Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918259F/0F8B5910CDAB11EA8837520CC4F9AE02/760B9414D50911EB81567986C4F9AE02.roa
File:                     760B9414D50911EB81567986C4F9AE02.roa (raw, json)
Hash identifier:          b2CWId8MqaA56uaZG0XW2vwyQDys6FvCX/OsZrpS0Q0=
Subject key identifier:   2D:FE:9E:7B:53:0B:42:C0:F2:31:F6:78:BF:DD:03:29:AF:99:37:28
Certificate issuer:       /CN=A918259F/serialNumber=1675DBD9EC39CEED81BBBBDE42CC78CF7A1627C5
Certificate serial:       07DA
Authority key identifier: 16:75:DB:D9:EC:39:CE:ED:81:BB:BB:DE:42:CC:78:CF:7A:16:27:C5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FnXb2ew5zu2Bu7veQsx4z3oWJ8U.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918259F/0F8B5910CDAB11EA8837520CC4F9AE02/760B9414D50911EB81567986C4F9AE02.roa
Signing time:             Sat 02 Nov 2024 20:49:34 +0000
ROA not before:           Sat 02 Nov 2024 20:49:34 +0000
ROA not after:            Mon 01 Dec 2025 00:00:00 +0000
asID:                     136610
IP address blocks:        103.49.69.0/24 maxlen: 24
                          103.78.134.0/24 maxlen: 24
                          103.78.135.0/24 maxlen: 24
                          103.240.220.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918259F/0F8B5910CDAB11EA8837520CC4F9AE02/FnXb2ew5zu2Bu7veQsx4z3oWJ8U.crl
                          rsync://rpki.apnic.net/member_repository/A918259F/0F8B5910CDAB11EA8837520CC4F9AE02/FnXb2ew5zu2Bu7veQsx4z3oWJ8U.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FnXb2ew5zu2Bu7veQsx4z3oWJ8U.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:40:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2010 (0x7da)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918259F/serialNumber=1675DBD9EC39CEED81BBBBDE42CC78CF7A1627C5
        Validity
            Not Before: Nov  2 20:49:34 2024 GMT
            Not After : Dec  1 00:00:00 2025 GMT
        Subject: CN=6726905e-fdfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:df:cd:63:2f:f4:29:82:78:d8:00:52:13:de:
                    3b:17:3c:b1:71:24:63:10:6d:20:6c:aa:d7:7d:48:
                    de:5b:aa:1c:c9:f7:27:b7:86:49:c5:85:e0:4c:3f:
                    2b:ca:6d:d2:ba:f8:70:07:e3:f8:2a:0d:8b:38:07:
                    5c:57:82:85:7e:16:31:da:3c:24:56:29:ae:5b:7e:
                    c4:e9:1f:11:9b:59:d6:9f:4e:b5:a3:17:37:6e:b7:
                    a9:88:e7:42:2d:c0:29:d2:62:17:e0:c8:6d:4a:2f:
                    47:9f:21:18:09:a6:21:fc:0f:f2:4e:d1:bb:90:e5:
                    56:cd:41:b7:d0:b5:a5:e5:61:97:be:0d:58:2b:7f:
                    e8:eb:6f:0b:04:93:8f:2f:01:05:74:b2:7e:63:0b:
                    44:24:97:05:0d:b3:c6:1f:ff:7a:f2:ec:c0:76:09:
                    7c:10:3c:d3:ef:57:af:54:35:e1:2b:4f:e4:e2:56:
                    f4:9e:3c:3d:2e:bc:2d:72:39:aa:1a:ec:76:57:58:
                    00:f8:ca:af:f3:a1:02:bc:64:a7:5f:bb:ac:3b:18:
                    18:68:6b:af:bf:67:78:b9:93:86:a8:ba:83:73:44:
                    dd:d3:9e:77:f6:21:37:5a:ce:14:20:6a:fb:1f:ce:
                    a2:85:d3:b2:25:76:e2:8f:12:26:57:52:1a:36:f4:
                    e6:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:FE:9E:7B:53:0B:42:C0:F2:31:F6:78:BF:DD:03:29:AF:99:37:28
            X509v3 Authority Key Identifier:
