Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912D99E/46048C70497111E8A7F9A672C4F9AE02/4964556A599A11ED99A5B776C4F9AE02.roa
File:                     4964556A599A11ED99A5B776C4F9AE02.roa (raw, json)
Hash identifier:          9e7ICQ4jW3D1WMroavfa4Tl30ubr7SxEPMasiVYbPNU=
Subject key identifier:   D8:58:95:BB:42:B7:B5:58:FC:86:50:72:C4:44:90:3B:5D:CF:99:51
Certificate issuer:       /CN=A912D99E/serialNumber=CAF0B784B13E1400EEB4225BA22D6F9838824EC3
Certificate serial:       149C
Authority key identifier: CA:F0:B7:84:B1:3E:14:00:EE:B4:22:5B:A2:2D:6F:98:38:82:4E:C3
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yvC3hLE-FADutCJboi1vmDiCTsM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912D99E/46048C70497111E8A7F9A672C4F9AE02/4964556A599A11ED99A5B776C4F9AE02.roa
Signing time:             Sun 30 Jun 2024 17:37:07 +0000
ROA not before:           Sun 30 Jun 2024 17:37:07 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     141452
IP address blocks:        103.114.93.0/24 maxlen: 24
                          103.114.94.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A912D99E/46048C70497111E8A7F9A672C4F9AE02/yvC3hLE-FADutCJboi1vmDiCTsM.crl
                          rsync://rpki.apnic.net/member_repository/A912D99E/46048C70497111E8A7F9A672C4F9AE02/yvC3hLE-FADutCJboi1vmDiCTsM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yvC3hLE-FADutCJboi1vmDiCTsM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 16:51:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5276 (0x149c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912D99E/serialNumber=CAF0B784B13E1400EEB4225BA22D6F9838824EC3
        Validity
            Not Before: Jun 30 17:37:07 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=668197c3-519f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:6f:0c:1a:0a:b5:ab:5c:2a:d4:5f:32:10:92:
                    9d:30:12:d4:18:eb:5f:b3:ba:ff:c8:87:b7:6d:fc:
                    42:ab:2a:fd:ae:5c:f3:fe:ac:79:58:4e:0b:76:6f:
                    b0:42:a6:45:6d:70:a4:fe:b5:89:b1:fc:d9:10:1d:
                    17:93:4c:a0:9b:56:17:78:b6:94:6c:0b:74:03:23:
                    17:1f:5b:1f:ec:32:28:03:a5:ee:71:26:55:e0:d0:
                    b3:0e:72:ec:00:a0:c7:b7:b1:c7:2f:40:cb:5b:ac:
                    cd:09:db:c7:3e:41:ec:2b:f8:88:a0:1e:e9:8f:dd:
                    9a:51:be:63:01:e5:ae:99:41:32:ad:95:96:6d:4a:
                    b3:9f:58:6d:00:28:89:59:64:87:33:69:f2:2a:4b:
                    1e:00:88:48:db:ac:66:cb:a6:de:e4:ee:d3:97:64:
                    e3:a1:61:f2:d0:58:fb:e2:14:18:73:71:6f:7c:20:
                    60:75:23:05:ad:fc:d4:6f:64:c9:cf:3c:19:d7:e3:
                    8a:b9:f3:b4:07:b8:be:c4:11:21:2c:8c:16:90:d3:
                    95:8e:f7:70:91:33:6e:f3:72:73:f9:6e:43:cd:55:
                    1b:48:ff:6f:20:ac:09:22:e9:62:c0:97:10:7c:b3:
                    49:bf:d6:bb:19:a7:9a:5d:18:dc:53:10:ff:c8:fa:
                    69:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:58:95:BB:42:B7:B5:58:FC:86:50:72:C4:44:90:3B:5D:CF:99:51
            X509v3 Authority Key Identifier:
                keyid:CA:F0:B7:84:B1:3E:14:00:EE:B4:22:5B:A2:2D:6F:98:38:82:4E:C3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912D99E/46048C70497111E8A7F9A672C4F9AE02/yvC3hLE-FADutCJboi1vmDiCTsM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yvC3hLE-FADutCJboi1vmDiCTsM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912D99E/46048C70497111E8A7F9A672C4F9AE02/4964556A599A11ED99A5B776C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.114.93.0-103.114.94.255

    Signature Algorithm: sha256WithRSAEncryption
         8c:8d:20:07:65:80:7b:ab:bf:39:30:22:65:87:78:24:08:e7:
         98:e8:7a:af:de:f8:62:39:17:08:3a:12:a2:31:ae:fe:46:5f:
         79:b3:fb:47:f4:08:03:b3:7c:13:e5:de:b6:df:0a:83:c6:20:
         ba:ad:f1:b7:69:a0:63:7a:e2:dd:a6:12:3e:4b:62:56:66:e8:
         98:a2:1a:ae:f8:82:35:58:45:93:18:94:a3:8a:40:39:d7:6e:
         91:b0:57:6a:e0:52:f4:60:65:75:7c:ff:21:85:b7:49:5b:13:
         5a:bb:89:e1:91:c8:fd:71:55:ed:e0:f0:01:cc:f9:c3:f5:7c:
         9a:45:97:d0:8d:f9:d5:d3:a5:77:00:34:8c:1c:a8:c6:42:5a:
         83:19:5b:ff:37:af:7f:91:00:50:fa:04:1c:d7:1a:8b:71:e4:
         4d:12:0b:ea:7c:dd:b6:36:d3:62:6e:37:cf:fe:27:72:48:08:
         66:8d:eb:c0:03:4d:13:a1:73:99:a5:e5:71:4d:16:40:5c:1b:
         81:8b:2a:bd:0b:f3:0d:3f:b7:b1:ff:ab:d1:93:1c:e6:39:b1:
         73:35:19:d8:da:44:70:90:cc:79:13:87:92:cb:cc:c4:f6:c2:
         4d:79:b7:7a:16:cb:c2:cb:22:53:62:af:1e:82:6e:d1:a9:15:
         18:40:ec:26
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICFJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkQ5OUUxMTAvBgNVBAUTKENBRjBCNzg0QjEzRTE0MDBFRUI0MjI1QkEyMkQ2Rjk4
Mzg4MjRFQzMwHhcNMjQwNjMwMTczNzA3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjgxOTdjMy01MTlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA328MGgq1q1wq1F8yEJKdMBLUGOtfs7r/yIe3bfxCqyr9rlzz/qx5WE4Ldm+w
QqZFbXCk/rWJsfzZEB0Xk0ygm1YXeLaUbAt0AyMXH1sf7DIoA6XucSZV4NCzDnLs
AKDHt7HHL0DLW6zNCdvHPkHsK/iIoB7pj92aUb5jAeWumUEyrZWWbUqzn1htACiJ
WWSHM2nyKkseAIhI26xmy6be5O7Tl2TjoWHy0Fj74hQYc3FvfCBgdSMFrfzUb2TJ
zzwZ1+OKufO0B7i+xBEhLIwWkNOVjvdwkTNu83Jz+W5DzVUbSP9vIKwJIuliwJcQ
fLNJv9a7GaeaXRjcUxD/yPppfQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFNhYlbtC
t7VY/IZQcsREkDtdz5lRMB8GA1UdIwQYMBaAFMrwt4SxPhQA7rQiW6Itb5g4gk7D
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRDk5RS80NjA0OEM3MDQ5
NzExMUU4QTdGOUE2NzJDNEY5QUUwMi95dkMzaExFLUZBRHV0Q0pib2kxdm1EaUNU
c00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3l2QzNoTEUtRkFEdXRDSmJvaTF2bURpQ1RzTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkQ5OUUvNDYwNDhDNzA0OTcxMTFFOEE3RjlBNjcyQzRGOUFFMDIvNDk2NDU1NkE1
OTlBMTFFRDk5QTVCNzc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAGdyXQMEAGdyXjANBgkqhkiG9w0BAQsFAAOCAQEAjI0g
B2WAe6u/OTAiZYd4JAjnmOh6r974YjkXCDoSojGu/kZfebP7R/QIA7N8E+Xett8K
g8Yguq3xt2mgY3ri3aYSPktiVmbomKIarviCNVhFkxiUo4pAOddukbBXauBS9GBl
dXz/IYW3SVsTWruJ4ZHI/XFV7eDwAcz5w/V8mkWX0I351dOldwA0jByoxkJagxlb
/zevf5EAUPoEHNcai3HkTRIL6nzdtjbTYm43z/4nckgIZo3rwANNE6FzmaXlcU0W
QFwbgYsqvQvzDT+3sf+r0ZMc5jmxczUZ2NpEcJDMeROHksvMxPbCTXm3ehbLwssi
U2KvHoJu0akVGEDsJg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:49:58 2024 by rpki-client on console-ams.rpki-client.org