Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A914A814/D38A1912745E11EDBA688514C4F9AE02/29FFF260669111EE8D5C864EC4F9AE02.roa
File:                     29FFF260669111EE8D5C864EC4F9AE02.roa (raw, json)
Hash identifier:          3pHN2fqKLyseaZ6WyOFdERsAWtwGnuD8JCF2gN634Ws=
Subject key identifier:   4B:6C:41:2E:CF:1B:7A:E4:1E:E3:4C:F2:DE:38:CD:84:FA:C0:00:49
Certificate issuer:       /CN=A914A814/serialNumber=5C056B8061A8622C2C06BB85786E9DC613614BCA
Certificate serial:       0175
Authority key identifier: 5C:05:6B:80:61:A8:62:2C:2C:06:BB:85:78:6E:9D:C6:13:61:4B:CA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAVrgGGoYiwsBruFeG6dxhNhS8o.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914A814/D38A1912745E11EDBA688514C4F9AE02/29FFF260669111EE8D5C864EC4F9AE02.roa
Signing time:             Tue 27 Aug 2024 04:17:07 +0000
ROA not before:           Tue 27 Aug 2024 04:17:07 +0000
ROA not after:            Fri 31 Oct 2025 00:00:00 +0000
asID:                     212609
IP address blocks:        103.230.11.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914A814/D38A1912745E11EDBA688514C4F9AE02/XAVrgGGoYiwsBruFeG6dxhNhS8o.crl
                          rsync://rpki.apnic.net/member_repository/A914A814/D38A1912745E11EDBA688514C4F9AE02/XAVrgGGoYiwsBruFeG6dxhNhS8o.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAVrgGGoYiwsBruFeG6dxhNhS8o.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 18 Dec 2024 02:20:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 373 (0x175)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914A814/serialNumber=5C056B8061A8622C2C06BB85786E9DC613614BCA
        Validity
            Not Before: Aug 27 04:17:07 2024 GMT
            Not After : Oct 31 00:00:00 2025 GMT
        Subject: CN=66cd5343-c724
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:50:c6:57:97:53:75:be:cd:57:e7:f2:11:bf:
                    bb:3f:2b:40:9e:b5:1a:c4:4b:ce:55:14:88:35:3d:
                    84:ac:13:31:09:c9:00:ed:4a:16:39:8e:33:59:4a:
                    8a:94:44:d0:cd:e5:53:fb:3f:47:75:a9:c8:67:5f:
                    53:72:15:08:4a:58:cd:6e:a5:f4:21:62:e6:17:89:
                    a8:33:08:4d:0f:27:6f:5d:c8:fd:1f:9b:7a:aa:19:
                    53:dc:35:14:41:59:38:dc:d9:0a:f8:f7:ad:45:09:
                    07:b7:64:29:e4:59:32:34:1a:a5:77:c1:74:6d:ca:
                    73:53:13:eb:00:9b:7c:b8:da:96:1e:49:ee:93:50:
                    c7:30:a8:e0:94:85:e9:96:63:bd:57:c3:b4:72:9c:
                    37:ae:64:4b:f4:f7:4c:64:b2:8f:71:ac:80:39:9b:
                    0b:37:2e:7b:36:4f:e6:f4:0f:25:45:d1:3d:a7:3c:
                    ec:1a:e7:c2:31:f7:6a:d8:f7:9a:f9:87:3f:66:79:
                    16:d9:74:6a:5e:c6:b9:9d:a6:38:1f:f3:d8:fa:64:
                    bf:0d:64:97:4a:cc:e9:67:de:3d:6c:b7:aa:87:c3:
                    38:68:f5:e7:81:69:b6:3b:27:4a:52:36:06:78:f7:
                    52:0d:4e:be:77:ba:2d:be:87:4f:82:40:a7:89:f7:
                    99:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:6C:41:2E:CF:1B:7A:E4:1E:E3:4C:F2:DE:38:CD:84:FA:C0:00:49
            X509v3 Authority Key Identifier:
