Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/A7C31AD2366311EEB376DC3AC4F9AE02.roa
File:                     A7C31AD2366311EEB376DC3AC4F9AE02.roa (raw, json)
Hash identifier:          EpzGXh2OIA10wntPCVDGGuRe3lO7z/DIuVsTo8MgJIU=
Subject key identifier:   25:A8:9E:3B:A0:43:06:B4:A6:B0:75:73:E7:56:55:79:56:42:DC:3D
Certificate issuer:       /CN=A919536C/serialNumber=488970506264EF96D81EC12E6ABD256DB30FDCFA
Certificate serial:       08
Authority key identifier: 48:89:70:50:62:64:EF:96:D8:1E:C1:2E:6A:BD:25:6D:B3:0F:DC:FA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SIlwUGJk75bYHsEuar0lbbMP3Po.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/A7C31AD2366311EEB376DC3AC4F9AE02.roa
Signing time:             Wed 09 Aug 2023 03:20:14 +0000
ROA not before:           Wed 09 Aug 2023 03:20:14 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     138422
IP address blocks:        119.110.215.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/SIlwUGJk75bYHsEuar0lbbMP3Po.crl
                          rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/SIlwUGJk75bYHsEuar0lbbMP3Po.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SIlwUGJk75bYHsEuar0lbbMP3Po.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 02:50:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8 (0x8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919536C/serialNumber=488970506264EF96D81EC12E6ABD256DB30FDCFA
        Validity
            Not Before: Aug  9 03:20:14 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=64d305ee-30ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:82:94:29:d0:9c:a7:04:f2:0d:c8:b2:df:2d:
                    7f:b8:f6:b0:de:a7:c2:14:1f:78:49:87:60:66:68:
                    06:f3:9a:4a:b5:a0:28:ac:e3:d1:26:88:26:e2:58:
                    2f:ae:50:2e:cd:65:6c:f7:0b:09:ba:88:37:3f:8c:
                    83:2a:33:b2:bd:9c:4d:28:3f:a2:15:8e:af:93:00:
                    f8:8a:df:71:20:10:59:98:b0:f1:61:14:bc:6b:93:
                    ea:d8:83:1c:07:11:d0:4a:62:df:75:12:d9:e2:86:
                    e4:14:8d:fb:36:65:b7:bc:84:7d:4d:a4:f4:86:a0:
                    fd:d5:6d:c8:51:a9:bb:de:8f:61:b2:78:bb:58:85:
                    42:13:8f:f8:f4:91:20:d1:2c:8b:69:1b:04:d7:da:
                    8a:9f:a4:69:e9:5c:07:f5:16:50:37:ed:a4:c1:4a:
                    fa:93:d2:57:de:6b:dc:0b:b8:49:00:38:29:cb:2e:
                    b9:77:bd:cd:c0:97:ec:9f:ee:ca:68:68:d6:a7:33:
                    6c:a5:b7:40:e4:e1:67:12:b8:0c:98:10:ba:e3:21:
                    74:ba:c3:bb:b6:c0:36:9b:44:ed:88:0c:41:d9:96:
                    b6:eb:7d:03:f0:2f:ea:21:4c:d1:0f:f0:16:9f:de:
                    c1:5b:db:a1:cc:24:2b:27:69:0f:b6:fa:c3:0a:34:
                    24:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:A8:9E:3B:A0:43:06:B4:A6:B0:75:73:E7:56:55:79:56:42:DC:3D
            X509v3 Authority Key Identifier:
                keyid:48:89:70:50:62:64:EF:96:D8:1E:C1:2E:6A:BD:25:6D:B3:0F:DC:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/SIlwUGJk75bYHsEuar0lbbMP3Po.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SIlwUGJk75bYHsEuar0lbbMP3Po.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/A7C31AD2366311EEB376DC3AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  119.110.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:c1:0d:df:f1:70:a2:ac:ff:94:e1:0d:33:21:a8:61:9a:3f:
         26:5a:c3:d6:f9:71:f6:49:5d:51:10:ba:fe:11:98:64:8b:bf:
         a9:6c:de:8a:d3:34:00:ed:31:41:b7:f7:c2:9c:04:11:ba:d1:
         36:c9:04:c3:fc:f7:7d:40:88:eb:c3:95:f6:2b:53:75:32:c1:
         b7:27:4b:b4:ae:e1:62:62:6d:f1:75:bc:ee:79:91:f8:7b:d1:
         14:1c:ec:8d:da:38:3a:ce:42:6a:1c:a6:ba:db:db:85:a1:1e:
         b1:c5:94:67:ee:65:45:58:88:00:dd:4b:c1:b4:7a:af:c4:6b:
         db:9a:46:a9:dd:82:a3:f6:17:9e:43:bd:68:2d:8c:ce:65:0c:
         48:a7:89:0a:5a:35:73:ec:96:90:36:6e:0f:9d:42:c6:2c:a0:
         c8:3d:18:33:9d:fb:04:6f:2b:8d:df:4d:d8:58:8a:83:41:bd:
         e3:3e:b9:ad:a5:55:0b:5b:69:bf:ca:eb:e3:7e:d2:1e:64:2e:
         6b:cb:53:81:eb:d9:0b:56:e8:22:06:84:74:6b:7e:71:f2:52:
         35:56:b3:de:fd:a6:64:3f:5f:46:c9:e8:6b:54:41:ce:32:65:
         58:bd:00:28:9b:72:dc:8a:39:a7:97:d9:1b:06:9f:ec:30:5b:
         60:1e:12:59
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NTM2QzExMC8GA1UEBRMoNDg4OTcwNTA2MjY0RUY5NkQ4MUVDMTJFNkFCRDI1NkRC
MzBGRENGQTAeFw0yMzA4MDkwMzIwMTRaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZDMwNWVlLTMwYWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGgpQp0JynBPINyLLfLX+49rDep8IUH3hJh2BmaAbzmkq1oCis49EmiCbiWC+u
UC7NZWz3Cwm6iDc/jIMqM7K9nE0oP6IVjq+TAPiK33EgEFmYsPFhFLxrk+rYgxwH
EdBKYt91EtnihuQUjfs2Zbe8hH1NpPSGoP3VbchRqbvej2GyeLtYhUITj/j0kSDR
LItpGwTX2oqfpGnpXAf1FlA37aTBSvqT0lfea9wLuEkAOCnLLrl3vc3Al+yf7spo
aNanM2ylt0Dk4WcSuAyYELrjIXS6w7u2wDabRO2IDEHZlrbrfQPwL+ohTNEP8Baf
3sFb26HMJCsnaQ+2+sMKNCRjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUJaieO6BD
BrSmsHVz51ZVeVZC3D0wHwYDVR0jBBgwFoAUSIlwUGJk75bYHsEuar0lbbMP3Pow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk1MzZDLzdFNEQ4NDYwMzY2
MDExRUU4OEUwRjUzMEM0RjlBRTAyL1NJbHdVR0prNzViWUhzRXVhcjBsYmJNUDNQ
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvU0lsd1VHSms3NWJZSHNFdWFyMGxiYk1QM1BvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NTM2Qy83RTREODQ2MDM2NjAxMUVFODhFMEY1MzBDNEY5QUUwMi9BN0MzMUFEMjM2
NjMxMUVFQjM3NkRDM0FDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAHdu1zANBgkqhkiG9w0BAQsFAAOCAQEAjcEN3/Fwoqz/lOEN
MyGoYZo/JlrD1vlx9kldURC6/hGYZIu/qWzeitM0AO0xQbf3wpwEEbrRNskEw/z3
fUCI68OV9itTdTLBtydLtK7hYmJt8XW87nmR+HvRFBzsjdo4Os5CahymutvbhaEe
scWUZ+5lRViIAN1LwbR6r8Rr25pGqd2Co/YXnkO9aC2MzmUMSKeJClo1c+yWkDZu
D51CxiygyD0YM537BG8rjd9N2FiKg0G94z65raVVC1tpv8rr437SHmQua8tTgevZ
C1boIgaEdGt+cfJSNVaz3v2mZD9fRsnoa1RBzjJlWL0AKJty3Io5p5fZGwaf7DBb
YB4SWQ==
-----END CERTIFICATE-----
Generated at Sat Jun 15 10:27:23 2024 by rpki-client on console-ams.rpki-client.org