Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915912F/0A0679080A5111EE8D75B66BC4F9AE02/92A66D260C6D11EFBF1F4756C4F9AE02.roa
File:                     92A66D260C6D11EFBF1F4756C4F9AE02.roa (raw, json)
Hash identifier:          tUAntY9TrcgF+ePvIK5i1BRnGinhhVd2b09zIPe+ofo=
Subject key identifier:   76:2B:D0:D8:42:AB:B6:FC:F3:25:AD:D3:75:E6:A6:37:62:8E:76:AC
Certificate issuer:       /CN=A915912F/serialNumber=A98B4D753A84DFD49DA7E2307E3192A8C4FF9895
Certificate serial:       ED
Authority key identifier: A9:8B:4D:75:3A:84:DF:D4:9D:A7:E2:30:7E:31:92:A8:C4:FF:98:95
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qYtNdTqE39Sdp-IwfjGSqMT_mJU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915912F/0A0679080A5111EE8D75B66BC4F9AE02/92A66D260C6D11EFBF1F4756C4F9AE02.roa
Signing time:             Thu 27 Jun 2024 05:47:43 +0000
ROA not before:           Thu 27 Jun 2024 05:47:43 +0000
ROA not after:            Sun 31 Aug 2025 00:00:00 +0000
asID:                     212609
IP address blocks:        103.92.146.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A915912F/0A0679080A5111EE8D75B66BC4F9AE02/qYtNdTqE39Sdp-IwfjGSqMT_mJU.crl
                          rsync://rpki.apnic.net/member_repository/A915912F/0A0679080A5111EE8D75B66BC4F9AE02/qYtNdTqE39Sdp-IwfjGSqMT_mJU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qYtNdTqE39Sdp-IwfjGSqMT_mJU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 16 Dec 2024 02:58:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 237 (0xed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915912F/serialNumber=A98B4D753A84DFD49DA7E2307E3192A8C4FF9895
        Validity
            Not Before: Jun 27 05:47:43 2024 GMT
            Not After : Aug 31 00:00:00 2025 GMT
        Subject: CN=667cfcff-8b09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:91:08:c7:eb:04:71:81:69:96:df:54:63:da:
                    63:7a:e0:d6:88:eb:ee:85:1d:af:7b:b2:f5:af:ba:
                    59:c4:4d:ea:ab:69:cd:f0:b6:ce:42:02:6a:b5:12:
                    fc:0e:59:ca:1c:7d:b1:b8:60:e9:cd:3a:d1:40:e6:
                    eb:52:7f:ad:c7:c4:8c:88:89:66:e6:61:a8:e6:c2:
                    03:0a:cd:27:a7:59:87:ca:41:84:17:48:b6:1d:a3:
                    57:bb:be:eb:8f:2a:76:73:65:01:a3:eb:d5:74:ad:
                    3b:a0:c7:7c:ea:f3:b0:96:ba:82:0d:89:ea:62:cd:
                    06:93:75:82:f8:48:18:cf:d8:ba:0e:ec:ee:c5:b5:
                    fb:b4:e1:13:66:a6:ea:1b:e5:38:60:a5:59:e0:32:
                    00:90:00:03:7c:97:98:70:6e:05:4d:59:4a:22:01:
                    9c:83:83:2a:07:d8:e0:d0:1d:ad:a3:a3:30:80:11:
                    9a:1d:f4:d1:54:08:5f:a3:2c:95:43:1b:64:c4:6c:
                    80:fa:0a:da:ef:6c:02:ee:9b:d5:b7:54:d0:6b:2c:
                    db:cd:e2:0c:9c:13:c1:ed:20:96:99:3e:18:b6:5a:
                    98:de:f2:3c:1a:ab:a6:54:f6:cd:70:d1:82:d8:3c:
                    0e:2a:b0:75:b3:de:15:48:9a:27:20:7c:62:6e:8b:
                    22:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:2B:D0:D8:42:AB:B6:FC:F3:25:AD:D3:75:E6:A6:37:62:8E:76:AC
            X509v3 Authority Key Identifier:
                keyid:A9:8B:4D:75:3A:84:DF:D4:9D:A7:E2:30:7E:31:92:A8:C4:FF:98:95

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915912F/0A0679080A5111EE8D75B66BC4F9AE02/qYtNdTqE39Sdp-IwfjGSqMT_mJU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qYtNdTqE39Sdp-IwfjGSqMT_mJU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915912F/0A0679080A5111EE8D75B66BC4F9AE02/92A66D260C6D11EFBF1F4756C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.92.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:6d:7f:7e:80:4b:4a:1b:d4:5a:08:4c:d2:c8:23:85:9b:6d:
         19:19:b5:26:89:75:4d:89:5c:b6:36:aa:6d:95:a6:b3:88:ac:
         4f:25:09:1c:37:be:11:89:26:eb:27:d0:5d:1c:89:ca:57:c1:
         b4:e9:b1:ac:40:c6:e1:2f:3a:84:93:e0:fb:a3:03:60:cb:07:
         7a:62:e3:b8:81:9d:7b:70:d3:cc:21:fd:7c:1f:b5:4e:df:45:
         35:b5:a2:b6:98:55:60:cc:ce:01:8a:74:8c:5f:4b:c0:46:0c:
         95:ee:cd:6e:81:43:18:39:ce:da:ef:b7:b6:c7:88:f5:5d:f5:
         45:18:35:9d:b8:ad:f0:c6:d0:2e:a2:ba:86:0d:bd:85:e6:66:
         8f:88:2b:1a:77:64:b0:dd:d8:27:ac:91:05:a7:6d:45:f9:4f:
         ee:84:32:fd:47:18:92:01:85:e7:68:29:98:20:5c:11:8a:75:
         9a:c4:1a:ca:bf:f6:8e:a2:73:ec:18:32:ea:61:9f:3c:ea:e2:
         a9:6b:9d:0d:bf:95:3a:3b:44:41:a4:1a:bc:47:7d:4f:56:1c:
         6e:4a:98:88:da:7b:ee:40:56:4b:88:6b:71:0c:f3:22:03:c8:
         f4:f2:d0:fc:65:db:00:e5:4c:89:c1:73:fc:81:07:f4:a3:f6:
         28:28:ef:fc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAO0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTkxMkYxMTAvBgNVBAUTKEE5OEI0RDc1M0E4NERGRDQ5REE3RTIzMDdFMzE5MkE4
QzRGRjk4OTUwHhcNMjQwNjI3MDU0NzQzWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjdjZmNmZi04YjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwJEIx+sEcYFplt9UY9pjeuDWiOvuhR2ve7L1r7pZxE3qq2nN8LbOQgJqtRL8
DlnKHH2xuGDpzTrRQObrUn+tx8SMiIlm5mGo5sIDCs0np1mHykGEF0i2HaNXu77r
jyp2c2UBo+vVdK07oMd86vOwlrqCDYnqYs0Gk3WC+EgYz9i6DuzuxbX7tOETZqbq
G+U4YKVZ4DIAkAADfJeYcG4FTVlKIgGcg4MqB9jg0B2to6MwgBGaHfTRVAhfoyyV
QxtkxGyA+gra72wC7pvVt1TQayzbzeIMnBPB7SCWmT4YtlqY3vI8GqumVPbNcNGC
2DwOKrB1s94VSJonIHxibosiXwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHYr0NhC
q7b88yWt03XmpjdijnasMB8GA1UdIwQYMBaAFKmLTXU6hN/UnafiMH4xkqjE/5iV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTEyRi8wQTA2NzkwODBB
NTExMUVFOEQ3NUI2NkJDNEY5QUUwMi9xWXROZFRxRTM5U2RwLUl3ZmpHU3FNVF9t
SlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FZdE5kVHFFMzlTZHAtSXdmakdTcU1UX21KVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTkxMkYvMEEwNjc5MDgwQTUxMTFFRThENzVCNjZCQzRGOUFFMDIvOTJBNjZEMjYw
QzZEMTFFRkJGMUY0NzU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnXJIwDQYJKoZIhvcNAQELBQADggEBAABtf36AS0ob1FoI
TNLII4WbbRkZtSaJdU2JXLY2qm2VprOIrE8lCRw3vhGJJusn0F0cicpXwbTpsaxA
xuEvOoST4PujA2DLB3pi47iBnXtw08wh/XwftU7fRTW1oraYVWDMzgGKdIxfS8BG
DJXuzW6BQxg5ztrvt7bHiPVd9UUYNZ24rfDG0C6iuoYNvYXmZo+IKxp3ZLDd2Ces
kQWnbUX5T+6EMv1HGJIBhedoKZggXBGKdZrEGsq/9o6ic+wYMuphnzzq4qlrnQ2/
lTo7REGkGrxHfU9WHG5KmIjae+5AVkuIa3EM8yIDyPTy0Pxl2wDlTInBc/yBB/Sj
9igo7/w=
-----END CERTIFICATE-----
Generated at Mon Dec 9 04:23:16 2024 by rpki-client on console-fra.rpki-client.org