Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/E009A066072B11EAB6E08A52C4F9AE02.roa
File:                     E009A066072B11EAB6E08A52C4F9AE02.roa (raw, json)
Hash identifier:          Nm2BDyTFPo0rjwtuej5Ye3yeMHCpXPqhQ9hwgt7ovWc=
Subject key identifier:   24:20:E5:B8:1F:C1:EF:11:CE:83:C6:8E:D7:03:35:97:84:1B:02:A2
Certificate issuer:       /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A
Certificate serial:       0EB2
Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/E009A066072B11EAB6E08A52C4F9AE02.roa
Signing time:             Thu 29 Feb 2024 19:38:27 +0000
ROA not before:           Thu 29 Feb 2024 19:38:27 +0000
ROA not after:            Thu 01 May 2025 00:00:00 +0000
asID:                     58620
IP address blocks:        119.161.48.0/24 maxlen: 24
                          119.161.51.0/24 maxlen: 24
                          119.161.61.0/24 maxlen: 24
                          120.29.248.0/23 maxlen: 23
                          120.29.252.0/24 maxlen: 24
                          120.29.253.0/24 maxlen: 24
                          120.29.254.0/24 maxlen: 24
                          203.17.72.0/24 maxlen: 24
                          2001:dcd:1::/48 maxlen: 48
                          2001:dcd:2::/48 maxlen: 48
                          2001:dcd:3::/48 maxlen: 48
                          2001:dcd:4::/48 maxlen: 48
                          2001:dcd:5::/48 maxlen: 48
                          2001:dcd:6::/48 maxlen: 48
                          2001:dcd:7::/48 maxlen: 48
                          2001:dcd:21::/48 maxlen: 48
                          2001:dcd:23::/48 maxlen: 48
                          2001:dcd:24::/48 maxlen: 48
                          2001:dcd:31::/48 maxlen: 48
                          2001:dcd:33::/48 maxlen: 48
                          2001:dcd:34::/48 maxlen: 48
                          2001:dcd:35::/48 maxlen: 48
                          2001:dcd:42::/48 maxlen: 48
                          2001:dcd:43::/48 maxlen: 48
                          2001:dcd:44::/48 maxlen: 48
                          2001:dcd:45::/48 maxlen: 48
                          2001:dcd:52::/48 maxlen: 48
                          2001:dcd:53::/48 maxlen: 48
                          2001:dcd:54::/48 maxlen: 48
                          2001:dcd:dd05::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl
                          rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 27 Nov 2024 18:21:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3762 (0xeb2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A
        Validity
            Not Before: Feb 29 19:38:27 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=65e0dd33-5c14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:f3:ff:43:24:a4:3d:f8:b0:9b:8c:29:9b:99:
                    c4:c2:24:26:6b:b3:ab:cd:c8:17:4d:b1:dc:4f:1e:
                    36:e1:d9:45:ae:f0:6e:4e:74:87:a2:04:0f:4e:7c:
                    ca:8a:fb:ff:db:c6:54:5f:aa:67:f7:b4:42:a2:9e:
                    d9:3f:ae:3d:ce:3c:5c:7a:ad:c4:92:64:d2:bd:60:
                    65:ab:03:4a:69:98:d5:95:cb:aa:d0:19:88:68:04:
                    5d:73:b6:a1:cb:e0:d9:81:71:d4:5a:a3:4a:06:e8:
                    78:b4:6d:8d:f8:e1:3d:c9:76:27:1c:ac:b8:fd:b6:
                    30:b7:80:0f:4c:2a:6f:4c:00:e3:05:ae:19:e8:c5:
                    ce:7f:e4:e4:92:91:d8:ea:04:b2:5e:65:fa:5a:e2:
                    ff:89:47:37:e8:b0:67:49:6a:c3:5b:ad:da:cb:a5:
                    25:f8:f2:74:8d:33:ae:ad:93:f7:50:e2:55:af:1d:
                    9e:ed:e0:cd:34:38:89:c1:da:93:eb:84:f8:d1:f4:
                    36:dc:ee:ff:b0:8b:b3:16:e2:08:e6:6c:ea:1a:34:
                    5d:e6:8b:02:b2:41:0a:c7:8e:d2:1f:43:97:b2:89:
                    e6:ef:7e:92:bb:d2:05:12:63:bb:44:60:8c:a7:e4:
                    f6:5f:90:86:28:ac:af:31:58:25:a4:d3:ec:e2:07:
                    fd:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:20:E5:B8:1F:C1:EF:11:CE:83:C6:8E:D7:03:35:97:84:1B:02:A2
            X509v3 Authority Key Identifier:
                keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/E009A066072B11EAB6E08A52C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  119.161.48.0/24
                  119.161.51.0/24
                  119.161.61.0/24
                  120.29.248.0/23
                  120.29.252.0-120.29.254.255
                  203.17.72.0/24
                IPv6:
                  2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff
                  2001:dcd:21::/48
                  2001:dcd:23::-2001:dcd:24:ffff:ffff:ffff:ffff:ffff
                  2001:dcd:31::/48
                  2001:dcd:33::-2001:dcd:35:ffff:ffff:ffff:ffff:ffff
                  2001:dcd:42::-2001:dcd:45:ffff:ffff:ffff:ffff:ffff
                  2001:dcd:52::-2001:dcd:54:ffff:ffff:ffff:ffff:ffff
                  2001:dcd:dd05::/48

    Signature Algorithm: sha256WithRSAEncryption
         80:fc:85:34:f6:3b:26:ac:0c:1e:5b:ec:5c:2f:e1:20:08:03:
         bf:02:50:20:44:7e:29:20:32:fb:61:c1:75:1c:6d:03:24:f7:
         33:5b:11:8f:ea:69:3a:12:6d:b5:c5:57:13:75:cb:b7:1a:f5:
         72:d2:38:cb:b3:31:fa:12:7b:f6:d1:a3:c3:5e:78:27:63:4b:
         47:87:37:4c:a9:d8:3d:b4:ff:05:05:39:89:52:a2:64:a7:1b:
         05:46:bf:16:65:fb:58:3d:7d:69:24:0a:3a:d7:85:cb:79:06:
         8d:67:9a:82:b9:ba:8a:25:a8:db:2c:95:ef:b8:9f:98:86:21:
         23:2b:db:8e:2a:2d:eb:2c:94:78:ff:f9:0a:4b:ba:6e:95:44:
         cc:87:1c:08:46:fe:9d:02:f0:1b:67:3d:33:e1:33:ed:a9:5f:
         62:8b:83:ad:dd:f2:d5:54:09:52:23:9e:7f:cc:ac:a7:fd:a8:
         21:57:1b:13:04:08:4e:63:95:d2:0a:26:50:e8:fe:15:94:bf:
         0e:f4:de:1b:4b:bd:00:1a:df:6f:59:b9:74:2b:99:a1:b9:07:
         09:3f:98:c3:5a:52:15:c7:d1:86:21:45:12:15:d6:2f:b2:db:
         0f:67:d1:94:89:83:8f:25:a5:b9:26:c5:09:1b:70:17:ee:33:
         40:30:b9:35
-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgICDrIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0
NkRGNzI4NUEwHhcNMjQwMjI5MTkzODI3WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUwZGQzMy01YzE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz/P/QySkPfiwm4wpm5nEwiQma7OrzcgXTbHcTx424dlFrvBuTnSHogQPTnzK
ivv/28ZUX6pn97RCop7ZP649zjxceq3EkmTSvWBlqwNKaZjVlcuq0BmIaARdc7ah
y+DZgXHUWqNKBuh4tG2N+OE9yXYnHKy4/bYwt4APTCpvTADjBa4Z6MXOf+TkkpHY
6gSyXmX6WuL/iUc36LBnSWrDW63ay6Ul+PJ0jTOurZP3UOJVrx2e7eDNNDiJwdqT
64T40fQ23O7/sIuzFuII5mzqGjRd5osCskEKx47SH0OXsonm736Su9IFEmO7RGCM
p+T2X5CGKKyvMVglpNPs4gf9twIDAQABo4IDRjCCA0IwHQYDVR0OBBYEFCQg5bgf
we8RzoPGjtcDNZeEGwKiMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0
RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL
Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvRTAwOUEwNjYw
NzJCMTFFQUI2RTA4QTUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgc8GCCsGAQUFBwEHAQH/
BIG/MIG8MDIEAgABMCwDBAB3oTADBAB3oTMDBAB3oT0DBAF4HfgwDAMEAngd/AME
AHgd/gMEAMsRSDCBhQQCAAIwfzASAwcAIAENzQABAwcDIAENzQAAAwcAIAENzQAh
MBIDBwAgAQ3NACMDBwAgAQ3NACQDBwAgAQ3NADEwEgMHACABDc0AMwMHASABDc0A
NDASAwcBIAENzQBCAwcBIAENzQBEMBIDBwEgAQ3NAFIDBwAgAQ3NAFQDBwAgAQ3N
3QUwDQYJKoZIhvcNAQELBQADggEBAID8hTT2OyasDB5b7Fwv4SAIA78CUCBEfikg
MvthwXUcbQMk9zNbEY/qaToSbbXFVxN1y7ca9XLSOMuzMfoSe/bRo8NeeCdjS0eH
N0yp2D20/wUFOYlSomSnGwVGvxZl+1g9fWkkCjrXhct5Bo1nmoK5uoolqNssle+4
n5iGISMr244qLesslHj/+QpLum6VRMyHHAhG/p0C8BtnPTPhM+2pX2KLg63d8tVU
CVIjnn/MrKf9qCFXGxMECE5jldIKJlDo/hWUvw703htLvQAa329ZuXQrmaG5Bwk/
mMNaUhXH0YYhRRIV1i+y2w9n0ZSJg48lpbkmxQkbcBfuM0AwuTU=
-----END CERTIFICATE-----
Generated at Wed Nov 20 20:07:26 2024 by rpki-client on console-fra.rpki-client.org