Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/4C4AC452D67911ECBFC6CB7BC4F9AE02.roa
File:                     4C4AC452D67911ECBFC6CB7BC4F9AE02.roa (raw, json)
Hash identifier:          SLXhqcH0+eY5P7a7Ugwrcuj5dGZJ47BHFJvVvaC/ZFk=
Subject key identifier:   84:B6:8B:BB:2D:B9:41:F3:78:F7:5D:52:05:D1:3D:31:27:4A:DA:DF
Certificate issuer:       /CN=A913B805/serialNumber=42D3ECB9C8570AB090EB601EDB3379C0D3D8A6D0
Certificate serial:       24CF
Authority key identifier: 42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/4C4AC452D67911ECBFC6CB7BC4F9AE02.roa
Signing time:             Tue 12 Mar 2024 18:26:42 +0000
ROA not before:           Tue 12 Mar 2024 18:26:41 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     4294960000
IP address blocks:        103.138.210.0/24 maxlen: 26

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.crl
                          rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 02 Apr 2024 18:23:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9423 (0x24cf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913B805/serialNumber=42D3ECB9C8570AB090EB601EDB3379C0D3D8A6D0
        Validity
            Not Before: Mar 12 18:26:41 2024 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=65f09e61-af0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:52:83:1f:ad:74:c5:d0:a3:ea:aa:6d:a3:ff:
                    53:6a:2f:3f:2e:17:83:72:e7:47:e5:9e:9a:14:3c:
                    cf:18:53:f2:6b:a7:81:d6:f9:31:e0:bb:9a:52:d4:
                    e0:99:02:e9:20:d9:c1:37:b1:53:ef:17:79:bb:7b:
                    b2:49:95:3e:5e:75:a7:0d:95:86:11:4e:cb:a6:70:
                    76:36:83:a0:b0:26:fe:c6:2d:26:a1:66:39:b0:e3:
                    6c:8f:19:dc:c1:98:23:5e:cf:e4:40:db:4b:77:f3:
                    18:15:92:fe:c2:5e:13:9a:28:a5:9a:ba:c9:f4:80:
                    51:24:af:79:fe:bf:bb:89:58:b7:5c:bc:f8:16:b0:
                    4e:b2:4d:22:a8:f1:51:bf:46:eb:0f:49:9b:21:da:
                    98:ca:a0:2c:ef:f0:e9:7b:af:a3:91:09:e2:a2:2e:
                    11:bb:f7:15:ad:9b:fe:0e:7e:02:24:16:a1:60:2c:
                    3f:7b:28:fe:ec:12:96:43:66:c5:a1:22:20:4d:8f:
                    58:86:b8:2e:55:b8:bf:97:56:69:32:97:cb:7e:b5:
                    58:77:4c:21:23:28:03:ac:08:ab:32:72:e2:0d:5a:
                    50:89:98:a0:5a:3b:e5:f3:87:48:46:84:36:98:e3:
                    d8:7b:ec:4c:75:cb:1f:88:3e:f6:d2:9a:bf:fa:e1:
                    4b:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:B6:8B:BB:2D:B9:41:F3:78:F7:5D:52:05:D1:3D:31:27:4A:DA:DF
            X509v3 Authority Key Identifier:
                keyid:42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/4C4AC452D67911ECBFC6CB7BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.138.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:68:5c:ac:d9:8e:00:df:ca:4f:de:ef:8e:19:05:81:df:78:
         b5:a4:96:1b:0b:c0:c8:b6:08:18:99:f0:f7:21:64:2a:b8:27:
         d5:28:76:fb:5a:26:0d:9e:5d:96:74:ed:b7:c4:52:8c:63:ee:
         04:bc:c2:99:16:ed:45:00:c4:60:98:19:d7:31:0e:e6:7b:8d:
         d1:5a:68:19:4a:38:cf:42:6f:3e:78:91:31:45:62:b0:30:86:
         d4:54:56:31:7e:fd:26:ac:d5:0c:22:26:5d:b0:56:82:ae:56:
         14:f6:e6:63:fe:5f:96:2c:2d:6c:7f:ac:d9:0b:60:f0:fa:1a:
         ad:51:79:e5:d0:58:89:d8:4c:bd:8a:8e:0e:72:3b:bb:e8:78:
         27:32:3c:b2:1b:5d:11:14:67:b9:c3:17:31:4a:50:3c:15:a6:
         67:6b:90:7a:ae:3a:5d:5d:d0:5f:5a:ce:84:6c:b0:5e:00:1b:
         9f:a0:3a:bc:b5:b6:b8:53:5e:3f:ec:32:18:1a:5e:86:7f:a5:
         dc:d3:dc:ca:10:88:c1:04:0f:36:e0:9c:00:68:f8:c5:d7:e9:
         23:03:ba:06:c5:81:fa:1c:4b:de:f7:79:9f:37:70:48:7c:b1:
         7a:65:61:5b:0e:09:f3:8d:70:9d:24:1f:48:b9:e9:1a:b6:0d:
         98:75:72:3d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJM8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0I4MDUxMTAvBgNVBAUTKDQyRDNFQ0I5Qzg1NzBBQjA5MEVCNjAxRURCMzM3OUMw
RDNEOEE2RDAwHhcNMjQwMzEyMTgyNjQxWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWYwOWU2MS1hZjBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwlKDH610xdCj6qpto/9Tai8/LheDcudH5Z6aFDzPGFPya6eB1vkx4LuaUtTg
mQLpINnBN7FT7xd5u3uySZU+XnWnDZWGEU7LpnB2NoOgsCb+xi0moWY5sONsjxnc
wZgjXs/kQNtLd/MYFZL+wl4TmiilmrrJ9IBRJK95/r+7iVi3XLz4FrBOsk0iqPFR
v0brD0mbIdqYyqAs7/Dpe6+jkQnioi4Ru/cVrZv+Dn4CJBahYCw/eyj+7BKWQ2bF
oSIgTY9YhrguVbi/l1ZpMpfLfrVYd0whIygDrAirMnLiDVpQiZigWjvl84dIRoQ2
mOPYe+xMdcsfiD720pq/+uFLUwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIS2i7st
uUHzePddUgXRPTEnStrfMB8GA1UdIwQYMBaAFELT7LnIVwqwkOtgHtszecDT2KbQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjgwNS9GODA3NkI4QTdC
N0IxMUU5OEI2RUMwNzRDNEY5QUUwMi9RdFBzdWNoWENyQ1E2MkFlMnpONXdOUFlw
dEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1F0UHN1Y2hYQ3JDUTYyQWUyek41d05QWXB0QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0I4MDUvRjgwNzZCOEE3QjdCMTFFOThCNkVDMDc0QzRGOUFFMDIvNEM0QUM0NTJE
Njc5MTFFQ0JGQzZDQjdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnitIwDQYJKoZIhvcNAQELBQADggEBAH1oXKzZjgDfyk/e
744ZBYHfeLWklhsLwMi2CBiZ8PchZCq4J9UodvtaJg2eXZZ07bfEUoxj7gS8wpkW
7UUAxGCYGdcxDuZ7jdFaaBlKOM9Cbz54kTFFYrAwhtRUVjF+/Sas1QwiJl2wVoKu
VhT25mP+X5YsLWx/rNkLYPD6Gq1ReeXQWInYTL2Kjg5yO7voeCcyPLIbXREUZ7nD
FzFKUDwVpmdrkHquOl1d0F9azoRssF4AG5+gOry1trhTXj/sMhgaXoZ/pdzT3MoQ
iMEEDzbgnABo+MXX6SMDugbFgfocS973eZ83cEh8sXplYVsOCfONcJ0kH0i56Rq2
DZh1cj0=
-----END CERTIFICATE-----
Generated at Tue Mar 26 21:06:54 2024 by rpki-client on console-fra.rpki-client.org