Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9166C39/27EECFD0BB9711EAA1A66C53C4F9AE02/50101290F77C11EB8B39F74AC4F9AE02.roa
File:                     50101290F77C11EB8B39F74AC4F9AE02.roa (raw, json)
Hash identifier:          V0ws2u6CUVoBJJ3fPf3qeEuywRO80Nm1EFmm4jM4jUE=
Subject key identifier:   31:B4:A9:B0:97:E9:51:A4:AE:EE:16:B0:73:86:8B:24:4B:7F:8D:16
Certificate issuer:       /CN=A9166C39/serialNumber=07E051B41ED82E3F53BF59AA84DD9ACA20CFB54C
Certificate serial:       076D
Authority key identifier: 07:E0:51:B4:1E:D8:2E:3F:53:BF:59:AA:84:DD:9A:CA:20:CF:B5:4C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B-BRtB7YLj9Tv1mqhN2ayiDPtUw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9166C39/27EECFD0BB9711EAA1A66C53C4F9AE02/50101290F77C11EB8B39F74AC4F9AE02.roa
Signing time:             Wed 16 Aug 2023 21:38:32 +0000
ROA not before:           Wed 16 Aug 2023 21:38:32 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     60614
IP address blocks:        2001:df4:d80::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9166C39/27EECFD0BB9711EAA1A66C53C4F9AE02/B-BRtB7YLj9Tv1mqhN2ayiDPtUw.crl
                          rsync://rpki.apnic.net/member_repository/A9166C39/27EECFD0BB9711EAA1A66C53C4F9AE02/B-BRtB7YLj9Tv1mqhN2ayiDPtUw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B-BRtB7YLj9Tv1mqhN2ayiDPtUw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 21:46:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1901 (0x76d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9166C39/serialNumber=07E051B41ED82E3F53BF59AA84DD9ACA20CFB54C
        Validity
            Not Before: Aug 16 21:38:32 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=64dd41d8-ed51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:08:28:1e:2b:8d:03:a3:d3:75:be:54:6d:bf:
                    f6:ea:ac:ff:be:65:43:bf:0d:56:d1:31:8e:2f:16:
                    d8:3f:f6:dd:33:ed:d3:09:e5:f3:8b:31:97:74:d4:
                    d8:cd:69:37:c6:a8:ae:20:11:21:54:21:9d:4b:e7:
                    2e:0b:e9:e7:fa:d9:fd:e2:b7:20:54:3d:91:68:a0:
                    94:ba:14:b2:3d:0f:20:ea:1d:8b:15:6e:bc:b3:02:
                    2a:c1:5c:0d:b8:e5:e8:49:6d:54:59:6e:7c:1e:e3:
                    54:b6:9b:c8:e3:cb:2a:ee:a5:d4:a9:8e:b0:9e:74:
                    f6:94:88:01:f5:ec:dc:3b:ea:c8:23:91:09:a0:8b:
                    f0:bb:12:01:36:7b:50:4a:1d:24:ee:5f:04:d3:36:
                    f6:57:33:7e:b6:6e:01:05:8f:c9:a3:38:bd:ae:df:
                    ff:0c:c8:74:ea:d0:21:82:2a:dc:6c:48:95:96:ea:
                    63:00:ba:1c:c6:58:7d:ad:87:54:6d:dc:32:bd:4c:
                    9d:1d:6e:6d:74:c1:5c:57:1c:51:dd:c7:c3:e8:35:
                    ed:7f:31:d4:b1:47:86:59:1b:ba:75:90:1a:b8:2c:
                    4f:4e:c7:77:c4:8d:70:47:5f:eb:b7:85:01:0e:ba:
                    9f:4a:3a:f8:c2:78:b2:da:87:29:de:6d:5c:36:64:
                    be:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:B4:A9:B0:97:E9:51:A4:AE:EE:16:B0:73:86:8B:24:4B:7F:8D:16
            X509v3 Authority Key Identifier:
                keyid:07:E0:51:B4:1E:D8:2E:3F:53:BF:59:AA:84:DD:9A:CA:20:CF:B5:4C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9166C39/27EECFD0BB9711EAA1A66C53C4F9AE02/B-BRtB7YLj9Tv1mqhN2ayiDPtUw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B-BRtB7YLj9Tv1mqhN2ayiDPtUw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9166C39/27EECFD0BB9711EAA1A66C53C4F9AE02/50101290F77C11EB8B39F74AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df4:d80::/48

    Signature Algorithm: sha256WithRSAEncryption
         b1:79:f2:97:3e:1e:46:03:65:87:9a:3d:24:24:07:9e:d3:c6:
         fb:bb:f9:35:49:3c:9b:bc:44:56:e5:a3:39:a4:09:f3:cf:08:
         c5:fc:21:d5:b2:54:a0:46:bb:f5:fc:00:bb:53:55:32:30:70:
         02:8a:57:f7:39:e9:a4:56:53:95:cc:e9:dd:9e:9c:9f:74:89:
         bb:78:25:6e:f1:17:a2:43:62:87:85:bb:91:d5:22:29:7d:99:
         a9:83:44:90:7c:12:ec:41:a3:6e:19:d9:ab:08:0d:f0:28:7d:
         79:8c:33:a1:6d:11:91:4f:ec:bc:40:fa:51:ba:70:71:5d:f2:
         87:33:39:0b:4c:6c:73:a8:2b:f3:bc:70:90:a1:5a:fd:86:25:
         b7:6f:47:fa:ef:96:e5:0a:61:72:ab:5a:b4:bc:41:f2:0d:f2:
         40:a4:ae:6e:45:13:10:44:43:4b:db:a8:27:31:d6:3b:cb:4e:
         a3:5e:44:db:96:25:a3:09:9c:6b:b2:63:c2:46:8e:b8:6f:31:
         cf:e2:a9:89:3c:df:73:30:ec:1b:b7:70:7c:b9:bf:20:78:f2:
         8c:16:7e:65:16:80:15:cb:a5:c0:b0:5a:d7:ce:7e:5b:c4:d2:
         74:a9:d9:6f:ac:82:76:df:80:c7:69:b6:49:70:3b:de:e2:ef:
         6d:00:9e:f0
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICB20wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjZDMzkxMTAvBgNVBAUTKDA3RTA1MUI0MUVEODJFM0Y1M0JGNTlBQTg0REQ5QUNB
MjBDRkI1NEMwHhcNMjMwODE2MjEzODMyWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRkNDFkOC1lZDUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4wgoHiuNA6PTdb5Ubb/26qz/vmVDvw1W0TGOLxbYP/bdM+3TCeXzizGXdNTY
zWk3xqiuIBEhVCGdS+cuC+nn+tn94rcgVD2RaKCUuhSyPQ8g6h2LFW68swIqwVwN
uOXoSW1UWW58HuNUtpvI48sq7qXUqY6wnnT2lIgB9ezcO+rII5EJoIvwuxIBNntQ
Sh0k7l8E0zb2VzN+tm4BBY/Jozi9rt//DMh06tAhgircbEiVlupjALocxlh9rYdU
bdwyvUydHW5tdMFcVxxR3cfD6DXtfzHUsUeGWRu6dZAauCxPTsd3xI1wR1/rt4UB
DrqfSjr4wniy2ocp3m1cNmS+JQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFDG0qbCX
6VGkru4WsHOGiyRLf40WMB8GA1UdIwQYMBaAFAfgUbQe2C4/U79ZqoTdmsogz7VM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NkMzOS8yN0VFQ0ZEMEJC
OTcxMUVBQTFBNjZDNTNDNEY5QUUwMi9CLUJSdEI3WUxqOVR2MW1xaE4yYXlpRFB0
VXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ItQlJ0QjdZTGo5VHYxbXFoTjJheWlEUHRVdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjZDMzkvMjdFRUNGRDBCQjk3MTFFQUExQTY2QzUzQzRGOUFFMDIvNTAxMDEyOTBG
NzdDMTFFQjhCMzlGNzRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ30DYAwDQYJKoZIhvcNAQELBQADggEBALF58pc+HkYD
ZYeaPSQkB57Txvu7+TVJPJu8RFblozmkCfPPCMX8IdWyVKBGu/X8ALtTVTIwcAKK
V/c56aRWU5XM6d2enJ90ibt4JW7xF6JDYoeFu5HVIil9mamDRJB8EuxBo24Z2asI
DfAofXmMM6FtEZFP7LxA+lG6cHFd8oczOQtMbHOoK/O8cJChWv2GJbdvR/rvluUK
YXKrWrS8QfIN8kCkrm5FExBEQ0vbqCcx1jvLTqNeRNuWJaMJnGuyY8JGjrhvMc/i
qYk833Mw7Bu3cHy5vyB48owWfmUWgBXLpcCwWtfOflvE0nSp2W+sgnbfgMdptklw
O97i720AnvA=
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:55:54 2024 by rpki-client on console-ams.rpki-client.org