Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915B0D2/88F979A282CB11EE9AA3764CC4F9AE02/FA0FC12E869E11EE9FAC6784C4F9AE02.roa
File:                     FA0FC12E869E11EE9FAC6784C4F9AE02.roa (raw, json)
Hash identifier:          HBDGFiTbyNRk83HqmHwC2x3I23vzUVlyz218sJOf/RM=
Subject key identifier:   EB:EF:34:60:E8:C4:EE:04:56:3A:9D:35:99:F9:9A:88:D7:9F:DC:BF
Certificate issuer:       /CN=A915B0D2/serialNumber=7422789E8ED0BFC20C34D7BF68F519EE65EFF4BC
Certificate serial:       06
Authority key identifier: 74:22:78:9E:8E:D0:BF:C2:0C:34:D7:BF:68:F5:19:EE:65:EF:F4:BC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dCJ4no7Qv8IMNNe_aPUZ7mXv9Lw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915B0D2/88F979A282CB11EE9AA3764CC4F9AE02/FA0FC12E869E11EE9FAC6784C4F9AE02.roa
Signing time:             Sun 19 Nov 2023 05:46:25 +0000
ROA not before:           Sun 19 Nov 2023 05:46:25 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     132275
IP address blocks:        203.175.108.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A915B0D2/88F979A282CB11EE9AA3764CC4F9AE02/dCJ4no7Qv8IMNNe_aPUZ7mXv9Lw.crl
                          rsync://rpki.apnic.net/member_repository/A915B0D2/88F979A282CB11EE9AA3764CC4F9AE02/dCJ4no7Qv8IMNNe_aPUZ7mXv9Lw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dCJ4no7Qv8IMNNe_aPUZ7mXv9Lw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 20 Jun 2024 07:03:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6 (0x6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915B0D2/serialNumber=7422789E8ED0BFC20C34D7BF68F519EE65EFF4BC
        Validity
            Not Before: Nov 19 05:46:25 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=6559a131-227e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:68:b4:6c:94:b0:55:93:62:41:42:56:80:06:
                    0e:9a:42:ce:5c:59:ba:e1:d8:30:db:4c:c8:c6:8b:
                    83:f3:d6:36:4f:1f:83:f7:c3:ec:b4:c4:a2:7f:09:
                    4d:46:30:d5:f8:e4:23:70:ff:f8:d6:e0:6c:c6:10:
                    5c:4e:11:33:82:26:c6:e9:2c:1d:87:f4:ea:33:57:
                    d9:b2:6a:94:aa:2a:3e:86:c2:59:30:d4:b8:27:92:
                    bf:6b:d0:6b:f1:45:7b:44:46:c1:91:0c:26:94:f5:
                    45:e6:99:87:9c:a3:1c:a0:65:65:ea:09:fa:58:b0:
                    86:45:b7:39:44:21:6a:2c:35:98:c7:d3:b9:b4:24:
                    43:c5:ef:e1:ef:d8:df:aa:c8:97:3d:da:77:f7:39:
                    73:33:55:9c:c0:2e:cb:5e:30:f5:f3:71:3d:71:35:
                    02:cc:0d:88:ee:17:e3:ea:6c:5d:ea:39:3b:88:ff:
                    e5:e7:79:38:cc:b6:90:b4:84:7a:9e:f3:95:5d:0d:
                    4d:05:ca:8e:74:91:8a:92:e0:05:27:4d:95:58:2b:
                    f2:47:87:75:fa:5f:bc:9d:47:45:e0:91:5b:f4:27:
                    28:7b:ed:e5:63:5f:e7:84:9d:ff:a9:34:07:6c:0f:
                    db:bd:a2:d2:5f:d0:3b:1c:d5:2e:41:81:64:c2:8c:
                    53:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:EF:34:60:E8:C4:EE:04:56:3A:9D:35:99:F9:9A:88:D7:9F:DC:BF
            X509v3 Authority Key Identifier:
                keyid:74:22:78:9E:8E:D0:BF:C2:0C:34:D7:BF:68:F5:19:EE:65:EF:F4:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915B0D2/88F979A282CB11EE9AA3764CC4F9AE02/dCJ4no7Qv8IMNNe_aPUZ7mXv9Lw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dCJ4no7Qv8IMNNe_aPUZ7mXv9Lw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915B0D2/88F979A282CB11EE9AA3764CC4F9AE02/FA0FC12E869E11EE9FAC6784C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.175.108.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6f:8b:61:6b:c9:13:8f:f7:7d:0b:c1:47:65:d0:d5:8d:c1:dd:
         11:0d:90:20:2b:46:c4:b3:42:62:a7:de:68:c2:2a:7c:81:ec:
         8e:bf:19:29:58:07:1b:b2:3d:0a:2c:95:e0:a0:1d:69:74:8e:
         19:93:5d:1a:88:02:b2:37:8e:3e:e2:de:e1:64:d2:70:c1:c9:
         0d:9d:5c:54:96:ae:6f:be:11:19:26:fa:03:fb:99:6c:27:b7:
         d5:11:ef:1d:eb:91:96:d8:4d:75:92:f3:65:2b:14:15:2e:93:
         4e:76:47:ad:bb:a9:36:7d:0f:a9:69:d8:46:65:c5:ea:2c:7a:
         be:42:19:86:3e:b2:a6:cc:0c:8c:c8:53:d0:fd:49:3e:5f:e4:
         30:ab:de:c8:5f:cc:b9:04:8e:33:ae:5c:b2:d4:0c:78:fc:39:
         78:5b:d8:53:f5:92:7b:0a:d3:26:92:c1:c0:bc:ce:3c:54:9a:
         76:63:7e:5f:c3:62:80:01:65:b4:62:98:59:de:18:32:33:5f:
         87:1a:e2:1c:ea:de:23:4b:85:92:48:2a:f5:fe:30:46:27:fd:
         69:85:f3:17:f2:2f:75:4f:56:87:f1:97:9e:07:bd:c6:f2:2c:
         8b:43:e1:ac:a0:85:4d:c2:69:1a:56:74:23:2b:ba:c6:b4:e1:
         15:be:ea:60
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
QjBEMjExMC8GA1UEBRMoNzQyMjc4OUU4RUQwQkZDMjBDMzREN0JGNjhGNTE5RUU2
NUVGRjRCQzAeFw0yMzExMTkwNTQ2MjVaFw0yNTAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NTlhMTMxLTIyN2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDYaLRslLBVk2JBQlaABg6aQs5cWbrh2DDbTMjGi4Pz1jZPH4P3w+y0xKJ/CU1G
MNX45CNw//jW4GzGEFxOETOCJsbpLB2H9OozV9myapSqKj6Gwlkw1Lgnkr9r0Gvx
RXtERsGRDCaU9UXmmYecoxygZWXqCfpYsIZFtzlEIWosNZjH07m0JEPF7+Hv2N+q
yJc92nf3OXMzVZzALsteMPXzcT1xNQLMDYjuF+PqbF3qOTuI/+XneTjMtpC0hHqe
85VdDU0Fyo50kYqS4AUnTZVYK/JHh3X6X7ydR0XgkVv0Jyh77eVjX+eEnf+pNAds
D9u9otJf0Dsc1S5BgWTCjFOZAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU6+80YOjE
7gRWOp01mfmaiNef3L8wHwYDVR0jBBgwFoAUdCJ4no7Qv8IMNNe/aPUZ7mXv9Lww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVCMEQyLzg4Rjk3OUEyODJD
QjExRUU5QUEzNzY0Q0M0RjlBRTAyL2RDSjRubzdRdjhJTU5OZV9hUFVaN21YdjlM
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZENKNG5vN1F2OElNTk5lX2FQVVo3bVh2OUx3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
QjBEMi84OEY5NzlBMjgyQ0IxMUVFOUFBMzc2NENDNEY5QUUwMi9GQTBGQzEyRTg2
OUUxMUVFOUZBQzY3ODRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAcuvbDANBgkqhkiG9w0BAQsFAAOCAQEAb4tha8kTj/d9C8FH
ZdDVjcHdEQ2QICtGxLNCYqfeaMIqfIHsjr8ZKVgHG7I9CiyV4KAdaXSOGZNdGogC
sjeOPuLe4WTScMHJDZ1cVJaub74RGSb6A/uZbCe31RHvHeuRlthNdZLzZSsUFS6T
TnZHrbupNn0PqWnYRmXF6ix6vkIZhj6ypswMjMhT0P1JPl/kMKveyF/MuQSOM65c
stQMePw5eFvYU/WSewrTJpLBwLzOPFSadmN+X8NigAFltGKYWd4YMjNfhxriHOre
I0uFkkgq9f4wRif9aYXzF/IvdU9Wh/GXnge9xvIsi0PhrKCFTcJpGlZ0Iyu6xrTh
Fb7qYA==
-----END CERTIFICATE-----
Generated at Thu Jun 13 10:58:40 2024 by rpki-client on console-ams.rpki-client.org