Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91755D7/40F9EFA48FD411EEB0858749C4F9AE02/A4C5164E8FD411EE85082822C4F9AE02.roa
File:                     A4C5164E8FD411EE85082822C4F9AE02.roa (raw, json)
Hash identifier:          u78iFIvwF2NEfGN9S77314lW5wUPIwISyfms2svNsdA=
Subject key identifier:   20:E6:FA:E7:2F:4E:EA:57:03:8E:3D:48:4C:B6:BF:D8:7C:80:88:3A
Certificate issuer:       /CN=A91755D7/serialNumber=729355AA0378F6D4F4056E6626BBC9BE30C9D8F0
Certificate serial:       02
Authority key identifier: 72:93:55:AA:03:78:F6:D4:F4:05:6E:66:26:BB:C9:BE:30:C9:D8:F0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cpNVqgN49tT0BW5mJrvJvjDJ2PA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91755D7/40F9EFA48FD411EEB0858749C4F9AE02/A4C5164E8FD411EE85082822C4F9AE02.roa
Signing time:             Thu 30 Nov 2023 23:03:15 +0000
ROA not before:           Thu 30 Nov 2023 23:03:15 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     7575
IP address blocks:        203.25.75.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91755D7/40F9EFA48FD411EEB0858749C4F9AE02/cpNVqgN49tT0BW5mJrvJvjDJ2PA.crl
                          rsync://rpki.apnic.net/member_repository/A91755D7/40F9EFA48FD411EEB0858749C4F9AE02/cpNVqgN49tT0BW5mJrvJvjDJ2PA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cpNVqgN49tT0BW5mJrvJvjDJ2PA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 02:50:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91755D7/serialNumber=729355AA0378F6D4F4056E6626BBC9BE30C9D8F0
        Validity
            Not Before: Nov 30 23:03:15 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=656914b3-7865
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:b3:7c:68:13:ea:fa:b4:b5:a4:02:26:a9:d2:
                    de:0f:da:2d:99:72:54:0d:09:48:96:2c:36:bb:fa:
                    d2:61:1d:33:a8:b4:af:7d:43:31:a1:cd:e2:a0:77:
                    99:b8:3a:73:73:f7:8c:c0:37:49:c2:7c:1d:8c:5f:
                    b8:0a:ca:3a:3a:d6:46:ba:f0:66:dd:1d:54:66:f1:
                    85:47:e1:cf:74:16:a7:fc:04:e3:97:50:8b:e0:56:
                    5a:9b:c5:20:d1:eb:a2:01:70:f1:4a:65:57:d5:da:
                    b9:80:bb:10:13:e2:9f:9c:ff:0d:61:75:2d:7e:cb:
                    8a:27:fe:d5:53:20:ae:c2:1d:25:b2:f8:33:dd:5b:
                    9a:7a:41:fb:78:eb:bb:6c:16:ab:db:b9:ba:ac:9d:
                    13:dd:4c:f4:8e:12:4a:7e:80:37:41:ed:5b:4a:bd:
                    96:7a:9a:50:a9:b7:89:e1:ca:b5:85:98:ea:15:8f:
                    91:80:9f:9d:25:6b:15:eb:d1:fc:4d:a9:2c:9c:85:
                    03:63:3b:c0:32:6a:27:04:03:bc:55:8d:5a:44:d5:
                    50:88:43:4c:2a:c3:ab:dd:97:b6:8b:f2:b5:e5:2e:
                    f4:17:89:9c:35:76:78:43:b5:47:89:a6:64:28:14:
                    01:aa:20:3f:99:e0:92:c8:70:75:cb:17:fd:8b:1a:
                    01:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:E6:FA:E7:2F:4E:EA:57:03:8E:3D:48:4C:B6:BF:D8:7C:80:88:3A
            X509v3 Authority Key Identifier:
                keyid:72:93:55:AA:03:78:F6:D4:F4:05:6E:66:26:BB:C9:BE:30:C9:D8:F0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91755D7/40F9EFA48FD411EEB0858749C4F9AE02/cpNVqgN49tT0BW5mJrvJvjDJ2PA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cpNVqgN49tT0BW5mJrvJvjDJ2PA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91755D7/40F9EFA48FD411EEB0858749C4F9AE02/A4C5164E8FD411EE85082822C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.25.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:6d:27:0a:0a:d9:e4:1f:95:c7:18:27:64:86:f9:5d:99:4b:
         90:23:87:b6:f5:c5:05:e4:ab:6a:05:82:6e:54:0b:01:29:7d:
         59:e3:93:16:ae:db:3f:d5:cd:db:05:5a:b6:ef:9d:e3:46:48:
         ce:cc:4b:41:ca:53:9a:ca:e8:f3:e6:f4:6e:b7:d9:ff:76:bf:
         52:1a:0f:76:43:59:42:28:30:64:e3:7f:25:45:49:bf:88:58:
         44:b0:53:b5:5d:8d:b4:82:4d:77:8d:b9:f4:89:5b:d5:0a:73:
         62:d4:bf:32:46:c8:cf:7a:7f:54:1e:b1:84:2c:c5:4c:ff:d1:
         8e:3d:9c:19:3f:c5:13:ca:16:57:e2:47:e2:5d:7e:d3:e6:98:
         ba:9c:55:03:81:14:96:f9:60:49:e0:e2:14:72:3a:3b:1d:1b:
         b0:29:08:93:af:7a:a4:5d:fd:c5:2e:ff:f5:79:27:d9:69:e1:
         66:48:2a:6f:7c:03:4d:bb:bb:c5:51:82:43:e4:71:59:19:8c:
         3b:3d:56:da:d2:be:ad:80:e3:86:3b:8f:cd:f8:e9:08:3f:a2:
         97:a8:95:09:84:76:90:c4:70:df:8b:c1:ad:f9:6f:a6:eb:15:
         96:8f:ed:08:5b:07:8e:02:fc:cb:6f:35:24:81:12:f1:74:fe:
         00:65:7d:e0
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
NTVENzExMC8GA1UEBRMoNzI5MzU1QUEwMzc4RjZENEY0MDU2RTY2MjZCQkM5QkUz
MEM5RDhGMDAeFw0yMzExMzAyMzAzMTVaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NjkxNGIzLTc4NjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2s3xoE+r6tLWkAiap0t4P2i2ZclQNCUiWLDa7+tJhHTOotK99QzGhzeKgd5m4
OnNz94zAN0nCfB2MX7gKyjo61ka68GbdHVRm8YVH4c90Fqf8BOOXUIvgVlqbxSDR
66IBcPFKZVfV2rmAuxAT4p+c/w1hdS1+y4on/tVTIK7CHSWy+DPdW5p6Qft467ts
FqvbubqsnRPdTPSOEkp+gDdB7VtKvZZ6mlCpt4nhyrWFmOoVj5GAn50laxXr0fxN
qSychQNjO8AyaicEA7xVjVpE1VCIQ0wqw6vdl7aL8rXlLvQXiZw1dnhDtUeJpmQo
FAGqID+Z4JLIcHXLF/2LGgG/AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUIOb65y9O
6lcDjj1ITLa/2HyAiDowHwYDVR0jBBgwFoAUcpNVqgN49tT0BW5mJrvJvjDJ2PAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1NUQ3LzQwRjlFRkE0OEZE
NDExRUVCMDg1ODc0OUM0RjlBRTAyL2NwTlZxZ040OXRUMEJXNW1KcnZKdmpESjJQ
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvY3BOVnFnTjQ5dFQwQlc1bUpydkp2akRKMlBBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NTVENy80MEY5RUZBNDhGRDQxMUVFQjA4NTg3NDlDNEY5QUUwMi9BNEM1MTY0RThG
RDQxMUVFODUwODI4MjJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMsZSzANBgkqhkiG9w0BAQsFAAOCAQEAIW0nCgrZ5B+Vxxgn
ZIb5XZlLkCOHtvXFBeSragWCblQLASl9WeOTFq7bP9XN2wVatu+d40ZIzsxLQcpT
msro8+b0brfZ/3a/UhoPdkNZQigwZON/JUVJv4hYRLBTtV2NtIJNd4259Ilb1Qpz
YtS/MkbIz3p/VB6xhCzFTP/Rjj2cGT/FE8oWV+JH4l1+0+aYupxVA4EUlvlgSeDi
FHI6Ox0bsCkIk696pF39xS7/9Xkn2WnhZkgqb3wDTbu7xVGCQ+RxWRmMOz1W2tK+
rYDjhjuPzfjpCD+il6iVCYR2kMRw34vBrflvpusVlo/tCFsHjgL8y281JIES8XT+
AGV94A==
-----END CERTIFICATE-----
Generated at Sat Jun 15 10:27:20 2024 by rpki-client on console-ams.rpki-client.org