Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9191E77/121CF134EB2711EC928D0A6FC4F9AE02/26E6B114EB2B11ECBE328172C4F9AE02.roa
File:                     26E6B114EB2B11ECBE328172C4F9AE02.roa (raw, json)
Hash identifier:          PUc54q2WTiia3AT9HsSdWhbagSjmonMUemo/1oF5Qio=
Subject key identifier:   F9:CE:8A:47:8B:7A:1B:C2:DC:8B:7E:DB:BA:77:69:A5:33:D5:15:38
Certificate issuer:       /CN=A9191E77/serialNumber=4928285B0CE564030010014E635E3B7ACC629457
Certificate serial:       020E
Authority key identifier: 49:28:28:5B:0C:E5:64:03:00:10:01:4E:63:5E:3B:7A:CC:62:94:57
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SSgoWwzlZAMAEAFOY147esxilFc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9191E77/121CF134EB2711EC928D0A6FC4F9AE02/26E6B114EB2B11ECBE328172C4F9AE02.roa
Signing time:             Sat 11 May 2024 04:39:42 +0000
ROA not before:           Sat 11 May 2024 04:39:42 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     149792
IP address blocks:        103.186.114.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9191E77/121CF134EB2711EC928D0A6FC4F9AE02/SSgoWwzlZAMAEAFOY147esxilFc.crl
                          rsync://rpki.apnic.net/member_repository/A9191E77/121CF134EB2711EC928D0A6FC4F9AE02/SSgoWwzlZAMAEAFOY147esxilFc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SSgoWwzlZAMAEAFOY147esxilFc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 526 (0x20e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9191E77/serialNumber=4928285B0CE564030010014E635E3B7ACC629457
        Validity
            Not Before: May 11 04:39:42 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=663ef68d-220a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:ed:51:b6:95:a5:45:59:d9:af:72:d0:7a:fd:
                    f4:26:7c:da:0a:0f:77:d7:d7:4e:78:e8:2f:ac:83:
                    3f:82:b6:5b:b0:7f:5b:d7:02:6c:eb:25:9d:2a:d9:
                    22:f0:81:44:93:14:43:03:8d:ff:c0:45:76:72:a3:
                    da:c5:4b:4d:a2:fb:9c:d9:51:19:bf:16:55:f8:c0:
                    84:1a:41:1c:5b:2f:21:55:8f:87:c6:56:56:24:22:
                    ab:c5:4f:0c:fb:c9:94:a6:e4:b8:88:bd:7b:06:0e:
                    10:fb:be:e0:bf:b7:f3:41:cc:f1:33:f6:be:de:dd:
                    00:e0:87:32:2e:60:0b:d7:05:a2:b5:c6:26:9b:87:
                    30:69:8d:c7:3f:f5:37:7a:3e:62:3e:e1:07:a2:ed:
                    70:eb:ce:d8:c9:25:bc:e6:b1:66:7f:4b:d6:d0:3a:
                    25:58:2f:33:dc:cd:a2:b9:7b:d5:1f:24:c7:3c:52:
                    99:ff:92:18:96:bc:c3:b8:79:22:4a:d7:0e:a8:dc:
                    f4:11:e0:a8:67:11:31:60:97:ac:35:92:d4:08:3d:
                    5d:38:26:07:c8:bd:72:d1:64:86:1b:18:45:8f:a7:
                    f1:3e:e1:9f:f8:ce:e1:b3:37:29:65:55:9c:84:04:
                    a8:3f:81:97:96:ec:69:ba:40:81:9c:b8:c1:60:8f:
                    d7:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:CE:8A:47:8B:7A:1B:C2:DC:8B:7E:DB:BA:77:69:A5:33:D5:15:38
            X509v3 Authority Key Identifier:
                keyid:49:28:28:5B:0C:E5:64:03:00:10:01:4E:63:5E:3B:7A:CC:62:94:57

