Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/C5218598F91711EDBB78FE3CC4F9AE02.roa
File:                     C5218598F91711EDBB78FE3CC4F9AE02.roa (raw, json)
Hash identifier:          mgSVJ9RhfUkXGtp5HvopMTmXD6ZFeFneAimUGvO26Pw=
Subject key identifier:   6D:66:3D:4D:11:5F:BF:AD:0B:7C:13:AA:0E:AD:82:AD:B9:EA:93:77
Certificate issuer:       /CN=A91275FD/serialNumber=5EBDD4D5F36C6AA59B012C9E899AAD3C27EAD8ED
Certificate serial:       23A9
Authority key identifier: 5E:BD:D4:D5:F3:6C:6A:A5:9B:01:2C:9E:89:9A:AD:3C:27:EA:D8:ED
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Xr3U1fNsaqWbASyeiZqtPCfq2O0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/C5218598F91711EDBB78FE3CC4F9AE02.roa
Signing time:             Tue 23 May 2023 03:13:21 +0000
ROA not before:           Tue 23 May 2023 03:13:21 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     59348
IP address blocks:        130.105.145.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/Xr3U1fNsaqWbASyeiZqtPCfq2O0.crl
                          rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/Xr3U1fNsaqWbASyeiZqtPCfq2O0.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Xr3U1fNsaqWbASyeiZqtPCfq2O0.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 15:53:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9129 (0x23a9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91275FD/serialNumber=5EBDD4D5F36C6AA59B012C9E899AAD3C27EAD8ED
        Validity
            Not Before: May 23 03:13:21 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=646c2f50-11d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:bd:83:83:8c:e2:29:75:93:46:d0:cf:ef:37:
                    61:7b:bb:c9:a6:e9:aa:6a:68:39:fc:46:6f:3f:d0:
                    1c:f0:f4:b2:b6:cd:89:72:e2:48:e4:6d:dc:59:7d:
                    96:fc:99:51:9c:40:98:15:fe:de:70:5e:78:d0:bf:
                    b4:6a:39:ff:0a:ee:47:1a:8d:5a:9c:cc:35:c9:73:
                    c6:61:38:a8:29:67:b1:76:7b:a3:7b:b7:58:65:19:
                    ca:a3:13:21:99:80:69:7d:b8:e6:ab:55:de:d4:a5:
                    81:f5:9a:ee:d4:00:4e:f1:95:9a:14:e8:a0:c3:24:
                    59:8e:66:e3:ec:e0:ea:f4:8c:76:71:f1:3c:76:0d:
                    da:07:3a:99:97:7f:98:a9:03:d9:0f:ad:ca:21:31:
                    d8:f6:11:07:68:95:49:ce:ff:ff:de:b4:a4:f9:3d:
                    0c:53:30:26:ee:d3:5d:28:24:64:64:ef:aa:ea:0e:
                    74:c2:c2:27:11:bf:52:b4:a6:e3:6f:8d:06:dd:78:
                    5d:f3:3c:39:45:d8:cd:48:69:08:57:7e:cd:7b:06:
                    14:56:dc:4e:7f:48:44:6a:8a:b0:c9:b4:38:a7:50:
                    79:db:1f:e5:94:ec:0b:5a:a6:06:db:ed:95:65:68:
                    53:2b:ac:2c:01:40:cb:be:45:33:c5:b1:85:d1:e4:
                    25:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:66:3D:4D:11:5F:BF:AD:0B:7C:13:AA:0E:AD:82:AD:B9:EA:93:77
            X509v3 Authority Key Identifier:
                keyid:5E:BD:D4:D5:F3:6C:6A:A5:9B:01:2C:9E:89:9A:AD:3C:27:EA:D8:ED

