Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/4DAFC184ADC011ED897A4050C4F9AE02.roa
File:                     4DAFC184ADC011ED897A4050C4F9AE02.roa (raw, json)
Hash identifier:          51xFCuLNaXT5cGhpR1RrXJQMru8U96eL84Hf/9xFOFI=
Subject key identifier:   40:BD:65:11:2B:20:76:2B:43:92:2A:8F:03:C8:D8:48:A8:9A:D9:9C
Certificate issuer:       /CN=A913A7A6/serialNumber=9F2E5788EF79585BAB7619877D39627AB2E5D519
Certificate serial:       08E9
Authority key identifier: 9F:2E:57:88:EF:79:58:5B:AB:76:19:87:7D:39:62:7A:B2:E5:D5:19
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ny5XiO95WFurdhmHfTlierLl1Rk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/4DAFC184ADC011ED897A4050C4F9AE02.roa
Signing time:             Thu 26 Oct 2023 20:48:16 +0000
ROA not before:           Thu 26 Oct 2023 20:48:16 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     58877
IP address blocks:        137.166.0.0/16 maxlen: 17

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.crl
                          rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ny5XiO95WFurdhmHfTlierLl1Rk.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 20:05:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2281 (0x8e9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913A7A6/serialNumber=9F2E5788EF79585BAB7619877D39627AB2E5D519
        Validity
            Not Before: Oct 26 20:48:16 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=653ad090-d903
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:a2:2c:f2:81:b8:32:3a:06:99:e8:64:fb:04:
                    15:17:2c:00:5a:bd:35:90:89:c9:39:49:74:73:06:
                    0e:c8:e2:b2:88:74:7a:0c:3d:43:8b:d8:57:89:e5:
                    a6:b5:5e:f0:b3:4d:13:05:e6:fb:b3:f5:2d:32:f3:
                    76:42:60:fc:ab:31:85:1b:f9:67:8d:f7:6d:d1:a4:
                    75:76:93:c8:f2:d7:0b:59:32:7c:52:d4:bb:2e:2d:
                    59:95:d8:d1:7b:a1:f1:0a:6a:24:10:0a:d3:91:7f:
                    34:43:29:86:73:1e:40:9f:15:e4:00:eb:97:79:2c:
                    9b:da:82:5b:be:cb:51:1f:64:d5:0a:cd:c3:09:34:
                    b9:5a:70:5c:a9:60:c1:7d:8b:60:13:3f:ca:5b:c3:
                    22:91:80:c1:10:98:00:d9:29:af:9f:7c:69:56:12:
                    e4:82:07:45:af:3d:50:3c:f4:b4:be:62:50:8b:6a:
                    bd:a8:54:0e:c8:7b:cb:be:a1:d2:e0:61:58:bd:c6:
                    09:0c:0f:d8:2a:34:88:a4:fa:a3:6d:79:a6:12:be:
                    dc:b8:bd:92:63:21:b1:cf:8f:5b:3f:4c:b6:1e:b4:
                    02:50:ee:7c:4c:bb:63:0b:d5:65:72:85:50:c9:2f:
                    88:2b:32:89:9c:9b:ee:c7:8a:70:90:32:f5:7d:f8:
                    7d:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:BD:65:11:2B:20:76:2B:43:92:2A:8F:03:C8:D8:48:A8:9A:D9:9C
            X509v3 Authority Key Identifier:
                keyid:9F:2E:57:88:EF:79:58:5B:AB:76:19:87:7D:39:62:7A:B2:E5:D5:19

