Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912383B/F4BD5008E02311EA9922DE42C4F9AE02/E1E4F9902A6011EB8DEF2641C4F9AE02.roa
File:                     E1E4F9902A6011EB8DEF2641C4F9AE02.roa (raw, json)
Hash identifier:          TIn3DaLBv0q5rYMtlQ1SpPtEBdTq2Jlnj4Km/ZSeUtw=
Subject key identifier:   6D:52:14:6D:81:53:6D:A9:13:0F:EA:A3:94:07:5C:C3:29:7D:95:8A
Certificate issuer:       /CN=A912383B/serialNumber=0727AAC5B8CF7FE68CCD6DE77F6C8B46D574FAA7
Certificate serial:       0767
Authority key identifier: 07:27:AA:C5:B8:CF:7F:E6:8C:CD:6D:E7:7F:6C:8B:46:D5:74:FA:A7
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ByeqxbjPf-aMzW3nf2yLRtV0-qc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912383B/F4BD5008E02311EA9922DE42C4F9AE02/E1E4F9902A6011EB8DEF2641C4F9AE02.roa
Signing time:             Thu 04 Apr 2024 23:01:49 +0000
ROA not before:           Thu 04 Apr 2024 23:01:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     17675
IP address blocks:        149.234.185.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A912383B/F4BD5008E02311EA9922DE42C4F9AE02/ByeqxbjPf-aMzW3nf2yLRtV0-qc.crl
                          rsync://rpki.apnic.net/member_repository/A912383B/F4BD5008E02311EA9922DE42C4F9AE02/ByeqxbjPf-aMzW3nf2yLRtV0-qc.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ByeqxbjPf-aMzW3nf2yLRtV0-qc.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 27 Nov 2024 19:45:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1895 (0x767)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912383B/serialNumber=0727AAC5B8CF7FE68CCD6DE77F6C8B46D574FAA7
        Validity
            Not Before: Apr  4 23:01:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=660f315c-0481
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:70:a2:d5:84:af:f9:98:17:30:1d:71:a9:a9:
                    c7:f6:9b:94:03:c1:5a:1d:d0:50:54:34:1e:62:8e:
                    29:0e:1e:76:86:0e:0f:1f:7c:7b:6c:3c:df:e0:c4:
                    78:f9:9d:e4:0e:84:61:a4:2d:74:89:92:79:ce:17:
                    36:93:51:5a:b6:6f:72:b2:cb:fb:f5:83:6a:4f:93:
                    46:f0:6f:91:21:9b:d8:90:5e:26:7a:32:7c:a3:8c:
                    91:79:46:5d:dd:09:ba:2e:f9:e7:09:21:67:2b:ac:
                    fd:9e:c1:d8:31:07:ee:9a:6a:c0:45:e9:80:e0:31:
                    a8:ff:0d:75:c5:1e:de:12:c6:eb:5b:db:88:53:78:
                    e7:9c:77:d0:92:7e:f4:87:67:d0:3a:a6:00:b8:cd:
                    39:6b:f6:d1:0d:89:1f:f3:98:e9:1f:d1:c5:db:b9:
                    64:b8:6f:54:6c:69:3a:ae:54:44:6b:be:91:5d:5d:
                    25:57:04:bd:63:ca:12:9e:df:ae:e0:f4:1d:7f:8d:
                    dc:9a:db:40:95:f3:60:1c:b0:cc:a5:b2:58:97:ef:
                    b8:71:ed:02:50:12:0f:5c:86:04:ec:30:7f:35:80:
                    df:72:3a:33:5d:87:0e:a2:c3:46:cc:1f:f9:07:d3:
                    bc:85:8c:0d:57:8c:5a:9d:d2:c4:b2:ef:a9:c0:26:
                    77:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:52:14:6D:81:53:6D:A9:13:0F:EA:A3:94:07:5C:C3:29:7D:95:8A
            X509v3 Authority Key Identifier:
                keyid:07:27:AA:C5:B8:CF:7F:E6:8C:CD:6D:E7:7F:6C:8B:46:D5:74:FA:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912383B/F4BD5008E02311EA9922DE42C4F9AE02/ByeqxbjPf-aMzW3nf2yLRtV0-qc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ByeqxbjPf-aMzW3nf2yLRtV0-qc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912383B/F4BD5008E02311EA9922DE42C4F9AE02/E1E4F9902A6011EB8DEF2641C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  149.234.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:c2:cd:03:8e:41:80:be:26:04:34:ff:54:1d:24:75:db:6c:
         f0:a8:58:e4:67:a9:9a:26:58:75:30:ca:c4:a9:af:6d:e2:7c:
         ee:d1:2c:99:16:90:c9:3f:d4:de:09:97:82:b0:41:9f:55:93:
         0a:0b:31:3a:b1:db:28:e1:28:0c:9d:13:8e:01:f6:40:37:cf:
         80:68:a6:99:3e:f1:35:d4:4e:40:ea:a7:88:64:4b:9e:96:79:
         5d:b1:1b:1d:88:4c:c7:b7:8c:17:71:f2:bb:ef:72:69:ad:e3:
         26:ed:95:71:1e:6a:82:48:b3:26:2d:0a:a8:78:35:a4:c4:e9:
         92:c7:56:c5:e7:65:44:1b:66:5e:d3:2d:34:4c:f1:4d:38:5d:
         5a:eb:c5:4a:ba:21:e6:cb:b3:a2:25:83:c6:36:3c:86:08:3b:
         57:58:07:de:83:b4:ed:e8:83:99:f5:6e:f3:60:ce:88:f6:9f:
         23:35:24:ac:8c:12:3f:06:f4:eb:ea:5e:4f:e2:14:a2:06:54:
         db:52:a5:5f:c4:97:cd:50:ef:69:8b:8c:45:14:b6:47:6d:c6:
         b9:6a:3b:33:26:bf:ea:b0:76:6e:19:e2:bb:b3:1e:04:e2:e2:
         78:c5:85:0f:81:ed:0d:85:e7:53:2a:41:9c:81:39:94:75:c2:
         9a:95:4d:a6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB2cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjM4M0IxMTAvBgNVBAUTKDA3MjdBQUM1QjhDRjdGRTY4Q0NENkRFNzdGNkM4QjQ2
RDU3NEZBQTcwHhcNMjQwNDA0MjMwMTQ4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBmMzE1Yy0wNDgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwnCi1YSv+ZgXMB1xqanH9puUA8FaHdBQVDQeYo4pDh52hg4PH3x7bDzf4MR4
+Z3kDoRhpC10iZJ5zhc2k1Fatm9yssv79YNqT5NG8G+RIZvYkF4mejJ8o4yReUZd
3Qm6LvnnCSFnK6z9nsHYMQfummrARemA4DGo/w11xR7eEsbrW9uIU3jnnHfQkn70
h2fQOqYAuM05a/bRDYkf85jpH9HF27lkuG9UbGk6rlREa76RXV0lVwS9Y8oSnt+u
4PQdf43cmttAlfNgHLDMpbJYl++4ce0CUBIPXIYE7DB/NYDfcjozXYcOosNGzB/5
B9O8hYwNV4xandLEsu+pwCZ3VQIDAQABo4IClTCCApEwHQYDVR0OBBYEFG1SFG2B
U22pEw/qo5QHXMMpfZWKMB8GA1UdIwQYMBaAFAcnqsW4z3/mjM1t539si0bVdPqn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzgzQi9GNEJENTAwOEUw
MjMxMUVBOTkyMkRFNDJDNEY5QUUwMi9CeWVxeGJqUGYtYU16VzNuZjJ5TFJ0VjAt
cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0J5ZXF4YmpQZi1hTXpXM25mMnlMUnRWMC1xYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjM4M0IvRjRCRDUwMDhFMDIzMTFFQTk5MjJERTQyQzRGOUFFMDIvRTFFNEY5OTAy
QTYwMTFFQjhERUYyNjQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACV6rkwDQYJKoZIhvcNAQELBQADggEBAE7CzQOOQYC+JgQ0
/1QdJHXbbPCoWORnqZomWHUwysSpr23ifO7RLJkWkMk/1N4Jl4KwQZ9VkwoLMTqx
2yjhKAydE44B9kA3z4Boppk+8TXUTkDqp4hkS56WeV2xGx2ITMe3jBdx8rvvcmmt
4ybtlXEeaoJIsyYtCqh4NaTE6ZLHVsXnZUQbZl7TLTRM8U04XVrrxUq6IebLs6Il
g8Y2PIYIO1dYB96DtO3og5n1bvNgzoj2nyM1JKyMEj8G9OvqXk/iFKIGVNtSpV/E
l81Q72mLjEUUtkdtxrlqOzMmv+qwdm4Z4ruzHgTi4njFhQ+B7Q2F51MqQZyBOZR1
wpqVTaY=
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:55:36 2024 by rpki-client on console-ams.rpki-client.org