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/Xr3U1fNsaqWbASyeiZqtPCfq2O0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Xr3U1fNsaqWbASyeiZqtPCfq2O0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/C5218598F91711EDBB78FE3CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.105.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:40:69:44:4c:89:c0:f7:8d:cf:fc:c3:7e:c3:55:05:ab:c4:
         d2:86:28:91:94:5b:bf:01:6f:2a:be:49:f4:76:d7:49:50:03:
         37:a1:67:d9:7a:76:84:ee:d1:a1:7d:b0:d8:29:91:6d:51:54:
         d9:7a:3c:8d:9e:a2:65:a4:80:0a:79:a6:ed:63:5f:fd:f4:d7:
         e7:ef:42:af:25:49:15:ae:b5:2e:91:3e:59:4e:f7:10:2c:2a:
         aa:82:1e:c4:79:3d:28:65:f0:1d:14:9a:e1:b6:1f:59:ae:9e:
         b7:2f:70:16:27:b9:c3:f1:6e:a6:d9:4c:01:1a:ba:54:ac:40:
         7a:45:a7:0f:be:06:b4:d8:ba:26:d7:58:f6:d9:85:90:e3:e7:
         c0:32:f0:3b:6f:23:7f:c2:d4:57:98:37:05:f4:cf:ac:d9:24:
         51:23:90:43:1f:27:67:59:5d:34:16:b8:42:5f:4e:e7:84:27:
         19:1c:1d:2a:13:af:0e:d3:79:87:24:5e:c2:32:86:9d:95:82:
         46:c6:3a:e3:16:32:77:06:04:99:f7:b2:6b:a5:00:c5:9c:fc:
         14:7e:13:94:a1:87:ac:d7:85:12:46:fc:af:ba:65:ab:86:a8:
         29:c0:00:dc:d7:fc:1e:ff:61:90:c6:f6:36:aa:d8:d2:bf:f0:
         52:0c:bc:3a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICI6kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjc1RkQxMTAvBgNVBAUTKDVFQkRENEQ1RjM2QzZBQTU5QjAxMkM5RTg5OUFBRDND
MjdFQUQ4RUQwHhcNMjMwNTIzMDMxMzIxWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDZjMmY1MC0xMWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs72Dg4ziKXWTRtDP7zdhe7vJpumqamg5/EZvP9Ac8PSyts2JcuJI5G3cWX2W
/JlRnECYFf7ecF540L+0ajn/Cu5HGo1anMw1yXPGYTioKWexdnuje7dYZRnKoxMh
mYBpfbjmq1Xe1KWB9Zru1ABO8ZWaFOigwyRZjmbj7ODq9Ix2cfE8dg3aBzqZl3+Y
qQPZD63KITHY9hEHaJVJzv//3rSk+T0MUzAm7tNdKCRkZO+q6g50wsInEb9StKbj
b40G3Xhd8zw5RdjNSGkIV37NewYUVtxOf0hEaoqwybQ4p1B52x/llOwLWqYG2+2V
ZWhTK6wsAUDLvkUzxbGF0eQlwQIDAQABo4IClTCCApEwHQYDVR0OBBYEFG1mPU0R
X7+tC3wTqg6tgq256pN3MB8GA1UdIwQYMBaAFF691NXzbGqlmwEsnomarTwn6tjt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzVGRC9GNDhBRDEyMjI2
RDkxMUU1QjI0REE2MzNDNEY5QUUwMi9YcjNVMWZOc2FxV2JBU3llaVpxdFBDZnEy
TzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1hyM1UxZk5zYXFXYkFTeWVpWnF0UENmcTJPMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjc1RkQvRjQ4QUQxMjIyNkQ5MTFFNUIyNERBNjMzQzRGOUFFMDIvQzUyMTg1OThG
OTE3MTFFREJCNzhGRTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACCaZEwDQYJKoZIhvcNAQELBQADggEBABNAaURMicD3jc/8
w37DVQWrxNKGKJGUW78Bbyq+SfR210lQAzehZ9l6doTu0aF9sNgpkW1RVNl6PI2e
omWkgAp5pu1jX/301+fvQq8lSRWutS6RPllO9xAsKqqCHsR5PShl8B0UmuG2H1mu
nrcvcBYnucPxbqbZTAEaulSsQHpFpw++BrTYuibXWPbZhZDj58Ay8DtvI3/C1FeY
NwX0z6zZJFEjkEMfJ2dZXTQWuEJfTueEJxkcHSoTrw7TeYckXsIyhp2VgkbGOuMW
MncGBJn3smulAMWc/BR+E5Shh6zXhRJG/K+6ZauGqCnAANzX/B7/YZDG9jaq2NK/
8FIMvDo=
-----END CERTIFICATE-----
Generated at Thu Mar 28 18:54:02 2024 by rpki-client on console-ams.rpki-client.org