Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/53647CC8284511EE8A9EF045C4F9AE02.roa
File:                     53647CC8284511EE8A9EF045C4F9AE02.roa (raw, json)
Hash identifier:          q6T+3SeSLwQ46z2e+jiP9jZoRgXBN3CYjsUf9Ldx12E=
Subject key identifier:   0E:5D:EE:86:95:67:19:52:29:63:5F:FE:F3:67:0F:50:72:74:69:90
Certificate issuer:       /CN=A9136DD6/serialNumber=F7F9D8A4355D673B9D4E7F155D3A78E5E660FEA5
Certificate serial:       0380
Authority key identifier: F7:F9:D8:A4:35:5D:67:3B:9D:4E:7F:15:5D:3A:78:E5:E6:60:FE:A5
Authority info access:    rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9_nYpDVdZzudTn8VXTp45eZg_qU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/53647CC8284511EE8A9EF045C4F9AE02.roa
Signing time:             Mon 20 Nov 2023 18:15:57 +0000
ROA not before:           Mon 20 Nov 2023 18:15:57 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     17547
IP address blocks:        178.160.128.0/18 maxlen: 19
                          178.160.128.0/24 maxlen: 24
                          178.160.129.0/24 maxlen: 24
                          178.160.130.0/24 maxlen: 24
                          178.160.131.0/24 maxlen: 24
                          178.160.132.0/24 maxlen: 24
                          178.160.133.0/24 maxlen: 24
                          178.160.135.0/24 maxlen: 24
                          178.160.137.0/24 maxlen: 24
                          178.160.138.0/24 maxlen: 24
                          178.160.139.0/24 maxlen: 24
                          178.160.140.0/24 maxlen: 24
                          178.160.141.0/24 maxlen: 24
                          178.160.142.0/24 maxlen: 24
                          178.160.143.0/24 maxlen: 24
                          178.160.144.0/24 maxlen: 24
                          178.160.145.0/24 maxlen: 24
                          178.160.146.0/24 maxlen: 24
                          178.160.147.0/24 maxlen: 24
                          178.160.148.0/24 maxlen: 24
                          178.160.149.0/24 maxlen: 24
                          178.160.150.0/24 maxlen: 24
                          178.160.151.0/24 maxlen: 24
                          178.160.152.0/24 maxlen: 24
                          178.160.153.0/24 maxlen: 24
                          178.160.154.0/24 maxlen: 24
                          178.160.155.0/24 maxlen: 24
                          178.160.156.0/24 maxlen: 24
                          178.160.157.0/24 maxlen: 24
                          178.160.158.0/24 maxlen: 24
                          178.160.159.0/24 maxlen: 24
                          178.160.160.0/24 maxlen: 24
                          178.160.161.0/24 maxlen: 24
                          178.160.162.0/24 maxlen: 24
                          178.160.163.0/24 maxlen: 24
                          178.160.164.0/24 maxlen: 24
                          178.160.165.0/24 maxlen: 24
                          178.160.166.0/24 maxlen: 24
                          178.160.167.0/24 maxlen: 24
                          178.160.168.0/24 maxlen: 24
                          178.160.169.0/24 maxlen: 24
