Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913B5C2/779D04A0364111EB8499D219C4F9AE02/5010A55A8C6411EE9E586967C4F9AE02.roa
File:                     5010A55A8C6411EE9E586967C4F9AE02.roa (raw, json)
Hash identifier:          cR9HV4rxiZkRev09g9uB9No5I0ecIOFxwxebh4lOO6g=
Subject key identifier:   E3:50:26:8D:5B:CD:F9:E9:45:E1:1B:37:AF:AE:DB:AC:62:28:AC:21
Certificate issuer:       /CN=A913B5C2/serialNumber=1EED263F0428D84E3FBE51753D16D4B3D62797C4
Certificate serial:       0671
Authority key identifier: 1E:ED:26:3F:04:28:D8:4E:3F:BE:51:75:3D:16:D4:B3:D6:27:97:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hu0mPwQo2E4_vlF1PRbUs9Ynl8Q.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913B5C2/779D04A0364111EB8499D219C4F9AE02/5010A55A8C6411EE9E586967C4F9AE02.roa
Signing time:             Thu 25 Apr 2024 00:02:07 +0000
ROA not before:           Thu 25 Apr 2024 00:02:07 +0000
ROA not after:            Wed 28 May 2025 00:00:00 +0000
asID:                     136416
IP address blocks:        103.86.200.0/22 maxlen: 24
                          2400:c740::/32 maxlen: 32
                          2400:c740::/36 maxlen: 36
                          2400:c740:1000::/36 maxlen: 36
                          2400:c740:2000::/36 maxlen: 36
                          2400:c740:3000::/36 maxlen: 36
                          2400:c740:4000::/36 maxlen: 36
                          2400:c740:5000::/36 maxlen: 36
                          2400:c740:6000::/36 maxlen: 36
                          2400:c740:7000::/36 maxlen: 36
                          2400:c740:8000::/36 maxlen: 36
                          2400:c740:9000::/36 maxlen: 36
                          2400:c740:a000::/36 maxlen: 36
                          2400:c740:b000::/36 maxlen: 36
                          2400:c740:c000::/36 maxlen: 36
                          2400:c740:d000::/36 maxlen: 36
                          2400:c740:e000::/36 maxlen: 36
                          2400:c740:f000::/36 maxlen: 36

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A913B5C2/779D04A0364111EB8499D219C4F9AE02/Hu0mPwQo2E4_vlF1PRbUs9Ynl8Q.crl
                          rsync://rpki.apnic.net/member_repository/A913B5C2/779D04A0364111EB8499D219C4F9AE02/Hu0mPwQo2E4_vlF1PRbUs9Ynl8Q.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hu0mPwQo2E4_vlF1PRbUs9Ynl8Q.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1649 (0x671)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913B5C2/serialNumber=1EED263F0428D84E3FBE51753D16D4B3D62797C4
        Validity
            Not Before: Apr 25 00:02:07 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=66299d7f-120f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:02:bb:04:eb:d9:7f:45:25:fc:9e:8f:41:ab:
                    60:66:ef:0d:30:1e:4b:71:52:1c:a0:26:73:7d:0a:
                    a7:ec:85:ea:79:34:dc:63:07:b0:4a:79:bf:02:a6:
                    29:58:ed:56:df:a4:61:4f:76:ca:5a:eb:d2:bc:c6:
                    d9:b6:45:ef:aa:d8:a5:ab:89:3a:09:fd:39:3b:f8:
                    4b:50:96:b4:a7:1f:6f:94:30:9b:f3:59:2b:55:2c:
                    88:79:66:b6:db:e0:cb:62:bb:15:87:44:73:25:cc:
                    7a:51:73:4e:06:d2:59:dd:06:f3:46:0f:33:7a:80:
                    07:94:65:0f:ee:fa:9c:75:43:86:75:f9:0c:3e:5e:
                    94:50:a3:79:e3:7b:1e:39:2b:7f:18:db:77:ad:8e:
                    41:01:3a:e7:2d:c2:7e:f9:13:ee:99:31:cf:76:29:
                    d2:55:d3:ff:79:84:4f:8a:0b:5d:c3:01:08:ae:18:
                    ec:33:fc:4c:0f:4f:3a:d4:e8:3e:cf:f6:73:c0:6b:
                    5d:68:a1:c9:94:71:72:a0:74:99:da:10:37:ee:74:
                    39:3c:6d:3f:78:6f:3b:ed:2d:b9:64:4b:10:de:92:
                    cc:69:97:5e:c2:5b:f2:5b:f8:56:17:bc:c8:86:06:
                    69:8f:14:26:b9:a0:62:34:b6:71:59:2a:a4:fe:83:
                    49:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:50:26:8D:5B:CD:F9:E9:45:E1:1B:37:AF:AE:DB:AC:62:28:AC:21
            X509v3 Authority Key Identifier:
                keyid:1E:ED:26:3F:04:28:D8:4E:3F:BE:51:75:3D:16:D4:B3:D6:27:97:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913B5C2/779D04A0364111EB8499D219C4F9AE02/Hu0mPwQo2E4_vlF1PRbUs9Ynl8Q.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hu0mPwQo2E4_vlF1PRbUs9Ynl8Q.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B5C2/779D04A0364111EB8499D219C4F9AE02/5010A55A8C6411EE9E586967C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.86.200.0/22
                IPv6:
                  2400:c740::/32

    Signature Algorithm: sha256WithRSAEncryption
         4b:2e:0a:8d:5b:b9:4b:23:57:84:29:6c:d7:51:c8:90:8e:b5:
         41:9f:6b:5c:df:ae:fc:37:f2:07:36:bd:54:22:c5:da:8c:81:
         9c:21:9b:50:9d:3f:b6:0d:24:6b:e0:c2:41:5f:dd:4a:c1:ad:
         e3:d8:35:14:68:40:71:3c:d2:9a:3a:2d:28:c9:13:a3:4d:d9:
         2e:67:34:ca:de:bb:0d:2e:a4:c5:3e:e6:0e:17:b2:15:48:ac:
         77:8f:04:51:10:f0:1c:54:e9:fc:08:4e:6a:d8:98:46:bd:96:
         aa:5a:1e:a8:bb:11:3e:63:d9:53:12:eb:bb:53:d4:d8:a3:af:
         3f:8f:9c:a3:6d:91:89:5b:f5:39:cc:ad:f9:f4:00:8b:c0:8e:
         4a:fc:f3:5e:ae:a6:e5:4a:f6:da:77:34:80:d5:6f:a1:e6:a2:
         ab:00:39:2c:61:04:9a:09:3b:32:c8:47:34:ef:42:0b:90:39:
         47:3f:49:74:eb:9e:14:34:47:7e:b7:26:59:e0:ac:3b:72:5c:
         e8:32:ff:24:40:1c:9a:5e:09:a4:4d:9b:dc:44:52:08:4e:fd:
         ad:69:2f:33:eb:a2:64:6f:ce:24:13:93:52:71:55:60:ac:92:
         b5:49:66:d7:ee:56:e5:f7:b0:0a:15:a7:3b:82:4f:bd:c3:3d:
         e0:32:b0:9a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBnEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0I1QzIxMTAvBgNVBAUTKDFFRUQyNjNGMDQyOEQ4NEUzRkJFNTE3NTNEMTZENEIz
RDYyNzk3QzQwHhcNMjQwNDI1MDAwMjA3WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjI5OWQ3Zi0xMjBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvAK7BOvZf0Ul/J6PQatgZu8NMB5LcVIcoCZzfQqn7IXqeTTcYwewSnm/AqYp
WO1W36RhT3bKWuvSvMbZtkXvqtilq4k6Cf05O/hLUJa0px9vlDCb81krVSyIeWa2
2+DLYrsVh0RzJcx6UXNOBtJZ3QbzRg8zeoAHlGUP7vqcdUOGdfkMPl6UUKN543se
OSt/GNt3rY5BATrnLcJ++RPumTHPdinSVdP/eYRPigtdwwEIrhjsM/xMD0861Og+
z/ZzwGtdaKHJlHFyoHSZ2hA37nQ5PG0/eG877S25ZEsQ3pLMaZdewlvyW/hWF7zI
hgZpjxQmuaBiNLZxWSqk/oNJHQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFONQJo1b
zfnpReEbN6+u26xiKKwhMB8GA1UdIwQYMBaAFB7tJj8EKNhOP75RdT0W1LPWJ5fE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjVDMi83NzlEMDRBMDM2
NDExMUVCODQ5OUQyMTlDNEY5QUUwMi9IdTBtUHdRbzJFNF92bEYxUFJiVXM5WW5s
OFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0h1MG1Qd1FvMkU0X3ZsRjFQUmJVczlZbmw4US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0I1QzIvNzc5RDA0QTAzNjQxMTFFQjg0OTlEMjE5QzRGOUFFMDIvNTAxMEE1NUE4
QzY0MTFFRTlFNTg2OTY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnVsgwDQQCAAIwBwMFACQAx0AwDQYJKoZIhvcNAQELBQAD
ggEBAEsuCo1buUsjV4QpbNdRyJCOtUGfa1zfrvw38gc2vVQixdqMgZwhm1CdP7YN
JGvgwkFf3UrBrePYNRRoQHE80po6LSjJE6NN2S5nNMreuw0upMU+5g4XshVIrHeP
BFEQ8BxU6fwITmrYmEa9lqpaHqi7ET5j2VMS67tT1Nijrz+PnKNtkYlb9TnMrfn0
AIvAjkr8816upuVK9tp3NIDVb6HmoqsAOSxhBJoJOzLIRzTvQguQOUc/SXTrnhQ0
R363JlngrDtyXOgy/yRAHJpeCaRNm9xEUghO/a1pLzPromRvziQTk1JxVWCskrVJ
ZtfuVuX3sAoVpzuCT73DPeAysJo=
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:08:38 2024 by rpki-client on console-ams.rpki-client.org