Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/64F859DA812611EDA597255EC4F9AE02.roa
File:                     64F859DA812611EDA597255EC4F9AE02.roa (raw, json)
Hash identifier:          ad4lnlEjN3x/ieFDT4w/qeVRdyMwn8LPnEfRib/YHc8=
Subject key identifier:   F6:40:22:CB:01:42:53:39:57:95:D7:3E:4D:FC:BD:83:68:DC:32:74
Certificate issuer:       /CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91
Certificate serial:       1813
Authority key identifier: 61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/64F859DA812611EDA597255EC4F9AE02.roa
Signing time:             Fri 12 Jan 2024 17:04:47 +0000
ROA not before:           Fri 12 Jan 2024 17:04:47 +0000
ROA not after:            Sun 02 Mar 2025 00:00:00 +0000
asID:                     48337
IP address blocks:        2400:8905::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl
                          rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 14:50:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6163 (0x1813)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91
        Validity
            Not Before: Jan 12 17:04:47 2024 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=65a1712f-80db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:5e:8c:b4:87:3e:29:0c:b7:38:58:c3:f3:33:
                    39:5f:f9:9a:a0:e9:f5:f1:df:e8:29:fc:3e:83:79:
                    4b:48:4d:f5:55:64:4a:f7:05:c6:23:39:0f:72:70:
                    56:fb:15:0a:92:21:95:df:5e:b3:c7:c5:ea:df:a5:
                    7e:ce:fd:a7:24:c3:5f:19:ba:26:f0:b5:ed:f8:e6:
                    be:4f:f9:71:de:95:93:2d:06:93:68:fc:d8:fa:d1:
                    b7:b8:f9:01:c3:1e:0a:ae:4c:5b:28:d2:6f:f2:bc:
                    72:e3:56:af:50:02:47:8e:eb:f3:d9:7d:8a:76:00:
                    45:c9:b5:4e:58:62:41:b0:c0:45:55:81:8d:ee:53:
                    b8:62:d0:9a:0f:b1:9a:e9:7f:62:66:40:d0:c3:61:
                    1a:aa:d6:68:fd:92:5f:1c:a9:6d:63:82:04:21:20:
                    1e:f6:2e:61:4b:b7:d7:e9:b2:55:77:36:19:de:26:
                    46:28:3d:27:9c:76:5f:57:8a:59:97:ec:f6:81:00:
                    33:c9:f6:e8:e0:d4:37:28:ae:51:f7:8c:16:03:1b:
                    bb:8e:f9:9c:27:41:64:fd:af:6d:d5:a6:d5:a9:d9:
                    01:3e:ca:c1:b9:46:78:17:29:0d:1e:59:80:a9:06:
                    15:54:f5:af:70:d1:c4:7b:b2:41:67:e7:1e:9b:3a:
                    51:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:40:22:CB:01:42:53:39:57:95:D7:3E:4D:FC:BD:83:68:DC:32:74
            X509v3 Authority Key Identifier:
                keyid:61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/64F859DA812611EDA597255EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:8905::/32

