Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9194E51/89F86F0A5B3B11E9869AA641C4F9AE02/1313114A5B3D11E996E4A744C4F9AE02.roa
File:                     1313114A5B3D11E996E4A744C4F9AE02.roa (raw, json)
Hash identifier:          yQMLbe8txGaIYA0rhNwTQP5BMEA+Qyw1ZkWFvMy348Q=
Subject key identifier:   EF:D1:41:FB:A2:C9:2D:E9:AE:0A:22:A6:92:0E:96:A4:6D:91:6B:30
Certificate issuer:       /CN=A9194E51/serialNumber=66FDDB43E54942E3492F10650E5323926C45C484
Certificate serial:       0E8F
Authority key identifier: 66:FD:DB:43:E5:49:42:E3:49:2F:10:65:0E:53:23:92:6C:45:C4:84
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zv3bQ-VJQuNJLxBlDlMjkmxFxIQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9194E51/89F86F0A5B3B11E9869AA641C4F9AE02/1313114A5B3D11E996E4A744C4F9AE02.roa
Signing time:             Tue 28 Nov 2023 18:25:47 +0000
ROA not before:           Tue 28 Nov 2023 18:25:47 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     9910
IP address blocks:        103.131.232.0/22 maxlen: 24
                          2403:d3c0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9194E51/89F86F0A5B3B11E9869AA641C4F9AE02/Zv3bQ-VJQuNJLxBlDlMjkmxFxIQ.crl
                          rsync://rpki.apnic.net/member_repository/A9194E51/89F86F0A5B3B11E9869AA641C4F9AE02/Zv3bQ-VJQuNJLxBlDlMjkmxFxIQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zv3bQ-VJQuNJLxBlDlMjkmxFxIQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 27 Nov 2024 17:13:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3727 (0xe8f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9194E51/serialNumber=66FDDB43E54942E3492F10650E5323926C45C484
        Validity
            Not Before: Nov 28 18:25:47 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=656630ab-fffa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:a8:cd:54:91:cd:95:50:ce:28:a2:a0:7f:fc:
                    1a:92:3e:e0:7e:a9:e0:b0:5d:46:44:98:37:27:67:
                    8d:f1:69:9a:3e:40:9e:9a:fc:1f:de:52:06:25:23:
                    4b:87:65:cb:a6:7d:b2:24:d8:5c:25:69:c4:a7:d2:
                    93:08:01:39:95:00:e8:18:85:f3:a7:4d:25:ed:d9:
                    08:fa:70:e1:76:e4:dc:6e:a7:05:3f:24:bc:3b:77:
                    f9:be:c8:a6:22:bb:fc:ab:bb:d5:f9:dc:3e:d9:c1:
                    3a:af:ef:15:8d:32:78:50:d7:14:2b:1d:2d:38:d0:
                    0b:b9:7e:5e:2f:e7:b9:2f:bf:9d:cf:7d:d1:d1:50:
                    91:b3:66:87:a3:57:08:db:8f:b6:72:f0:34:7f:7d:
                    22:19:5c:c9:d8:36:b1:9d:4e:34:34:3d:5a:a3:91:
                    aa:80:13:b4:dd:81:a2:c5:57:3b:8d:1c:34:81:36:
                    b7:ae:f3:35:13:51:b0:7a:4a:fd:f4:24:b8:1f:55:
                    b9:4e:65:9c:9e:5c:5b:1b:70:ba:8f:7f:83:fe:52:
                    07:92:ca:e5:ac:9c:53:b6:63:56:54:d5:04:45:c1:
                    5b:30:cd:ac:58:e6:c5:d1:10:66:9f:7d:cb:f4:36:
                    9b:3f:42:f8:17:47:8b:1b:f0:17:ad:4e:3b:72:b6:
                    e1:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:D1:41:FB:A2:C9:2D:E9:AE:0A:22:A6:92:0E:96:A4:6D:91:6B:30
            X509v3 Authority Key Identifier:
                keyid:66:FD:DB:43:E5:49:42:E3:49:2F:10:65:0E:53:23:92:6C:45:C4:84

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9194E51/89F86F0A5B3B11E9869AA641C4F9AE02/Zv3bQ-VJQuNJLxBlDlMjkmxFxIQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zv3bQ-VJQuNJLxBlDlMjkmxFxIQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194E51/89F86F0A5B3B11E9869AA641C4F9AE02/1313114A5B3D11E996E4A744C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.131.232.0/22
                IPv6:
                  2403:d3c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         59:cd:ef:61:3c:04:7f:b2:e9:0a:88:39:4b:36:ab:67:ee:e4:
         b6:cf:14:20:04:b1:8f:14:f2:a7:66:f0:23:f5:95:9d:0b:9e:
         fe:b8:eb:d6:15:00:5d:65:ad:90:9c:3b:dc:aa:4c:94:b1:2e:
         37:22:dd:e8:4d:ae:9a:52:89:1c:28:0a:2d:40:9d:dc:cc:19:
         ff:a2:72:4e:02:3c:57:a0:83:fc:1f:7d:63:2f:eb:ea:4e:64:
         35:1e:67:18:67:0f:cc:6c:34:53:9e:92:03:b0:26:19:c2:16:
         67:24:25:23:ec:40:e8:77:86:60:d9:63:e2:34:37:5d:f9:a9:
         fd:9b:8b:75:63:18:6e:19:b4:3d:b1:98:1a:82:64:37:31:89:
         6d:66:b3:47:31:90:4b:d2:46:e4:8a:5e:62:40:53:3e:d8:ab:
         44:9c:60:4f:60:a6:60:1c:a0:e5:0a:8b:34:03:39:05:6c:ae:
         9f:3f:69:2a:59:c6:ff:44:6b:79:b0:11:ee:35:e6:4b:d7:23:
         f0:ff:54:1f:f8:da:e9:d3:dd:bc:cf:f4:2c:a5:0b:c2:ac:76:
         40:b1:57:60:b1:55:40:1e:77:e5:5f:0c:b9:c9:15:57:ac:d2:
         7e:e4:7e:b4:5c:d1:96:d0:4e:c2:04:1e:2c:aa:e2:c5:0d:b2:
         cb:5d:4f:e6
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTRFNTExMTAvBgNVBAUTKDY2RkREQjQzRTU0OTQyRTM0OTJGMTA2NTBFNTMyMzky
NkM0NUM0ODQwHhcNMjMxMTI4MTgyNTQ3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTY2MzBhYi1mZmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwajNVJHNlVDOKKKgf/wakj7gfqngsF1GRJg3J2eN8WmaPkCemvwf3lIGJSNL
h2XLpn2yJNhcJWnEp9KTCAE5lQDoGIXzp00l7dkI+nDhduTcbqcFPyS8O3f5vsim
Irv8q7vV+dw+2cE6r+8VjTJ4UNcUKx0tONALuX5eL+e5L7+dz33R0VCRs2aHo1cI
24+2cvA0f30iGVzJ2DaxnU40ND1ao5GqgBO03YGixVc7jRw0gTa3rvM1E1Gwekr9
9CS4H1W5TmWcnlxbG3C6j3+D/lIHksrlrJxTtmNWVNUERcFbMM2sWObF0RBmn33L
9DabP0L4F0eLG/AXrU47crbhUQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFO/RQfui
yS3prgoippIOlqRtkWswMB8GA1UdIwQYMBaAFGb920PlSULjSS8QZQ5TI5JsRcSE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NEU1MS84OUY4NkYwQTVC
M0IxMUU5ODY5QUE2NDFDNEY5QUUwMi9adjNiUS1WSlF1TkpMeEJsRGxNamtteEZ4
SVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1p2M2JRLVZKUXVOSkx4QmxEbE1qa214RnhJUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTRFNTEvODlGODZGMEE1QjNCMTFFOTg2OUFBNjQxQzRGOUFFMDIvMTMxMzExNEE1
QjNEMTFFOTk2RTRBNzQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJng+gwDQQCAAIwBwMFACQD08AwDQYJKoZIhvcNAQELBQAD
ggEBAFnN72E8BH+y6QqIOUs2q2fu5LbPFCAEsY8U8qdm8CP1lZ0Lnv6469YVAF1l
rZCcO9yqTJSxLjci3ehNrppSiRwoCi1AndzMGf+ick4CPFegg/wffWMv6+pOZDUe
ZxhnD8xsNFOekgOwJhnCFmckJSPsQOh3hmDZY+I0N135qf2bi3VjGG4ZtD2xmBqC
ZDcxiW1ms0cxkEvSRuSKXmJAUz7Yq0ScYE9gpmAcoOUKizQDOQVsrp8/aSpZxv9E
a3mwEe415kvXI/D/VB/42unT3bzP9CylC8KsdkCxV2CxVUAed+VfDLnJFVes0n7k
frRc0ZbQTsIEHiyq4sUNsstdT+Y=
-----END CERTIFICATE-----
Generated at Wed Nov 20 18:45:02 2024 by rpki-client on console-fra.rpki-client.org