Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A914BFE5/9DAF486EDDEB11EAB30ED921C4F9AE02/C664689AE0F511EABB96D531C4F9AE02.roa
File:                     C664689AE0F511EABB96D531C4F9AE02.roa (raw, json)
Hash identifier:          CK9hXokHqXUQ1+WjRLt07/+QmAMxosQexl/fCLxE9u4=
Subject key identifier:   60:36:CF:B8:67:B8:C2:0E:C5:D2:60:5A:F7:3B:F8:12:F1:55:82:6F
Certificate issuer:       /CN=A914BFE5/serialNumber=78A9977FFB47AF3EC1E946BC10F81376949EBEC2
Certificate serial:       06AF
Authority key identifier: 78:A9:97:7F:FB:47:AF:3E:C1:E9:46:BC:10:F8:13:76:94:9E:BE:C2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eKmXf_tHrz7B6Ua8EPgTdpSevsI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914BFE5/9DAF486EDDEB11EAB30ED921C4F9AE02/C664689AE0F511EABB96D531C4F9AE02.roa
Signing time:             Tue 11 Jul 2023 22:57:45 +0000
ROA not before:           Tue 11 Jul 2023 22:57:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        103.152.248.0/24 maxlen: 24
                          103.152.249.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914BFE5/9DAF486EDDEB11EAB30ED921C4F9AE02/eKmXf_tHrz7B6Ua8EPgTdpSevsI.crl
                          rsync://rpki.apnic.net/member_repository/A914BFE5/9DAF486EDDEB11EAB30ED921C4F9AE02/eKmXf_tHrz7B6Ua8EPgTdpSevsI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eKmXf_tHrz7B6Ua8EPgTdpSevsI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 21:46:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1711 (0x6af)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914BFE5/serialNumber=78A9977FFB47AF3EC1E946BC10F81376949EBEC2
        Validity
            Not Before: Jul 11 22:57:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=64adde69-3211
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:b7:f8:8c:b5:09:00:ac:37:0a:9b:16:b8:81:
                    9e:db:10:ca:ae:70:eb:dd:4f:51:c4:3a:da:55:48:
                    69:24:d6:1b:37:08:06:83:6e:3d:c9:67:8b:1c:15:
                    db:04:12:40:2a:52:e4:11:29:2f:e8:1d:6a:43:9f:
                    93:56:37:20:c8:74:42:ab:99:d4:b7:0d:08:f7:67:
                    92:1a:5b:29:3b:9a:b9:27:e9:35:b8:c0:49:fa:72:
                    b9:09:f0:62:21:b5:a6:49:2e:7f:c3:57:99:e6:0b:
                    e2:28:37:6d:75:df:d1:62:0a:f4:e4:f4:36:c7:82:
                    ed:d0:cb:21:24:2c:67:50:95:48:ed:25:83:6d:e7:
                    76:cc:c7:14:a5:f5:ab:97:52:72:63:31:13:a7:5d:
                    d5:62:44:a3:f1:2b:49:28:46:c0:25:d8:87:b9:2a:
                    8e:2c:36:14:a0:b6:b7:6f:06:d8:78:8c:1e:26:79:
                    81:69:c9:86:70:c8:79:f5:c0:da:ec:9f:88:9e:a9:
                    e6:7a:34:7b:f0:36:80:86:1e:cc:53:0a:41:c5:75:
                    08:05:f0:ac:56:29:68:20:4e:20:15:73:94:af:42:
                    4e:52:4f:7c:0a:12:38:03:1c:85:88:ee:cf:3a:cc:
                    68:2a:05:8e:da:60:42:0f:b4:ca:97:d6:5c:21:f5:
                    2a:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:36:CF:B8:67:B8:C2:0E:C5:D2:60:5A:F7:3B:F8:12:F1:55:82:6F
            X509v3 Authority Key Identifier:
                keyid:78:A9:97:7F:FB:47:AF:3E:C1:E9:46:BC:10:F8:13:76:94:9E:BE:C2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914BFE5/9DAF486EDDEB11EAB30ED921C4F9AE02/eKmXf_tHrz7B6Ua8EPgTdpSevsI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eKmXf_tHrz7B6Ua8EPgTdpSevsI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BFE5/9DAF486EDDEB11EAB30ED921C4F9AE02/C664689AE0F511EABB96D531C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.152.248.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5c:d3:6a:2d:89:60:e4:f9:bb:c6:db:70:40:a1:45:e3:21:11:
         10:f4:2b:7c:fe:20:1c:3f:2a:fd:0a:8c:22:64:aa:78:dd:4d:
         6d:9e:33:8e:c1:cd:60:e4:a2:96:ce:5e:69:2a:c9:07:e9:51:
         d1:81:a5:59:ae:c5:32:a2:a7:d3:a0:70:cc:17:1b:7d:e5:06:
         98:80:60:7e:68:97:47:b4:15:15:cc:6e:39:e6:ac:65:d9:2a:
         70:f8:21:9d:95:d5:5e:0c:6a:ca:b5:a2:f9:73:61:7d:ee:91:
         e8:e0:96:ae:d8:3b:1b:25:c0:1c:22:47:bd:b4:ac:fe:9e:36:
         ec:6f:60:6e:37:fd:89:ec:26:89:08:5e:d9:96:3b:d3:3d:4e:
         f8:4d:37:64:8e:cd:e9:ea:7c:e2:e5:70:1e:ee:13:0a:f7:19:
         66:0f:60:ab:f0:48:fc:e0:3c:24:ce:55:b6:94:2c:68:3a:0e:
         91:75:85:ea:7d:9e:50:7f:1a:03:40:4a:0c:87:b9:a0:d8:a9:
         93:b4:2d:71:ad:29:eb:c8:56:17:44:51:17:8f:95:c5:48:bd:
         b8:f7:cd:89:f0:1c:0d:90:bf:1d:aa:bb:6e:91:b6:75:9d:09:
         e2:71:e3:ae:bc:3d:af:99:66:63:0c:d7:b1:45:cb:54:d0:41:
         ae:4b:21:e2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBq8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEJGRTUxMTAvBgNVBAUTKDc4QTk5NzdGRkI0N0FGM0VDMUU5NDZCQzEwRjgxMzc2
OTQ5RUJFQzIwHhcNMjMwNzExMjI1NzQ1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGFkZGU2OS0zMjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm7f4jLUJAKw3CpsWuIGe2xDKrnDr3U9RxDraVUhpJNYbNwgGg249yWeLHBXb
BBJAKlLkESkv6B1qQ5+TVjcgyHRCq5nUtw0I92eSGlspO5q5J+k1uMBJ+nK5CfBi
IbWmSS5/w1eZ5gviKDdtdd/RYgr05PQ2x4Lt0MshJCxnUJVI7SWDbed2zMcUpfWr
l1JyYzETp13VYkSj8StJKEbAJdiHuSqOLDYUoLa3bwbYeIweJnmBacmGcMh59cDa
7J+InqnmejR78DaAhh7MUwpBxXUIBfCsViloIE4gFXOUr0JOUk98ChI4AxyFiO7P
OsxoKgWO2mBCD7TKl9ZcIfUqVQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGA2z7hn
uMIOxdJgWvc7+BLxVYJvMB8GA1UdIwQYMBaAFHipl3/7R68+welGvBD4E3aUnr7C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkZFNS85REFGNDg2RURE
RUIxMUVBQjMwRUQ5MjFDNEY5QUUwMi9lS21YZl90SHJ6N0I2VWE4RVBnVGRwU2V2
c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VLbVhmX3RIcno3QjZVYThFUGdUZHBTZXZzSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEJGRTUvOURBRjQ4NkVEREVCMTFFQUIzMEVEOTIxQzRGOUFFMDIvQzY2NDY4OUFF
MEY1MTFFQUJCOTZENTMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmPgwDQYJKoZIhvcNAQELBQADggEBAFzTai2JYOT5u8bb
cEChReMhERD0K3z+IBw/Kv0KjCJkqnjdTW2eM47BzWDkopbOXmkqyQfpUdGBpVmu
xTKip9OgcMwXG33lBpiAYH5ol0e0FRXMbjnmrGXZKnD4IZ2V1V4Masq1ovlzYX3u
kejglq7YOxslwBwiR720rP6eNuxvYG43/YnsJokIXtmWO9M9TvhNN2SOzenqfOLl
cB7uEwr3GWYPYKvwSPzgPCTOVbaULGg6DpF1hep9nlB/GgNASgyHuaDYqZO0LXGt
KevIVhdEURePlcVIvbj3zYnwHA2Qvx2qu26RtnWdCeJx4668Pa+ZZmMM17FFy1TQ
Qa5LIeI=
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:55:54 2024 by rpki-client on console-ams.rpki-client.org