Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/1E7AFF46066811ED8098BF45C4F9AE02.roa
File:                     1E7AFF46066811ED8098BF45C4F9AE02.roa (raw, json)
Hash identifier:          CIGlpvkFxQBpTdIiM2OJXd45dg87sgYC6+6uY0OF7Tk=
Subject key identifier:   03:7D:26:CE:9A:97:62:29:DA:06:09:FC:63:1D:2D:FC:9E:0D:A4:55
Certificate issuer:       /CN=A917E678/serialNumber=1E1238456371E744894622E98AC1EE55B4145E10
Certificate serial:       13EF
Authority key identifier: 1E:12:38:45:63:71:E7:44:89:46:22:E9:8A:C1:EE:55:B4:14:5E:10
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/1E7AFF46066811ED8098BF45C4F9AE02.roa
Signing time:             Wed 24 Apr 2024 08:19:07 +0000
ROA not before:           Wed 24 Apr 2024 08:19:07 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     136907
IP address blocks:        146.174.128.0/18 maxlen: 18
                          146.174.128.0/20 maxlen: 20
                          146.174.144.0/20 maxlen: 20
                          146.174.160.0/20 maxlen: 20
                          146.174.176.0/20 maxlen: 20
                          149.232.128.0/19 maxlen: 19
                          149.232.128.0/20 maxlen: 20
                          149.232.144.0/20 maxlen: 20
                          159.138.67.0/24 maxlen: 24
                          159.138.78.0/24 maxlen: 24
                          159.138.112.0/21 maxlen: 21
                          159.138.113.0/24 maxlen: 24
                          159.138.114.0/24 maxlen: 24
                          159.138.116.0/24 maxlen: 24
                          159.138.208.0/21 maxlen: 21
                          166.108.192.0/18 maxlen: 18
                          166.108.192.0/20 maxlen: 20
                          166.108.208.0/20 maxlen: 20
                          166.108.224.0/20 maxlen: 20
                          166.108.240.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.crl
                          rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 May 2024 14:50:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5103 (0x13ef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917E678/serialNumber=1E1238456371E744894622E98AC1EE55B4145E10
        Validity
            Not Before: Apr 24 08:19:07 2024 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=6628c07a-22af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:eb:59:65:b2:18:ac:a9:52:3c:72:b5:e0:a4:
                    53:ce:87:e4:47:7f:27:cd:27:99:ed:f6:d6:a7:8e:
                    8d:ea:82:f8:f5:5b:db:53:ef:03:c2:85:4c:7d:16:
                    ff:f8:2a:16:be:1e:42:cf:d0:43:b8:4c:35:bf:ef:
                    8a:e8:a0:ba:8b:12:42:5d:09:90:7a:3a:90:ed:08:
                    f8:83:c1:32:77:dd:82:a7:be:37:bb:98:df:51:e1:
                    ce:b6:99:e7:c7:d2:c9:ce:cc:39:48:5b:84:22:57:
                    2e:50:89:1c:5d:c4:b8:25:49:c2:7c:b1:56:bd:ef:
                    e7:9f:70:b4:2e:2d:42:cd:02:ce:f5:62:00:6a:fe:
                    7e:50:c5:1c:25:01:6d:55:c6:50:2f:5c:71:d0:d9:
                    f0:c1:95:7f:8b:c0:09:8b:cf:bb:be:42:5b:76:da:
                    23:fa:99:14:f9:49:d4:8c:d8:cd:c9:69:5e:ad:58:
                    79:c8:32:f1:5f:ec:cc:20:a2:6a:84:48:9d:91:94:
                    d1:1e:9f:95:ea:18:ae:2c:2c:f7:27:d9:af:86:90:
                    b0:08:30:b0:04:6d:99:e5:42:f3:68:6c:d5:f1:0b:
                    fa:4d:23:4f:5f:be:67:2f:b6:e0:b2:51:ee:2b:23:
                    2a:7e:e2:90:9c:91:8d:a6:3b:26:b7:f6:03:1a:01:
                    96:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:7D:26:CE:9A:97:62:29:DA:06:09:FC:63:1D:2D:FC:9E:0D:A4:55
            X509v3 Authority Key Identifier:
                keyid:1E:12:38:45:63:71:E7:44:89:46:22:E9:8A:C1:EE:55:B4:14:5E:10

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/1E7AFF46066811ED8098BF45C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.174.128.0/18
                  149.232.128.0/19
                  159.138.67.0/24
                  159.138.78.0/24
                  159.138.112.0/21
                  159.138.208.0/21
                  166.108.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         a7:ce:88:c6:a3:36:9f:d8:0d:77:d9:53:30:2a:e3:16:0f:94:
         1c:45:bd:03:f3:53:5a:1d:8c:d4:30:5e:b5:f0:af:a4:7b:6c:
         15:67:e5:a5:18:71:01:c3:29:e3:71:a2:6c:82:44:2b:00:9a:
         bf:97:b9:9c:07:0c:38:fe:e0:64:12:42:35:e7:49:2a:1c:f7:
         f8:ce:58:97:29:c1:4f:27:9f:13:49:71:31:20:f1:1a:55:42:
         32:1d:2d:29:26:de:d0:dd:47:5c:d8:75:14:5b:99:73:0c:b1:
         b1:de:9d:a6:e3:e5:b5:99:a2:82:82:80:07:3c:72:01:3e:1c:
         4e:c4:d8:cf:76:c2:d1:f7:bf:21:d6:a8:2d:ef:dd:5b:8e:40:
         f3:fe:8e:5e:61:6a:e7:e5:0b:31:9b:ad:c7:2f:03:58:d5:73:
         77:47:b4:13:a9:90:e0:22:3f:64:18:f9:b8:22:43:78:c2:55:
         70:fa:45:5f:35:c4:e8:56:93:ab:ee:07:c3:da:bb:db:20:5d:
         5e:45:50:ba:fb:cd:0c:e3:bc:65:a6:f2:17:25:a6:1b:c1:7b:
         d5:ba:bf:09:fc:a1:84:c0:41:3c:9b:42:d1:30:d3:d2:dd:b0:
         48:5e:91:de:27:ad:59:48:11:e3:0a:9a:f3:c4:b0:51:e0:b0:
         f0:aa:8e:aa
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICE+8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U2NzgxMTAvBgNVBAUTKDFFMTIzODQ1NjM3MUU3NDQ4OTQ2MjJFOThBQzFFRTU1
QjQxNDVFMTAwHhcNMjQwNDI0MDgxOTA3WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjI4YzA3YS0yMmFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7utZZbIYrKlSPHK14KRTzofkR38nzSeZ7fbWp46N6oL49VvbU+8DwoVMfRb/
+CoWvh5Cz9BDuEw1v++K6KC6ixJCXQmQejqQ7Qj4g8Eyd92Cp743u5jfUeHOtpnn
x9LJzsw5SFuEIlcuUIkcXcS4JUnCfLFWve/nn3C0Li1CzQLO9WIAav5+UMUcJQFt
VcZQL1xx0NnwwZV/i8AJi8+7vkJbdtoj+pkU+UnUjNjNyWlerVh5yDLxX+zMIKJq
hEidkZTRHp+V6hiuLCz3J9mvhpCwCDCwBG2Z5ULzaGzV8Qv6TSNPX75nL7bgslHu
KyMqfuKQnJGNpjsmt/YDGgGWnQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFAN9Js6a
l2Ip2gYJ/GMdLfyeDaRVMB8GA1UdIwQYMBaAFB4SOEVjcedEiUYi6YrB7lW0FF4Q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC82OTdFMzU2QTY5
NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9IaEk0UldOeDUwU0pSaUxwaXNIdVZiUVVY
aEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0hoSTRSV054NTBTSlJpTHBpc0h1VmJRVVhoQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0U2NzgvNjk3RTM1NkE2OTU3MTFFOEE0MkJFNjgwQzRGOUFFMDIvMUU3QUZGNDYw
NjY4MTFFRDgwOThCRjQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCoDBAaSroADBAWV6IADBACfikMDBACfik4DBAOfinADBAOfitAD
BAambMAwDQYJKoZIhvcNAQELBQADggEBAKfOiMajNp/YDXfZUzAq4xYPlBxFvQPz
U1odjNQwXrXwr6R7bBVn5aUYcQHDKeNxomyCRCsAmr+XuZwHDDj+4GQSQjXnSSoc
9/jOWJcpwU8nnxNJcTEg8RpVQjIdLSkm3tDdR1zYdRRbmXMMsbHenabj5bWZooKC
gAc8cgE+HE7E2M92wtH3vyHWqC3v3VuOQPP+jl5hauflCzGbrccvA1jVc3dHtBOp
kOAiP2QY+bgiQ3jCVXD6RV81xOhWk6vuB8Pau9sgXV5FULr7zQzjvGWm8hclphvB
e9W6vwn8oYTAQTybQtEw09LdsEhekd4nrVlIEeMKmvPEsFHgsPCqjqo=
-----END CERTIFICATE-----
Generated at Sat May 18 18:12:32 2024 by rpki-client on console-fra.rpki-client.org