Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91499BB/AB1CAC86609711E8B74A861AC4F9AE02/5F150B08D48611E9A4473984C4F9AE02.roa
File:                     5F150B08D48611E9A4473984C4F9AE02.roa (raw, json)
Hash identifier:          3TAeoADoUSB3POhUma+elKDotqf5jHNMzMECIe1qOeA=
Subject key identifier:   88:E5:C8:9A:56:68:98:F9:EC:E6:A1:65:AE:F5:60:E4:C2:93:41:6E
Certificate issuer:       /CN=A91499BB/serialNumber=F0EB3D11F0ECAE6873695D5ACFB7B4ADC55F3458
Certificate serial:       139A
Authority key identifier: F0:EB:3D:11:F0:EC:AE:68:73:69:5D:5A:CF:B7:B4:AD:C5:5F:34:58
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Os9EfDsrmhzaV1az7e0rcVfNFg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91499BB/AB1CAC86609711E8B74A861AC4F9AE02/5F150B08D48611E9A4473984C4F9AE02.roa
Signing time:             Wed 20 Dec 2023 17:44:53 +0000
ROA not before:           Wed 20 Dec 2023 17:44:53 +0000
ROA not after:            Sun 02 Mar 2025 00:00:00 +0000
asID:                     38203
IP address blocks:        103.81.172.0/22 maxlen: 22
                          103.81.172.0/24 maxlen: 24
                          103.81.173.0/24 maxlen: 24
                          103.81.174.0/24 maxlen: 24
                          103.81.175.0/24 maxlen: 24
                          203.194.116.0/22 maxlen: 22
                          203.194.116.0/24 maxlen: 24
                          203.194.117.0/24 maxlen: 24
                          203.194.118.0/24 maxlen: 24
                          203.194.119.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91499BB/AB1CAC86609711E8B74A861AC4F9AE02/8Os9EfDsrmhzaV1az7e0rcVfNFg.crl
                          rsync://rpki.apnic.net/member_repository/A91499BB/AB1CAC86609711E8B74A861AC4F9AE02/8Os9EfDsrmhzaV1az7e0rcVfNFg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Os9EfDsrmhzaV1az7e0rcVfNFg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 29 Jun 2024 17:16:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5018 (0x139a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91499BB/serialNumber=F0EB3D11F0ECAE6873695D5ACFB7B4ADC55F3458
        Validity
            Not Before: Dec 20 17:44:53 2023 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=65832814-02fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:08:12:67:28:13:fd:9e:05:7d:b9:59:29:aa:
                    18:6c:69:cd:4f:60:90:5d:14:a6:6e:b6:e0:db:23:
                    fb:a2:42:07:6d:b9:68:19:4a:10:24:9c:bd:bb:f3:
                    3d:f9:8f:b0:45:07:a2:69:d2:f7:df:bd:42:ed:71:
                    15:a3:57:1a:8f:c0:a4:cb:ef:3c:a2:30:8f:93:23:
                    b5:e3:f1:ca:2c:b5:e5:88:48:89:83:89:65:52:9f:
                    07:f8:af:03:18:88:59:58:47:3c:9b:ae:e1:1c:a0:
                    b6:a6:67:f9:a7:49:1c:1c:da:99:c3:ff:d8:7c:34:
                    d8:70:1a:70:cb:cf:2a:8e:e6:6f:cd:19:27:3f:72:
                    4d:82:d9:33:7d:58:7d:02:32:31:a6:a3:80:9a:b9:
                    d7:f0:fd:86:6d:45:06:86:ff:09:cf:a6:df:48:6b:
                    fe:83:91:8c:62:ba:c3:0c:e5:bf:e8:4f:6e:c9:2f:
                    70:c2:ce:96:72:53:d9:89:84:34:a3:50:0e:fc:61:
                    40:72:a2:25:0a:93:43:18:22:db:de:b7:9e:29:88:
                    09:ad:b2:d2:9e:c5:63:13:07:50:47:94:16:d2:ee:
                    9f:97:f1:cb:42:13:87:1d:da:1f:f4:6d:04:d8:ce:
                    34:07:cf:4d:ca:f4:65:5e:cf:78:e3:3b:e3:6d:46:
                    af:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:E5:C8:9A:56:68:98:F9:EC:E6:A1:65:AE:F5:60:E4:C2:93:41:6E
            X509v3 Authority Key Identifier:
                keyid:F0:EB:3D:11:F0:EC:AE:68:73:69:5D:5A:CF:B7:B4:AD:C5:5F:34:58

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91499BB/AB1CAC86609711E8B74A861AC4F9AE02/8Os9EfDsrmhzaV1az7e0rcVfNFg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Os9EfDsrmhzaV1az7e0rcVfNFg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91499BB/AB1CAC86609711E8B74A861AC4F9AE02/5F150B08D48611E9A4473984C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.81.172.0/22
                  203.194.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         60:e9:0f:a4:d3:00:33:3a:94:c1:d4:1e:f0:ce:56:19:d8:dd:
         78:6a:a7:ec:dd:10:d1:40:ff:36:80:71:47:e8:73:d7:db:0b:
         09:ff:1a:82:5f:4f:3b:20:64:fc:4d:3e:2f:54:5e:52:74:64:
         e8:2c:4a:ee:c3:d5:1d:8a:ee:fa:d0:cd:fc:f6:ac:db:2a:1d:
         cc:1e:2b:4f:a3:6b:8a:61:87:fe:2e:0d:84:0c:bb:3c:9a:68:
         70:41:70:44:0c:85:ec:ca:90:0c:1c:0f:88:c0:40:2b:a1:7f:
         9d:a0:45:3c:4c:31:c5:16:42:d4:2c:7a:cb:98:51:96:57:d0:
         b9:f2:52:e7:78:65:17:68:6a:f1:3f:78:a9:fd:a1:34:d3:ba:
         e7:c5:d9:03:a4:9a:29:8c:38:6b:63:e8:e1:f2:cc:75:bd:74:
         1c:9d:03:af:54:29:78:fd:a7:0d:88:2a:55:b9:0e:16:da:97:
         22:70:e4:20:6a:8d:1b:82:6c:0b:4d:c1:e1:ca:81:cb:b0:15:
         d2:a4:93:d9:a9:b6:7c:11:5f:3e:af:3f:b7:fa:23:df:21:14:
         02:bf:b0:bc:32:29:f4:bf:13:2d:25:d5:38:42:d6:83:95:b0:
         9e:a0:e5:4a:7c:dc:80:0f:c0:47:4b:13:cd:58:ad:98:42:3a:
         2a:7e:d3:27
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICE5owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDk5QkIxMTAvBgNVBAUTKEYwRUIzRDExRjBFQ0FFNjg3MzY5NUQ1QUNGQjdCNEFE
QzU1RjM0NTgwHhcNMjMxMjIwMTc0NDUzWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTgzMjgxNC0wMmZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6QgSZygT/Z4FfblZKaoYbGnNT2CQXRSmbrbg2yP7okIHbbloGUoQJJy9u/M9
+Y+wRQeiadL3371C7XEVo1caj8Cky+88ojCPkyO14/HKLLXliEiJg4llUp8H+K8D
GIhZWEc8m67hHKC2pmf5p0kcHNqZw//YfDTYcBpwy88qjuZvzRknP3JNgtkzfVh9
AjIxpqOAmrnX8P2GbUUGhv8Jz6bfSGv+g5GMYrrDDOW/6E9uyS9wws6WclPZiYQ0
o1AO/GFAcqIlCpNDGCLb3reeKYgJrbLSnsVjEwdQR5QW0u6fl/HLQhOHHdof9G0E
2M40B89NyvRlXs944zvjbUavxQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIjlyJpW
aJj57OahZa71YOTCk0FuMB8GA1UdIwQYMBaAFPDrPRHw7K5oc2ldWs+3tK3FXzRY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OTlCQi9BQjFDQUM4NjYw
OTcxMUU4Qjc0QTg2MUFDNEY5QUUwMi84T3M5RWZEc3JtaHphVjFhejdlMHJjVmZO
RmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhPczlFZkRzcm1oemFWMWF6N2UwcmNWZk5GZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDk5QkIvQUIxQ0FDODY2MDk3MTFFOEI3NEE4NjFBQzRGOUFFMDIvNUYxNTBCMDhE
NDg2MTFFOUE0NDczOTg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnUawDBALLwnQwDQYJKoZIhvcNAQELBQADggEBAGDpD6TT
ADM6lMHUHvDOVhnY3Xhqp+zdENFA/zaAcUfoc9fbCwn/GoJfTzsgZPxNPi9UXlJ0
ZOgsSu7D1R2K7vrQzfz2rNsqHcweK0+ja4phh/4uDYQMuzyaaHBBcEQMhezKkAwc
D4jAQCuhf52gRTxMMcUWQtQsesuYUZZX0LnyUud4ZRdoavE/eKn9oTTTuufF2QOk
mimMOGtj6OHyzHW9dBydA69UKXj9pw2IKlW5DhbalyJw5CBqjRuCbAtNweHKgcuw
FdKkk9mptnwRXz6vP7f6I98hFAK/sLwyKfS/Ey0l1ThC1oOVsJ6g5Up83IAPwEdL
E81YrZhCOip+0yc=
-----END CERTIFICATE-----
Generated at Sat Jun 22 20:37:43 2024 by rpki-client on console-ams.rpki-client.org