Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A914A0CB/E5C3AE9C5A1911E681B8C10FC4F9AE02/7CB48FB0EA9411EAB77B1C69C4F9AE02.roa
File:                     7CB48FB0EA9411EAB77B1C69C4F9AE02.roa (raw, json)
Hash identifier:          NJFUwrppMcdU/f2soCnzh8F94AFSgqwu8og6TAE+osA=
Subject key identifier:   D6:A3:38:2C:3D:85:06:18:D6:F5:12:BF:A8:10:FF:03:1D:C9:5C:9C
Certificate issuer:       /CN=A914A0CB/serialNumber=18056DEB580E3574F1483E669C5AA42E584ECEBB
Certificate serial:       1E10
Authority key identifier: 18:05:6D:EB:58:0E:35:74:F1:48:3E:66:9C:5A:A4:2E:58:4E:CE:BB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GAVt61gONXTxSD5mnFqkLlhOzrs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914A0CB/E5C3AE9C5A1911E681B8C10FC4F9AE02/7CB48FB0EA9411EAB77B1C69C4F9AE02.roa
Signing time:             Wed 24 Jan 2024 16:43:32 +0000
ROA not before:           Wed 24 Jan 2024 16:43:32 +0000
ROA not after:            Mon 31 Mar 2025 00:00:00 +0000
asID:                     17423
IP address blocks:        202.131.127.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914A0CB/E5C3AE9C5A1911E681B8C10FC4F9AE02/GAVt61gONXTxSD5mnFqkLlhOzrs.crl
                          rsync://rpki.apnic.net/member_repository/A914A0CB/E5C3AE9C5A1911E681B8C10FC4F9AE02/GAVt61gONXTxSD5mnFqkLlhOzrs.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GAVt61gONXTxSD5mnFqkLlhOzrs.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 16:03:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7696 (0x1e10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914A0CB/serialNumber=18056DEB580E3574F1483E669C5AA42E584ECEBB
        Validity
            Not Before: Jan 24 16:43:32 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=65b13e34-1efd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:84:c5:28:f5:3d:75:52:4d:dc:c3:50:d4:1f:
                    4a:91:84:19:c0:96:71:aa:5c:1e:42:a5:92:bf:c0:
                    04:ae:d3:8a:fb:95:52:9c:de:19:76:47:57:9f:f7:
                    d6:29:7b:47:25:2a:2f:b2:f2:89:7b:13:81:a9:e4:
                    5b:19:c1:9f:ee:38:28:85:9a:70:60:a9:79:a2:6e:
                    d6:60:39:71:b1:c9:82:38:f4:14:72:3b:71:7f:05:
                    84:15:47:3e:83:4e:ee:81:d0:8b:7b:ad:3c:e6:f1:
                    16:86:c8:2a:f4:4e:a4:a1:1e:8b:6d:d9:18:f8:26:
                    96:41:78:d1:b1:bb:bf:23:01:f9:ec:2d:de:4f:3b:
                    53:bd:ae:6a:0b:df:52:56:e1:90:5d:da:66:49:14:
                    55:ac:0d:18:d6:93:eb:38:08:a8:d7:7e:df:ce:40:
                    dd:1e:e2:8f:8b:72:40:9b:a9:30:48:18:d3:57:20:
                    2f:29:4b:c6:11:67:11:3d:ea:64:97:eb:05:ea:bb:
                    7e:72:ea:d0:d7:82:a3:d3:78:a9:91:76:ee:22:e9:
                    0f:05:ab:f4:f6:e9:1e:0d:c7:9c:a3:ee:db:1f:70:
                    24:10:ce:1b:1c:0e:0e:35:49:f5:d5:67:2f:49:80:
                    9e:9e:ff:4d:1a:96:cf:b0:5d:08:0e:f7:9e:2b:41:
                    b0:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:A3:38:2C:3D:85:06:18:D6:F5:12:BF:A8:10:FF:03:1D:C9:5C:9C
            X509v3 Authority Key Identifier:
                keyid:18:05:6D:EB:58:0E:35:74:F1:48:3E:66:9C:5A:A4:2E:58:4E:CE:BB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914A0CB/E5C3AE9C5A1911E681B8C10FC4F9AE02/GAVt61gONXTxSD5mnFqkLlhOzrs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GAVt61gONXTxSD5mnFqkLlhOzrs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914A0CB/E5C3AE9C5A1911E681B8C10FC4F9AE02/7CB48FB0EA9411EAB77B1C69C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.131.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:3e:94:17:c1:cd:d9:f8:3e:8c:1e:ce:61:a8:48:b5:f7:f8:
         e5:ba:21:11:1d:b5:8b:74:c5:40:4a:40:e5:91:9e:f7:b1:eb:
         9d:a5:0e:81:ed:2b:52:f2:ee:52:09:0e:5f:55:fe:91:b5:f2:
         42:2c:a5:6e:3d:fa:fe:15:66:33:d1:65:18:79:eb:7e:c5:49:
         16:1d:ea:21:6e:ab:24:49:7c:7c:dc:34:41:c7:9e:e8:80:5b:
         4d:d6:49:ca:a6:6c:ec:b4:f8:88:73:a2:67:69:8a:66:91:d2:
         89:5a:69:c1:9d:1a:d0:2f:67:48:fd:27:0f:42:ed:5c:f0:1b:
         e8:3e:0e:7e:22:47:b1:ec:67:80:f2:7a:9e:43:f4:16:f3:63:
         b9:f8:a5:f2:7c:99:b6:53:32:3e:e7:f0:30:39:8b:36:81:d6:
         07:0e:a5:5e:95:f2:d4:78:d7:3a:69:22:af:c4:1d:fb:f0:d9:
         2f:9f:12:c8:13:f4:70:53:4f:43:f9:91:c8:85:66:52:31:f5:
         e5:ba:f3:b4:8f:6a:d3:63:d7:17:59:bf:bc:4a:7c:8e:e0:34:
         0b:2b:51:a6:d5:fd:e0:db:8c:78:a4:af:10:97:bf:d7:86:1b:
         fc:6e:83:89:c8:2a:44:53:8c:e7:b3:58:f1:b1:90:f5:48:38:
         4f:3b:ea:6c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICHhAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEEwQ0IxMTAvBgNVBAUTKDE4MDU2REVCNTgwRTM1NzRGMTQ4M0U2NjlDNUFBNDJF
NTg0RUNFQkIwHhcNMjQwMTI0MTY0MzMyWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWIxM2UzNC0xZWZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA24TFKPU9dVJN3MNQ1B9KkYQZwJZxqlweQqWSv8AErtOK+5VSnN4ZdkdXn/fW
KXtHJSovsvKJexOBqeRbGcGf7jgohZpwYKl5om7WYDlxscmCOPQUcjtxfwWEFUc+
g07ugdCLe6085vEWhsgq9E6koR6LbdkY+CaWQXjRsbu/IwH57C3eTztTva5qC99S
VuGQXdpmSRRVrA0Y1pPrOAio137fzkDdHuKPi3JAm6kwSBjTVyAvKUvGEWcRPepk
l+sF6rt+curQ14Kj03ipkXbuIukPBav09ukeDceco+7bH3AkEM4bHA4ONUn11Wcv
SYCenv9NGpbPsF0IDveeK0GwfwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNajOCw9
hQYY1vUSv6gQ/wMdyVycMB8GA1UdIwQYMBaAFBgFbetYDjV08Ug+ZpxapC5YTs67
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QTBDQi9FNUMzQUU5QzVB
MTkxMUU2ODFCOEMxMEZDNEY5QUUwMi9HQVZ0NjFnT05YVHhTRDVtbkZxa0xsaE96
cnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dBVnQ2MWdPTlhUeFNENW1uRnFrTGxoT3pycy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEEwQ0IvRTVDM0FFOUM1QTE5MTFFNjgxQjhDMTBGQzRGOUFFMDIvN0NCNDhGQjBF
QTk0MTFFQUI3N0IxQzY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKg38wDQYJKoZIhvcNAQELBQADggEBAD8+lBfBzdn4Powe
zmGoSLX3+OW6IREdtYt0xUBKQOWRnvex652lDoHtK1Ly7lIJDl9V/pG18kIspW49
+v4VZjPRZRh5637FSRYd6iFuqyRJfHzcNEHHnuiAW03WScqmbOy0+IhzomdpimaR
0olaacGdGtAvZ0j9Jw9C7VzwG+g+Dn4iR7HsZ4Dyep5D9BbzY7n4pfJ8mbZTMj7n
8DA5izaB1gcOpV6V8tR41zppIq/EHfvw2S+fEsgT9HBTT0P5kciFZlIx9eW687SP
atNj1xdZv7xKfI7gNAsrUabV/eDbjHikrxCXv9eGG/xug4nIKkRTjOezWPGxkPVI
OE876mw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:01 2024 by rpki-client on console-ams.rpki-client.org