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ny5XiO95WFurdhmHfTlierLl1Rk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/4DAFC184ADC011ED897A4050C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  137.166.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         15:be:01:b7:92:e8:c8:3c:77:56:ef:22:ac:31:03:34:24:d0:
         69:b6:49:de:04:52:db:c9:ef:9e:67:8b:b5:b1:8b:e7:63:4c:
         9f:78:c3:06:e1:d0:67:65:92:c5:e9:58:da:8b:77:e5:99:5b:
         74:d4:2d:43:42:70:e7:e5:cd:30:be:2f:c0:c7:66:fc:da:6e:
         3e:3f:8c:eb:33:f8:91:40:93:e1:cf:ea:03:dd:e6:a6:8f:7f:
         d2:12:27:f1:9e:2f:ac:ea:71:30:65:a2:44:fa:b1:26:83:fe:
         70:88:c4:21:0d:df:75:30:51:6f:72:33:91:99:b8:52:8c:49:
         05:03:b8:95:71:05:46:69:89:d4:4c:30:29:80:d8:53:83:c7:
         c6:c9:7e:9b:55:a1:1f:3a:3f:59:42:3d:f7:3a:c4:af:3b:b7:
         11:5c:19:63:b0:5f:90:f3:de:d2:c8:19:6b:fb:b9:fc:55:0c:
         31:9f:e8:a7:72:5a:8b:67:a8:3a:1a:5b:49:b8:da:1b:82:b7:
         4b:ce:2d:d4:80:e3:00:3c:16:4f:d0:ef:9b:8f:21:a9:49:4b:
         67:7e:87:19:6c:2f:73:da:8e:f9:80:31:8f:90:94:06:04:ed:
         6c:2c:6a:23:b5:69:c7:5e:d6:e8:cc:43:3c:2e:71:b1:c8:a2:
         d7:74:03:ef
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICCOkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0E3QTYxMTAvBgNVBAUTKDlGMkU1Nzg4RUY3OTU4NUJBQjc2MTk4NzdEMzk2MjdB
QjJFNUQ1MTkwHhcNMjMxMDI2MjA0ODE2WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTNhZDA5MC1kOTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtaIs8oG4MjoGmehk+wQVFywAWr01kInJOUl0cwYOyOKyiHR6DD1Di9hXieWm
tV7ws00TBeb7s/UtMvN2QmD8qzGFG/lnjfdt0aR1dpPI8tcLWTJ8UtS7Li1ZldjR
e6HxCmokEArTkX80QymGcx5AnxXkAOuXeSyb2oJbvstRH2TVCs3DCTS5WnBcqWDB
fYtgEz/KW8MikYDBEJgA2Smvn3xpVhLkggdFrz1QPPS0vmJQi2q9qFQOyHvLvqHS
4GFYvcYJDA/YKjSIpPqjbXmmEr7cuL2SYyGxz49bP0y2HrQCUO58TLtjC9VlcoVQ
yS+IKzKJnJvux4pwkDL1ffh9dwIDAQABo4IClDCCApAwHQYDVR0OBBYEFEC9ZREr
IHYrQ5IqjwPI2EiomtmcMB8GA1UdIwQYMBaAFJ8uV4jveVhbq3YZh305Ynqy5dUZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQTdBNi80NTdBOEU4Mjcz
QjYxMUVBOUI4QzFGNUNDNEY5QUUwMi9ueTVYaU85NVdGdXJkaG1IZlRsaWVyTGwx
UmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL255NVhpTzk1V0Z1cmRobUhmVGxpZXJMbDFSay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0E3QTYvNDU3QThFODI3M0I2MTFFQTlCOEMxRjVDQzRGOUFFMDIvNERBRkMxODRB
REMwMTFFRDg5N0E0MDUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwCJpjANBgkqhkiG9w0BAQsFAAOCAQEAFb4Bt5LoyDx3Vu8i
rDEDNCTQabZJ3gRS28nvnmeLtbGL52NMn3jDBuHQZ2WSxelY2ot35ZlbdNQtQ0Jw
5+XNML4vwMdm/NpuPj+M6zP4kUCT4c/qA93mpo9/0hIn8Z4vrOpxMGWiRPqxJoP+
cIjEIQ3fdTBRb3IzkZm4UoxJBQO4lXEFRmmJ1EwwKYDYU4PHxsl+m1WhHzo/WUI9
9zrErzu3EVwZY7BfkPPe0sgZa/u5/FUMMZ/op3Jai2eoOhpbSbjaG4K3S84t1IDj
ADwWT9Dvm48hqUlLZ36HGWwvc9qO+YAxj5CUBgTtbCxqI7Vpx17W6MxDPC5xscii
13QD7w==
-----END CERTIFICATE-----
Generated at Sun Jun 16 23:13:00 2024 by rpki-client on console-ams.rpki-client.org