Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9186CDF/4481F0A811DE11EBB9F9F777C4F9AE02/6B5D17BEA05A11ECB6E22147C4F9AE02.roa
File:                     6B5D17BEA05A11ECB6E22147C4F9AE02.roa (raw, json)
Hash identifier:          3Iiu9ccD7zSRol7VAW77fPVYRsmzDGn4NFcTDQ7EnSs=
Subject key identifier:   D8:04:55:C7:5B:4D:AB:F3:D5:B7:67:D2:9B:78:10:73:09:59:F3:22
Certificate issuer:       /CN=A9186CDF/serialNumber=A5322E98206815276DC12617961938FFC6C8848A
Certificate serial:       05BA
Authority key identifier: A5:32:2E:98:20:68:15:27:6D:C1:26:17:96:19:38:FF:C6:C8:84:8A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pTIumCBoFSdtwSYXlhk4_8bIhIo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9186CDF/4481F0A811DE11EBB9F9F777C4F9AE02/6B5D17BEA05A11ECB6E22147C4F9AE02.roa
Signing time:             Sat 03 Dec 2022 00:09:34 +0000
ROA not before:           Sat 03 Dec 2022 00:09:34 +0000
ROA not after:            Wed 31 Jan 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        103.157.136.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9186CDF/4481F0A811DE11EBB9F9F777C4F9AE02/pTIumCBoFSdtwSYXlhk4_8bIhIo.crl
                          rsync://rpki.apnic.net/member_repository/A9186CDF/4481F0A811DE11EBB9F9F777C4F9AE02/pTIumCBoFSdtwSYXlhk4_8bIhIo.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pTIumCBoFSdtwSYXlhk4_8bIhIo.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 04 Nov 2023 07:23:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1466 (0x5ba)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9186CDF/serialNumber=A5322E98206815276DC12617961938FFC6C8848A
        Validity
            Not Before: Dec  3 00:09:34 2022 GMT
            Not After : Jan 31 00:00:00 2024 GMT
        Subject: CN=638a93bd-24d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:17:0a:41:bd:b6:13:46:f0:d3:3d:53:bf:b2:
                    6f:82:ef:9a:5b:41:65:85:34:fc:25:f7:f6:a7:56:
                    4f:54:cb:ef:83:a2:37:4e:d1:a7:fc:e8:60:e0:e4:
                    1d:30:54:82:b3:bb:24:74:a0:91:61:31:95:e2:d0:
                    b6:18:14:19:7e:f9:6a:7a:b9:79:a9:b7:ba:c6:12:
                    e5:14:32:c0:12:d1:64:a7:2e:4b:76:12:b1:cf:08:
                    ff:35:29:86:38:18:01:af:74:b0:f9:7a:1e:c8:38:
                    79:7a:c9:b8:c8:8b:b5:3a:c7:6d:e3:27:09:67:95:
                    f0:28:92:ef:88:53:85:b7:a9:46:f5:7d:79:60:38:
                    8b:fa:7b:89:f9:56:5f:54:c5:e4:a8:4a:83:1e:67:
                    f4:38:a8:bc:f6:a1:74:50:b6:1a:7a:9e:a7:16:82:
                    28:53:6e:0e:f7:93:6a:1a:37:f6:9a:94:67:e3:9e:
                    7a:5b:72:73:e8:35:7b:52:99:ac:43:4a:26:f9:c2:
                    bc:77:6c:c1:be:19:f2:3b:fa:dc:ff:92:b1:47:d1:
                    2c:3d:43:6e:e0:18:a3:04:f9:92:8e:bb:d7:69:2c:
                    2c:4a:51:2b:1c:0e:48:e9:49:78:28:52:13:11:0b:
                    79:30:17:5e:15:8f:71:cb:bf:d4:6a:c0:db:53:73:
                    90:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:04:55:C7:5B:4D:AB:F3:D5:B7:67:D2:9B:78:10:73:09:59:F3:22
            X509v3 Authority Key Identifier:
