Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916D29F/691F74C4988811E991AF6636C4F9AE02/67D0867AC52911EA8F7F413EC4F9AE02.roa
File:                     67D0867AC52911EA8F7F413EC4F9AE02.roa (raw, json)
Hash identifier:          5k6MdXYACWJz5oZ1Zg2aN8d6cK6nVQy4TzZpe2bK+rc=
Subject key identifier:   E0:31:E3:BD:62:22:EF:79:5F:1B:71:21:C1:08:35:2C:B6:63:B4:18
Certificate issuer:       /CN=A916D29F/serialNumber=AA85CCD2DD3E1C003BF72FF53E58C7200E7CF0A8
Certificate serial:       0D82
Authority key identifier: AA:85:CC:D2:DD:3E:1C:00:3B:F7:2F:F5:3E:58:C7:20:0E:7C:F0:A8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qoXM0t0-HAA79y_1PljHIA588Kg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916D29F/691F74C4988811E991AF6636C4F9AE02/67D0867AC52911EA8F7F413EC4F9AE02.roa
Signing time:             Thu 04 Jan 2024 18:36:18 +0000
ROA not before:           Thu 04 Jan 2024 18:36:18 +0000
ROA not after:            Mon 31 Mar 2025 00:00:00 +0000
asID:                     46562
IP address blocks:        103.105.165.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A916D29F/691F74C4988811E991AF6636C4F9AE02/qoXM0t0-HAA79y_1PljHIA588Kg.crl
                          rsync://rpki.apnic.net/member_repository/A916D29F/691F74C4988811E991AF6636C4F9AE02/qoXM0t0-HAA79y_1PljHIA588Kg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qoXM0t0-HAA79y_1PljHIA588Kg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 18:26:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3458 (0xd82)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916D29F/serialNumber=AA85CCD2DD3E1C003BF72FF53E58C7200E7CF0A8
        Validity
            Not Before: Jan  4 18:36:18 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=6596faa2-6e50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:ee:aa:3a:78:b5:53:6f:aa:02:df:25:60:d1:
                    a1:2c:8d:04:0e:a0:b7:cd:ef:ab:7e:99:f4:9e:6c:
                    a9:3b:c6:32:dc:93:76:d0:00:3e:2b:fa:f7:c5:32:
                    0e:ea:c4:e8:3c:af:ea:7c:a0:94:91:e8:5f:c1:3e:
                    3c:5f:0e:ba:35:6d:3d:27:e5:8d:07:2c:fb:ea:7e:
                    f6:20:bf:4f:80:fb:6f:7c:3e:0e:a9:b3:2e:c0:11:
                    69:66:b9:9d:1b:18:df:c0:b1:0a:a8:e4:27:0e:32:
                    c6:c4:42:ba:d6:cc:38:c8:98:b6:ff:44:33:7b:b0:
                    4d:2a:b7:ea:a6:17:9a:ab:ef:99:c0:48:4a:3b:5e:
                    2b:e0:b3:ba:3e:19:f3:56:8a:bd:ed:99:5d:2d:b4:
                    ba:60:4c:53:0e:18:8b:57:ce:a5:e0:ca:96:9e:5a:
                    6d:c0:b3:92:96:db:90:74:05:52:85:d0:8e:e1:e4:
                    59:67:17:17:c8:96:32:88:58:43:2a:51:8e:63:6e:
                    48:a2:a3:a9:a7:26:a5:1f:c1:6c:db:30:fa:78:22:
                    26:3c:d7:7a:7e:73:73:aa:43:5a:dc:c6:c8:ce:16:
                    34:be:98:61:45:3d:87:49:87:c7:fc:01:3d:f7:2a:
                    a0:8b:11:9d:64:f9:99:f4:1a:59:d6:b4:56:54:c5:
                    a8:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:31:E3:BD:62:22:EF:79:5F:1B:71:21:C1:08:35:2C:B6:63:B4:18
            X509v3 Authority Key Identifier:
                keyid:AA:85:CC:D2:DD:3E:1C:00:3B:F7:2F:F5:3E:58:C7:20:0E:7C:F0:A8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916D29F/691F74C4988811E991AF6636C4F9AE02/qoXM0t0-HAA79y_1PljHIA588Kg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qoXM0t0-HAA79y_1PljHIA588Kg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D29F/691F74C4988811E991AF6636C4F9AE02/67D0867AC52911EA8F7F413EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.105.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:94:ae:ef:37:52:72:73:50:dc:e0:38:d4:4b:2e:05:e6:b5:
         01:1e:0e:54:8e:b9:cd:d4:8e:6d:18:ab:bd:81:07:1b:9f:8a:
         2b:2e:c3:29:eb:bd:c5:15:9f:96:20:05:07:75:c8:73:e7:f7:
         d0:69:44:70:2f:1c:c0:92:c2:e2:b9:1b:f0:7c:25:30:0d:16:
         e7:f1:54:11:4e:4f:54:96:c6:af:06:a8:a4:1e:d6:38:cb:39:
         f3:4b:fa:ca:86:19:d0:6b:2a:1c:e4:56:80:3d:0a:b3:5b:57:
         98:ef:ce:22:68:fc:8c:a1:2e:28:a0:0f:6c:a7:bd:5f:2a:68:
         26:cc:31:95:5d:18:5d:9e:00:26:82:0d:e8:93:f8:3b:56:9b:
         e7:1d:23:6e:25:f4:d0:81:fb:c5:47:88:19:53:1a:7a:2d:35:
         c1:49:c5:37:54:e4:3d:9b:6b:25:f1:e2:26:2c:b4:b0:a4:ab:
         8d:84:6e:1b:df:c9:c5:b7:b7:79:65:15:7c:70:9e:14:df:63:
         7d:95:5d:e1:b2:a7:c2:32:8f:e6:f6:a6:99:30:3d:65:8e:ff:
         19:9e:bb:a1:fd:29:00:6e:39:81:02:f7:ea:00:16:e3:49:a7:
         e4:dc:97:d0:f0:47:60:49:30:de:9c:76:f6:9c:7a:26:d8:cd:
         3e:27:89:1f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDYIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQyOUYxMTAvBgNVBAUTKEFBODVDQ0QyREQzRTFDMDAzQkY3MkZGNTNFNThDNzIw
MEU3Q0YwQTgwHhcNMjQwMTA0MTgzNjE4WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk2ZmFhMi02ZTUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzO6qOni1U2+qAt8lYNGhLI0EDqC3ze+rfpn0nmypO8Yy3JN20AA+K/r3xTIO
6sToPK/qfKCUkehfwT48Xw66NW09J+WNByz76n72IL9PgPtvfD4OqbMuwBFpZrmd
GxjfwLEKqOQnDjLGxEK61sw4yJi2/0Qze7BNKrfqpheaq++ZwEhKO14r4LO6Phnz
Voq97ZldLbS6YExTDhiLV86l4MqWnlptwLOSltuQdAVShdCO4eRZZxcXyJYyiFhD
KlGOY25IoqOppyalH8Fs2zD6eCImPNd6fnNzqkNa3MbIzhY0vphhRT2HSYfH/AE9
9yqgixGdZPmZ9BpZ1rRWVMWoJwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOAx471i
Iu95XxtxIcEINSy2Y7QYMB8GA1UdIwQYMBaAFKqFzNLdPhwAO/cv9T5YxyAOfPCo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDI5Ri82OTFGNzRDNDk4
ODgxMUU5OTFBRjY2MzZDNEY5QUUwMi9xb1hNMHQwLUhBQTc5eV8xUGxqSElBNTg4
S2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FvWE0wdDAtSEFBNzl5XzFQbGpISUE1ODhLZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQyOUYvNjkxRjc0QzQ5ODg4MTFFOTkxQUY2NjM2QzRGOUFFMDIvNjdEMDg2N0FD
NTI5MTFFQThGN0Y0MTNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnaaUwDQYJKoZIhvcNAQELBQADggEBAAiUru83UnJzUNzg
ONRLLgXmtQEeDlSOuc3Ujm0Yq72BBxufiisuwynrvcUVn5YgBQd1yHPn99BpRHAv
HMCSwuK5G/B8JTANFufxVBFOT1SWxq8GqKQe1jjLOfNL+sqGGdBrKhzkVoA9CrNb
V5jvziJo/IyhLiigD2ynvV8qaCbMMZVdGF2eACaCDeiT+DtWm+cdI24l9NCB+8VH
iBlTGnotNcFJxTdU5D2bayXx4iYstLCkq42EbhvfycW3t3llFXxwnhTfY32VXeGy
p8Iyj+b2ppkwPWWO/xmeu6H9KQBuOYEC9+oAFuNJp+Tcl9DwR2BJMN6cdvaceibY
zT4niR8=
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:44:14 2024 by rpki-client on console-fra.rpki-client.org