Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9131612/E3B84C8CBE8611E99A6C011FC4F9AE02/279B0372DDF811EAA553705EC4F9AE02.roa
File:                     279B0372DDF811EAA553705EC4F9AE02.roa (raw, json)
Hash identifier:          3WC0Myyrt/lI4+b8R8F5+KcYn/adMapUqVAAHow9r+4=
Subject key identifier:   84:F4:27:86:7F:73:17:D0:EE:BF:4A:A9:9D:F0:62:90:B4:22:64:35
Certificate issuer:       /CN=A9131612/serialNumber=E4E101EEF443150C62110ACAFA881554C089FC53
Certificate serial:       0C63
Authority key identifier: E4:E1:01:EE:F4:43:15:0C:62:11:0A:CA:FA:88:15:54:C0:89:FC:53
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5OEB7vRDFQxiEQrK-ogVVMCJ_FM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9131612/E3B84C8CBE8611E99A6C011FC4F9AE02/279B0372DDF811EAA553705EC4F9AE02.roa
Signing time:             Fri 04 Aug 2023 18:36:17 +0000
ROA not before:           Fri 04 Aug 2023 18:36:17 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        103.24.134.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9131612/E3B84C8CBE8611E99A6C011FC4F9AE02/5OEB7vRDFQxiEQrK-ogVVMCJ_FM.crl
                          rsync://rpki.apnic.net/member_repository/A9131612/E3B84C8CBE8611E99A6C011FC4F9AE02/5OEB7vRDFQxiEQrK-ogVVMCJ_FM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5OEB7vRDFQxiEQrK-ogVVMCJ_FM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 18:26:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3171 (0xc63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9131612/serialNumber=E4E101EEF443150C62110ACAFA881554C089FC53
        Validity
            Not Before: Aug  4 18:36:17 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=64cd4521-79f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:4a:eb:eb:f3:ac:30:40:d6:49:d9:1e:34:f7:
                    7d:80:74:5a:5a:94:5a:ac:8f:1e:7c:88:9e:52:84:
                    33:bf:c3:d7:4d:3b:ce:83:4e:ae:b1:7a:97:f1:63:
                    0c:96:8b:97:28:0d:bd:4f:dd:7a:34:34:78:8d:a2:
                    b4:f1:98:f8:c7:e3:bd:fe:aa:48:54:b4:1a:2c:31:
                    ef:35:af:ff:76:10:94:d1:1e:a3:e3:b3:45:67:1e:
                    9a:81:01:af:16:33:bc:5c:fa:8a:7b:ad:1f:d5:b7:
                    dc:36:8e:5f:63:6d:2d:de:df:b1:60:ca:9c:78:ca:
                    da:5e:82:fd:9e:73:d5:53:d7:9e:7d:76:dd:23:c2:
                    50:ff:7c:ba:5c:9f:3e:72:ef:7a:eb:08:24:4e:ee:
                    bc:d5:92:0f:fb:09:e1:91:8b:9f:e2:ab:5f:80:e0:
                    40:d6:07:3d:08:24:9d:37:ac:96:43:7f:26:02:c3:
                    08:40:38:22:a6:b0:6f:d5:cb:11:a6:fd:af:b9:b9:
                    4e:24:aa:4a:12:23:14:7a:a5:94:e6:8d:30:6e:91:
                    fb:5a:9d:65:e5:73:f1:f5:56:be:4e:5b:4a:5d:88:
                    2d:c6:1f:83:2b:c3:71:4f:ce:47:ad:db:28:3d:37:
                    d5:34:84:77:ee:d1:af:b3:ed:2f:35:78:23:66:c5:
                    14:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:F4:27:86:7F:73:17:D0:EE:BF:4A:A9:9D:F0:62:90:B4:22:64:35
            X509v3 Authority Key Identifier:
                keyid:E4:E1:01:EE:F4:43:15:0C:62:11:0A:CA:FA:88:15:54:C0:89:FC:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9131612/E3B84C8CBE8611E99A6C011FC4F9AE02/5OEB7vRDFQxiEQrK-ogVVMCJ_FM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5OEB7vRDFQxiEQrK-ogVVMCJ_FM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131612/E3B84C8CBE8611E99A6C011FC4F9AE02/279B0372DDF811EAA553705EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.24.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:af:0b:29:4a:56:29:a4:f1:d8:3a:f1:db:d1:e9:12:69:98:
         23:46:5b:fd:1a:d4:84:dc:99:39:28:65:4f:19:8e:b0:ca:0c:
         f4:cf:9b:17:57:7e:7c:d7:06:07:46:55:c7:16:86:a1:0b:2e:
         b6:f5:40:2c:3f:93:4f:06:4f:59:3d:24:31:01:13:15:d0:99:
         16:c2:7f:be:67:27:23:ed:fe:46:be:98:78:30:7e:99:5d:d4:
         eb:24:a3:07:f4:20:87:d4:e4:83:59:f5:a3:3e:25:91:3b:74:
         ed:70:dc:3b:a4:b9:45:8d:24:45:55:c4:09:7e:77:1b:5b:9e:
         80:5f:bf:c5:ba:dd:a0:f3:2c:f0:ea:8a:37:b4:7f:10:15:91:
         e2:7e:a3:2d:ea:6c:93:24:f5:03:67:0b:d2:79:77:c9:71:a6:
         91:94:8c:5e:31:30:d6:67:ae:e2:98:3a:9a:70:00:4b:af:ae:
         62:28:3f:ce:0e:67:e0:21:3e:01:a0:48:f8:44:3c:0f:eb:e4:
         df:98:8c:6b:ac:6a:15:94:3f:be:dd:5b:59:f9:5d:a3:ed:1e:
         a0:0d:d7:a8:f8:6b:91:6e:52:4f:dc:9d:2c:6f:0f:ed:9b:21:
         73:b4:7c:8f:22:d9:0b:7d:bc:b3:9f:37:b2:4e:4b:ac:a0:e1:
         f2:62:38:4b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDGMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzE2MTIxMTAvBgNVBAUTKEU0RTEwMUVFRjQ0MzE1MEM2MjExMEFDQUZBODgxNTU0
QzA4OUZDNTMwHhcNMjMwODA0MTgzNjE3WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNkNDUyMS03OWY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp0rr6/OsMEDWSdkeNPd9gHRaWpRarI8efIieUoQzv8PXTTvOg06usXqX8WMM
louXKA29T916NDR4jaK08Zj4x+O9/qpIVLQaLDHvNa//dhCU0R6j47NFZx6agQGv
FjO8XPqKe60f1bfcNo5fY20t3t+xYMqceMraXoL9nnPVU9eefXbdI8JQ/3y6XJ8+
cu966wgkTu681ZIP+wnhkYuf4qtfgOBA1gc9CCSdN6yWQ38mAsMIQDgiprBv1csR
pv2vublOJKpKEiMUeqWU5o0wbpH7Wp1l5XPx9Va+TltKXYgtxh+DK8NxT85Hrdso
PTfVNIR37tGvs+0vNXgjZsUUcwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIT0J4Z/
cxfQ7r9KqZ3wYpC0ImQ1MB8GA1UdIwQYMBaAFOThAe70QxUMYhEKyvqIFVTAifxT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTYxMi9FM0I4NEM4Q0JF
ODYxMUU5OUE2QzAxMUZDNEY5QUUwMi81T0VCN3ZSREZReGlFUXJLLW9nVlZNQ0pf
Rk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVPRUI3dlJERlF4aUVRckstb2dWVk1DSl9GTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzE2MTIvRTNCODRDOENCRTg2MTFFOTlBNkMwMTFGQzRGOUFFMDIvMjc5QjAzNzJE
REY4MTFFQUE1NTM3MDVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnGIYwDQYJKoZIhvcNAQELBQADggEBABmvCylKVimk8dg6
8dvR6RJpmCNGW/0a1ITcmTkoZU8ZjrDKDPTPmxdXfnzXBgdGVccWhqELLrb1QCw/
k08GT1k9JDEBExXQmRbCf75nJyPt/ka+mHgwfpld1Oskowf0IIfU5INZ9aM+JZE7
dO1w3DukuUWNJEVVxAl+dxtbnoBfv8W63aDzLPDqije0fxAVkeJ+oy3qbJMk9QNn
C9J5d8lxppGUjF4xMNZnruKYOppwAEuvrmIoP84OZ+AhPgGgSPhEPA/r5N+YjGus
ahWUP77dW1n5XaPtHqAN16j4a5FuUk/cnSxvD+2bIXO0fI8i2Qt9vLOfN7JOS6yg
4fJiOEs=
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:44:09 2024 by rpki-client on console-fra.rpki-client.org