Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/B38D932050EF11EC8583962BC4F9AE02.roa
File:                     B38D932050EF11EC8583962BC4F9AE02.roa (raw, json)
Hash identifier:          XsFP/EIZqsxLKoLstg8u4AXQnTjEdz+H/5uv+WSPUdA=
Subject key identifier:   9E:FC:E8:44:1F:41:29:6F:EB:43:44:BE:F3:73:5A:99:70:48:B0:08
Certificate issuer:       /CN=A9178EB0/serialNumber=E1B910B9C7310C9F65594FC6E8989FC953B36E51
Certificate serial:       0341
Authority key identifier: E1:B9:10:B9:C7:31:0C:9F:65:59:4F:C6:E8:98:9F:C9:53:B3:6E:51
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4bkQuccxDJ9lWU_G6JifyVOzblE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/B38D932050EF11EC8583962BC4F9AE02.roa
Signing time:             Mon 06 Nov 2023 22:30:02 +0000
ROA not before:           Mon 06 Nov 2023 22:30:02 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     45753
IP address blocks:        52.128.224.0/19 maxlen: 19
                          52.128.224.0/24 maxlen: 24
                          52.128.225.0/24 maxlen: 24
                          52.128.226.0/24 maxlen: 24
                          52.128.227.0/24 maxlen: 24
                          52.128.228.0/24 maxlen: 24
                          52.128.229.0/24 maxlen: 24
                          52.128.230.0/24 maxlen: 24
                          52.128.231.0/24 maxlen: 24
                          52.128.232.0/24 maxlen: 24
                          52.128.233.0/24 maxlen: 24
                          52.128.234.0/24 maxlen: 24
                          52.128.235.0/24 maxlen: 24
                          52.128.236.0/24 maxlen: 24
                          52.128.237.0/24 maxlen: 24
                          52.128.238.0/24 maxlen: 24
                          52.128.239.0/24 maxlen: 24
                          52.128.240.0/24 maxlen: 24
                          52.128.241.0/24 maxlen: 24
                          52.128.242.0/24 maxlen: 24
                          52.128.243.0/24 maxlen: 24
                          52.128.244.0/24 maxlen: 24
                          52.128.245.0/24 maxlen: 24
                          52.128.246.0/24 maxlen: 24
                          52.128.247.0/24 maxlen: 24
                          52.128.248.0/24 maxlen: 24
                          52.128.249.0/24 maxlen: 24
                          52.128.250.0/24 maxlen: 24
                          52.128.251.0/24 maxlen: 24
                          52.128.252.0/24 maxlen: 24
                          52.128.253.0/24 maxlen: 24
                          52.128.254.0/24 maxlen: 24
                          52.128.255.0/24 maxlen: 24
                          148.66.0.0/19 maxlen: 19
                          148.66.0.0/24 maxlen: 24
                          148.66.1.0/24 maxlen: 24
                          148.66.2.0/24 maxlen: 24
                          148.66.3.0/24 maxlen: 24
                          148.66.4.0/24 maxlen: 24
                          148.66.5.0/24 maxlen: 24
                          148.66.6.0/24 maxlen: 24
                          148.66.7.0/24 maxlen: 24
                          148.66.8.0/24 maxlen: 24
                          148.66.9.0/24 maxlen: 24
                          148.66.10.0/24 maxlen: 24
                          148.66.11.0/24 maxlen: 24
                          148.66.12.0/24 maxlen: 24
                          148.66.13.0/24 maxlen: 24
                          148.66.14.0/24 maxlen: 24
                          148.66.15.0/24 maxlen: 24
                          148.66.16.0/24 maxlen: 24
                          148.66.17.0/24 maxlen: 24
                          148.66.18.0/24 maxlen: 24
                          148.66.19.0/24 maxlen: 24
                          148.66.20.0/24 maxlen: 24