    Signature Algorithm: sha256WithRSAEncryption
         4b:c3:89:31:ff:ed:00:ce:a7:18:32:dd:9a:89:db:ea:ca:34:
         65:cc:3d:74:69:46:1e:d2:92:70:fb:92:53:b8:18:58:1d:87:
         83:db:4d:0d:66:e4:ba:65:b5:c1:b3:0e:b2:73:68:22:77:4e:
         3c:85:2c:97:31:af:2d:2c:88:21:96:7e:16:57:29:69:1e:ba:
         82:fa:67:75:7e:81:ae:74:7d:e9:af:c6:87:24:e3:27:0e:8e:
         38:f8:81:ed:ab:d9:b7:a8:0d:07:a6:c5:98:fd:e5:5f:14:b8:
         b3:66:3a:c0:c5:de:91:66:aa:62:6a:e1:43:e1:fc:b0:38:b6:
         b1:74:f2:85:01:51:d4:db:b8:23:5e:51:1b:2f:70:4a:79:7b:
         e0:18:90:ca:b8:70:52:25:47:73:40:99:51:bf:54:49:d5:7b:
         fb:7e:0e:5d:45:79:57:07:75:4b:e5:3b:f8:7c:4a:d4:ba:d2:
         6b:30:6c:6c:33:34:90:4f:1c:60:17:06:20:65:4c:21:7b:33:
         93:02:91:ce:e6:27:14:91:e2:32:ea:29:46:30:8e:da:d9:0e:
         c8:af:ac:48:ed:57:94:df:75:f7:b6:40:20:9c:02:2c:9d:3e:
         6b:c9:19:90:54:fa:d3:18:48:e7:37:3d:6d:96:34:1a:73:47:
         62:b7:8f:ec
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICGBMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUQwM0ExMTAvBgNVBAUTKDYxNUVEODRDNDRFNjU3RjcwOTVFMDIxMkFGRUEwNTJD
NTQyQTBEOTEwHhcNMjQwMTEyMTcwNDQ3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWExNzEyZi04MGRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArl6MtIc+KQy3OFjD8zM5X/maoOn18d/oKfw+g3lLSE31VWRK9wXGIzkPcnBW
+xUKkiGV316zx8Xq36V+zv2nJMNfGbom8LXt+Oa+T/lx3pWTLQaTaPzY+tG3uPkB
wx4KrkxbKNJv8rxy41avUAJHjuvz2X2KdgBFybVOWGJBsMBFVYGN7lO4YtCaD7Ga
6X9iZkDQw2EaqtZo/ZJfHKltY4IEISAe9i5hS7fX6bJVdzYZ3iZGKD0nnHZfV4pZ
l+z2gQAzyfbo4NQ3KK5R94wWAxu7jvmcJ0Fk/a9t1abVqdkBPsrBuUZ4FykNHlmA
qQYVVPWvcNHEe7JBZ+cemzpRUQIDAQABo4ICljCCApIwHQYDVR0OBBYEFPZAIssB
QlM5V5XXPk38vYNo3DJ0MB8GA1UdIwQYMBaAFGFe2ExE5lf3CV4CEq/qBSxUKg2R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDAzQS8xQjY0NzcxMDky
NDYxMUU3OUFBRUJFMTBDNEY5QUUwMi9ZVjdZVEVUbVZfY0pYZ0lTci1vRkxGUXFE
WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lWN1lURVRtVl9jSlhnSVNyLW9GTEZRcURaRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQwM0EvMUI2NDc3MTA5MjQ2MTFFNzlBQUVCRTEwQzRGOUFFMDIvNjRGODU5REE4
MTI2MTFFREE1OTcyNTVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAIkFMA0GCSqGSIb3DQEBCwUAA4IBAQBLw4kx/+0AzqcY
Mt2aidvqyjRlzD10aUYe0pJw+5JTuBhYHYeD200NZuS6ZbXBsw6yc2gid048hSyX
Ma8tLIghln4WVylpHrqC+md1foGudH3pr8aHJOMnDo44+IHtq9m3qA0HpsWY/eVf
FLizZjrAxd6RZqpiauFD4fywOLaxdPKFAVHU27gjXlEbL3BKeXvgGJDKuHBSJUdz
QJlRv1RJ1Xv7fg5dRXlXB3VL5Tv4fErUutJrMGxsMzSQTxxgFwYgZUwhezOTApHO
5icUkeIy6ilGMI7a2Q7Ir6xI7VeU33X3tkAgnAIsnT5ryRmQVPrTGEjnNz1tljQa
c0dit4/s
-----END CERTIFICATE-----
Generated at Sun Jun 16 19:10:21 2024 by rpki-client on console-ams.rpki-client.org