Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918054D/6E0823B0198C11EBAFCB9459C4F9AE02/303C97563EB611EBA4FCB055C4F9AE02.roa
File:                     303C97563EB611EBA4FCB055C4F9AE02.roa (raw, json)
Hash identifier:          I43X2ILlK/K7dyC3ecsmVCkpRUOCvWwwGDCuc74JdYs=
Subject key identifier:   10:EB:85:D6:A0:60:E7:AE:B4:8F:4F:47:EC:CA:03:49:67:9D:FB:10
Certificate issuer:       /CN=A918054D/serialNumber=CD827BF96458361F6098B22F758548D7EAEFA168
Certificate serial:       0643
Authority key identifier: CD:82:7B:F9:64:58:36:1F:60:98:B2:2F:75:85:48:D7:EA:EF:A1:68
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zYJ7-WRYNh9gmLIvdYVI1-rvoWg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918054D/6E0823B0198C11EBAFCB9459C4F9AE02/303C97563EB611EBA4FCB055C4F9AE02.roa
Signing time:             Wed 20 Sep 2023 22:40:31 +0000
ROA not before:           Wed 20 Sep 2023 22:40:31 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        103.155.132.0/23 maxlen: 23
                          103.155.132.0/24 maxlen: 24
                          103.155.133.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918054D/6E0823B0198C11EBAFCB9459C4F9AE02/zYJ7-WRYNh9gmLIvdYVI1-rvoWg.crl
                          rsync://rpki.apnic.net/member_repository/A918054D/6E0823B0198C11EBAFCB9459C4F9AE02/zYJ7-WRYNh9gmLIvdYVI1-rvoWg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zYJ7-WRYNh9gmLIvdYVI1-rvoWg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 23:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1603 (0x643)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918054D/serialNumber=CD827BF96458361F6098B22F758548D7EAEFA168
        Validity
            Not Before: Sep 20 22:40:31 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=650b74de-c118
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:35:58:69:65:d0:2f:94:c3:c3:56:65:25:7b:
                    8a:f2:b7:32:e5:ab:e9:83:55:a8:0b:4a:9c:9d:8e:
                    20:5e:72:d9:70:99:58:f0:26:ad:d8:16:02:88:e0:
                    4c:65:10:3d:d1:c1:a0:09:9a:b0:c3:82:b1:15:c6:
                    ea:ec:a1:da:18:f2:c7:7c:69:46:17:fd:8e:77:a1:
                    af:d2:c6:41:cb:0b:4b:f8:8f:bf:a5:ee:59:e7:0c:
                    c0:35:57:c6:56:39:56:c1:31:db:b7:4a:47:9a:67:
                    b4:bd:d1:c5:02:d4:ba:87:9b:fe:d3:4c:d2:38:4d:
                    a7:90:8a:88:73:de:f0:88:80:ea:5f:bc:7f:d8:7b:
                    36:d6:fe:ff:4e:b0:ef:af:86:0e:78:66:ff:19:6c:
                    a3:1f:f6:6a:2d:b3:4c:51:8e:38:9e:d1:7f:23:13:
                    a8:a0:e9:c3:4f:0c:e6:50:70:e6:95:b1:7d:5d:cd:
                    e5:bd:47:f1:eb:fe:f4:23:8f:d9:c5:86:b7:d0:11:
                    54:bc:52:dc:39:08:7b:48:cf:80:57:6e:70:48:cd:
                    5d:e0:ce:ae:85:71:4c:25:b3:e8:40:c5:1c:87:e1:
                    5e:00:89:96:6c:2a:40:80:2a:2a:d0:f7:03:80:23:
                    79:1b:4c:c1:48:26:ef:17:be:01:27:2a:89:fb:79:
                    68:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:EB:85:D6:A0:60:E7:AE:B4:8F:4F:47:EC:CA:03:49:67:9D:FB:10
            X509v3 Authority Key Identifier:
                keyid:CD:82:7B:F9:64:58:36:1F:60:98:B2:2F:75:85:48:D7:EA:EF:A1:68

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918054D/6E0823B0198C11EBAFCB9459C4F9AE02/zYJ7-WRYNh9gmLIvdYVI1-rvoWg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zYJ7-WRYNh9gmLIvdYVI1-rvoWg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918054D/6E0823B0198C11EBAFCB9459C4F9AE02/303C97563EB611EBA4FCB055C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.155.132.0/23

    Signature Algorithm: sha256WithRSAEncryption
         98:11:f4:4a:df:95:12:2e:c0:e4:28:a7:6e:2d:a4:e3:32:79:
         b3:5e:46:3d:53:11:8c:75:e3:af:ad:d3:b6:e2:65:83:2d:9e:
         4e:51:83:61:4c:06:df:a4:da:2a:fb:60:02:59:73:2e:13:40:
         46:65:34:d6:46:68:1a:c9:52:2d:1c:3c:80:97:cd:b4:6c:fe:
         9e:7b:05:13:bb:99:63:f1:78:2f:54:6d:3a:e2:6f:de:4c:c0:
         42:f4:4c:b7:97:7e:95:da:c7:44:93:db:a5:c8:5a:5c:02:de:
         53:8a:4d:5f:1f:bd:a5:8c:c6:ff:8c:f7:df:97:09:a3:91:c8:
         8e:23:35:db:32:1a:55:3b:ea:31:9c:ba:94:cc:2b:9b:cc:3e:
         f1:dc:96:69:31:5e:46:07:25:03:36:98:71:bf:80:f3:89:6a:
         2e:43:32:a5:0d:e0:b0:3c:6b:32:a8:e8:87:26:57:4b:fa:9c:
         f1:a9:72:d5:d8:fe:34:d6:c9:6f:de:8d:e6:ab:4c:64:98:ee:
         7d:33:86:5a:0d:46:35:2f:11:2f:3f:e8:07:2a:53:da:66:f4:
         56:26:ca:67:8d:bd:aa:0a:df:9b:33:0d:3f:68:25:65:d8:a8:
         e8:3c:73:0c:9f:b4:6e:be:86:b7:4a:02:45:95:8b:46:fa:45:
         e4:fb:3b:16
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBkMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODA1NEQxMTAvBgNVBAUTKENEODI3QkY5NjQ1ODM2MUY2MDk4QjIyRjc1ODU0OEQ3
RUFFRkExNjgwHhcNMjMwOTIwMjI0MDMxWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTBiNzRkZS1jMTE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7DVYaWXQL5TDw1ZlJXuK8rcy5avpg1WoC0qcnY4gXnLZcJlY8Cat2BYCiOBM
ZRA90cGgCZqww4KxFcbq7KHaGPLHfGlGF/2Od6Gv0sZBywtL+I+/pe5Z5wzANVfG
VjlWwTHbt0pHmme0vdHFAtS6h5v+00zSOE2nkIqIc97wiIDqX7x/2Hs21v7/TrDv
r4YOeGb/GWyjH/ZqLbNMUY44ntF/IxOooOnDTwzmUHDmlbF9Xc3lvUfx6/70I4/Z
xYa30BFUvFLcOQh7SM+AV25wSM1d4M6uhXFMJbPoQMUch+FeAImWbCpAgCoq0PcD
gCN5G0zBSCbvF74BJyqJ+3loMQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBDrhdag
YOeutI9PR+zKA0lnnfsQMB8GA1UdIwQYMBaAFM2Ce/lkWDYfYJiyL3WFSNfq76Fo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDU0RC82RTA4MjNCMDE5
OEMxMUVCQUZDQjk0NTlDNEY5QUUwMi96WUo3LVdSWU5oOWdtTEl2ZFlWSTEtcnZv
V2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pZSjctV1JZTmg5Z21MSXZkWVZJMS1ydm9XZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODA1NEQvNkUwODIzQjAxOThDMTFFQkFGQ0I5NDU5QzRGOUFFMDIvMzAzQzk3NTYz
RUI2MTFFQkE0RkNCMDU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnm4QwDQYJKoZIhvcNAQELBQADggEBAJgR9ErflRIuwOQo
p24tpOMyebNeRj1TEYx146+t07biZYMtnk5Rg2FMBt+k2ir7YAJZcy4TQEZlNNZG
aBrJUi0cPICXzbRs/p57BRO7mWPxeC9UbTrib95MwEL0TLeXfpXax0ST26XIWlwC
3lOKTV8fvaWMxv+M99+XCaORyI4jNdsyGlU76jGcupTMK5vMPvHclmkxXkYHJQM2
mHG/gPOJai5DMqUN4LA8azKo6IcmV0v6nPGpctXY/jTWyW/ejearTGSY7n0zhloN
RjUvES8/6AcqU9pm9FYmymeNvaoK35szDT9oJWXYqOg8cwyftG6+hrdKAkWVi0b6
ReT7OxY=
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:49:59 2024 by rpki-client on console-ams.rpki-client.org