Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/5E0253B6232111EB9896B783C4F9AE02.roa
File:                     5E0253B6232111EB9896B783C4F9AE02.roa (raw, json)
Hash identifier:          Qd2fS017bmmI4dqXgfO7lOJxE7pdpoytjHBgfsVzSRw=
Subject key identifier:   B3:22:B9:B5:27:DB:0C:B9:AE:2F:A3:A9:3D:4B:CD:CB:D8:AE:CD:33
Certificate issuer:       /CN=A9131690/serialNumber=3474C94C36E8F9A0D3A0D22E1DDA108CD340AB28
Certificate serial:       0EBD
Authority key identifier: 34:74:C9:4C:36:E8:F9:A0:D3:A0:D2:2E:1D:DA:10:8C:D3:40:AB:28
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHTJTDbo-aDToNIuHdoQjNNAqyg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/5E0253B6232111EB9896B783C4F9AE02.roa
Signing time:             Tue 26 Mar 2024 18:36:41 +0000
ROA not before:           Tue 26 Mar 2024 18:36:41 +0000
ROA not after:            Thu 01 May 2025 00:00:00 +0000
asID:                     137969
IP address blocks:        103.133.176.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/NHTJTDbo-aDToNIuHdoQjNNAqyg.crl
                          rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/NHTJTDbo-aDToNIuHdoQjNNAqyg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHTJTDbo-aDToNIuHdoQjNNAqyg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 27 Nov 2024 17:13:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3773 (0xebd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9131690/serialNumber=3474C94C36E8F9A0D3A0D22E1DDA108CD340AB28
        Validity
            Not Before: Mar 26 18:36:41 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=660315b8-79f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:f6:1a:df:a4:30:c4:aa:47:79:57:d0:5e:9e:
                    cf:44:90:1b:7f:c5:44:41:5b:33:a4:58:57:a6:68:
                    11:9c:ea:25:b0:77:7d:e3:fe:cd:62:12:50:b4:1f:
                    ee:8f:6a:f1:36:17:25:bf:5d:55:40:19:85:c4:3c:
                    cc:59:f0:c9:32:86:2f:63:7b:b9:11:99:e3:e3:28:
                    50:c7:3d:6b:a6:ea:47:fa:b5:c1:e8:4e:e3:00:7a:
                    50:3b:c5:dc:30:69:99:2d:cb:8a:0a:b1:17:b9:15:
                    1b:6d:38:74:33:26:a1:36:9b:bc:71:06:0c:6c:d8:
                    b8:5b:cb:f2:75:46:6e:c5:af:87:b7:8c:1e:41:48:
                    d7:b2:95:06:35:28:fe:12:12:06:4e:e2:06:21:9c:
                    54:c7:55:71:bb:83:01:f1:4f:a8:62:a9:ce:15:59:
                    24:1e:0f:45:b7:74:f7:1c:90:91:cb:02:19:d3:61:
                    66:59:88:98:fa:9e:ef:16:cf:25:2a:00:97:9e:d9:
                    d7:27:d3:f3:9d:a8:9b:bd:4e:62:53:4f:f1:5d:20:
                    17:ea:f2:93:c6:ce:25:37:08:4b:c9:b1:13:94:d1:
                    c1:37:93:f0:54:50:be:c4:1f:b0:a0:d6:a3:20:95:
                    1a:17:19:00:39:8e:11:30:7b:ce:12:a1:68:b2:36:
                    a6:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:22:B9:B5:27:DB:0C:B9:AE:2F:A3:A9:3D:4B:CD:CB:D8:AE:CD:33
            X509v3 Authority Key Identifier:
                keyid:34:74:C9:4C:36:E8:F9:A0:D3:A0:D2:2E:1D:DA:10:8C:D3:40:AB:28

