Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91781C0/2F289ED6810411EDBEC65087C4F9AE02/F69540BA810811ED9EA03683C4F9AE02.roa
File:                     F69540BA810811ED9EA03683C4F9AE02.roa (raw, json)
Hash identifier:          VwFP+j9Y86bpDslZHzR4okm58s+k/5RYkJDz4DI10MY=
Subject key identifier:   A0:E4:D4:A8:AB:86:45:E2:E8:39:2A:0A:E4:B9:6E:CD:0F:FF:17:43
Certificate issuer:       /CN=A91781C0/serialNumber=52DE678FAF34F1F27BFD72CE752F5CD57E8C13CE
Certificate serial:       80
Authority key identifier: 52:DE:67:8F:AF:34:F1:F2:7B:FD:72:CE:75:2F:5C:D5:7E:8C:13:CE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ut5nj6808fJ7_XLOdS9c1X6ME84.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91781C0/2F289ED6810411EDBEC65087C4F9AE02/F69540BA810811ED9EA03683C4F9AE02.roa
Signing time:             Sat 19 Aug 2023 04:24:03 +0000
ROA not before:           Sat 19 Aug 2023 04:24:03 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        103.190.166.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91781C0/2F289ED6810411EDBEC65087C4F9AE02/Ut5nj6808fJ7_XLOdS9c1X6ME84.crl
                          rsync://rpki.apnic.net/member_repository/A91781C0/2F289ED6810411EDBEC65087C4F9AE02/Ut5nj6808fJ7_XLOdS9c1X6ME84.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ut5nj6808fJ7_XLOdS9c1X6ME84.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 128 (0x80)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91781C0/serialNumber=52DE678FAF34F1F27BFD72CE752F5CD57E8C13CE
        Validity
            Not Before: Aug 19 04:24:03 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=64e043e2-f81f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:7a:a8:2c:49:52:c3:ea:2f:79:46:7c:c7:71:
                    9e:27:6c:9c:86:49:3e:10:55:c3:6f:cf:88:f0:41:
                    23:63:32:34:f9:c8:fd:bb:17:7a:a6:68:ff:0a:9d:
                    1c:cc:2b:19:3a:aa:bb:cd:89:0f:2d:0f:1c:20:61:
                    9f:2a:b2:36:40:07:90:40:1c:05:6c:4a:d0:e5:08:
                    3f:06:bc:97:32:c7:ab:c8:b4:f7:0a:40:d1:38:74:
                    c0:6d:ee:ca:3b:9c:47:96:42:fb:fd:06:58:e3:4a:
                    86:b0:76:06:88:0c:08:74:af:d4:37:d6:81:90:4b:
                    b7:17:fe:d6:bc:f4:fa:a1:31:8f:06:6e:12:ae:2b:
                    79:be:0a:e5:1c:fd:0c:a1:5c:1c:65:df:46:c9:85:
                    03:e7:25:62:b1:97:a9:a9:1d:5b:c2:98:ff:11:21:
                    ef:34:44:ec:9a:92:75:60:6b:d7:b1:d1:36:93:b0:
                    d9:7b:68:83:17:ca:a0:df:38:5f:c4:85:2a:9e:72:
                    1d:19:65:24:8f:0e:77:56:35:17:7f:5c:cf:de:89:
                    aa:86:d6:95:e2:13:a4:ea:d5:c4:77:f5:af:ca:bf:
                    b3:fc:3c:c7:d8:56:c3:ff:7d:eb:af:02:79:ea:b9:
                    9a:75:79:f3:d5:94:45:9a:f7:23:4d:dc:24:8c:62:
                    42:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:E4:D4:A8:AB:86:45:E2:E8:39:2A:0A:E4:B9:6E:CD:0F:FF:17:43
            X509v3 Authority Key Identifier:
                keyid:52:DE:67:8F:AF:34:F1:F2:7B:FD:72:CE:75:2F:5C:D5:7E:8C:13:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91781C0/2F289ED6810411EDBEC65087C4F9AE02/Ut5nj6808fJ7_XLOdS9c1X6ME84.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ut5nj6808fJ7_XLOdS9c1X6ME84.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91781C0/2F289ED6810411EDBEC65087C4F9AE02/F69540BA810811ED9EA03683C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.190.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:6b:f6:4a:40:df:cc:99:60:d3:31:20:d4:a0:c7:32:f3:38:
         5a:a4:41:8b:b6:11:d6:a1:5a:ee:42:a6:b9:01:ef:0e:3b:63:
         08:c5:ac:c6:e2:a0:7d:8c:ef:b1:91:d6:08:74:09:68:7a:f3:
         4a:0a:bb:70:43:7a:4c:5b:23:3f:69:e3:4a:c9:33:33:4b:af:
         2a:99:d3:f3:83:04:fd:ee:66:c0:4b:76:43:82:0b:df:ae:18:
         35:f1:b3:85:b9:69:7f:a6:06:2e:2d:65:49:97:84:eb:33:e7:
         c1:8b:bb:98:77:d6:16:e0:7a:50:9a:92:a0:4e:ac:26:bc:9b:
         16:3f:5a:dd:b7:2c:da:89:39:b4:97:b1:83:34:46:a6:04:e6:
         88:45:80:4d:11:a5:33:64:dd:86:13:0d:3d:5c:13:02:6b:32:
         49:d4:fd:89:67:b0:69:49:45:ba:ee:91:dd:60:45:1f:58:85:
         43:ac:e2:ac:63:89:2d:ed:d9:7a:84:45:07:6f:22:f3:0b:6e:
         e5:2f:d7:99:98:98:28:47:0e:1d:b7:1b:2e:73:7d:d3:87:e7:
         f0:cc:98:57:83:b1:ed:b4:36:1d:1c:c1:d9:8b:f4:16:05:24:
         a3:68:87:77:34:bc:0a:f3:66:7d:47:1e:84:98:fd:55:35:03:
         36:12:63:4d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAIAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzgxQzAxMTAvBgNVBAUTKDUyREU2NzhGQUYzNEYxRjI3QkZENzJDRTc1MkY1Q0Q1
N0U4QzEzQ0UwHhcNMjMwODE5MDQyNDAzWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGUwNDNlMi1mODFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApHqoLElSw+oveUZ8x3GeJ2ychkk+EFXDb8+I8EEjYzI0+cj9uxd6pmj/Cp0c
zCsZOqq7zYkPLQ8cIGGfKrI2QAeQQBwFbErQ5Qg/BryXMseryLT3CkDROHTAbe7K
O5xHlkL7/QZY40qGsHYGiAwIdK/UN9aBkEu3F/7WvPT6oTGPBm4Srit5vgrlHP0M
oVwcZd9GyYUD5yVisZepqR1bwpj/ESHvNETsmpJ1YGvXsdE2k7DZe2iDF8qg3zhf
xIUqnnIdGWUkjw53VjUXf1zP3omqhtaV4hOk6tXEd/Wvyr+z/DzH2FbD/33rrwJ5
6rmadXnz1ZRFmvcjTdwkjGJCDwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKDk1Kir
hkXi6DkqCuS5bs0P/xdDMB8GA1UdIwQYMBaAFFLeZ4+vNPHye/1yznUvXNV+jBPO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3ODFDMC8yRjI4OUVENjgx
MDQxMUVEQkVDNjUwODdDNEY5QUUwMi9VdDVuajY4MDhmSjdfWExPZFM5YzFYNk1F
ODQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1V0NW5qNjgwOGZKN19YTE9kUzljMVg2TUU4NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzgxQzAvMkYyODlFRDY4MTA0MTFFREJFQzY1MDg3QzRGOUFFMDIvRjY5NTQwQkE4
MTA4MTFFRDlFQTAzNjgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnvqYwDQYJKoZIhvcNAQELBQADggEBAHNr9kpA38yZYNMx
INSgxzLzOFqkQYu2EdahWu5CprkB7w47YwjFrMbioH2M77GR1gh0CWh680oKu3BD
ekxbIz9p40rJMzNLryqZ0/ODBP3uZsBLdkOCC9+uGDXxs4W5aX+mBi4tZUmXhOsz
58GLu5h31hbgelCakqBOrCa8mxY/Wt23LNqJObSXsYM0RqYE5ohFgE0RpTNk3YYT
DT1cEwJrMknU/YlnsGlJRbrukd1gRR9YhUOs4qxjiS3t2XqERQdvIvMLbuUv15mY
mChHDh23Gy5zfdOH5/DMmFeDse20Nh0cwdmL9BYFJKNoh3c0vArzZn1HHoSY/VU1
AzYSY00=
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:46:40 2024 by rpki-client on console-ams.rpki-client.org