Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/9461B15C144611EBA5418244C4F9AE02.roa
File:                     9461B15C144611EBA5418244C4F9AE02.roa (raw, json)
Hash identifier:          87UndhyiqgPCd0jBD/hDe7TxAJrcB8O1DjG1QmswGbM=
Subject key identifier:   BB:C9:12:A5:B0:6B:A8:ED:A4:3A:3B:7E:32:41:C9:41:E0:E5:D0:B7
Certificate issuer:       /CN=A91275FD/serialNumber=5EBDD4D5F36C6AA59B012C9E899AAD3C27EAD8ED
Certificate serial:       21EF
Authority key identifier: 5E:BD:D4:D5:F3:6C:6A:A5:9B:01:2C:9E:89:9A:AD:3C:27:EA:D8:ED
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Xr3U1fNsaqWbASyeiZqtPCfq2O0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/9461B15C144611EBA5418244C4F9AE02.roa
Signing time:             Tue 26 Apr 2022 04:22:23 +0000
ROA not before:           Tue 26 Apr 2022 04:22:23 +0000
ROA not after:            Sun 30 Jul 2023 00:00:00 +0000
asID:                     23944
IP address blocks:        130.105.0.0/16 maxlen: 16
                          130.105.0.0/22 maxlen: 22
                          130.105.0.0/24 maxlen: 24
                          130.105.1.0/24 maxlen: 24
                          130.105.4.0/22 maxlen: 22
                          130.105.8.0/22 maxlen: 22
                          130.105.12.0/22 maxlen: 22
                          130.105.16.0/22 maxlen: 22
                          130.105.20.0/22 maxlen: 22
                          130.105.24.0/22 maxlen: 22
                          130.105.28.0/22 maxlen: 22
                          130.105.32.0/22 maxlen: 22
                          130.105.36.0/22 maxlen: 22
                          130.105.40.0/22 maxlen: 22
                          130.105.44.0/22 maxlen: 22
                          130.105.48.0/22 maxlen: 22
                          130.105.52.0/22 maxlen: 22
                          130.105.56.0/22 maxlen: 22
                          130.105.60.0/22 maxlen: 22
                          130.105.64.0/22 maxlen: 22
                          130.105.68.0/22 maxlen: 22
                          130.105.72.0/22 maxlen: 22
                          130.105.76.0/22 maxlen: 22
                          130.105.80.0/22 maxlen: 22
                          130.105.84.0/22 maxlen: 22
                          130.105.88.0/22 maxlen: 22
                          130.105.92.0/22 maxlen: 22
                          130.105.96.0/22 maxlen: 22
                          130.105.100.0/22 maxlen: 22
                          130.105.104.0/22 maxlen: 22
                          130.105.108.0/22 maxlen: 22
                          130.105.112.0/22 maxlen: 22
                          130.105.116.0/22 maxlen: 22
                          130.105.120.0/22 maxlen: 22
                          130.105.124.0/22 maxlen: 22
                          130.105.128.0/22 maxlen: 22
                          130.105.132.0/22 maxlen: 22
                          130.105.136.0/22 maxlen: 22
                          130.105.140.0/22 maxlen: 22
                          130.105.144.0/22 maxlen: 22
                          130.105.148.0/22 maxlen: 22
                          130.105.152.0/22 maxlen: 22
                          130.105.154.0/24 maxlen: 24