                keyid:A5:32:2E:98:20:68:15:27:6D:C1:26:17:96:19:38:FF:C6:C8:84:8A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9186CDF/4481F0A811DE11EBB9F9F777C4F9AE02/pTIumCBoFSdtwSYXlhk4_8bIhIo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pTIumCBoFSdtwSYXlhk4_8bIhIo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186CDF/4481F0A811DE11EBB9F9F777C4F9AE02/6B5D17BEA05A11ECB6E22147C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.157.136.0/23

    Signature Algorithm: sha256WithRSAEncryption
         33:5f:49:08:79:bd:b1:45:51:f9:77:e3:ff:8f:72:1c:85:49:
         5a:55:68:47:d8:4f:b5:5e:1f:77:83:96:a2:4e:98:26:10:e4:
         82:3e:b2:fe:7d:fc:f3:a9:0d:d5:8e:24:76:b0:60:f7:ee:93:
         bd:a9:92:1c:87:d8:ec:7e:45:0d:56:71:d8:79:5e:42:e0:8f:
         d2:f0:10:d3:c3:57:55:2a:a6:e8:07:df:ee:75:38:ba:62:e5:
         dd:78:51:3a:86:35:54:2e:df:e8:2d:df:c1:9e:15:ba:b5:c1:
         09:64:fb:8a:1f:88:98:bc:f7:76:ea:b4:36:8f:93:27:22:92:
         80:ea:9b:f1:23:bc:d0:df:b4:51:a0:68:fd:84:fb:92:ad:4f:
         d9:c2:d0:cd:31:84:43:37:ce:17:33:2d:a2:60:f9:46:76:dc:
         6e:43:8e:ee:0e:3a:91:9e:5f:b5:be:df:d4:dc:ca:15:04:37:
         61:b8:bb:f9:b6:42:30:f8:3c:e9:aa:67:a2:ee:ff:2b:e4:e1:
         6a:21:0b:c2:94:19:2e:00:37:1a:39:fd:f4:8d:9e:bd:de:bd:
         95:10:2d:ed:08:49:7b:e5:92:e2:5a:f3:8a:51:31:71:04:9a:
         41:f3:75:65:4b:14:de:ed:5c:81:27:22:d2:96:bb:ad:71:6d:
         e3:78:04:1e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBbowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODZDREYxMTAvBgNVBAUTKEE1MzIyRTk4MjA2ODE1Mjc2REMxMjYxNzk2MTkzOEZG
QzZDODg0OEEwHhcNMjIxMjAzMDAwOTM0WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzhhOTNiZC0yNGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvxcKQb22E0bw0z1Tv7Jvgu+aW0FlhTT8Jff2p1ZPVMvvg6I3TtGn/Ohg4OQd
MFSCs7skdKCRYTGV4tC2GBQZfvlqerl5qbe6xhLlFDLAEtFkpy5LdhKxzwj/NSmG
OBgBr3Sw+XoeyDh5esm4yIu1Osdt4ycJZ5XwKJLviFOFt6lG9X15YDiL+nuJ+VZf
VMXkqEqDHmf0OKi89qF0ULYaep6nFoIoU24O95NqGjf2mpRn4556W3Jz6DV7Upms
Q0om+cK8d2zBvhnyO/rc/5KxR9EsPUNu4BijBPmSjrvXaSwsSlErHA5I6Ul4KFIT
EQt5MBdeFY9xy7/UasDbU3OQgQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNgEVcdb
Tavz1bdn0pt4EHMJWfMiMB8GA1UdIwQYMBaAFKUyLpggaBUnbcEmF5YZOP/GyISK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NkNERi80NDgxRjBBODEx
REUxMUVCQjlGOUY3NzdDNEY5QUUwMi9wVEl1bUNCb0ZTZHR3U1lYbGhrNF84Yklo
SW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BUSXVtQ0JvRlNkdHdTWVhsaGs0XzhiSWhJby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODZDREYvNDQ4MUYwQTgxMURFMTFFQkI5RjlGNzc3QzRGOUFFMDIvNkI1RDE3QkVB
MDVBMTFFQ0I2RTIyMTQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnnYgwDQYJKoZIhvcNAQELBQADggEBADNfSQh5vbFFUfl3
4/+PchyFSVpVaEfYT7VeH3eDlqJOmCYQ5II+sv59/POpDdWOJHawYPfuk72pkhyH
2Ox+RQ1Wcdh5XkLgj9LwENPDV1UqpugH3+51OLpi5d14UTqGNVQu3+gt38GeFbq1
wQlk+4ofiJi893bqtDaPkycikoDqm/EjvNDftFGgaP2E+5KtT9nC0M0xhEM3zhcz
LaJg+UZ23G5Dju4OOpGeX7W+39TcyhUEN2G4u/m2QjD4POmqZ6Lu/yvk4WohC8KU
GS4ANxo5/fSNnr3evZUQLe0ISXvlkuJa84pRMXEEmkHzdWVLFN7tXIEnItKWu61x
beN4BB4=
-----END CERTIFICATE-----
Generated at Sat Oct 28 09:48:38 2023 by rpki-client on console-fra.rpki-client.org