                          178.160.170.0/24 maxlen: 24
                          178.160.171.0/24 maxlen: 24
                          178.160.172.0/24 maxlen: 24
                          178.160.173.0/24 maxlen: 24
                          178.160.174.0/24 maxlen: 24
                          178.160.175.0/24 maxlen: 24
                          178.160.176.0/24 maxlen: 24
                          178.160.177.0/24 maxlen: 24
                          178.160.178.0/24 maxlen: 24
                          178.160.179.0/24 maxlen: 24
                          178.160.180.0/24 maxlen: 24
                          178.160.181.0/24 maxlen: 24
                          178.160.182.0/24 maxlen: 24
                          178.160.183.0/24 maxlen: 24
                          178.160.184.0/24 maxlen: 24
                          178.160.185.0/24 maxlen: 24
                          178.160.186.0/24 maxlen: 24
                          178.160.187.0/24 maxlen: 24
                          178.160.188.0/24 maxlen: 24
                          178.160.189.0/24 maxlen: 24
                          178.160.190.0/24 maxlen: 24
                          178.160.191.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/9_nYpDVdZzudTn8VXTp45eZg_qU.crl
                          rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/9_nYpDVdZzudTn8VXTp45eZg_qU.mft
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9_nYpDVdZzudTn8VXTp45eZg_qU.cer
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 14:50:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 896 (0x380)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9136DD6/serialNumber=F7F9D8A4355D673B9D4E7F155D3A78E5E660FEA5
        Validity
            Not Before: Nov 20 18:15:57 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=655ba25c-6e73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:c4:e3:0d:89:fa:99:fe:94:32:0b:f4:3c:62:
                    75:4b:64:ba:3b:3b:7b:0e:f9:6e:86:70:72:c2:41:
                    91:17:45:96:92:97:77:41:53:27:04:38:df:de:c6:
                    c4:f6:7b:97:74:48:a3:09:a5:7f:50:94:6f:40:ba:
                    28:38:fd:42:73:ec:27:bd:8f:05:71:d5:14:e1:ed:
                    d6:d0:3e:37:99:fd:51:8d:de:eb:8b:b5:84:83:d0:
                    5d:71:3f:0f:30:49:5c:21:44:84:84:6b:b5:32:06:
                    c9:a4:28:89:79:bc:1c:c2:c8:75:a0:65:77:60:3a:
                    2e:2c:8c:d8:7e:fa:2b:a6:35:3f:1a:7b:7e:a3:88:
                    f2:eb:6e:f3:ca:4d:9a:c9:13:95:6b:d3:fe:66:b4:
                    ba:3f:2c:43:f9:28:53:58:68:19:0d:dc:04:30:99:
                    9f:f5:b6:03:9e:ce:30:03:e1:db:e3:2a:47:f5:99:
                    b1:25:a8:f6:ef:2c:7b:62:6e:8e:5b:7f:19:1e:de:
                    5c:4d:29:0c:ea:ec:c9:e0:c7:05:da:32:13:1f:a5:
                    10:5c:bc:6f:15:e3:df:8c:11:65:bb:20:e0:a1:f5:
                    58:99:1d:93:56:10:db:ce:6d:ca:9b:a4:8c:81:1c:
                    7c:95:2f:26:62:63:0f:ec:5f:02:16:cf:2f:74:e5:
                    28:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:5D:EE:86:95:67:19:52:29:63:5F:FE:F3:67:0F:50:72:74:69:90
