Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9184569/FE899D5E086411EAB7D4EC82C4F9AE02/D18A05124F6011EF92961F64C4F9AE02.roa
File:                     D18A05124F6011EF92961F64C4F9AE02.roa (raw, json)
Hash identifier:          kl/EG3COlGaPdFGuJ2x1JJcaum31G+ST8VWwLB103oc=
Subject key identifier:   F0:DC:6E:B4:99:E8:91:26:2C:44:9A:B1:1E:B2:B0:AC:14:AC:6A:DC
Certificate issuer:       /CN=A9184569/serialNumber=BC30B8A4BDD1CE28F7B2F999342F51CE1FDB86E6
Certificate serial:       0BB2
Authority key identifier: BC:30:B8:A4:BD:D1:CE:28:F7:B2:F9:99:34:2F:51:CE:1F:DB:86:E6
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vDC4pL3Rzij3svmZNC9Rzh_bhuY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9184569/FE899D5E086411EAB7D4EC82C4F9AE02/D18A05124F6011EF92961F64C4F9AE02.roa
Signing time:             Wed 31 Jul 2024 17:17:52 +0000
ROA not before:           Wed 31 Jul 2024 17:17:52 +0000
ROA not after:            Wed 28 May 2025 00:00:00 +0000
asID:                     137496
IP address blocks:        103.134.171.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9184569/FE899D5E086411EAB7D4EC82C4F9AE02/vDC4pL3Rzij3svmZNC9Rzh_bhuY.crl
                          rsync://rpki.apnic.net/member_repository/A9184569/FE899D5E086411EAB7D4EC82C4F9AE02/vDC4pL3Rzij3svmZNC9Rzh_bhuY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vDC4pL3Rzij3svmZNC9Rzh_bhuY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 18:31:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2994 (0xbb2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9184569/serialNumber=BC30B8A4BDD1CE28F7B2F999342F51CE1FDB86E6
        Validity
            Not Before: Jul 31 17:17:52 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=66aa71c0-920d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:1a:b2:52:86:d4:9c:42:ca:87:f6:fc:c1:f7:
                    56:4b:10:2a:1d:31:31:f3:6e:17:d0:eb:3b:0b:a3:
                    8d:75:33:42:cc:99:73:86:52:46:5c:da:b3:19:d8:
                    21:80:81:1f:53:8e:b6:51:68:cf:5b:34:0a:28:06:
                    f1:a7:aa:cc:0e:3d:04:6b:0a:9e:6b:8e:7e:79:dd:
                    57:5b:78:76:43:d1:dc:bc:25:4a:20:c4:ae:1e:77:
                    83:a2:18:74:2f:47:73:0d:06:ef:4f:c7:f1:77:06:
                    cd:f8:50:d0:62:ac:fd:47:a4:88:97:a4:24:6f:ba:
                    ba:6a:85:0e:4c:97:e0:b4:99:35:ea:57:48:55:73:
                    cd:90:f6:82:6a:75:fa:97:90:95:92:f7:88:6f:8d:
                    00:58:6d:6b:95:9d:26:0e:4e:50:ef:4d:cf:6e:84:
                    ed:63:b0:cf:1a:71:f4:d1:b1:7a:f3:85:8e:1b:fb:
                    a4:c5:31:9d:8b:77:e3:a6:b1:23:b5:fd:88:0e:c0:
                    10:22:31:29:b9:33:bf:25:de:32:8b:90:eb:cb:9d:
                    20:a1:f1:d4:8d:fa:c5:bd:88:5d:d3:6d:d9:0b:20:
                    4e:56:27:71:5f:00:87:ee:dd:f2:1c:d8:e2:d1:38:
                    48:e9:77:6e:70:3a:aa:53:6d:03:f1:53:6f:8d:9a:
                    76:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:DC:6E:B4:99:E8:91:26:2C:44:9A:B1:1E:B2:B0:AC:14:AC:6A:DC
            X509v3 Authority Key Identifier:
                keyid:BC:30:B8:A4:BD:D1:CE:28:F7:B2:F9:99:34:2F:51:CE:1F:DB:86:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9184569/FE899D5E086411EAB7D4EC82C4F9AE02/vDC4pL3Rzij3svmZNC9Rzh_bhuY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vDC4pL3Rzij3svmZNC9Rzh_bhuY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9184569/FE899D5E086411EAB7D4EC82C4F9AE02/D18A05124F6011EF92961F64C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.134.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:0e:5e:7b:ce:56:cb:ca:0e:49:95:06:e0:f8:04:74:35:a5:
         00:eb:23:a3:52:0e:76:af:28:22:9c:df:83:f5:65:2b:dc:8b:
         39:e7:3b:1b:99:0d:7c:93:72:71:84:a2:ef:71:2b:32:46:0f:
         5f:92:f8:b9:c1:f0:71:6e:29:b4:15:62:4f:19:63:ef:89:6d:
         06:ec:16:ca:1d:01:7d:20:66:c3:80:4d:c7:a2:6d:ab:ea:5d:
         7e:b5:2f:7d:8b:0d:8c:23:67:f4:90:ca:ff:89:f0:26:9c:c0:
         05:cb:1b:c9:b9:a0:72:89:b5:4d:bd:0f:8a:59:28:dd:43:c4:
         45:66:08:0d:25:00:e2:03:93:a4:72:b1:f7:70:69:f0:ca:f5:
         d0:ec:53:4a:47:e8:ee:e4:f3:f6:47:96:d3:70:be:a2:18:75:
         f1:f9:7e:da:cb:8d:6b:40:aa:b9:6a:03:a9:22:ab:35:11:f1:
         bd:33:eb:36:c5:13:b7:e2:fa:84:e7:ac:64:eb:ee:9d:19:7f:
         63:e7:4d:4d:cd:38:9e:b4:25:38:3d:2d:2d:1c:93:03:51:07:
         66:da:03:52:d2:6f:41:b7:cd:5d:8f:4c:db:8e:f1:f4:2e:3e:
         78:0c:05:93:8e:88:f9:a9:90:fe:fc:a4:51:98:2a:1e:35:37:
         25:ae:13:c0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC7IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQ1NjkxMTAvBgNVBAUTKEJDMzBCOEE0QkREMUNFMjhGN0IyRjk5OTM0MkY1MUNF
MUZEQjg2RTYwHhcNMjQwNzMxMTcxNzUyWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFhNzFjMC05MjBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApRqyUobUnELKh/b8wfdWSxAqHTEx824X0Os7C6ONdTNCzJlzhlJGXNqzGdgh
gIEfU462UWjPWzQKKAbxp6rMDj0Eawqea45+ed1XW3h2Q9HcvCVKIMSuHneDohh0
L0dzDQbvT8fxdwbN+FDQYqz9R6SIl6Qkb7q6aoUOTJfgtJk16ldIVXPNkPaCanX6
l5CVkveIb40AWG1rlZ0mDk5Q703PboTtY7DPGnH00bF684WOG/ukxTGdi3fjprEj
tf2IDsAQIjEpuTO/Jd4yi5Dry50gofHUjfrFvYhd023ZCyBOVidxXwCH7t3yHNji
0ThI6XducDqqU20D8VNvjZp2HQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPDcbrSZ
6JEmLESasR6ysKwUrGrcMB8GA1UdIwQYMBaAFLwwuKS90c4o97L5mTQvUc4f24bm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDU2OS9GRTg5OUQ1RTA4
NjQxMUVBQjdENEVDODJDNEY5QUUwMi92REM0cEwzUnppajNzdm1aTkM5UnpoX2Jo
dVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZEQzRwTDNSemlqM3N2bVpOQzlSemhfYmh1WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQ1NjkvRkU4OTlENUUwODY0MTFFQUI3RDRFQzgyQzRGOUFFMDIvRDE4QTA1MTI0
RjYwMTFFRjkyOTYxRjY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnhqswDQYJKoZIhvcNAQELBQADggEBAFAOXnvOVsvKDkmV
BuD4BHQ1pQDrI6NSDnavKCKc34P1ZSvciznnOxuZDXyTcnGEou9xKzJGD1+S+LnB
8HFuKbQVYk8ZY++JbQbsFsodAX0gZsOATceibavqXX61L32LDYwjZ/SQyv+J8Cac
wAXLG8m5oHKJtU29D4pZKN1DxEVmCA0lAOIDk6RysfdwafDK9dDsU0pH6O7k8/ZH
ltNwvqIYdfH5ftrLjWtAqrlqA6kiqzUR8b0z6zbFE7fi+oTnrGTr7p0Zf2PnTU3N
OJ60JTg9LS0ckwNRB2baA1LSb0G3zV2PTNuO8fQuPngMBZOOiPmpkP78pFGYKh41
NyWuE8A=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:06 2024 by rpki-client on console-ams.rpki-client.org