Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9154340/7C1FD1D291E111EBB6878C2EC4F9AE02/28D1785891E311EBA138E330C4F9AE02.roa
File:                     28D1785891E311EBA138E330C4F9AE02.roa (raw, json)
Hash identifier:          37+i69AHulPtnEotPsJg9ODNFEYYqD+VpCzfBhcCy9Q=
Subject key identifier:   85:BB:A1:57:48:3F:4D:4A:C3:CD:70:0E:B9:92:3C:9F:DA:23:2A:10
Certificate issuer:       /CN=A9154340/serialNumber=53F6F79253BCDB8B1D17182CE4F19D39FD499DF5
Certificate serial:       04AD
Authority key identifier: 53:F6:F7:92:53:BC:DB:8B:1D:17:18:2C:E4:F1:9D:39:FD:49:9D:F5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U_b3klO824sdFxgs5PGdOf1JnfU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9154340/7C1FD1D291E111EBB6878C2EC4F9AE02/28D1785891E311EBA138E330C4F9AE02.roa
Signing time:             Tue 11 Apr 2023 02:02:01 +0000
ROA not before:           Tue 11 Apr 2023 02:02:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     142002
IP address blocks:        103.164.81.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9154340/7C1FD1D291E111EBB6878C2EC4F9AE02/U_b3klO824sdFxgs5PGdOf1JnfU.crl
                          rsync://rpki.apnic.net/member_repository/A9154340/7C1FD1D291E111EBB6878C2EC4F9AE02/U_b3klO824sdFxgs5PGdOf1JnfU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U_b3klO824sdFxgs5PGdOf1JnfU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 03 Apr 2024 00:26:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1197 (0x4ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9154340/serialNumber=53F6F79253BCDB8B1D17182CE4F19D39FD499DF5
        Validity
            Not Before: Apr 11 02:02:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6434bf99-3126
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:0b:0a:8c:ca:3b:95:10:0f:d8:2f:61:98:bd:
                    86:78:6e:92:cb:8b:7a:19:20:ca:bb:7d:90:1f:c6:
                    65:af:8b:81:3a:18:94:09:07:c8:15:ec:71:9d:9e:
                    9b:0b:bd:7d:37:5a:69:0c:92:ca:ed:29:7b:34:56:
                    5d:fe:cb:68:a8:bf:db:55:f5:bf:47:75:e5:ac:df:
                    06:53:f7:54:cf:26:cc:e0:d2:f2:07:f8:24:5a:ca:
                    2f:3d:f3:cd:27:9e:3f:da:b4:2e:8f:71:00:d6:77:
                    c2:41:c0:03:5a:3d:e5:db:88:50:48:b8:b1:42:61:
                    40:6a:5f:4f:8c:9d:13:04:99:6b:e0:93:fc:6d:ba:
                    0a:05:54:eb:92:0d:57:77:09:de:02:56:ab:51:84:
                    2b:d8:9e:78:34:8e:47:fd:14:5b:79:ae:3b:5d:ca:
                    75:c3:83:26:b3:59:cd:72:b8:98:cc:45:73:8f:ec:
                    7c:cc:2f:49:39:c8:c7:2d:e4:e4:a1:ff:04:33:92:
                    e1:dd:36:3b:97:9f:f8:78:a7:d6:a4:27:a5:8f:f5:
                    65:c8:23:f6:44:1e:6b:f9:46:8d:56:02:8e:38:a8:
                    bb:85:c7:fe:3e:11:1a:09:0b:2f:f7:8c:cb:cc:f0:
                    33:50:54:68:20:01:63:69:65:ad:d5:fd:f2:da:04:
                    99:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:BB:A1:57:48:3F:4D:4A:C3:CD:70:0E:B9:92:3C:9F:DA:23:2A:10
            X509v3 Authority Key Identifier:
                keyid:53:F6:F7:92:53:BC:DB:8B:1D:17:18:2C:E4:F1:9D:39:FD:49:9D:F5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9154340/7C1FD1D291E111EBB6878C2EC4F9AE02/U_b3klO824sdFxgs5PGdOf1JnfU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U_b3klO824sdFxgs5PGdOf1JnfU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9154340/7C1FD1D291E111EBB6878C2EC4F9AE02/28D1785891E311EBA138E330C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.164.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:05:ac:56:92:15:97:56:74:dc:95:01:55:7f:88:95:c3:89:
         8c:2a:38:2e:eb:9a:aa:7a:04:28:be:e0:64:15:c5:18:af:5d:
         d0:fb:cb:6e:27:9c:62:fe:8d:96:e3:95:ff:e5:ba:2d:ef:9b:
         ce:89:80:a7:d4:2c:a1:9f:b5:88:04:6a:ea:ce:4a:b2:db:21:
         46:87:28:43:2a:bd:6d:59:68:48:b4:32:c3:5f:b2:2f:71:3c:
         8e:0f:dd:39:eb:23:50:5a:36:ab:85:1c:27:15:a3:54:02:f8:
         b1:a5:f2:c5:f9:f9:04:52:cf:46:b7:9c:7f:97:7f:86:c1:ca:
         12:72:2b:cd:30:9c:bb:65:4f:85:56:e6:46:a9:3b:44:7f:75:
         8a:fd:74:89:62:da:86:50:8a:2d:d9:fa:b0:8c:8f:84:b0:c3:
         e6:6f:70:21:ff:e3:cf:30:14:0b:69:61:eb:2f:d4:cf:2d:33:
         b5:95:20:7a:30:e3:07:f8:1b:c8:8a:5e:d8:2f:28:06:96:6f:
         fb:12:81:ef:a5:fc:34:a4:ab:14:67:69:d2:45:57:3d:db:dd:
         df:74:14:b4:b7:3f:f2:f5:19:22:4c:82:5e:33:f7:fc:76:86:
         a3:9d:e6:ae:93:67:ec:82:d9:32:93:a2:21:19:92:7b:47:44:
         63:7a:6f:e9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBK0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTQzNDAxMTAvBgNVBAUTKDUzRjZGNzkyNTNCQ0RCOEIxRDE3MTgyQ0U0RjE5RDM5
RkQ0OTlERjUwHhcNMjMwNDExMDIwMjAxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM0YmY5OS0zMTI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArAsKjMo7lRAP2C9hmL2GeG6Sy4t6GSDKu32QH8Zlr4uBOhiUCQfIFexxnZ6b
C719N1ppDJLK7Sl7NFZd/stoqL/bVfW/R3XlrN8GU/dUzybM4NLyB/gkWsovPfPN
J54/2rQuj3EA1nfCQcADWj3l24hQSLixQmFAal9PjJ0TBJlr4JP8bboKBVTrkg1X
dwneAlarUYQr2J54NI5H/RRbea47Xcp1w4Mms1nNcriYzEVzj+x8zC9JOcjHLeTk
of8EM5Lh3TY7l5/4eKfWpCelj/VlyCP2RB5r+UaNVgKOOKi7hcf+PhEaCQsv94zL
zPAzUFRoIAFjaWWt1f3y2gSZFQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIW7oVdI
P01Kw81wDrmSPJ/aIyoQMB8GA1UdIwQYMBaAFFP295JTvNuLHRcYLOTxnTn9SZ31
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NDM0MC83QzFGRDFEMjkx
RTExMUVCQjY4NzhDMkVDNEY5QUUwMi9VX2Iza2xPODI0c2RGeGdzNVBHZE9mMUpu
ZlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VfYjNrbE84MjRzZEZ4Z3M1UEdkT2YxSm5mVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTQzNDAvN0MxRkQxRDI5MUUxMTFFQkI2ODc4QzJFQzRGOUFFMDIvMjhEMTc4NTg5
MUUzMTFFQkExMzhFMzMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnpFEwDQYJKoZIhvcNAQELBQADggEBAAEFrFaSFZdWdNyV
AVV/iJXDiYwqOC7rmqp6BCi+4GQVxRivXdD7y24nnGL+jZbjlf/lui3vm86JgKfU
LKGftYgEaurOSrLbIUaHKEMqvW1ZaEi0MsNfsi9xPI4P3TnrI1BaNquFHCcVo1QC
+LGl8sX5+QRSz0a3nH+Xf4bByhJyK80wnLtlT4VW5kapO0R/dYr9dIli2oZQii3Z
+rCMj4Sww+ZvcCH/488wFAtpYesv1M8tM7WVIHow4wf4G8iKXtgvKAaWb/sSge+l
/DSkqxRnadJFVz3b3d90FLS3P/L1GSJMgl4z9/x2hqOd5q6TZ+yC2TKToiEZkntH
RGN6b+k=
-----END CERTIFICATE-----
Generated at Wed Mar 27 02:33:23 2024 by rpki-client on console-fra.rpki-client.org