Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9186249/98726D6ED17011EEA6151C4DC4F9AE02/E7780BD6D17411EE87F7325DC4F9AE02.roa
File:                     E7780BD6D17411EE87F7325DC4F9AE02.roa (raw, json)
Hash identifier:          obSLVehoxb5p0D91IN3Q6srICDKIx5uxUoPHPnPGYyg=
Subject key identifier:   0B:6A:30:1F:E8:FF:3F:26:CA:B1:22:78:FE:58:48:DF:61:EA:A7:09
Certificate issuer:       /CN=A9186249/serialNumber=4DFAF12599BC8A9F71DA60AB3920E0A1F40158E5
Certificate serial:       83
Authority key identifier: 4D:FA:F1:25:99:BC:8A:9F:71:DA:60:AB:39:20:E0:A1:F4:01:58:E5
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TfrxJZm8ip9x2mCrOSDgofQBWOU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9186249/98726D6ED17011EEA6151C4DC4F9AE02/E7780BD6D17411EE87F7325DC4F9AE02.roa
Signing time:             Thu 24 Oct 2024 16:04:00 +0000
ROA not before:           Thu 24 Oct 2024 16:04:00 +0000
ROA not after:            Wed 28 May 2025 00:00:00 +0000
asID:                     152585
IP address blocks:        157.20.77.0/24 maxlen: 24
                          160.191.66.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9186249/98726D6ED17011EEA6151C4DC4F9AE02/TfrxJZm8ip9x2mCrOSDgofQBWOU.crl
                          rsync://rpki.apnic.net/member_repository/A9186249/98726D6ED17011EEA6151C4DC4F9AE02/TfrxJZm8ip9x2mCrOSDgofQBWOU.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TfrxJZm8ip9x2mCrOSDgofQBWOU.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 02:50:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 131 (0x83)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9186249/serialNumber=4DFAF12599BC8A9F71DA60AB3920E0A1F40158E5
        Validity
            Not Before: Oct 24 16:04:00 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=671a6ff0-e224
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:c0:70:cd:a1:9a:5e:e3:82:48:87:6b:bd:65:
                    a3:29:3f:fe:bb:f4:19:db:5f:41:c6:7d:02:e1:10:
                    ce:ec:6a:55:4f:4f:81:cb:17:f3:5e:6f:59:3e:f6:
                    b0:88:ad:ea:ad:e3:70:3f:0c:69:bb:70:4b:47:61:
                    86:99:35:43:80:96:09:54:af:af:ce:86:c6:36:45:
                    c0:b4:0b:7d:3a:b4:19:bd:7f:9b:0e:3d:6e:37:2e:
                    ca:95:f1:44:a0:4c:51:aa:2d:c6:f6:3e:89:d3:98:
                    61:99:5f:d7:23:d3:40:90:a2:e7:83:d2:fd:a1:84:
                    02:6a:1f:25:58:08:80:4b:07:0d:d0:05:f5:bb:fc:
                    db:7f:ff:5d:0b:86:ca:c7:f6:0f:e1:ff:31:ac:79:
                    5c:90:a6:91:bb:d3:cd:73:d0:72:77:1c:11:f9:2f:
                    6e:aa:20:b8:d8:d5:bf:f8:fe:79:83:ad:44:b0:84:
                    d0:8d:74:a1:58:db:30:a0:e3:42:e4:5a:75:92:66:
                    ea:08:3e:19:3b:f2:db:9d:d7:c5:8c:67:e1:6c:c4:
                    c2:95:62:88:b8:8c:84:c0:1d:ef:6e:c0:df:02:05:
                    7b:cc:eb:2b:5e:32:d7:93:7e:87:63:d7:37:93:ef:
                    ca:bc:9d:a1:0c:69:bb:32:83:90:05:40:05:5f:6e:
                    42:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:6A:30:1F:E8:FF:3F:26:CA:B1:22:78:FE:58:48:DF:61:EA:A7:09
            X509v3 Authority Key Identifier:
                keyid:4D:FA:F1:25:99:BC:8A:9F:71:DA:60:AB:39:20:E0:A1:F4:01:58:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9186249/98726D6ED17011EEA6151C4DC4F9AE02/TfrxJZm8ip9x2mCrOSDgofQBWOU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TfrxJZm8ip9x2mCrOSDgofQBWOU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186249/98726D6ED17011EEA6151C4DC4F9AE02/E7780BD6D17411EE87F7325DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.20.77.0/24
                  160.191.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:21:66:47:70:9b:43:fa:b3:8e:cd:c1:f1:5e:c5:8c:e9:ca:
         d7:f5:2c:53:3e:05:b6:b9:6c:11:1d:41:cd:18:8c:cd:a9:b2:
         04:a1:da:88:e2:55:4e:ae:e1:ce:e1:15:29:09:df:4d:4c:53:
         49:1a:31:de:c8:5c:db:ab:fe:9b:94:74:23:82:68:20:84:f9:
         f4:f9:de:6f:b4:ca:2d:c6:7d:f5:41:56:e8:aa:ec:02:cd:88:
         c3:f4:22:ee:d0:58:4e:9a:5b:9d:76:cf:5e:55:a2:a1:6b:5f:
         2d:b0:f7:b4:bb:be:10:18:8f:74:46:13:8d:2e:3d:b0:a8:fb:
         81:89:75:f9:ec:0e:26:e8:98:58:f6:fc:77:bc:95:aa:78:d1:
         0a:48:d8:82:f0:f8:52:85:9a:e9:63:bd:4a:5c:40:1c:5a:00:
         0a:5a:09:28:24:83:47:b1:02:cf:6a:41:11:dd:4e:48:b5:36:
         43:74:af:42:19:4a:99:e5:6a:f0:7d:26:fd:54:c2:80:95:a0:
         e3:4f:0d:7b:88:71:e9:2b:8c:4b:76:48:c8:80:a9:f4:d2:e6:
         45:96:c1:db:87:cf:de:39:11:47:f6:13:83:a9:07:d8:dd:18:
         8d:60:0b:b1:47:47:07:90:27:fb:a5:85:05:f3:51:28:e0:5d:
         e9:66:ce:63
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAIMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyNDkxMTAvBgNVBAUTKDRERkFGMTI1OTlCQzhBOUY3MURBNjBBQjM5MjBFMEEx
RjQwMTU4RTUwHhcNMjQxMDI0MTYwNDAwWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzFhNmZmMC1lMjI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4MBwzaGaXuOCSIdrvWWjKT/+u/QZ219Bxn0C4RDO7GpVT0+ByxfzXm9ZPvaw
iK3qreNwPwxpu3BLR2GGmTVDgJYJVK+vzobGNkXAtAt9OrQZvX+bDj1uNy7KlfFE
oExRqi3G9j6J05hhmV/XI9NAkKLng9L9oYQCah8lWAiASwcN0AX1u/zbf/9dC4bK
x/YP4f8xrHlckKaRu9PNc9BydxwR+S9uqiC42NW/+P55g61EsITQjXShWNswoONC
5Fp1kmbqCD4ZO/LbndfFjGfhbMTClWKIuIyEwB3vbsDfAgV7zOsrXjLXk36HY9c3
k+/KvJ2hDGm7MoOQBUAFX25COwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAtqMB/o
/z8myrEieP5YSN9h6qcJMB8GA1UdIwQYMBaAFE368SWZvIqfcdpgqzkg4KH0AVjl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjI0OS85ODcyNkQ2RUQx
NzAxMUVFQTYxNTFDNERDNEY5QUUwMi9UZnJ4SlptOGlwOXgybUNyT1NEZ29mUUJX
T1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1RmcnhKWm04aXA5eDJtQ3JPU0Rnb2ZRQldPVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyNDkvOTg3MjZENkVEMTcwMTFFRUE2MTUxQzREQzRGOUFFMDIvRTc3ODBCRDZE
MTc0MTFFRTg3RjczMjVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBACdFE0DBACgv0IwDQYJKoZIhvcNAQELBQADggEBAIEhZkdw
m0P6s47NwfFexYzpytf1LFM+Bba5bBEdQc0YjM2psgSh2ojiVU6u4c7hFSkJ301M
U0kaMd7IXNur/puUdCOCaCCE+fT53m+0yi3GffVBVuiq7ALNiMP0Iu7QWE6aW512
z15VoqFrXy2w97S7vhAYj3RGE40uPbCo+4GJdfnsDibomFj2/He8lap40QpI2ILw
+FKFmuljvUpcQBxaAApaCSgkg0exAs9qQRHdTki1NkN0r0IZSpnlavB9Jv1UwoCV
oONPDXuIcekrjEt2SMiAqfTS5kWWwduHz945EUf2E4OpB9jdGI1gC7FHRweQJ/ul
hQXzUSjgXelmzmM=
-----END CERTIFICATE-----
Generated at Thu Nov 21 05:37:08 2024 by rpki-client on console-ams.rpki-client.org