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/NHTJTDbo-aDToNIuHdoQjNNAqyg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHTJTDbo-aDToNIuHdoQjNNAqyg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/5E0253B6232111EB9896B783C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.133.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1c:c1:bd:cb:fd:1c:cd:1f:ba:8c:b2:39:c3:b1:ff:eb:af:28:
         5e:3a:0a:f6:34:e3:ef:c1:cb:41:fd:07:26:82:77:9f:39:5c:
         6e:38:f7:7f:8d:ae:3a:61:b9:a7:4b:32:a7:e4:97:13:c9:56:
         41:4c:83:76:f9:e5:7c:84:5e:34:5a:5f:80:ed:f3:f1:04:35:
         46:d1:05:c7:13:df:c5:6e:fe:d8:d7:b6:6e:83:8f:2f:0e:d2:
         cb:22:95:b3:9b:41:49:b5:aa:62:32:89:59:d1:64:92:b5:e5:
         ad:6d:ec:1c:61:c6:7e:03:fb:48:ee:6d:01:af:3f:8d:6d:27:
         a9:3c:56:00:4a:4f:1e:a4:18:b0:fd:22:69:30:92:d5:66:25:
         99:08:6b:2a:b0:89:c5:d0:79:7c:df:54:7c:bc:f4:6c:1c:a7:
         54:59:7f:40:05:d7:ac:70:53:c0:26:d7:cc:a2:70:91:ac:e5:
         18:a8:48:c2:c2:b2:68:0e:ad:fd:28:90:b6:2e:75:32:d3:f0:
         6b:9f:6b:d9:f4:43:d7:d3:00:00:6a:b8:0e:d5:f6:df:7c:de:
         0d:af:c6:7b:4d:b0:7f:d0:a7:80:98:a5:7d:81:f1:74:92:b1:
         fe:29:f9:a0:38:6a:e0:ea:e6:24:01:2a:c7:ab:b7:14:b2:99:
         40:23:86:09
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDr0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzE2OTAxMTAvBgNVBAUTKDM0NzRDOTRDMzZFOEY5QTBEM0EwRDIyRTFEREExMDhD
RDM0MEFCMjgwHhcNMjQwMzI2MTgzNjQxWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjAzMTViOC03OWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwPYa36QwxKpHeVfQXp7PRJAbf8VEQVszpFhXpmgRnOolsHd94/7NYhJQtB/u
j2rxNhclv11VQBmFxDzMWfDJMoYvY3u5EZnj4yhQxz1rpupH+rXB6E7jAHpQO8Xc
MGmZLcuKCrEXuRUbbTh0MyahNpu8cQYMbNi4W8vydUZuxa+Ht4weQUjXspUGNSj+
EhIGTuIGIZxUx1Vxu4MB8U+oYqnOFVkkHg9Ft3T3HJCRywIZ02FmWYiY+p7vFs8l
KgCXntnXJ9PznaibvU5iU0/xXSAX6vKTxs4lNwhLybETlNHBN5PwVFC+xB+woNaj
IJUaFxkAOY4RMHvOEqFosjamiQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLMiubUn
2wy5ri+jqT1LzcvYrs0zMB8GA1UdIwQYMBaAFDR0yUw26Pmg06DSLh3aEIzTQKso
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTY5MC8xNUI0MUI4ODYz
RjMxMUU5QTA4NTRDNDdDNEY5QUUwMi9OSFRKVERiby1hRFRvTkl1SGRvUWpOTkFx
eWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05IVEpURGJvLWFEVG9OSXVIZG9Rak5OQXF5Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzE2OTAvMTVCNDFCODg2M0YzMTFFOUEwODU0QzQ3QzRGOUFFMDIvNUUwMjUzQjYy
MzIxMTFFQjk4OTZCNzgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnhbAwDQYJKoZIhvcNAQELBQADggEBABzBvcv9HM0fuoyy
OcOx/+uvKF46CvY04+/By0H9ByaCd585XG4493+NrjphuadLMqfklxPJVkFMg3b5
5XyEXjRaX4Dt8/EENUbRBccT38Vu/tjXtm6Djy8O0ssilbObQUm1qmIyiVnRZJK1
5a1t7Bxhxn4D+0jubQGvP41tJ6k8VgBKTx6kGLD9ImkwktVmJZkIayqwicXQeXzf
VHy89Gwcp1RZf0AF16xwU8Am18yicJGs5RioSMLCsmgOrf0okLYudTLT8Gufa9n0
Q9fTAABquA7V9t983g2vxntNsH/Qp4CYpX2B8XSSsf4p+aA4auDq5iQBKsertxSy
mUAjhgk=
-----END CERTIFICATE-----
Generated at Wed Nov 20 19:05:15 2024 by rpki-client on console-ams.rpki-client.org