Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918748C/A74DA77264B411EAB38A340DC4F9AE02/DCE066622C7811EC97C8D979C4F9AE02.roa
File:                     DCE066622C7811EC97C8D979C4F9AE02.roa (raw, json)
Hash identifier:          XeMJrNAHzwtH700102pLfUhxaHgV7f1vlB5mTcEKGII=
Subject key identifier:   EA:A0:71:89:EA:40:F6:FD:0E:63:7D:6D:E9:E4:21:D6:B8:AC:A6:69
Certificate issuer:       /CN=A918748C/serialNumber=289624B2E00B774D3D390F5A0AD10B5BC35F56D8
Certificate serial:       090B
Authority key identifier: 28:96:24:B2:E0:0B:77:4D:3D:39:0F:5A:0A:D1:0B:5B:C3:5F:56:D8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KJYksuALd009OQ9aCtELW8NfVtg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918748C/A74DA77264B411EAB38A340DC4F9AE02/DCE066622C7811EC97C8D979C4F9AE02.roa
Signing time:             Wed 14 Jun 2023 21:22:21 +0000
ROA not before:           Wed 14 Jun 2023 21:22:20 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     45475
IP address blocks:        202.44.62.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918748C/A74DA77264B411EAB38A340DC4F9AE02/KJYksuALd009OQ9aCtELW8NfVtg.crl
                          rsync://rpki.apnic.net/member_repository/A918748C/A74DA77264B411EAB38A340DC4F9AE02/KJYksuALd009OQ9aCtELW8NfVtg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KJYksuALd009OQ9aCtELW8NfVtg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 20:53:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2315 (0x90b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918748C/serialNumber=289624B2E00B774D3D390F5A0AD10B5BC35F56D8
        Validity
            Not Before: Jun 14 21:22:20 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=648a2f8c-4efc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:ca:b2:9e:92:89:43:8a:dd:9d:63:a4:e1:d5:
                    56:45:03:b4:8f:49:2b:f3:e3:8c:ef:92:25:38:28:
                    00:9d:46:4c:c3:16:f9:0e:7c:a3:47:d0:40:d6:60:
                    08:fb:35:4f:b7:4c:09:a7:85:aa:6c:f9:06:e8:4d:
                    c3:18:8a:7e:bc:67:13:21:fc:1b:54:73:a9:f0:8d:
                    12:de:4d:d5:b9:34:e6:95:e2:84:dd:3e:9b:93:26:
                    c1:31:7a:99:b3:17:c4:b6:16:88:1f:c7:81:4d:ae:
                    bb:53:ff:8e:7d:68:74:f9:40:70:0d:15:23:d5:41:
                    e9:53:e8:b7:8a:01:8c:2c:9f:78:68:42:be:ca:1a:
                    7f:33:f9:37:54:14:e8:d5:dd:d2:9f:d0:b7:8b:0e:
                    8c:55:cc:21:3b:1a:33:33:cf:ca:99:fd:fe:f6:2b:
                    95:e6:99:82:39:4b:e3:24:5d:00:09:ec:0a:8a:4a:
                    d8:6e:4b:58:2b:c1:5e:5b:ee:6e:42:87:c5:f8:fd:
                    7b:76:3d:64:0b:ca:ce:59:1c:e7:8d:8e:46:9c:88:
                    c5:46:6d:e0:0b:32:8d:92:d9:a4:4f:ad:74:a1:50:
                    40:9b:bc:c7:1e:45:81:7c:00:6a:16:0b:b8:91:52:
                    94:74:85:de:ae:b8:7d:67:c1:56:63:51:eb:20:55:
                    cf:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:A0:71:89:EA:40:F6:FD:0E:63:7D:6D:E9:E4:21:D6:B8:AC:A6:69
            X509v3 Authority Key Identifier:
                keyid:28:96:24:B2:E0:0B:77:4D:3D:39:0F:5A:0A:D1:0B:5B:C3:5F:56:D8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918748C/A74DA77264B411EAB38A340DC4F9AE02/KJYksuALd009OQ9aCtELW8NfVtg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KJYksuALd009OQ9aCtELW8NfVtg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918748C/A74DA77264B411EAB38A340DC4F9AE02/DCE066622C7811EC97C8D979C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.44.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:f3:83:c2:c8:9b:57:3b:35:fd:34:70:b9:8e:7f:58:a2:15:
         a9:d9:0f:70:72:35:a5:61:86:e0:44:0f:68:f9:d0:01:c3:c8:
         73:6b:1f:34:18:69:2f:f1:b0:d6:44:ba:cd:8a:49:b4:1c:a7:
         a0:7b:52:5c:b4:0a:4b:30:83:fc:c8:23:1b:5b:1f:83:38:07:
         57:97:ae:94:0f:85:98:e1:7f:ec:80:47:03:8b:b0:e3:7a:34:
         e5:92:b8:01:dd:f0:5e:bc:59:6f:67:ef:09:38:24:b6:cb:d0:
         08:c8:8c:5a:8f:08:59:96:86:98:e2:c5:96:1e:d3:88:98:bd:
         82:89:49:cc:08:b7:6a:2c:03:10:e0:a1:31:28:f7:30:c1:a1:
         ae:57:35:87:73:c8:bd:5d:82:cb:d6:4d:7f:a0:20:1f:af:6a:
         77:e4:ad:ae:4a:08:c6:e5:09:d9:84:17:a9:fa:31:30:b0:cc:
         36:51:40:2a:a3:03:59:f4:54:1f:e3:80:19:cd:f6:31:d3:af:
         e7:8b:56:05:01:22:c3:b3:e9:ad:e1:00:ee:84:dd:5d:d7:5e:
         31:df:ef:e5:69:12:a6:7c:60:26:ea:51:d8:20:0f:4f:15:6b:
         2a:b2:d5:ac:31:84:2b:4d:67:51:22:08:1d:07:2f:a6:10:77:
         ac:55:0a:de
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCQswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODc0OEMxMTAvBgNVBAUTKDI4OTYyNEIyRTAwQjc3NEQzRDM5MEY1QTBBRDEwQjVC
QzM1RjU2RDgwHhcNMjMwNjE0MjEyMjIwWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDhhMmY4Yy00ZWZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA78qynpKJQ4rdnWOk4dVWRQO0j0kr8+OM75IlOCgAnUZMwxb5DnyjR9BA1mAI
+zVPt0wJp4WqbPkG6E3DGIp+vGcTIfwbVHOp8I0S3k3VuTTmleKE3T6bkybBMXqZ
sxfEthaIH8eBTa67U/+OfWh0+UBwDRUj1UHpU+i3igGMLJ94aEK+yhp/M/k3VBTo
1d3Sn9C3iw6MVcwhOxozM8/Kmf3+9iuV5pmCOUvjJF0ACewKikrYbktYK8FeW+5u
QofF+P17dj1kC8rOWRznjY5GnIjFRm3gCzKNktmkT610oVBAm7zHHkWBfABqFgu4
kVKUdIXerrh9Z8FWY1HrIFXPfQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOqgcYnq
QPb9DmN9benkIda4rKZpMB8GA1UdIwQYMBaAFCiWJLLgC3dNPTkPWgrRC1vDX1bY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NzQ4Qy9BNzREQTc3MjY0
QjQxMUVBQjM4QTM0MERDNEY5QUUwMi9LSllrc3VBTGQwMDlPUTlhQ3RFTFc4TmZW
dGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tKWWtzdUFMZDAwOU9ROWFDdEVMVzhOZlZ0Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODc0OEMvQTc0REE3NzI2NEI0MTFFQUIzOEEzNDBEQzRGOUFFMDIvRENFMDY2NjIy
Qzc4MTFFQzk3QzhEOTc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKLD4wDQYJKoZIhvcNAQELBQADggEBAEDzg8LIm1c7Nf00
cLmOf1iiFanZD3ByNaVhhuBED2j50AHDyHNrHzQYaS/xsNZEus2KSbQcp6B7Uly0
Ckswg/zIIxtbH4M4B1eXrpQPhZjhf+yARwOLsON6NOWSuAHd8F68WW9n7wk4JLbL
0AjIjFqPCFmWhpjixZYe04iYvYKJScwIt2osAxDgoTEo9zDBoa5XNYdzyL1dgsvW
TX+gIB+vanfkra5KCMblCdmEF6n6MTCwzDZRQCqjA1n0VB/jgBnN9jHTr+eLVgUB
IsOz6a3hAO6E3V3XXjHf7+VpEqZ8YCbqUdggD08Vayqy1awxhCtNZ1EiCB0HL6YQ
d6xVCt4=
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:24:08 2024 by rpki-client on console-fra.rpki-client.org