da:35:d9:fe:0d:35:5c:6e:a6:
                    2d:cb:6b:00:96:f3:57:a6:02:52:1d:53:84:d8:34:
                    45:61:a2:4f:34:ab:b7:2f:c8:e3:3c:5b:e7:48:e8:
                    29:aa:9d:a5:8f:79:19:c0:37:29:80:7b:fd:b6:4c:
                    20:ee:94:f8:73:7f:71:6d:e6:fc:b7:6d:5a:85:2c:
                    8a:6b:17:37:35:1d:94:b8:78:e3:bf:a0:69:21:73:
                    89:ce:f5:80:ae:31:a8:23:b9:d2:5e:6b:88:14:e5:
                    5a:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:20:49:1E:B1:54:96:85:E6:78:1F:C3:1D:12:2A:7B:1A:34:89:0C
            X509v3 Authority Key Identifier:
                keyid:FF:90:0F:24:BF:9A:89:82:D9:5F:84:47:AA:7B:9B:B4:F7:AC:46:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91221EF/6F2FEBD6891F11EA89B6277CC4F9AE02/_5APJL-aiYLZX4RHqnubtPesRjk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_5APJL-aiYLZX4RHqnubtPesRjk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91221EF/6F2FEBD6891F11EA89B6277CC4F9AE02/D3037D06738E11ED8283FF53C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.130.207.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:45:69:84:ea:e6:6b:1e:de:b4:68:43:3c:ad:04:12:17:f2:
         ef:ee:0d:c3:d6:99:28:8d:d1:44:30:60:49:b1:cb:51:6b:30:
         3a:a0:a7:28:5e:3b:36:c3:1f:c5:0a:55:ed:d0:28:b8:b9:47:
         87:63:0b:17:55:f5:ec:22:cb:f7:03:7c:77:a2:b1:bc:9f:c0:
         c9:76:2e:35:2c:57:31:93:a9:71:78:70:fe:1e:e2:08:23:5a:
         b7:bb:21:cc:55:f6:72:de:3b:30:74:43:95:29:29:6b:3b:3d:
         0b:77:a0:15:9d:05:6d:16:c6:fa:55:4a:d8:8e:5d:5e:c1:3c:
         c6:4f:b8:6c:54:fc:1b:3a:2a:67:33:bd:1a:29:72:47:47:8b:
         7b:9f:c7:1f:64:7d:3c:9a:e4:4d:f3:1d:89:d6:22:6b:bd:51:
         d7:59:31:3c:1b:49:33:57:1a:ae:1e:84:06:d8:e9:b7:c3:ba:
         a3:8c:a0:ce:82:f1:1b:92:7b:e1:08:c6:4e:01:2e:22:1a:7e:
         e7:7f:9a:b6:1e:22:0c:34:d3:4b:78:fe:72:1a:37:86:9b:59:
         d2:76:e6:d4:ef:e7:df:76:cd:86:56:2b:67:bb:42:7e:9d:b5:
         0e:6c:a6:ec:14:6e:55:6e:dd:4e:8f:ae:78:83:25:d4:71:6c:
         07:7b:ea:6c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCIQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjIxRUYxMTAvBgNVBAUTKEZGOTAwRjI0QkY5QTg5ODJEOTVGODQ0N0FBN0I5QkI0
RjdBQzQ2MzkwHhcNMjMxMTAyMjEyODQ1WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ0MTQ4ZC02ZjQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv7W7pKV6nbrdlzM5+EAb2/cecFZrvpqVK53c0TK2gsI7irZLkWhntMOr9Jpl
63M2j8tkLjmKj378DG8MYlXtB7iei4VJuvWacowhjpzUoNdYwBcKoa2dO7maDKpr
yCXj6XCSSMGftQDA951Aa0f5BNm/1ulIRE9BqkIHecNHWOAYDXZGMvnuFKeq0G9T
21TK153ijaZ7+q7r0nraNdn+DTVcbqYty2sAlvNXpgJSHVOE2DRFYaJPNKu3L8jj
PFvnSOgpqp2lj3kZwDcpgHv9tkwg7pT4c39xbeb8t21ahSyKaxc3NR2UuHjjv6Bp
IXOJzvWArjGoI7nSXmuIFOVaqwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDUgSR6x
VJaF5ngfwx0SKnsaNIkMMB8GA1UdIwQYMBaAFP+QDyS/momC2V+ER6p7m7T3rEY5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMjFFRi82RjJGRUJENjg5
MUYxMUVBODlCNjI3N0NDNEY5QUUwMi9fNUFQSkwtYWlZTFpYNFJIcW51YnRQZXNS
amsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL181QVBKTC1haVlMWlg0UkhxbnVidFBlc1Jqay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjIxRUYvNkYyRkVCRDY4OTFGMTFFQTg5QjYyNzdDQzRGOUFFMDIvRDMwMzdEMDY3
MzhFMTFFRDgyODNGRjUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABngs8wDQYJKoZIhvcNAQELBQADggEBAJpFaYTq5mse3rRo
QzytBBIX8u/uDcPWmSiN0UQwYEmxy1FrMDqgpyheOzbDH8UKVe3QKLi5R4djCxdV
9ewiy/cDfHeisbyfwMl2LjUsVzGTqXF4cP4e4ggjWre7IcxV9nLeOzB0Q5UpKWs7
PQt3oBWdBW0WxvpVStiOXV7BPMZPuGxU/Bs6KmczvRopckdHi3ufxx9kfTya5E3z
HYnWImu9UddZMTwbSTNXGq4ehAbY6bfDuqOMoM6C8RuSe+EIxk4BLiIafud/mrYe
Igw000t4/nIaN4abWdJ25tTv5992zYZWK2e7Qn6dtQ5spuwUblVu3U6PrniDJdRx
bAd76mw=
-----END CERTIFICATE-----
Generated at Sun Jun 16 23:12:59 2024 by rpki-client on console-ams.rpki-client.org