                keyid:16:75:DB:D9:EC:39:CE:ED:81:BB:BB:DE:42:CC:78:CF:7A:16:27:C5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918259F/0F8B5910CDAB11EA8837520CC4F9AE02/FnXb2ew5zu2Bu7veQsx4z3oWJ8U.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FnXb2ew5zu2Bu7veQsx4z3oWJ8U.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918259F/0F8B5910CDAB11EA8837520CC4F9AE02/760B9414D50911EB81567986C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.49.69.0/24
                  103.78.134.0/23
                  103.240.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:db:3e:5c:e2:17:06:27:32:5f:82:98:39:13:52:94:d6:4e:
         e6:4c:bf:10:93:6c:fc:81:1e:c5:fb:79:01:97:a7:20:1f:53:
         25:3c:34:0d:d9:92:08:ac:3b:66:d1:b1:39:e9:21:9d:70:86:
         87:9a:e4:b3:c8:05:70:e2:55:0f:f8:c2:aa:57:2b:1e:11:11:
         50:21:d5:bc:1f:ec:53:e2:cd:86:8d:1a:35:68:e8:65:c4:bd:
         a3:9c:91:23:d6:1d:94:67:60:dc:3a:67:9c:55:70:50:5a:0c:
         99:75:7e:06:8a:33:72:56:76:f7:d3:f6:66:f9:a1:bb:49:74:
         90:02:de:9a:c7:c0:fb:d1:53:1f:eb:87:68:84:f6:40:be:61:
         77:dd:53:09:5d:6d:b3:f4:81:b2:8a:d1:ae:73:26:eb:a2:6b:
         e8:7d:85:39:53:03:c2:c6:54:46:ab:f8:ad:e8:0b:65:c1:99:
         8f:fc:04:f5:01:d9:63:7b:ed:48:59:e5:4f:03:0d:df:ca:df:
         0d:24:e2:be:50:ca:f5:81:57:72:58:a3:d9:4f:61:00:dc:2c:
         6a:a9:63:db:7b:9b:23:6a:51:f7:9c:72:7d:b0:41:53:85:c8:
         e5:81:5c:8b:93:d9:ba:95:c5:35:95:29:ee:49:66:8c:88:65:
         d1:e7:77:5f
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICB9owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODI1OUYxMTAvBgNVBAUTKDE2NzVEQkQ5RUMzOUNFRUQ4MUJCQkJERTQyQ0M3OENG
N0ExNjI3QzUwHhcNMjQxMTAyMjA0OTM0WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI2OTA1ZS1mZGZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3N/NYy/0KYJ42ABSE947FzyxcSRjEG0gbKrXfUjeW6ocyfcnt4ZJxYXgTD8r
ym3SuvhwB+P4Kg2LOAdcV4KFfhYx2jwkVimuW37E6R8Rm1nWn061oxc3brepiOdC
LcAp0mIX4MhtSi9HnyEYCaYh/A/yTtG7kOVWzUG30LWl5WGXvg1YK3/o628LBJOP
LwEFdLJ+YwtEJJcFDbPGH/968uzAdgl8EDzT71evVDXhK0/k4lb0njw9Lrwtcjmq
Gux2V1gA+Mqv86ECvGSnX7usOxgYaGuvv2d4uZOGqLqDc0Td05539iE3Ws4UIGr7
H86ihdOyJXbijxImV1IaNvTmUQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFC3+nntT
C0LA8jH2eL/dAymvmTcoMB8GA1UdIwQYMBaAFBZ129nsOc7tgbu73kLMeM96FifF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MjU5Ri8wRjhCNTkxMENE
QUIxMUVBODgzNzUyMENDNEY5QUUwMi9GblhiMmV3NXp1MkJ1N3ZlUXN4NHozb1dK
OFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZuWGIyZXc1enUyQnU3dmVRc3g0ejNvV0o4VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODI1OUYvMEY4QjU5MTBDREFCMTFFQTg4Mzc1MjBDQzRGOUFFMDIvNzYwQjk0MTRE
NTA5MTFFQjgxNTY3OTg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABnMUUDBAFnToYDBABn8NwwDQYJKoZIhvcNAQELBQADggEB
ADnbPlziFwYnMl+CmDkTUpTWTuZMvxCTbPyBHsX7eQGXpyAfUyU8NA3ZkgisO2bR
sTnpIZ1whoea5LPIBXDiVQ/4wqpXKx4REVAh1bwf7FPizYaNGjVo6GXEvaOckSPW
HZRnYNw6Z5xVcFBaDJl1fgaKM3JWdvfT9mb5obtJdJAC3prHwPvRUx/rh2iE9kC+
YXfdUwldbbP0gbKK0a5zJuuia+h9hTlTA8LGVEar+K3oC2XBmY/8BPUB2WN77UhZ
5U8DDd/K3w0k4r5QyvWBV3JYo9lPYQDcLGqpY9t7myNqUfeccn2wQVOFyOWBXIuT
2bqVxTWVKe5JZoyIZdHnd18=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:14:33 2024 by rpki-client on console-ams.rpki-client.org