Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9186057/1172298E000911EC99E7D34EC4F9AE02/44BB85E0000B11ECA5BE7350C4F9AE02.roa
File:                     44BB85E0000B11ECA5BE7350C4F9AE02.roa (raw, json)
Hash identifier:          8ts7363cp1hkVZHIPqN09HQRGb2INIRvte2Mmp61pPs=
Subject key identifier:   8F:A8:85:66:EF:9A:F5:7D:D3:D1:2C:93:E8:66:F9:C3:B3:62:21:BF
Certificate issuer:       /CN=A9186057/serialNumber=D2F8DF104F9C5F84546E9509431323097850B459
Certificate serial:       03B5
Authority key identifier: D2:F8:DF:10:4F:9C:5F:84:54:6E:95:09:43:13:23:09:78:50:B4:59
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0vjfEE-cX4RUbpUJQxMjCXhQtFk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9186057/1172298E000911EC99E7D34EC4F9AE02/44BB85E0000B11ECA5BE7350C4F9AE02.roa
Signing time:             Thu 15 Jun 2023 02:01:46 +0000
ROA not before:           Thu 15 Jun 2023 02:01:46 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     135026
IP address blocks:        103.94.103.0/24 maxlen: 24
                          103.107.10.0/24 maxlen: 24
                          103.107.11.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9186057/1172298E000911EC99E7D34EC4F9AE02/0vjfEE-cX4RUbpUJQxMjCXhQtFk.crl
                          rsync://rpki.apnic.net/member_repository/A9186057/1172298E000911EC99E7D34EC4F9AE02/0vjfEE-cX4RUbpUJQxMjCXhQtFk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0vjfEE-cX4RUbpUJQxMjCXhQtFk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 03 Apr 2024 01:35:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 949 (0x3b5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9186057/serialNumber=D2F8DF104F9C5F84546E9509431323097850B459
        Validity
            Not Before: Jun 15 02:01:46 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=648a710a-4445
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:6a:e5:8b:05:23:35:0e:77:09:a8:53:1d:5a:
                    f1:79:ce:e5:b3:ad:ae:dc:99:5d:89:6a:4c:a5:c8:
                    5d:1a:0a:6d:59:a0:7d:03:9c:9b:e4:53:40:45:5d:
                    7f:fa:19:5d:d9:cd:92:e6:88:b1:4f:e0:a4:b9:89:
                    37:49:91:c4:b6:68:a0:85:79:1e:ae:d5:64:89:3d:
                    39:e5:4b:b4:6c:38:fb:7e:a9:b3:bd:62:9e:b6:99:
                    3b:ad:85:88:c3:9a:b3:9e:53:4e:36:e8:46:11:d8:
                    7f:54:cf:b6:c2:40:8f:2d:b6:ae:b2:e7:12:98:53:
                    f7:8f:00:65:98:7f:e7:2b:83:21:42:67:71:b7:2a:
                    97:06:13:01:b8:5d:d8:0e:1f:b0:a9:e8:1c:c0:0a:
                    3d:dd:4a:a0:cf:b1:65:04:a1:73:e5:fb:d7:69:b4:
                    55:03:9b:ff:cf:51:33:05:3d:07:75:68:ad:bc:18:
                    1e:5a:4f:ae:1b:30:c3:60:3c:f1:53:ea:43:f6:bd:
                    50:72:ca:91:ed:bf:23:7c:3b:4e:f1:5d:f2:59:c3:
                    7a:c8:55:a7:e5:43:11:00:7b:c8:bb:e5:03:47:f4:
                    8d:16:c5:32:c1:8c:2a:57:95:02:c9:7e:98:f4:19:
                    5b:66:b1:5b:fc:e8:a2:f5:2d:ea:a1:44:0e:e8:a0:
                    45:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:A8:85:66:EF:9A:F5:7D:D3:D1:2C:93:E8:66:F9:C3:B3:62:21:BF
            X509v3 Authority Key Identifier:
                keyid:D2:F8:DF:10:4F:9C:5F:84:54:6E:95:09:43:13:23:09:78:50:B4:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9186057/1172298E000911EC99E7D34EC4F9AE02/0vjfEE-cX4RUbpUJQxMjCXhQtFk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0vjfEE-cX4RUbpUJQxMjCXhQtFk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186057/1172298E000911EC99E7D34EC4F9AE02/44BB85E0000B11ECA5BE7350C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.94.103.0/24
                  103.107.10.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a7:4a:fd:fb:e9:ab:63:b6:69:d6:6b:2d:e8:14:d2:6a:65:20:
         25:29:cd:96:6f:70:46:72:95:5b:db:69:b1:58:70:29:fc:05:
         b4:4c:2a:f0:23:b2:15:b3:37:10:7b:b6:70:ba:6e:03:e4:dd:
         e7:a0:f2:bf:2c:46:48:f1:36:f3:7a:c6:1f:4f:3f:cf:26:e2:
         c4:be:2b:01:6f:a6:9e:5c:34:5a:94:43:f3:b3:38:b2:d8:4c:
         ba:68:46:af:e9:2a:a9:46:42:b3:e7:f5:2d:f5:cf:55:6b:f9:
         34:d6:bc:73:86:e8:b1:f9:f0:ca:5e:e7:89:b0:29:43:81:48:
         17:c3:bb:40:be:e2:54:9d:13:e4:cd:b4:95:a0:44:47:43:c6:
         07:98:8d:df:72:e3:8f:3d:bc:57:d9:74:2b:29:d8:71:42:55:
         de:40:d5:77:25:b7:f2:56:30:7c:a6:d9:21:b5:a0:67:f3:cb:
         84:50:dd:2b:a3:7f:16:19:61:98:85:52:78:85:5c:3c:d7:d7:
         de:64:52:c3:8f:64:b4:8e:93:ea:30:66:11:cf:51:2a:18:50:
         2a:58:8f:af:5b:a9:63:63:f6:09:fd:25:51:5d:b4:dc:5a:dd:
         1e:a2:60:cb:e9:87:28:2e:fe:20:44:f6:77:d6:61:f6:dc:99:
         de:87:e0:22
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA7UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYwNTcxMTAvBgNVBAUTKEQyRjhERjEwNEY5QzVGODQ1NDZFOTUwOTQzMTMyMzA5
Nzg1MEI0NTkwHhcNMjMwNjE1MDIwMTQ2WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDhhNzEwYS00NDQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuWrliwUjNQ53CahTHVrxec7ls62u3JldiWpMpchdGgptWaB9A5yb5FNARV1/
+hld2c2S5oixT+CkuYk3SZHEtmighXkertVkiT055Uu0bDj7fqmzvWKetpk7rYWI
w5qznlNONuhGEdh/VM+2wkCPLbausucSmFP3jwBlmH/nK4MhQmdxtyqXBhMBuF3Y
Dh+wqegcwAo93Uqgz7FlBKFz5fvXabRVA5v/z1EzBT0HdWitvBgeWk+uGzDDYDzx
U+pD9r1QcsqR7b8jfDtO8V3yWcN6yFWn5UMRAHvIu+UDR/SNFsUywYwqV5UCyX6Y
9BlbZrFb/Oii9S3qoUQO6KBFfQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFI+ohWbv
mvV909Esk+hm+cOzYiG/MB8GA1UdIwQYMBaAFNL43xBPnF+EVG6VCUMTIwl4ULRZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjA1Ny8xMTcyMjk4RTAw
MDkxMUVDOTlFN0QzNEVDNEY5QUUwMi8wdmpmRUUtY1g0UlVicFVKUXhNakNYaFF0
RmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzB2amZFRS1jWDRSVWJwVUpReE1qQ1hoUXRGay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYwNTcvMTE3MjI5OEUwMDA5MTFFQzk5RTdEMzRFQzRGOUFFMDIvNDRCQjg1RTAw
MDBCMTFFQ0E1QkU3MzUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnXmcDBAFnawowDQYJKoZIhvcNAQELBQADggEBAKdK/fvp
q2O2adZrLegU0mplICUpzZZvcEZylVvbabFYcCn8BbRMKvAjshWzNxB7tnC6bgPk
3eeg8r8sRkjxNvN6xh9PP88m4sS+KwFvpp5cNFqUQ/OzOLLYTLpoRq/pKqlGQrPn
9S31z1Vr+TTWvHOG6LH58Mpe54mwKUOBSBfDu0C+4lSdE+TNtJWgREdDxgeYjd9y
4489vFfZdCsp2HFCVd5A1Xclt/JWMHym2SG1oGfzy4RQ3SujfxYZYZiFUniFXDzX
195kUsOPZLSOk+owZhHPUSoYUCpYj69bqWNj9gn9JVFdtNxa3R6iYMvphygu/iBE
9nfWYfbcmd6H4CI=
-----END CERTIFICATE-----
Generated at Wed Mar 27 04:41:31 2024 by rpki-client on console-ams.rpki-client.org