            X509v3 Authority Key Identifier:
                keyid:F7:F9:D8:A4:35:5D:67:3B:9D:4E:7F:15:5D:3A:78:E5:E6:60:FE:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/9_nYpDVdZzudTn8VXTp45eZg_qU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9_nYpDVdZzudTn8VXTp45eZg_qU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/53647CC8284511EE8A9EF045C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.160.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         a9:2b:61:a9:3f:1e:f5:4c:5e:19:3c:e1:48:59:aa:26:25:aa:
         18:d9:7c:8d:1d:43:c8:cf:a3:81:56:86:50:c5:a8:e1:c3:38:
         9e:74:0c:e4:81:6f:03:cc:ac:53:4e:82:93:f3:ab:cf:77:d5:
         cf:96:22:a8:4f:9f:c8:47:12:70:55:5d:f2:bf:b5:c7:33:35:
         7a:55:16:39:91:aa:f0:64:6a:21:5d:6e:73:c1:7e:b1:77:11:
         7c:f0:f1:df:69:73:9d:4f:b1:74:72:66:3f:61:be:ca:d6:72:
         1d:8a:00:e6:e3:f8:b9:36:93:8e:f3:e3:18:ee:98:4c:81:ea:
         fe:9c:96:5e:47:d9:77:40:4a:04:35:77:5d:80:d5:07:f7:a3:
         d2:66:37:c0:56:51:1b:ef:60:c9:5d:84:c8:ee:e9:59:33:e7:
         ee:4e:b7:a9:4d:92:66:e4:b0:b1:21:86:af:66:52:ec:f1:88:
         5d:25:d2:ee:85:11:ab:86:1b:5d:5b:b9:5d:40:f7:67:1a:3c:
         37:d6:c9:a8:57:25:94:b5:c6:f5:bb:81:ec:ce:96:0d:16:de:
         fd:0a:17:e2:2c:86:48:ca:ef:86:a0:5f:84:03:3a:7b:6a:a7:
         cf:4b:88:e0:d2:7b:e9:4b:cb:2e:72:97:ab:ca:f9:cb:ae:62:
         4e:44:e1:47
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA4AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzZERDYxMTAvBgNVBAUTKEY3RjlEOEE0MzU1RDY3M0I5RDRFN0YxNTVEM0E3OEU1
RTY2MEZFQTUwHhcNMjMxMTIwMTgxNTU3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTViYTI1Yy02ZTczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsMTjDYn6mf6UMgv0PGJ1S2S6Ozt7DvluhnBywkGRF0WWkpd3QVMnBDjf3sbE
9nuXdEijCaV/UJRvQLooOP1Cc+wnvY8FcdUU4e3W0D43mf1Rjd7ri7WEg9BdcT8P
MElcIUSEhGu1MgbJpCiJebwcwsh1oGV3YDouLIzYfvorpjU/Gnt+o4jy627zyk2a
yROVa9P+ZrS6PyxD+ShTWGgZDdwEMJmf9bYDns4wA+Hb4ypH9ZmxJaj27yx7Ym6O
W38ZHt5cTSkM6uzJ4McF2jITH6UQXLxvFePfjBFluyDgofVYmR2TVhDbzm3Km6SM
gRx8lS8mYmMP7F8CFs8vdOUoAwIDAQABo4IClTCCApEwHQYDVR0OBBYEFA5d7oaV
ZxlSKWNf/vNnD1BydGmQMB8GA1UdIwQYMBaAFPf52KQ1XWc7nU5/FV06eOXmYP6l
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNkRENi9EMTYyRTAzQTNE
M0ExMUVDQkVGNzdDNzZDNEY5QUUwMi85X25ZcERWZFp6dWRUbjhWWFRwNDVlWmdf
cVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyLzlfbllwRFZkWnp1ZFRuOFZYVHA0NWVaZ19xVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzZERDYvRDE2MkUwM0EzRDNBMTFFQ0JFRjc3Qzc2QzRGOUFFMDIvNTM2NDdDQzgy
ODQ1MTFFRThBOUVGMDQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAayoIAwDQYJKoZIhvcNAQELBQADggEBAKkrYak/HvVMXhk8
4UhZqiYlqhjZfI0dQ8jPo4FWhlDFqOHDOJ50DOSBbwPMrFNOgpPzq8931c+WIqhP
n8hHEnBVXfK/tcczNXpVFjmRqvBkaiFdbnPBfrF3EXzw8d9pc51PsXRyZj9hvsrW
ch2KAObj+Lk2k47z4xjumEyB6v6cll5H2XdASgQ1d12A1Qf3o9JmN8BWURvvYMld
hMju6Vkz5+5Ot6lNkmbksLEhhq9mUuzxiF0l0u6FEauGG11buV1A92caPDfWyahX
JZS1xvW7gezOlg0W3v0KF+IshkjK74agX4QDOntqp89LiODSe+lLyy5yl6vK+cuu
Yk5E4Uc=
-----END CERTIFICATE-----
Generated at Sun Jun 16 19:10:17 2024 by rpki-client on console-ams.rpki-client.org