Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913E36B/7C2C6240A09111EAA9427C44C4F9AE02/20544B84F14511ECA1AE5F4EC4F9AE02.roa
File:                     20544B84F14511ECA1AE5F4EC4F9AE02.roa (raw, json)
Hash identifier:          TejrQZ9//dz8pw5abLLeeWWk5O7Slayjh+ANs1GKDDs=
Subject key identifier:   39:18:CE:BF:5E:3E:17:AF:DA:80:33:55:92:98:AF:CB:75:39:12:4A
Certificate issuer:       /CN=A913E36B/serialNumber=DFAD386CAC92348380C57492DB18F2BC849C5286
Certificate serial:       07BE
Authority key identifier: DF:AD:38:6C:AC:92:34:83:80:C5:74:92:DB:18:F2:BC:84:9C:52:86
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3604bKySNIOAxXSS2xjyvIScUoY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913E36B/7C2C6240A09111EAA9427C44C4F9AE02/20544B84F14511ECA1AE5F4EC4F9AE02.roa
Signing time:             Tue 06 Jun 2023 23:04:30 +0000
ROA not before:           Tue 06 Jun 2023 23:04:30 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     136933
IP address blocks:        103.151.45.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A913E36B/7C2C6240A09111EAA9427C44C4F9AE02/3604bKySNIOAxXSS2xjyvIScUoY.crl
                          rsync://rpki.apnic.net/member_repository/A913E36B/7C2C6240A09111EAA9427C44C4F9AE02/3604bKySNIOAxXSS2xjyvIScUoY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3604bKySNIOAxXSS2xjyvIScUoY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 21:07:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1982 (0x7be)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913E36B/serialNumber=DFAD386CAC92348380C57492DB18F2BC849C5286
        Validity
            Not Before: Jun  6 23:04:30 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=647fbb7e-71d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:5b:c2:50:f4:ac:fe:64:fb:1c:2d:e2:d3:97:
                    22:70:5e:f1:43:d6:f7:f1:f8:73:e8:de:6f:25:26:
                    d3:cf:3c:3e:c3:3a:ab:af:8b:43:ee:11:c7:e6:d0:
                    49:d0:91:c1:8c:65:f1:f6:f1:39:9f:c8:27:61:45:
                    1e:ef:d9:1b:8f:ad:8e:52:00:4c:b4:72:05:1f:8d:
                    28:26:52:e1:51:fd:41:68:65:80:d3:1e:e1:fe:c2:
                    ef:db:71:5d:f8:90:37:a4:c5:70:c2:1a:27:ca:0d:
                    89:23:32:3f:84:ba:56:9e:f1:31:9f:8c:42:1e:91:
                    43:9d:04:71:cf:00:9b:19:45:49:c5:26:f2:6b:2f:
                    6b:39:db:2d:4c:ac:62:c8:d4:dc:71:ad:03:81:d5:
                    49:28:c7:8a:59:44:c2:38:f1:00:10:44:ea:ec:2f:
                    9c:59:eb:97:ba:d2:15:af:31:ce:c2:f3:5c:da:a6:
                    ba:40:a1:cf:ba:c3:8d:17:e2:d4:b5:1b:f4:f4:04:
                    a5:8b:bc:71:b1:84:d1:af:37:0a:b9:42:e0:3a:6a:
                    57:e5:60:9d:98:07:09:91:a2:96:10:61:5d:d8:ea:
                    a6:1b:f3:59:08:21:67:44:55:ef:22:07:26:84:58:
                    70:b5:62:51:38:f2:86:4b:b8:b1:a3:3f:37:30:9c:
                    b6:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:18:CE:BF:5E:3E:17:AF:DA:80:33:55:92:98:AF:CB:75:39:12:4A
            X509v3 Authority Key Identifier:
                keyid:DF:AD:38:6C:AC:92:34:83:80:C5:74:92:DB:18:F2:BC:84:9C:52:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913E36B/7C2C6240A09111EAA9427C44C4F9AE02/3604bKySNIOAxXSS2xjyvIScUoY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3604bKySNIOAxXSS2xjyvIScUoY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E36B/7C2C6240A09111EAA9427C44C4F9AE02/20544B84F14511ECA1AE5F4EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.151.45.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:b0:63:3e:76:a5:ec:9f:b0:ea:7b:7e:5b:3e:d2:47:9a:bf:
         c9:f8:f0:76:7e:bb:e0:43:9c:f2:0f:89:8f:1a:da:25:0f:90:
         34:5d:e1:3e:b2:2c:72:39:3c:e8:77:11:cc:02:3b:6c:9a:26:
         19:34:c1:55:45:9f:c5:76:da:ea:b3:ba:a9:fa:f9:ca:f4:95:
         00:c5:6c:b9:12:5d:57:31:bc:8b:cb:73:f0:54:fb:64:3f:1c:
         1a:89:b3:16:d5:4b:d4:bf:e1:2b:bd:5d:54:ac:2d:04:2e:a9:
         ad:cd:2e:6a:aa:e0:c8:70:6d:6f:ca:57:c6:8b:e8:b3:28:df:
         ab:ea:00:12:15:23:40:4b:56:5a:e2:69:87:89:e3:03:e2:68:
         c2:22:15:6c:a2:71:e6:f3:c3:e9:6e:f3:4e:d7:10:30:ee:37:
         8a:a8:d6:5a:d3:ad:b2:5b:94:d7:fd:d7:d1:c9:a2:00:4a:1a:
         3a:7c:74:a9:d5:a5:8f:78:e1:e7:bb:f8:21:05:47:3a:75:5d:
         49:37:81:84:23:7c:94:49:05:c7:e8:69:89:47:7c:69:a8:96:
         cf:38:11:25:27:4e:39:ef:04:88:c6:59:9d:ed:d1:c5:3b:46:
         bc:28:75:db:2c:55:4e:c5:31:a6:9e:24:d3:c3:5b:be:99:aa:
         eb:eb:ef:d6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB74wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0UzNkIxMTAvBgNVBAUTKERGQUQzODZDQUM5MjM0ODM4MEM1NzQ5MkRCMThGMkJD
ODQ5QzUyODYwHhcNMjMwNjA2MjMwNDMwWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdmYmI3ZS03MWQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAslvCUPSs/mT7HC3i05cicF7xQ9b38fhz6N5vJSbTzzw+wzqrr4tD7hHH5tBJ
0JHBjGXx9vE5n8gnYUUe79kbj62OUgBMtHIFH40oJlLhUf1BaGWA0x7h/sLv23Fd
+JA3pMVwwhonyg2JIzI/hLpWnvExn4xCHpFDnQRxzwCbGUVJxSbyay9rOdstTKxi
yNTcca0DgdVJKMeKWUTCOPEAEETq7C+cWeuXutIVrzHOwvNc2qa6QKHPusONF+LU
tRv09ASli7xxsYTRrzcKuULgOmpX5WCdmAcJkaKWEGFd2OqmG/NZCCFnRFXvIgcm
hFhwtWJROPKGS7ixoz83MJy28QIDAQABo4IClTCCApEwHQYDVR0OBBYEFDkYzr9e
Phev2oAzVZKYr8t1ORJKMB8GA1UdIwQYMBaAFN+tOGyskjSDgMV0ktsY8ryEnFKG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRTM2Qi83QzJDNjI0MEEw
OTExMUVBQTk0MjdDNDRDNEY5QUUwMi8zNjA0Ykt5U05JT0F4WFNTMnhqeXZJU2NV
b1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzM2MDRiS3lTTklPQXhYU1MyeGp5dklTY1VvWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0UzNkIvN0MyQzYyNDBBMDkxMTFFQUE5NDI3QzQ0QzRGOUFFMDIvMjA1NDRCODRG
MTQ1MTFFQ0ExQUU1RjRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnly0wDQYJKoZIhvcNAQELBQADggEBAKmwYz52peyfsOp7
fls+0keav8n48HZ+u+BDnPIPiY8a2iUPkDRd4T6yLHI5POh3EcwCO2yaJhk0wVVF
n8V22uqzuqn6+cr0lQDFbLkSXVcxvIvLc/BU+2Q/HBqJsxbVS9S/4Su9XVSsLQQu
qa3NLmqq4MhwbW/KV8aL6LMo36vqABIVI0BLVlriaYeJ4wPiaMIiFWyicebzw+lu
807XEDDuN4qo1lrTrbJblNf919HJogBKGjp8dKnVpY944ee7+CEFRzp1XUk3gYQj
fJRJBcfoaYlHfGmols84ESUnTjnvBIjGWZ3t0cU7RrwoddssVU7FMaaeJNPDW76Z
quvr79Y=
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:24:00 2024 by rpki-client on console-fra.rpki-client.org