Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9179D2B/FAB8947C169111EC8B300F79C4F9AE02/405A719A173B11ECA6FAAE38C4F9AE02.roa
File:                     405A719A173B11ECA6FAAE38C4F9AE02.roa (raw, json)
Hash identifier:          gMrYmCyis8tsYxuj0uJm0OpD5CuDSfnGWh+cosN+b3E=
Subject key identifier:   3E:D0:B2:ED:C9:47:EA:E1:41:7A:FE:C1:5E:E0:ED:46:57:B0:F3:E6
Certificate issuer:       /CN=A9179D2B/serialNumber=3EDFC612EE9F215C92002038E0BFB78DF9A422DD
Certificate serial:       03D6
Authority key identifier: 3E:DF:C6:12:EE:9F:21:5C:92:00:20:38:E0:BF:B7:8D:F9:A4:22:DD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Pt_GEu6fIVySACA44L-3jfmkIt0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9179D2B/FAB8947C169111EC8B300F79C4F9AE02/405A719A173B11ECA6FAAE38C4F9AE02.roa
Signing time:             Sun 19 Nov 2023 01:43:29 +0000
ROA not before:           Sun 19 Nov 2023 01:43:29 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     17993
IP address blocks:        103.131.62.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9179D2B/FAB8947C169111EC8B300F79C4F9AE02/Pt_GEu6fIVySACA44L-3jfmkIt0.crl
                          rsync://rpki.apnic.net/member_repository/A9179D2B/FAB8947C169111EC8B300F79C4F9AE02/Pt_GEu6fIVySACA44L-3jfmkIt0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Pt_GEu6fIVySACA44L-3jfmkIt0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 24 Jun 2024 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 982 (0x3d6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9179D2B/serialNumber=3EDFC612EE9F215C92002038E0BFB78DF9A422DD
        Validity
            Not Before: Nov 19 01:43:29 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=65596841-06c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:8f:50:aa:64:15:6a:12:09:e3:30:a7:1f:f5:
                    ca:ec:97:45:e3:54:83:eb:b1:46:89:1d:c6:a1:db:
                    2d:19:1b:7c:41:b6:06:49:c3:83:30:e1:f2:fc:21:
                    30:a6:7c:f5:08:bc:f5:4b:43:64:ed:08:31:ce:01:
                    c6:09:e5:dd:a5:c0:c6:be:d2:a2:d2:e3:16:42:27:
                    d7:32:dc:e7:a4:c6:31:42:ae:6f:63:0a:de:eb:a3:
                    f5:24:b2:50:68:b2:0d:59:16:3a:59:1f:7d:4d:f5:
                    fc:72:d4:59:a7:00:e5:ce:cf:68:a0:b4:23:88:d4:
                    99:52:62:10:d9:44:39:51:85:b0:4b:ca:e5:64:b6:
                    e2:bb:e4:5e:f1:3e:e6:3b:66:52:80:04:9b:15:09:
                    3f:80:98:7f:b2:93:ef:b7:02:54:4e:51:29:5b:95:
                    2a:5b:f4:0e:4f:87:03:cc:d0:e6:b6:c3:c9:a1:dc:
                    c6:86:08:c5:ef:28:64:99:50:37:91:37:6a:96:6e:
                    58:96:0c:88:37:51:3d:d4:49:94:f9:b0:25:7a:0f:
                    0b:b4:e2:72:d0:a6:92:25:df:61:42:f9:7a:1b:b1:
                    2e:e9:f2:b9:f8:0f:4d:a3:70:73:25:ab:e4:86:28:
                    47:9e:1c:26:db:d5:b2:18:58:2a:7c:28:a9:8f:31:
                    e9:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:D0:B2:ED:C9:47:EA:E1:41:7A:FE:C1:5E:E0:ED:46:57:B0:F3:E6
            X509v3 Authority Key Identifier:
                keyid:3E:DF:C6:12:EE:9F:21:5C:92:00:20:38:E0:BF:B7:8D:F9:A4:22:DD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9179D2B/FAB8947C169111EC8B300F79C4F9AE02/Pt_GEu6fIVySACA44L-3jfmkIt0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Pt_GEu6fIVySACA44L-3jfmkIt0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9179D2B/FAB8947C169111EC8B300F79C4F9AE02/405A719A173B11ECA6FAAE38C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.131.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:9a:44:7d:31:aa:da:8f:8c:d2:9d:2b:e5:2f:67:a9:5d:b3:
         bd:49:74:82:24:aa:b6:86:8a:32:1e:20:3d:11:e6:a1:8d:7f:
         e3:9b:0b:4f:fe:5a:d2:98:12:14:b9:a4:fe:90:37:40:02:b1:
         19:97:64:c6:cd:bc:8e:ae:1e:32:e4:ec:75:7f:ad:f4:c4:6f:
         07:a9:3e:06:88:3d:8f:bf:c6:94:3f:c7:4e:2b:57:ba:ab:2b:
         dc:96:da:64:09:d4:9b:ad:7d:ac:91:3f:45:20:90:2b:4a:24:
         3a:94:4e:45:d1:61:d9:14:03:9e:3d:6c:cf:11:22:30:43:5d:
         b3:26:f0:f7:eb:c9:cc:30:12:62:ee:9d:d6:7e:dd:20:fa:29:
         94:60:ea:7f:cf:47:e1:17:05:ac:70:5b:f1:3e:6c:13:0b:ec:
         cd:c1:c8:77:ec:b6:8d:e1:28:1a:a4:6f:03:58:91:5d:8f:1c:
         6a:22:32:67:e2:c4:f4:7b:64:bd:10:1d:d5:8d:86:26:69:de:
         49:fe:54:bc:bf:4b:66:6f:9e:88:0d:ff:ec:37:ab:d3:82:9c:
         5a:4b:f7:8a:d4:1c:4b:b7:f9:01:19:bb:4d:76:24:96:e9:b2:
         d1:0d:b3:f3:12:0a:85:5d:40:06:8c:13:08:92:db:56:6f:03:
         27:66:d2:ef
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA9YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzlEMkIxMTAvBgNVBAUTKDNFREZDNjEyRUU5RjIxNUM5MjAwMjAzOEUwQkZCNzhE
RjlBNDIyREQwHhcNMjMxMTE5MDE0MzI5WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTU5Njg0MS0wNmMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv49QqmQVahIJ4zCnH/XK7JdF41SD67FGiR3GodstGRt8QbYGScODMOHy/CEw
pnz1CLz1S0Nk7QgxzgHGCeXdpcDGvtKi0uMWQifXMtznpMYxQq5vYwre66P1JLJQ
aLINWRY6WR99TfX8ctRZpwDlzs9ooLQjiNSZUmIQ2UQ5UYWwS8rlZLbiu+Re8T7m
O2ZSgASbFQk/gJh/spPvtwJUTlEpW5UqW/QOT4cDzNDmtsPJodzGhgjF7yhkmVA3
kTdqlm5YlgyIN1E91EmU+bAleg8LtOJy0KaSJd9hQvl6G7Eu6fK5+A9No3BzJavk
hihHnhwm29WyGFgqfCipjzHpdQIDAQABo4IClTCCApEwHQYDVR0OBBYEFD7Qsu3J
R+rhQXr+wV7g7UZXsPPmMB8GA1UdIwQYMBaAFD7fxhLunyFckgAgOOC/t435pCLd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OUQyQi9GQUI4OTQ3QzE2
OTExMUVDOEIzMDBGNzlDNEY5QUUwMi9QdF9HRXU2ZklWeVNBQ0E0NEwtM2pmbWtJ
dDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1B0X0dFdTZmSVZ5U0FDQTQ0TC0zamZta0l0MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzlEMkIvRkFCODk0N0MxNjkxMTFFQzhCMzAwRjc5QzRGOUFFMDIvNDA1QTcxOUEx
NzNCMTFFQ0E2RkFBRTM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABngz4wDQYJKoZIhvcNAQELBQADggEBAHKaRH0xqtqPjNKd
K+UvZ6lds71JdIIkqraGijIeID0R5qGNf+ObC0/+WtKYEhS5pP6QN0ACsRmXZMbN
vI6uHjLk7HV/rfTEbwepPgaIPY+/xpQ/x04rV7qrK9yW2mQJ1JutfayRP0UgkCtK
JDqUTkXRYdkUA549bM8RIjBDXbMm8PfrycwwEmLundZ+3SD6KZRg6n/PR+EXBaxw
W/E+bBML7M3ByHfsto3hKBqkbwNYkV2PHGoiMmfixPR7ZL0QHdWNhiZp3kn+VLy/
S2ZvnogN/+w3q9OCnFpL94rUHEu3+QEZu012JJbpstENs/MSCoVdQAaMEwiS21Zv
Aydm0u8=
-----END CERTIFICATE-----
Generated at Mon Jun 17 02:56:17 2024 by rpki-client on console-fra.rpki-client.org