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9191E77/121CF134EB2711EC928D0A6FC4F9AE02/SSgoWwzlZAMAEAFOY147esxilFc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SSgoWwzlZAMAEAFOY147esxilFc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191E77/121CF134EB2711EC928D0A6FC4F9AE02/26E6B114EB2B11ECBE328172C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.186.114.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1d:a2:cd:95:30:9d:81:75:cc:18:37:9a:a7:7b:0a:ed:71:67:
         4a:96:f2:9e:12:b4:15:5d:8f:d3:86:65:9e:cc:4d:d0:01:aa:
         8b:62:22:30:fa:77:7f:75:52:f5:33:6e:53:3a:cb:4c:d0:0b:
         d7:57:10:17:2a:99:14:fc:78:7a:28:d0:b9:7b:8c:42:59:57:
         96:4f:07:b4:79:87:6d:43:6b:63:91:f1:75:f3:a4:ca:06:85:
         5c:10:f5:fc:2e:07:44:59:e6:54:f4:20:0b:86:a9:af:ac:cb:
         4f:fc:a4:17:0e:32:23:65:18:5d:f0:53:b2:34:17:32:82:2e:
         cb:fb:d9:f7:ba:ac:21:77:b2:2f:51:18:27:5b:92:0f:b4:a3:
         d7:23:a8:40:fb:fd:75:6d:81:47:3d:e3:b2:4d:7b:b7:b4:dc:
         8f:53:f3:b1:3b:94:99:71:aa:bd:d3:20:ba:b5:04:ff:00:53:
         a4:40:56:c3:c7:90:37:dc:6d:b1:d4:fb:18:12:fa:59:29:5a:
         75:df:df:6e:b7:c4:8d:25:39:db:b2:65:17:49:6c:2b:db:b4:
         5f:fa:06:b7:50:08:e6:c4:bb:44:66:e6:5a:14:b1:67:25:2d:
         a7:d9:0b:51:ca:1c:18:0f:21:bb:7a:e6:3b:5d:ef:8e:76:db:
         c5:2b:6f:2e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAg4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTFFNzcxMTAvBgNVBAUTKDQ5MjgyODVCMENFNTY0MDMwMDEwMDE0RTYzNUUzQjdB
Q0M2Mjk0NTcwHhcNMjQwNTExMDQzOTQyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNlZjY4ZC0yMjBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyu1RtpWlRVnZr3LQev30JnzaCg9319dOeOgvrIM/grZbsH9b1wJs6yWdKtki
8IFEkxRDA43/wEV2cqPaxUtNovuc2VEZvxZV+MCEGkEcWy8hVY+HxlZWJCKrxU8M
+8mUpuS4iL17Bg4Q+77gv7fzQczxM/a+3t0A4IcyLmAL1wWitcYmm4cwaY3HP/U3
ej5iPuEHou1w687YySW85rFmf0vW0DolWC8z3M2iuXvVHyTHPFKZ/5IYlrzDuHki
StcOqNz0EeCoZxExYJesNZLUCD1dOCYHyL1y0WSGGxhFj6fxPuGf+M7hszcpZVWc
hASoP4GXluxpukCBnLjBYI/XWQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPnOikeL
ehvC3It+27p3aaUz1RU4MB8GA1UdIwQYMBaAFEkoKFsM5WQDABABTmNeO3rMYpRX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MUU3Ny8xMjFDRjEzNEVC
MjcxMUVDOTI4RDBBNkZDNEY5QUUwMi9TU2dvV3d6bFpBTUFFQUZPWTE0N2VzeGls
RmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NTZ29Xd3psWkFNQUVBRk9ZMTQ3ZXN4aWxGYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTFFNzcvMTIxQ0YxMzRFQjI3MTFFQzkyOEQwQTZGQzRGOUFFMDIvMjZFNkIxMTRF
QjJCMTFFQ0JFMzI4MTcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnunIwDQYJKoZIhvcNAQELBQADggEBAB2izZUwnYF1zBg3
mqd7Cu1xZ0qW8p4StBVdj9OGZZ7MTdABqotiIjD6d391UvUzblM6y0zQC9dXEBcq
mRT8eHoo0Ll7jEJZV5ZPB7R5h21Da2OR8XXzpMoGhVwQ9fwuB0RZ5lT0IAuGqa+s
y0/8pBcOMiNlGF3wU7I0FzKCLsv72fe6rCF3si9RGCdbkg+0o9cjqED7/XVtgUc9
47JNe7e03I9T87E7lJlxqr3TILq1BP8AU6RAVsPHkDfcbbHU+xgS+lkpWnXf3263
xI0lOduyZRdJbCvbtF/6BrdQCObEu0Rm5loUsWclLafZC1HKHBgPIbt65jtd7452
28Urby4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:33:41 2024 by rpki-client on console-fra.rpki-client.org