Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/6DE12084243F11EDB6C9D62AC4F9AE02.roa
File:                     6DE12084243F11EDB6C9D62AC4F9AE02.roa (raw, json)
Hash identifier:          O7+wL16PkaDPTmmO1kr24PckWZJCzfq+Ou1e0aJN24I=
Subject key identifier:   46:16:86:8E:90:3C:6D:D8:95:0C:09:4E:16:68:AA:67:43:D9:98:07
Certificate issuer:       /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial:       3452
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/6DE12084243F11EDB6C9D62AC4F9AE02.roa
Signing time:             Wed 04 Oct 2023 14:50:30 +0000
ROA not before:           Wed 04 Oct 2023 14:50:30 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        175.29.224.0/19 maxlen: 19

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
                          rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 14:32:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13394 (0x3452)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
        Validity
            Not Before: Oct  4 14:50:30 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=651d7bb6-2b64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:2a:88:40:64:53:d2:73:20:38:32:c8:67:6a:
                    a0:81:68:a4:f0:ae:cf:ce:52:d3:ce:9e:6c:ca:fb:
                    93:97:1e:91:13:3d:07:63:95:0a:7c:c9:21:e9:b1:
                    66:ef:2a:98:1c:36:35:7a:92:d8:4d:d1:f8:ba:75:
                    3b:b6:7a:fd:2a:15:a5:75:80:f8:7d:9e:b6:54:4b:
                    cc:ca:71:ab:92:03:20:24:c1:b6:9e:8a:54:c7:a8:
                    95:e5:5e:a9:ba:95:d2:9b:c0:8d:37:27:02:81:cd:
                    94:27:24:d4:41:df:af:9e:ac:e9:7f:1e:9d:ce:45:
                    bd:58:33:b9:c0:e5:7d:6d:ac:e1:60:c3:0f:2b:a6:
                    05:d5:6d:bd:71:e7:f9:b0:c2:d8:7a:fb:9f:59:f0:
                    be:ef:b0:99:54:d8:f2:db:4a:55:d9:40:64:b6:98:
                    62:a6:29:f5:3b:33:e8:64:98:08:c7:42:a5:17:48:
                    6d:49:68:11:a4:2f:e8:76:de:9c:87:2e:78:85:e4:
                    e0:88:b9:b4:76:92:5d:80:92:2e:bb:fc:9a:f1:69:
                    18:a5:62:db:7e:c1:9e:af:65:bf:77:cd:c6:9a:52:
                    8f:a6:51:a9:5e:2a:e6:f1:94:07:56:f2:a8:4c:3a:
                    e6:d2:68:7c:65:c9:08:4c:af:41:84:20:a2:40:0f:
                    c8:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:16:86:8E:90:3C:6D:D8:95:0C:09:4E:16:68:AA:67:43:D9:98:07
            X509v3 Authority Key Identifier:
                keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/6DE12084243F11EDB6C9D62AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  175.29.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         af:de:b6:1c:33:94:58:c9:d1:1f:64:54:c3:23:a6:56:c6:05:
         96:c6:b1:68:6e:f6:66:c3:fb:ee:e5:85:36:0c:a8:86:5d:b9:
         7f:57:1d:8e:2f:8e:18:7b:e3:09:0d:69:f0:2c:de:f3:ae:19:
         47:24:c3:85:6f:2c:4e:4c:9b:b6:fc:4f:2d:e4:7c:1a:fc:e4:
         3b:09:8a:0d:2b:1e:23:02:9e:ba:a8:b4:fc:cc:8c:8d:b6:92:
         70:3c:e9:73:41:38:42:8b:8f:0e:38:9d:04:cb:5c:98:4d:aa:
         13:63:e9:c5:f0:16:ea:fd:ac:7f:8a:b1:fc:6e:00:d9:d8:83:
         76:16:eb:de:92:90:09:7f:81:f7:02:58:35:89:8b:16:a7:51:
         31:37:88:0e:2a:88:50:e9:69:8a:7f:3f:58:49:8d:ac:86:db:
         02:fc:c7:44:b3:04:31:f3:e2:10:62:aa:15:53:a6:c6:8d:93:
         41:8b:9d:57:07:81:7e:8c:44:b6:8e:3c:93:54:dd:18:d7:2c:
         d7:cc:ca:f1:62:25:51:18:06:dc:f4:c1:61:56:ad:5b:a0:c2:
         ce:62:2f:b9:9d:91:a8:bf:11:e7:a0:26:5a:9e:c7:c2:18:34:
         10:d7:ac:16:96:b1:c0:00:e2:9c:c7:07:fb:ef:44:79:e2:4e:
         54:99:4e:2c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNFIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjMxMDA0MTQ1MDMwWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFkN2JiNi0yYjY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyCqIQGRT0nMgODLIZ2qggWik8K7PzlLTzp5syvuTlx6REz0HY5UKfMkh6bFm
7yqYHDY1epLYTdH4unU7tnr9KhWldYD4fZ62VEvMynGrkgMgJMG2nopUx6iV5V6p
upXSm8CNNycCgc2UJyTUQd+vnqzpfx6dzkW9WDO5wOV9bazhYMMPK6YF1W29cef5
sMLYevufWfC+77CZVNjy20pV2UBktphipin1OzPoZJgIx0KlF0htSWgRpC/odt6c
hy54heTgiLm0dpJdgJIuu/ya8WkYpWLbfsGer2W/d83GmlKPplGpXirm8ZQHVvKo
TDrm0mh8ZckITK9BhCCiQA/IxQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEYWho6Q
PG3YlQwJThZoqmdD2ZgHMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvNkRFMTIwODQy
NDNGMTFFREI2QzlENjJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAWvHeAwDQYJKoZIhvcNAQELBQADggEBAK/ethwzlFjJ0R9k
VMMjplbGBZbGsWhu9mbD++7lhTYMqIZduX9XHY4vjhh74wkNafAs3vOuGUckw4Vv
LE5Mm7b8Ty3kfBr85DsJig0rHiMCnrqotPzMjI22knA86XNBOEKLjw44nQTLXJhN
qhNj6cXwFur9rH+KsfxuANnYg3YW696SkAl/gfcCWDWJixanUTE3iA4qiFDpaYp/
P1hJjayG2wL8x0SzBDHz4hBiqhVTpsaNk0GLnVcHgX6MRLaOPJNU3RjXLNfMyvFi
JVEYBtz0wWFWrVugws5iL7mdkai/EeegJlqex8IYNBDXrBaWscAA4pzHB/vvRHni
TlSZTiw=
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:47:21 2024 by rpki-client on console-fra.rpki-client.org