                          148.66.21.0/24 maxlen: 24
                          148.66.22.0/24 maxlen: 24
                          148.66.23.0/24 maxlen: 24
                          148.66.24.0/24 maxlen: 24
                          148.66.25.0/24 maxlen: 24
                          148.66.26.0/24 maxlen: 24
                          148.66.27.0/24 maxlen: 24
                          148.66.28.0/24 maxlen: 24
                          148.66.29.0/24 maxlen: 24
                          148.66.30.0/24 maxlen: 24
                          148.66.31.0/24 maxlen: 24
                          216.118.224.0/19 maxlen: 19
                          216.118.224.0/24 maxlen: 24
                          216.118.225.0/24 maxlen: 24
                          216.118.226.0/24 maxlen: 24
                          216.118.227.0/24 maxlen: 24
                          216.118.228.0/24 maxlen: 24
                          216.118.229.0/24 maxlen: 24
                          216.118.230.0/24 maxlen: 24
                          216.118.231.0/24 maxlen: 24
                          216.118.232.0/24 maxlen: 24
                          216.118.233.0/24 maxlen: 24
                          216.118.234.0/24 maxlen: 24
                          216.118.235.0/24 maxlen: 24
                          216.118.236.0/24 maxlen: 24
                          216.118.237.0/24 maxlen: 24
                          216.118.238.0/24 maxlen: 24
                          216.118.239.0/24 maxlen: 24
                          216.118.240.0/24 maxlen: 24
                          216.118.241.0/24 maxlen: 24
                          216.118.242.0/24 maxlen: 24
                          216.118.243.0/24 maxlen: 24
                          216.118.244.0/24 maxlen: 24
                          216.118.245.0/24 maxlen: 24
                          216.118.246.0/24 maxlen: 24
                          216.118.247.0/24 maxlen: 24
                          216.118.248.0/24 maxlen: 24
                          216.118.249.0/24 maxlen: 24
                          216.118.250.0/24 maxlen: 24
                          216.118.251.0/24 maxlen: 24
                          216.118.252.0/24 maxlen: 24
                          216.118.253.0/24 maxlen: 24
                          216.118.254.0/24 maxlen: 24
                          216.118.255.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/4bkQuccxDJ9lWU_G6JifyVOzblE.crl
                          rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/4bkQuccxDJ9lWU_G6JifyVOzblE.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4bkQuccxDJ9lWU_G6JifyVOzblE.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 27 Nov 2024 19:45:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 833 (0x341)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9178EB0/serialNumber=E1B910B9C7310C9F65594FC6E8989FC953B36E51
        Validity
            Not Before: Nov  6 22:30:02 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=654968ea-3491
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:f7:07:c0:80:8e:49:b2:2f:46:26:0c:55:80:
                    f9:01:cb:ef:0c:ca:cb:ef:48:0a:4a:8b:e8:86:b0:
                    89:c0:5b:42:ba:af:f2:8a:a5:76:02:19:5e:7d:e8:
                    a9:78:49:bb:09:89:ec:36:f4:83:87:f6:ba:11:f7:
                    85:ba:7c:73:60:3e:8a:4e:45:67:3d:1e:0f:73:a6:
                    0f:81:aa:ee:d5:d2:cb:bf:a3:25:ee:4c:13:a1:5c:
                    ea:b9:37:1f:dd:18:ec:d4:ea:75:d1:dc:5f:83:14:
                    2e:2f:33:57:ca:6b:f7:a0:1a:07:2f:37:e9:8d:3b:
                    00:70:93:3e:50:88:66:70:1f:8b:5a:b0:1e:ca:02:
                    5f:70:83:4c:56:72:08:ad:ef:f2:3b:27:d7:cc:e5:
                    b2:40:15:ce:93:b7:dd:fb:1a:a0:52:02:85:68:23:
                    72:93:3f:0a:80:f9:b6:14:5b:31:10:4a:fd:e8:66:
                    62:27:c1:fb:08:0c:51:cd:ed:a6:1c:f1:98:b6:c8:
                    c7:2f:7f:50:79:1f:1b:3b:2b:24:3f:51:b9:9b:80:
                    2e:32:c3:2b:ee:37:83:b9:cb:e3:b5:84:fd:66:10:
                    24:8b:a9:c1:6c:37:55:f8:53:51:da:59:00:f5:fa:
                    dc:4b:68:e0:7f:ba:42:f5:92:c3:fd:81:78:4c:0d:
                    bf:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:FC:E8:44:1F:41:29:6F:EB:43:44:BE:F3:73:5A:99:70:48:B0:08
            X509v3 Authority Key Identifier:
                keyid:E1:B9:10:B9:C7:31:0C:9F:65:59:4F:C6:E8:98:9F:C9:53:B3:6E:51

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/4bkQuccxDJ9lWU_G6JifyVOzblE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4bkQuccxDJ9lWU_G6JifyVOzblE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/B38D932050EF11EC8583962BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.128.224.0/19
                  148.66.0.0/19
                  216.118.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         85:86:90:88:fc:5b:5d:07:46:a0:33:cf:b5:b0:12:26:41:4c:
         9d:c0:70:3c:cf:35:91:b7:55:0d:80:21:37:4a:27:04:64:f4:
         27:44:89:71:f8:70:a8:34:74:28:24:2c:8a:56:ce:85:a7:15:
         4a:20:5f:bc:74:61:62:9f:b3:70:9e:4d:01:7b:7c:b4:a7:43:
         31:92:e4:b2:98:37:af:0c:ca:4f:1a:1d:36:b1:a4:e1:b2:92:
         0f:e1:9f:17:ec:d3:e0:fc:0b:22:f5:93:51:b3:d2:de:7f:35:
         f5:d4:71:06:29:b7:39:71:ec:61:c6:91:f9:93:80:73:94:97:
         ac:90:8a:03:d1:5e:6f:8d:d5:93:b2:02:76:83:96:40:b6:67:
         58:e3:33:f7:e9:1d:00:f4:1f:56:03:15:5d:fc:01:1d:b3:f6:
         3f:0c:c4:6f:a0:0f:b6:68:6b:d8:ac:ac:22:21:3a:6e:cc:d2:
         bd:75:7a:76:cc:a6:5e:52:03:63:09:c5:1d:4d:7b:eb:d6:17:
         6f:33:fb:b4:32:75:93:0f:7a:01:83:3e:8d:3d:0e:8a:fa:3e:
         f0:a5:fe:a8:26:15:99:7e:f9:60:fb:9c:02:1d:1e:39:be:b6:
         45:be:38:85:c1:78:cd:d7:04:fd:6a:ca:8b:0e:98:ca:a1:e7:
         58:1b:98:2d
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICA0EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzhFQjAxMTAvBgNVBAUTKEUxQjkxMEI5QzczMTBDOUY2NTU5NEZDNkU4OTg5RkM5
NTNCMzZFNTEwHhcNMjMxMTA2MjIzMDAyWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ5NjhlYS0zNDkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtPcHwICOSbIvRiYMVYD5AcvvDMrL70gKSovohrCJwFtCuq/yiqV2Ahlefeip
eEm7CYnsNvSDh/a6EfeFunxzYD6KTkVnPR4Pc6YPgaru1dLLv6Ml7kwToVzquTcf
3Rjs1Op10dxfgxQuLzNXymv3oBoHLzfpjTsAcJM+UIhmcB+LWrAeygJfcINMVnII
re/yOyfXzOWyQBXOk7fd+xqgUgKFaCNykz8KgPm2FFsxEEr96GZiJ8H7CAxRze2m
HPGYtsjHL39QeR8bOyskP1G5m4AuMsMr7jeDucvjtYT9ZhAki6nBbDdV+FNR2lkA
9frcS2jgf7pC9ZLD/YF4TA2/kQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFJ786EQf
QSlv60NEvvNzWplwSLAIMB8GA1UdIwQYMBaAFOG5ELnHMQyfZVlPxuiYn8lTs25R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OEVCMC9FMzJDODdDQzUw
RDUxMUVDQjNGOEQ1MjlDNEY5QUUwMi80YmtRdWNjeERKOWxXVV9HNkppZnlWT3pi
bEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzRia1F1Y2N4REo5bFdVX0c2SmlmeVZPemJsRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzhFQjAvRTMyQzg3Q0M1MEQ1MTFFQ0IzRjhENTI5QzRGOUFFMDIvQjM4RDkzMjA1
MEVGMTFFQzg1ODM5NjJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAU0gOADBAWUQgADBAXYduAwDQYJKoZIhvcNAQELBQADggEB
AIWGkIj8W10HRqAzz7WwEiZBTJ3AcDzPNZG3VQ2AITdKJwRk9CdEiXH4cKg0dCgk
LIpWzoWnFUogX7x0YWKfs3CeTQF7fLSnQzGS5LKYN68Myk8aHTaxpOGykg/hnxfs
0+D8CyL1k1Gz0t5/NfXUcQYptzlx7GHGkfmTgHOUl6yQigPRXm+N1ZOyAnaDlkC2
Z1jjM/fpHQD0H1YDFV38AR2z9j8MxG+gD7Zoa9isrCIhOm7M0r11enbMpl5SA2MJ
xR1Ne+vWF28z+7QydZMPegGDPo09Dor6PvCl/qgmFZl++WD7nAIdHjm+tkW+OIXB
eM3XBP1qyosOmMqh51gbmC0=
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:55:44 2024 by rpki-client on console-ams.rpki-client.org