                          130.105.156.0/22 maxlen: 22
                          130.105.160.0/22 maxlen: 22
                          130.105.164.0/22 maxlen: 22
                          130.105.168.0/22 maxlen: 22
                          130.105.172.0/22 maxlen: 22
                          130.105.176.0/22 maxlen: 22
                          130.105.180.0/22 maxlen: 22
                          130.105.184.0/22 maxlen: 22
                          130.105.188.0/22 maxlen: 22
                          130.105.192.0/22 maxlen: 22
                          130.105.196.0/22 maxlen: 22
                          130.105.200.0/22 maxlen: 22
                          130.105.204.0/22 maxlen: 22
                          130.105.208.0/22 maxlen: 22
                          130.105.212.0/22 maxlen: 22
                          130.105.216.0/22 maxlen: 22
                          130.105.220.0/22 maxlen: 22
                          130.105.224.0/22 maxlen: 22
                          130.105.228.0/22 maxlen: 22
                          130.105.232.0/22 maxlen: 22
                          130.105.236.0/22 maxlen: 22
                          130.105.240.0/22 maxlen: 22
                          130.105.244.0/22 maxlen: 22
                          130.105.248.0/22 maxlen: 22
                          130.105.252.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/Xr3U1fNsaqWbASyeiZqtPCfq2O0.crl
                          rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/Xr3U1fNsaqWbASyeiZqtPCfq2O0.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Xr3U1fNsaqWbASyeiZqtPCfq2O0.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 21 Mar 2023 16:14:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8687 (0x21ef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91275FD/serialNumber=5EBDD4D5F36C6AA59B012C9E899AAD3C27EAD8ED
        Validity
            Not Before: Apr 26 04:22:23 2022 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=6267737e-e818
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:41:59:b4:c1:d3:65:db:79:30:e8:cc:2a:a7:
                    e4:5b:57:e5:a4:69:dc:9b:48:be:85:ad:87:8e:a4:
                    8d:6f:51:0a:bf:d8:66:22:a8:9d:e5:2e:1b:69:95:
                    30:f3:49:8a:66:cf:ba:ee:eb:c6:da:dc:e2:59:4e:
                    e9:5c:54:48:c5:51:fa:66:c5:f5:87:73:cd:ce:9c:
                    58:18:d5:6d:13:1f:2f:18:2e:67:19:36:96:f3:21:
                    0c:cf:ea:7f:e7:3b:a9:c3:19:8f:4f:7c:ec:1e:f1:
                    80:e8:d3:00:9d:e9:62:59:11:70:8b:b2:40:fc:3f:
                    93:d7:92:d2:4f:55:5d:51:d1:62:f0:f3:44:0a:d1:
                    2a:da:73:91:89:a7:83:9e:3a:6b:15:78:95:8e:62:
                    31:de:05:6e:46:47:9e:2b:e7:4d:0b:ad:65:55:3a:
                    f9:27:2e:f5:a4:c5:69:94:54:f1:61:00:14:ec:41:
                    5c:a6:ea:47:12:93:89:6e:28:82:87:f6:46:57:58:
                    f8:94:78:b8:2a:c1:36:37:2e:27:2f:b6:64:4d:18:
                    2e:c0:c6:bd:3d:77:13:dc:a8:fe:81:40:fb:ad:64:
                    87:66:42:53:07:92:f4:f5:54:0a:e2:60:ec:4a:c7:
                    c9:ff:92:a3:dc:02:46:34:df:34:20:e9:6c:90:83:
                    39:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                BB:C9:12:A5:B0:6B:A8:ED:A4:3A:3B:7E:32:41:C9:41:E0:E5:D0:B7
            X509v3 Authority Key Identifier: 
                keyid:5E:BD:D4:D5:F3:6C:6A:A5:9B:01:2C:9E:89:9A:AD:3C:27:EA:D8:ED

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/Xr3U1fNsaqWbASyeiZqtPCfq2O0.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Xr3U1fNsaqWbASyeiZqtPCfq2O0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/9461B15C144611EBA5418244C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.105.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         93:bb:f2:dd:31:f1:f2:ee:01:61:88:e5:55:22:b1:0e:4a:46:
         b0:66:d0:5d:56:06:cc:51:eb:e2:bc:ad:77:0f:bf:03:eb:38:
         2a:54:64:cd:bc:7f:b9:e3:eb:56:c0:a7:97:01:19:99:fd:cb:
         bc:36:c4:9a:ab:b4:fb:08:50:cd:66:ef:e7:88:7c:ff:9b:63:
         70:2b:2e:09:1a:15:f9:8f:ff:02:ee:14:a0:97:47:25:8b:38:
         c5:f1:94:c0:03:ed:1a:f3:33:2f:9c:74:fe:42:6e:d0:77:0b:
         41:47:18:82:b9:ba:2c:af:c3:9b:8f:0d:2a:91:92:29:9f:02:
         d3:0e:00:e1:1d:96:e3:50:2c:2c:90:6a:41:9b:0b:aa:ed:87:
         7a:fd:7d:6f:91:8d:bf:22:78:0c:3c:ee:a0:f6:88:d0:a8:96:
         3c:66:cf:47:9d:63:cc:cf:00:ba:29:7c:76:a1:cb:17:c5:2d:
         42:63:45:40:aa:d6:c5:d1:36:3c:bb:d6:a3:11:7b:59:db:ea:
         62:84:5f:3a:70:39:44:8b:1c:f9:bb:5f:a0:30:0a:bc:ed:f9:
         7a:ce:92:12:93:cf:81:96:75:fb:3c:1c:80:03:b8:71:92:bf:
         aa:1d:06:19:e5:22:a3:28:1b:75:4c:36:e9:09:c4:04:29:6e:
         7a:bf:2c:48
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICIe8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjc1RkQxMTAvBgNVBAUTKDVFQkRENEQ1RjM2QzZBQTU5QjAxMkM5RTg5OUFBRDND
MjdFQUQ4RUQwHhcNMjIwNDI2MDQyMjIzWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjY3NzM3ZS1lODE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzUFZtMHTZdt5MOjMKqfkW1flpGncm0i+ha2HjqSNb1EKv9hmIqid5S4baZUw
80mKZs+67uvG2tziWU7pXFRIxVH6ZsX1h3PNzpxYGNVtEx8vGC5nGTaW8yEMz+p/
5zupwxmPT3zsHvGA6NMAneliWRFwi7JA/D+T15LST1VdUdFi8PNECtEq2nORiaeD
njprFXiVjmIx3gVuRkeeK+dNC61lVTr5Jy71pMVplFTxYQAU7EFcpupHEpOJbiiC
h/ZGV1j4lHi4KsE2Ny4nL7ZkTRguwMa9PXcT3Kj+gUD7rWSHZkJTB5L09VQK4mDs
SsfJ/5Kj3AJGNN80IOlskIM59QIDAQABo4IClDCCApAwHQYDVR0OBBYEFLvJEqWw
a6jtpDo7fjJByUHg5dC3MB8GA1UdIwQYMBaAFF691NXzbGqlmwEsnomarTwn6tjt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzVGRC9GNDhBRDEyMjI2
RDkxMUU1QjI0REE2MzNDNEY5QUUwMi9YcjNVMWZOc2FxV2JBU3llaVpxdFBDZnEy
TzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1hyM1UxZk5zYXFXYkFTeWVpWnF0UENmcTJPMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjc1RkQvRjQ4QUQxMjIyNkQ5MTFFNUIyNERBNjMzQzRGOUFFMDIvOTQ2MUIxNUMx
NDQ2MTFFQkE1NDE4MjQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwCCaTANBgkqhkiG9w0BAQsFAAOCAQEAk7vy3THx8u4BYYjl
VSKxDkpGsGbQXVYGzFHr4rytdw+/A+s4KlRkzbx/uePrVsCnlwEZmf3LvDbEmqu0
+whQzWbv54h8/5tjcCsuCRoV+Y//Au4UoJdHJYs4xfGUwAPtGvMzL5x0/kJu0HcL
QUcYgrm6LK/Dm48NKpGSKZ8C0w4A4R2W41AsLJBqQZsLqu2Hev19b5GNvyJ4DDzu
oPaI0KiWPGbPR51jzM8Auil8dqHLF8UtQmNFQKrWxdE2PLvWoxF7WdvqYoRfOnA5
RIsc+btfoDAKvO35es6SEpPPgZZ1+zwcgAO4cZK/qh0GGeUioygbdUw26QnEBClu
er8sSA==
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:53:14 2023 by rpki-client on console-fra.rpki-client.org