Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9132B1E/8936CC04883211EA84861B70C4F9AE02/6580E03C79E511EC99DA1B51C4F9AE02.roa
File:                     6580E03C79E511EC99DA1B51C4F9AE02.roa (raw, json)
Hash identifier:          88cWIAkjsGr9WlAVKsKNLvJUq42ctyqB2EjlRGDbkY4=
Subject key identifier:   96:2B:DC:68:75:C7:55:A7:98:F6:2B:A7:F1:06:BC:0A:5E:BB:BA:D7
Certificate issuer:       /CN=A9132B1E/serialNumber=ABD43548659CBB276EF8D35B8212F838E8CEB75F
Certificate serial:       08EE
Authority key identifier: AB:D4:35:48:65:9C:BB:27:6E:F8:D3:5B:82:12:F8:38:E8:CE:B7:5F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q9Q1SGWcuydu-NNbghL4OOjOt18.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9132B1E/8936CC04883211EA84861B70C4F9AE02/6580E03C79E511EC99DA1B51C4F9AE02.roa
Signing time:             Thu 04 May 2023 22:39:16 +0000
ROA not before:           Thu 04 May 2023 22:39:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     10103
IP address blocks:        115.160.135.0/24 maxlen: 24
                          202.64.97.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9132B1E/8936CC04883211EA84861B70C4F9AE02/q9Q1SGWcuydu-NNbghL4OOjOt18.crl
                          rsync://rpki.apnic.net/member_repository/A9132B1E/8936CC04883211EA84861B70C4F9AE02/q9Q1SGWcuydu-NNbghL4OOjOt18.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q9Q1SGWcuydu-NNbghL4OOjOt18.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 21:07:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2286 (0x8ee)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9132B1E/serialNumber=ABD43548659CBB276EF8D35B8212F838E8CEB75F
        Validity
            Not Before: May  4 22:39:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=64543414-1cf6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:21:bd:ff:f5:14:20:0d:27:67:3d:2d:b0:a9:
                    f1:cf:22:24:86:2e:23:26:34:d6:83:2b:67:70:a7:
                    0c:f6:46:4c:39:73:ad:09:c9:89:b1:79:de:6c:22:
                    34:5b:72:3f:12:59:eb:a2:d1:26:36:1e:c5:cf:6c:
                    79:db:6d:bc:a8:11:c3:25:cc:f6:49:55:ad:34:7f:
                    4c:f0:ec:4e:ae:24:87:a5:a2:e7:46:76:e3:11:70:
                    42:56:f9:18:31:06:36:74:fc:29:a5:27:f8:38:d1:
                    ac:4a:98:15:1d:25:cc:66:a3:35:a9:1f:42:e3:a3:
                    77:0d:16:03:a4:38:91:7a:f8:c9:c3:31:f4:10:43:
                    45:d1:b6:02:30:78:5c:e1:ba:f4:0a:09:d9:5d:6d:
                    75:ab:0c:33:f9:48:4b:21:9d:ca:41:48:b5:94:f1:
                    17:26:9e:04:70:d6:4a:3d:48:ad:a4:64:9d:f5:aa:
                    eb:1b:8a:e3:d7:d7:7e:8d:0b:dc:ec:9d:43:1e:41:
                    39:9f:29:c6:18:0f:50:70:6b:4c:a4:e4:8c:31:d8:
                    60:a7:b9:ce:7e:64:dd:78:8e:87:25:b7:ae:7b:96:
                    8c:46:6b:8c:2e:c6:59:ef:6a:1a:dd:5f:2e:97:76:
                    d7:fb:2f:7e:48:87:ba:c9:d4:86:b5:ac:70:5e:5a:
                    75:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:2B:DC:68:75:C7:55:A7:98:F6:2B:A7:F1:06:BC:0A:5E:BB:BA:D7
            X509v3 Authority Key Identifier:
                keyid:AB:D4:35:48:65:9C:BB:27:6E:F8:D3:5B:82:12:F8:38:E8:CE:B7:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9132B1E/8936CC04883211EA84861B70C4F9AE02/q9Q1SGWcuydu-NNbghL4OOjOt18.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q9Q1SGWcuydu-NNbghL4OOjOt18.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132B1E/8936CC04883211EA84861B70C4F9AE02/6580E03C79E511EC99DA1B51C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  115.160.135.0/24
                  202.64.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:35:da:7c:af:01:8a:1e:94:94:ac:b2:84:1f:4e:7c:20:76:
         0b:81:06:f4:d1:8e:88:0d:73:69:c4:a5:57:e8:56:1f:44:73:
         f1:d6:e5:18:a8:68:7c:cb:f5:38:c5:d7:5e:30:5c:d6:3b:1a:
         b6:d8:a4:79:d0:74:87:84:b7:f9:46:e6:d8:21:8a:b7:f2:61:
         f8:4d:f2:7a:a2:bd:b4:73:9e:49:f6:cf:6d:88:60:d2:77:0c:
         74:aa:a9:a0:dd:fc:b6:94:20:9d:9a:37:06:e8:b4:a8:32:ea:
         d5:ec:e2:dc:cb:f2:de:80:b8:e6:26:12:1f:ba:29:a3:6b:77:
         09:2e:82:3e:7e:01:56:fc:41:ae:fc:4f:07:57:96:67:a8:05:
         2d:71:da:ac:f7:da:1b:b9:2c:72:bb:86:17:30:64:ce:48:34:
         c7:d4:f3:66:90:1e:22:8f:54:39:8c:64:99:c4:61:77:00:fb:
         5e:4c:06:43:a5:c3:31:d5:53:d4:42:13:43:d6:3d:c6:98:97:
         c7:75:0a:22:72:a4:64:b5:9e:a2:16:b8:68:6d:50:77:5e:45:
         c5:5e:12:d1:ac:f4:d2:82:d7:5d:9c:5a:f0:ac:be:1b:aa:69:
         9c:81:d9:52:a7:b1:3a:89:28:e9:b3:26:d3:3c:7d:fd:9a:6d:
         98:71:3e:14
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCO4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzJCMUUxMTAvBgNVBAUTKEFCRDQzNTQ4NjU5Q0JCMjc2RUY4RDM1QjgyMTJGODM4
RThDRUI3NUYwHhcNMjMwNTA0MjIzOTE2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDU0MzQxNC0xY2Y2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsSG9//UUIA0nZz0tsKnxzyIkhi4jJjTWgytncKcM9kZMOXOtCcmJsXnebCI0
W3I/ElnrotEmNh7Fz2x52228qBHDJcz2SVWtNH9M8OxOriSHpaLnRnbjEXBCVvkY
MQY2dPwppSf4ONGsSpgVHSXMZqM1qR9C46N3DRYDpDiRevjJwzH0EENF0bYCMHhc
4br0CgnZXW11qwwz+UhLIZ3KQUi1lPEXJp4EcNZKPUitpGSd9arrG4rj19d+jQvc
7J1DHkE5nynGGA9QcGtMpOSMMdhgp7nOfmTdeI6HJbeue5aMRmuMLsZZ72oa3V8u
l3bX+y9+SIe6ydSGtaxwXlp1mwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJYr3Gh1
x1WnmPYrp/EGvApeu7rXMB8GA1UdIwQYMBaAFKvUNUhlnLsnbvjTW4IS+Djozrdf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkIxRS84OTM2Q0MwNDg4
MzIxMUVBODQ4NjFCNzBDNEY5QUUwMi9xOVExU0dXY3V5ZHUtTk5iZ2hMNE9Pak90
MTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3E5UTFTR1djdXlkdS1OTmJnaEw0T09qT3QxOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzJCMUUvODkzNkNDMDQ4ODMyMTFFQTg0ODYxQjcwQzRGOUFFMDIvNjU4MEUwM0M3
OUU1MTFFQzk5REExQjUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABzoIcDBADKQGEwDQYJKoZIhvcNAQELBQADggEBABE12nyv
AYoelJSssoQfTnwgdguBBvTRjogNc2nEpVfoVh9Ec/HW5RioaHzL9TjF114wXNY7
GrbYpHnQdIeEt/lG5tghirfyYfhN8nqivbRznkn2z22IYNJ3DHSqqaDd/LaUIJ2a
NwbotKgy6tXs4tzL8t6AuOYmEh+6KaNrdwkugj5+AVb8Qa78TwdXlmeoBS1x2qz3
2hu5LHK7hhcwZM5INMfU82aQHiKPVDmMZJnEYXcA+15MBkOlwzHVU9RCE0PWPcaY
l8d1CiJypGS1nqIWuGhtUHdeRcVeEtGs9NKC112cWvCsvhuqaZyB2VKnsTqJKOmz
JtM8ff2abZhxPhQ=
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:23:59 2024 by rpki-client on console-fra.rpki-client.org