Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918E79C/58A8118EC0E011EE90009209C4F9AE02/28C6AB84C0E411EEAFFB100BC4F9AE02.roa
File:                     28C6AB84C0E411EEAFFB100BC4F9AE02.roa (raw, json)
Hash identifier:          uMTQYzxF4IvJXkJz8zftJRl9BijILeVxvfHdSRvRUs0=
Subject key identifier:   EC:AE:EB:52:A3:5D:6A:3F:AF:3B:C2:F1:5B:9F:83:0B:49:A8:10:64
Certificate issuer:       /CN=A918E79C/serialNumber=B52C54D46A68ADECC37D5F6F27228C6DEA73E85C
Certificate serial:       02
Authority key identifier: B5:2C:54:D4:6A:68:AD:EC:C3:7D:5F:6F:27:22:8C:6D:EA:73:E8:5C
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tSxU1GporezDfV9vJyKMbepz6Fw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918E79C/58A8118EC0E011EE90009209C4F9AE02/28C6AB84C0E411EEAFFB100BC4F9AE02.roa
Signing time:             Thu 01 Feb 2024 09:27:47 +0000
ROA not before:           Thu 01 Feb 2024 09:27:47 +0000
ROA not after:            Thu 01 May 2025 00:00:00 +0000
asID:                     32110
IP address blocks:        157.10.206.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918E79C/58A8118EC0E011EE90009209C4F9AE02/tSxU1GporezDfV9vJyKMbepz6Fw.crl
                          rsync://rpki.apnic.net/member_repository/A918E79C/58A8118EC0E011EE90009209C4F9AE02/tSxU1GporezDfV9vJyKMbepz6Fw.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tSxU1GporezDfV9vJyKMbepz6Fw.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 02:50:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918E79C/serialNumber=B52C54D46A68ADECC37D5F6F27228C6DEA73E85C
        Validity
            Not Before: Feb  1 09:27:47 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=65bb6412-b3fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:8e:72:a1:87:f0:b5:1c:bc:f1:2e:84:f5:21:
                    49:24:83:ea:40:30:49:ea:6b:7d:2a:0c:98:35:c0:
                    8a:34:de:d2:61:ff:af:8d:14:4f:0b:a8:bd:50:ff:
                    f8:10:f9:9c:a2:85:e6:72:c2:82:fb:a0:a7:eb:6c:
                    f0:2f:e0:6a:05:89:ee:da:1a:4b:d5:df:1a:6e:f7:
                    a0:dc:90:3f:b1:b8:3c:14:92:bf:fa:3f:46:0f:c1:
                    ed:b0:2a:48:5e:4d:b5:01:5a:1f:e5:dc:e6:bb:c3:
                    24:7e:f8:45:eb:51:51:9d:a5:41:eb:cc:64:7c:19:
                    b1:27:09:b8:92:43:88:ce:b4:8f:65:d5:1a:e6:cd:
                    33:c3:9a:27:7b:84:b0:3f:05:3a:96:de:59:5d:ab:
                    95:77:81:df:8c:27:d8:e4:55:da:c4:b1:98:30:6d:
                    81:b6:9b:3d:29:27:95:99:3a:7a:92:98:5b:95:77:
                    ef:3d:4f:e3:20:4d:6d:73:8b:75:00:bd:70:ad:af:
                    7d:2e:f4:a0:1c:48:81:f9:16:a3:92:b2:a3:84:dd:
                    c0:4f:57:c2:23:27:27:85:7c:f2:31:c1:59:60:b3:
                    e1:ae:12:03:69:47:ed:ae:eb:59:38:34:33:8a:8c:
                    e1:9d:ba:fb:2e:75:27:61:77:d0:1b:6e:e7:52:98:
                    81:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:AE:EB:52:A3:5D:6A:3F:AF:3B:C2:F1:5B:9F:83:0B:49:A8:10:64
            X509v3 Authority Key Identifier:
                keyid:B5:2C:54:D4:6A:68:AD:EC:C3:7D:5F:6F:27:22:8C:6D:EA:73:E8:5C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918E79C/58A8118EC0E011EE90009209C4F9AE02/tSxU1GporezDfV9vJyKMbepz6Fw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tSxU1GporezDfV9vJyKMbepz6Fw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E79C/58A8118EC0E011EE90009209C4F9AE02/28C6AB84C0E411EEAFFB100BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.10.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:d4:b8:ab:19:72:dc:8b:56:f5:68:83:02:18:d2:1a:53:56:
         d4:55:17:f0:d8:e7:7b:63:31:54:02:f6:03:a1:c7:c8:d3:05:
         76:2f:0c:a5:5f:af:d9:8c:c0:c6:fe:6d:fb:4f:b4:44:6b:0f:
         d8:af:12:eb:e6:86:88:34:d7:97:58:e0:f4:67:79:a7:77:fa:
         d8:73:14:25:54:df:98:8b:59:35:fb:bf:8c:f7:b9:34:79:0e:
         a0:5e:8a:bc:80:cf:fb:c5:ee:e7:28:a8:8a:15:0d:c7:90:7c:
         c5:53:64:bb:e6:b1:47:ba:51:c8:87:3e:0a:db:c7:9c:b0:57:
         14:8b:d0:4e:58:b9:7d:4f:57:e7:c6:43:32:20:50:94:29:79:
         78:dc:28:38:9c:48:2e:9f:be:bb:ee:c8:e6:ff:91:06:a9:f3:
         ce:0a:c3:a8:ba:ce:57:70:0b:7e:1f:e9:03:5f:15:80:07:69:
         52:51:66:54:d6:ea:49:51:e0:47:14:3c:ea:52:dd:06:f5:bf:
         8b:68:65:8e:6d:a0:78:b4:f5:dd:3a:96:3c:06:ba:3f:9c:99:
         21:67:ad:68:8d:b0:e1:60:33:46:75:40:bc:02:97:20:8e:05:
         d3:db:e8:67:02:db:8f:0f:12:bf:df:2a:a7:cf:c7:dc:46:21:
         54:34:d7:54
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
RTc5QzExMC8GA1UEBRMoQjUyQzU0RDQ2QTY4QURFQ0MzN0Q1RjZGMjcyMjhDNkRF
QTczRTg1QzAeFw0yNDAyMDEwOTI3NDdaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YmI2NDEyLWIzZmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCsjnKhh/C1HLzxLoT1IUkkg+pAMEnqa30qDJg1wIo03tJh/6+NFE8LqL1Q//gQ
+ZyiheZywoL7oKfrbPAv4GoFie7aGkvV3xpu96DckD+xuDwUkr/6P0YPwe2wKkhe
TbUBWh/l3Oa7wyR++EXrUVGdpUHrzGR8GbEnCbiSQ4jOtI9l1RrmzTPDmid7hLA/
BTqW3lldq5V3gd+MJ9jkVdrEsZgwbYG2mz0pJ5WZOnqSmFuVd+89T+MgTW1zi3UA
vXCtr30u9KAcSIH5FqOSsqOE3cBPV8IjJyeFfPIxwVlgs+GuEgNpR+2u61k4NDOK
jOGduvsudSdhd9AbbudSmIH7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU7K7rUqNd
aj+vO8LxW5+DC0moEGQwHwYDVR0jBBgwFoAUtSxU1GporezDfV9vJyKMbepz6Fww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThFNzlDLzU4QTgxMThFQzBF
MDExRUU5MDAwOTIwOUM0RjlBRTAyL3RTeFUxR3BvcmV6RGZWOXZKeUtNYmVwejZG
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvdFN4VTFHcG9yZXpEZlY5dkp5S01iZXB6NkZ3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
RTc5Qy81OEE4MTE4RUMwRTAxMUVFOTAwMDkyMDlDNEY5QUUwMi8yOEM2QUI4NEMw
RTQxMUVFQUZGQjEwMEJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAJ0KzjANBgkqhkiG9w0BAQsFAAOCAQEAjNS4qxly3ItW9WiD
AhjSGlNW1FUX8Njne2MxVAL2A6HHyNMFdi8MpV+v2YzAxv5t+0+0RGsP2K8S6+aG
iDTXl1jg9Gd5p3f62HMUJVTfmItZNfu/jPe5NHkOoF6KvIDP+8Xu5yioihUNx5B8
xVNku+axR7pRyIc+CtvHnLBXFIvQTli5fU9X58ZDMiBQlCl5eNwoOJxILp++u+7I
5v+RBqnzzgrDqLrOV3ALfh/pA18VgAdpUlFmVNbqSVHgRxQ86lLdBvW/i2hljm2g
eLT13TqWPAa6P5yZIWetaI2w4WAzRnVAvAKXII4F09voZwLbjw8Sv98qp8/H3EYh
VDTXVA==
-----END CERTIFICATE-----
Generated at Sat Jun 15 10:27:22 2024 by rpki-client on console-ams.rpki-client.org