Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916943B/64F31C065AE911EAAC8F520EC4F9AE02/205773705AEA11EAA2FDF10EC4F9AE02.roa
File:                     205773705AEA11EAA2FDF10EC4F9AE02.roa (raw, json)
Hash identifier:          HylTyL7SeF7TFnAJdv2ZARR3wqNX9oP0BhS+ApQkUEM=
Subject key identifier:   06:34:20:30:BE:41:97:C5:E3:3F:7B:F1:EB:2D:15:66:6B:FA:32:95
Certificate issuer:       /CN=A916943B/serialNumber=9FE15A9A54BA5535D297458805C470362ED87173
Certificate serial:       09CC
Authority key identifier: 9F:E1:5A:9A:54:BA:55:35:D2:97:45:88:05:C4:70:36:2E:D8:71:73
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n-FamlS6VTXSl0WIBcRwNi7YcXM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916943B/64F31C065AE911EAAC8F520EC4F9AE02/205773705AEA11EAA2FDF10EC4F9AE02.roa
Signing time:             Tue 14 May 2024 20:59:57 +0000
ROA not before:           Tue 14 May 2024 20:59:57 +0000
ROA not after:            Wed 28 May 2025 00:00:00 +0000
asID:                     140088
IP address blocks:        103.148.102.0/24 maxlen: 24
                          103.148.103.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A916943B/64F31C065AE911EAAC8F520EC4F9AE02/n-FamlS6VTXSl0WIBcRwNi7YcXM.crl
                          rsync://rpki.apnic.net/member_repository/A916943B/64F31C065AE911EAAC8F520EC4F9AE02/n-FamlS6VTXSl0WIBcRwNi7YcXM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n-FamlS6VTXSl0WIBcRwNi7YcXM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 19:33:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2508 (0x9cc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916943B/serialNumber=9FE15A9A54BA5535D297458805C470362ED87173
        Validity
            Not Before: May 14 20:59:57 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=6643d0cd-0242
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:7e:0c:d4:64:1e:40:47:4b:25:0b:43:4a:33:
                    21:cb:48:1e:6d:c9:60:a5:6a:ee:91:4a:0a:e6:0d:
                    bf:55:09:1b:00:07:a2:65:aa:b7:de:34:fa:d2:d4:
                    b0:a9:39:56:12:10:64:48:c2:04:76:13:79:e5:7a:
                    b9:df:22:93:f9:05:b4:b8:95:66:78:aa:dc:8b:9c:
                    b8:7a:7b:c8:97:20:07:80:df:08:06:a3:ec:ad:af:
                    e4:bd:47:39:51:82:df:24:38:c1:49:58:be:67:a9:
                    ab:84:34:34:d4:de:b0:12:f2:5e:ea:0a:20:bf:7e:
                    dc:9c:1b:60:fa:89:9c:94:7f:74:fb:f1:d0:24:80:
                    d3:0b:c7:fd:d3:51:1f:60:ea:87:68:fe:b5:f4:f5:
                    74:3c:30:14:10:15:90:6a:54:d6:49:a7:18:1d:69:
                    8a:33:74:55:c8:a3:bf:05:6e:04:2d:49:26:de:44:
                    cd:f0:dd:b1:76:5a:d8:be:13:45:3b:b6:91:3b:79:
                    c0:f9:b5:e9:a4:c8:77:e3:13:72:63:85:4e:cc:91:
                    4f:23:cd:76:77:10:d1:bb:66:25:df:9b:94:dc:25:
                    12:9d:6b:cc:73:33:0c:63:2b:60:5c:36:40:41:ae:
                    05:e0:1d:b5:cb:33:11:d3:2f:05:39:bb:64:a0:d0:
                    aa:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:34:20:30:BE:41:97:C5:E3:3F:7B:F1:EB:2D:15:66:6B:FA:32:95
            X509v3 Authority Key Identifier:
                keyid:9F:E1:5A:9A:54:BA:55:35:D2:97:45:88:05:C4:70:36:2E:D8:71:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916943B/64F31C065AE911EAAC8F520EC4F9AE02/n-FamlS6VTXSl0WIBcRwNi7YcXM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n-FamlS6VTXSl0WIBcRwNi7YcXM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916943B/64F31C065AE911EAAC8F520EC4F9AE02/205773705AEA11EAA2FDF10EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.148.102.0/23

    Signature Algorithm: sha256WithRSAEncryption
         16:98:bd:cf:84:94:b6:c9:9a:00:29:de:64:ca:53:2b:51:40:
         55:35:2d:b0:be:98:7f:c1:cb:29:6b:61:bb:ed:b3:fd:0d:99:
         d2:9f:3f:51:06:03:88:59:c1:e4:01:c0:1f:9f:7b:a3:58:17:
         5d:3c:04:40:e0:e6:34:3a:a0:32:93:4f:4a:72:b3:0c:ec:1d:
         f5:ed:70:b1:ce:cb:20:41:7a:36:2a:38:6e:67:42:ec:8e:e7:
         38:ec:ec:ac:7a:4a:5e:de:57:70:21:4c:71:76:e9:8c:a9:b5:
         86:72:16:cd:74:4c:a5:52:41:e4:0c:8f:28:77:df:95:61:c4:
         cc:0d:d4:16:f4:25:4e:8f:0d:bc:1c:7e:83:fe:f3:39:23:47:
         24:35:bc:7b:30:41:0a:ad:53:ba:21:78:f0:0b:a0:eb:a3:7e:
         58:fb:1c:45:68:cb:77:59:fe:6e:54:00:99:e9:40:2e:0d:7a:
         9b:c0:50:c2:04:7e:11:2d:c2:26:4b:68:db:48:42:e5:83:f1:
         6c:3f:7f:27:7c:86:90:5f:91:3c:d1:6c:49:90:ae:1d:76:f8:
         13:6f:18:55:fd:85:34:5c:c9:87:98:b3:a0:32:9b:45:f2:43:
         a4:b1:6a:15:c1:a4:9e:ba:90:52:eb:b6:e2:5d:a7:8f:9b:79:
         2f:f7:3d:bf
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCcwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njk0M0IxMTAvBgNVBAUTKDlGRTE1QTlBNTRCQTU1MzVEMjk3NDU4ODA1QzQ3MDM2
MkVEODcxNzMwHhcNMjQwNTE0MjA1OTU3WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQzZDBjZC0wMjQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy34M1GQeQEdLJQtDSjMhy0gebclgpWrukUoK5g2/VQkbAAeiZaq33jT60tSw
qTlWEhBkSMIEdhN55Xq53yKT+QW0uJVmeKrci5y4envIlyAHgN8IBqPsra/kvUc5
UYLfJDjBSVi+Z6mrhDQ01N6wEvJe6gogv37cnBtg+omclH90+/HQJIDTC8f901Ef
YOqHaP619PV0PDAUEBWQalTWSacYHWmKM3RVyKO/BW4ELUkm3kTN8N2xdlrYvhNF
O7aRO3nA+bXppMh34xNyY4VOzJFPI812dxDRu2Yl35uU3CUSnWvMczMMYytgXDZA
Qa4F4B21yzMR0y8FObtkoNCqsQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAY0IDC+
QZfF4z978estFWZr+jKVMB8GA1UdIwQYMBaAFJ/hWppUulU10pdFiAXEcDYu2HFz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTQzQi82NEYzMUMwNjVB
RTkxMUVBQUM4RjUyMEVDNEY5QUUwMi9uLUZhbWxTNlZUWFNsMFdJQmNSd05pN1lj
WE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL24tRmFtbFM2VlRYU2wwV0lCY1J3Tmk3WWNYTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njk0M0IvNjRGMzFDMDY1QUU5MTFFQUFDOEY1MjBFQzRGOUFFMDIvMjA1NzczNzA1
QUVBMTFFQUEyRkRGMTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnlGYwDQYJKoZIhvcNAQELBQADggEBABaYvc+ElLbJmgAp
3mTKUytRQFU1LbC+mH/ByylrYbvts/0NmdKfP1EGA4hZweQBwB+fe6NYF108BEDg
5jQ6oDKTT0pyswzsHfXtcLHOyyBBejYqOG5nQuyO5zjs7Kx6Sl7eV3AhTHF26Yyp
tYZyFs10TKVSQeQMjyh335VhxMwN1Bb0JU6PDbwcfoP+8zkjRyQ1vHswQQqtU7oh
ePALoOujflj7HEVoy3dZ/m5UAJnpQC4NepvAUMIEfhEtwiZLaNtIQuWD8Ww/fyd8
hpBfkTzRbEmQrh12+BNvGFX9hTRcyYeYs6Aym0XyQ6SxahXBpJ66kFLrtuJdp4+b
eS/3Pb8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:05:28 2024 by rpki-client on console-fra.rpki-client.org