Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919536C/75B98BF0366011EE88E0F530C4F9AE02/A14DCC1A366311EEB376DC3AC4F9AE02.roa
File:                     A14DCC1A366311EEB376DC3AC4F9AE02.roa (raw, json)
Hash identifier:          YLljpcgVza4aEkRlWwBtUcVJcPwkkfQvpW29KioX8zc=
Subject key identifier:   29:9E:39:25:40:75:C0:1D:47:4B:6B:F3:AB:81:C4:D9:B7:25:1C:DB
Certificate issuer:       /CN=A919536C/serialNumber=A090E520BF9D51F2FDCEED413AF27AC758F6AE1D
Certificate serial:       09
Authority key identifier: A0:90:E5:20:BF:9D:51:F2:FD:CE:ED:41:3A:F2:7A:C7:58:F6:AE:1D
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oJDlIL-dUfL9zu1BOvJ6x1j2rh0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919536C/75B98BF0366011EE88E0F530C4F9AE02/A14DCC1A366311EEB376DC3AC4F9AE02.roa
Signing time:             Wed 09 Aug 2023 03:20:03 +0000
ROA not before:           Wed 09 Aug 2023 03:20:03 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     140326
IP address blocks:        161.82.178.0/24 maxlen: 24
                          161.82.179.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919536C/75B98BF0366011EE88E0F530C4F9AE02/oJDlIL-dUfL9zu1BOvJ6x1j2rh0.crl
                          rsync://rpki.apnic.net/member_repository/A919536C/75B98BF0366011EE88E0F530C4F9AE02/oJDlIL-dUfL9zu1BOvJ6x1j2rh0.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oJDlIL-dUfL9zu1BOvJ6x1j2rh0.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 24 Jun 2024 05:41:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9 (0x9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919536C/serialNumber=A090E520BF9D51F2FDCEED413AF27AC758F6AE1D
        Validity
            Not Before: Aug  9 03:20:03 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=64d305e3-c79d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:4e:e5:a1:b2:75:fe:2c:6b:3f:8a:24:63:71:
                    5b:1c:1c:1e:cc:a0:d9:e9:f7:9c:2d:5d:bd:9e:a9:
                    c8:c1:19:ca:27:7a:71:4d:2b:97:6a:c5:7d:2a:b6:
                    2b:20:2e:af:58:5f:15:67:bf:61:04:30:ac:6d:26:
                    cc:15:e9:58:56:13:79:ac:d2:98:c5:54:6f:b5:8e:
                    77:2d:02:e8:66:74:13:ed:a2:47:d3:d7:cb:96:d6:
                    7e:18:8a:67:03:42:07:62:7f:8b:4c:77:a2:cf:a4:
                    73:fc:f4:05:6c:6f:80:55:cd:7f:81:12:40:61:f4:
                    c3:23:58:f4:52:4e:62:a7:4f:93:ea:97:4e:02:b7:
                    bc:c0:ab:32:0a:16:b0:af:30:4c:eb:0a:90:87:46:
                    e9:79:f7:69:ca:e7:01:76:35:c9:93:b7:29:55:1d:
                    75:aa:00:2d:50:36:b5:a5:90:a9:2a:6f:89:90:88:
                    c4:08:30:1d:48:2e:7e:df:e2:18:76:eb:1e:78:ba:
                    60:4d:bc:18:2a:f2:73:88:eb:5b:5e:19:f7:51:41:
                    05:47:b2:05:c7:a7:e0:78:19:79:bd:61:6f:28:15:
                    ea:d4:27:32:ba:3e:84:f9:47:e2:6c:41:ca:4b:de:
                    2d:e0:d4:36:d0:c2:51:ef:5b:9c:e4:b3:e2:58:bf:
                    a2:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:9E:39:25:40:75:C0:1D:47:4B:6B:F3:AB:81:C4:D9:B7:25:1C:DB
            X509v3 Authority Key Identifier:
                keyid:A0:90:E5:20:BF:9D:51:F2:FD:CE:ED:41:3A:F2:7A:C7:58:F6:AE:1D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919536C/75B98BF0366011EE88E0F530C4F9AE02/oJDlIL-dUfL9zu1BOvJ6x1j2rh0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oJDlIL-dUfL9zu1BOvJ6x1j2rh0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919536C/75B98BF0366011EE88E0F530C4F9AE02/A14DCC1A366311EEB376DC3AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.82.178.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4d:91:43:9c:c9:c7:b8:91:ee:11:fa:c2:cd:dd:8c:9f:af:12:
         97:36:78:ee:e6:b8:f3:cb:af:85:6d:47:e2:ae:39:0b:b5:a4:
         a8:5a:a3:01:2c:64:48:3d:18:f0:c4:fa:aa:ef:b5:b8:fc:79:
         bd:c3:7a:a6:6a:d1:29:39:44:24:02:9d:92:4e:e6:f0:50:b0:
         6d:07:ee:ce:e4:c8:52:27:50:23:31:ac:c1:ef:9e:73:78:1e:
         ad:1f:f3:2d:16:6a:2b:4a:67:6e:67:64:0d:e1:fd:5f:35:75:
         e1:fd:f5:db:04:cb:04:7f:7e:b7:dd:f2:fb:8e:6c:3d:a1:e8:
         a1:25:9a:91:7b:5c:be:1c:4a:11:09:e2:a6:a0:ca:9c:20:57:
         a3:5b:2a:94:2d:a4:dd:de:34:ca:c4:e2:06:a4:c2:aa:b3:cd:
         36:bc:05:67:ae:c4:20:51:f5:41:e8:24:d8:90:f2:bd:3d:af:
         05:a8:c7:45:76:5d:de:bf:30:ed:6d:15:98:74:4b:32:c5:b0:
         6e:92:9e:d5:cd:d4:17:ad:34:87:5e:83:a9:2f:ad:05:58:f8:
         1f:2c:b6:f3:f0:55:4c:fe:19:ef:cf:6a:d9:a1:24:e4:df:4d:
         2b:9c:e6:d9:e3:31:64:d0:ab:4c:d4:45:9e:03:79:18:e9:aa:
         e7:6f:e2:c9
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NTM2QzExMC8GA1UEBRMoQTA5MEU1MjBCRjlENTFGMkZEQ0VFRDQxM0FGMjdBQzc1
OEY2QUUxRDAeFw0yMzA4MDkwMzIwMDNaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZDMwNWUzLWM3OWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5TuWhsnX+LGs/iiRjcVscHB7MoNnp95wtXb2eqcjBGconenFNK5dqxX0qtisg
Lq9YXxVnv2EEMKxtJswV6VhWE3ms0pjFVG+1jnctAuhmdBPtokfT18uW1n4YimcD
Qgdif4tMd6LPpHP89AVsb4BVzX+BEkBh9MMjWPRSTmKnT5Pql04Ct7zAqzIKFrCv
MEzrCpCHRul592nK5wF2NcmTtylVHXWqAC1QNrWlkKkqb4mQiMQIMB1ILn7f4hh2
6x54umBNvBgq8nOI61teGfdRQQVHsgXHp+B4GXm9YW8oFerUJzK6PoT5R+JsQcpL
3i3g1DbQwlHvW5zks+JYv6JTAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUKZ45JUB1
wB1HS2vzq4HE2bclHNswHwYDVR0jBBgwFoAUoJDlIL+dUfL9zu1BOvJ6x1j2rh0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk1MzZDLzc1Qjk4QkYwMzY2
MDExRUU4OEUwRjUzMEM0RjlBRTAyL29KRGxJTC1kVWZMOXp1MUJPdko2eDFqMnJo
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvb0pEbElMLWRVZkw5enUxQk92SjZ4MWoycmgwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NTM2Qy83NUI5OEJGMDM2NjAxMUVFODhFMEY1MzBDNEY5QUUwMi9BMTREQ0MxQTM2
NjMxMUVFQjM3NkRDM0FDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaFSsjANBgkqhkiG9w0BAQsFAAOCAQEATZFDnMnHuJHuEfrC
zd2Mn68SlzZ47ua488uvhW1H4q45C7WkqFqjASxkSD0Y8MT6qu+1uPx5vcN6pmrR
KTlEJAKdkk7m8FCwbQfuzuTIUidQIzGswe+ec3gerR/zLRZqK0pnbmdkDeH9XzV1
4f312wTLBH9+t93y+45sPaHooSWakXtcvhxKEQnipqDKnCBXo1sqlC2k3d40ysTi
BqTCqrPNNrwFZ67EIFH1Qegk2JDyvT2vBajHRXZd3r8w7W0VmHRLMsWwbpKe1c3U
F600h16DqS+tBVj4Hyy28/BVTP4Z789q2aEk5N9NK5zm2eMxZNCrTNRFngN5GOmq
52/iyQ==
-----END CERTIFICATE-----
Generated at Mon Jun 17 08:43:22 2024 by rpki-client on console-ams.rpki-client.org