                keyid:5C:05:6B:80:61:A8:62:2C:2C:06:BB:85:78:6E:9D:C6:13:61:4B:CA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914A814/D38A1912745E11EDBA688514C4F9AE02/XAVrgGGoYiwsBruFeG6dxhNhS8o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAVrgGGoYiwsBruFeG6dxhNhS8o.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914A814/D38A1912745E11EDBA688514C4F9AE02/29FFF260669111EE8D5C864EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.230.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:45:54:78:41:14:ae:89:79:3c:6d:ba:27:20:7f:e9:c7:2b:
         94:2d:42:3c:ad:6b:f3:1f:61:c7:c4:d7:ce:b6:4e:d8:ea:7e:
         2e:f4:0f:43:b3:06:d2:ca:38:89:ea:5b:dc:7a:f8:dd:27:8c:
         7a:c2:3a:89:09:7b:cb:1b:67:56:2f:81:15:9c:e9:9c:83:93:
         89:e7:03:39:93:bc:23:a6:7d:86:60:cd:2b:dd:22:60:3e:17:
         7a:3f:9a:75:dc:f6:41:d0:2a:03:2d:93:5d:1b:16:37:91:12:
         2f:4b:05:5a:7e:e8:4f:91:95:a1:26:c9:cf:e9:e1:98:da:47:
         1a:5c:a9:03:9e:ca:3a:97:71:ba:7e:04:41:45:37:f8:8e:8f:
         25:b4:31:34:0e:60:21:c6:60:9c:84:dd:1a:7a:c8:79:8b:d0:
         84:00:ec:85:83:e7:c8:ec:a9:10:d4:bc:9f:d7:df:a8:70:ec:
         cf:78:ca:5b:ea:92:bf:2a:56:01:5c:0d:e0:2c:67:bc:7c:1e:
         45:0c:21:8e:07:ed:d2:b1:c8:5b:38:1d:d1:ba:64:2c:4b:8a:
         47:b9:a7:0f:43:08:63:00:70:8f:42:c8:84:0c:7a:10:a0:6b:
         7d:ba:de:f6:c0:ba:71:27:02:a4:a8:54:3a:22:c7:0b:74:c5:
         d6:15:50:2c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAXUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEE4MTQxMTAvBgNVBAUTKDVDMDU2QjgwNjFBODYyMkMyQzA2QkI4NTc4NkU5REM2
MTM2MTRCQ0EwHhcNMjQwODI3MDQxNzA3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmNkNTM0My1jNzI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq1DGV5dTdb7NV+fyEb+7PytAnrUaxEvOVRSINT2ErBMxCckA7UoWOY4zWUqK
lETQzeVT+z9HdanIZ19TchUISljNbqX0IWLmF4moMwhNDydvXcj9H5t6qhlT3DUU
QVk43NkK+PetRQkHt2Qp5FkyNBqld8F0bcpzUxPrAJt8uNqWHknuk1DHMKjglIXp
lmO9V8O0cpw3rmRL9PdMZLKPcayAOZsLNy57Nk/m9A8lRdE9pzzsGufCMfdq2Pea
+Yc/ZnkW2XRqXsa5naY4H/PY+mS/DWSXSszpZ949bLeqh8M4aPXngWm2OydKUjYG
ePdSDU6+d7otvodPgkCnifeZqwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEtsQS7P
G3rkHuNM8t44zYT6wABJMB8GA1UdIwQYMBaAFFwFa4BhqGIsLAa7hXhuncYTYUvK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QTgxNC9EMzhBMTkxMjc0
NUUxMUVEQkE2ODg1MTRDNEY5QUUwMi9YQVZyZ0dHb1lpd3NCcnVGZUc2ZHhoTmhT
OG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hBVnJnR0dvWWl3c0JydUZlRzZkeGhOaFM4by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEE4MTQvRDM4QTE5MTI3NDVFMTFFREJBNjg4NTE0QzRGOUFFMDIvMjlGRkYyNjA2
NjkxMTFFRThENUM4NjRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn5gswDQYJKoZIhvcNAQELBQADggEBAK9FVHhBFK6JeTxt
uicgf+nHK5QtQjyta/MfYcfE1862Ttjqfi70D0OzBtLKOInqW9x6+N0njHrCOokJ
e8sbZ1YvgRWc6ZyDk4nnAzmTvCOmfYZgzSvdImA+F3o/mnXc9kHQKgMtk10bFjeR
Ei9LBVp+6E+RlaEmyc/p4ZjaRxpcqQOeyjqXcbp+BEFFN/iOjyW0MTQOYCHGYJyE
3Rp6yHmL0IQA7IWD58jsqRDUvJ/X36hw7M94ylvqkr8qVgFcDeAsZ7x8HkUMIY4H
7dKxyFs4HdG6ZCxLike5pw9DCGMAcI9CyIQMehCga3263vbAunEnAqSoVDoixwt0
xdYVUCw=
-----END CERTIFICATE-----
Generated at Wed Dec 11 03:38:56 2024 by rpki-client on console-fra.rpki-client.org