Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A279C/1CEB7718335111E7BF4B9586C4F9AE02/9D2302A4F1D011E88D564045C4F9AE02.roa
File:                     9D2302A4F1D011E88D564045C4F9AE02.roa (raw, json)
Hash identifier:          a50jvf311yVZMkPnjaiz9q3CIoz1l3rrtN0kJY6XaHw=
Subject key identifier:   F6:F1:FD:DC:A4:80:E8:5F:4A:77:58:A2:1E:B8:FF:69:FA:62:BD:D4
Certificate issuer:       /CN=A91A279C/serialNumber=0BA34E6430B10E6A7F2D29964425D1F714AF865C
Certificate serial:       19EA
Authority key identifier: 0B:A3:4E:64:30:B1:0E:6A:7F:2D:29:96:44:25:D1:F7:14:AF:86:5C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C6NOZDCxDmp_LSmWRCXR9xSvhlw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A279C/1CEB7718335111E7BF4B9586C4F9AE02/9D2302A4F1D011E88D564045C4F9AE02.roa
Signing time:             Wed 08 May 2024 17:04:58 +0000
ROA not before:           Wed 08 May 2024 17:04:58 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     136424
IP address blocks:        103.87.91.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A279C/1CEB7718335111E7BF4B9586C4F9AE02/C6NOZDCxDmp_LSmWRCXR9xSvhlw.crl
                          rsync://rpki.apnic.net/member_repository/A91A279C/1CEB7718335111E7BF4B9586C4F9AE02/C6NOZDCxDmp_LSmWRCXR9xSvhlw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C6NOZDCxDmp_LSmWRCXR9xSvhlw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 16:21:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6634 (0x19ea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A279C/serialNumber=0BA34E6430B10E6A7F2D29964425D1F714AF865C
        Validity
            Not Before: May  8 17:04:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=663bb0b9-97d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:5a:86:a5:4d:ac:a2:7c:d2:31:79:f2:98:81:
                    0e:f3:9c:01:77:9b:6a:5c:ed:39:8b:e2:fe:62:b0:
                    9e:ef:09:0b:85:2c:17:3b:c2:e1:cb:e9:eb:eb:eb:
                    bb:0f:0b:20:00:ce:ff:2c:86:ad:96:56:87:84:1d:
                    53:a5:dc:2b:ea:f0:4b:25:f6:35:e7:56:a4:5d:35:
                    a4:d6:97:d1:1d:78:96:38:2f:09:e6:8d:bb:03:af:
                    f4:71:e3:62:4e:01:b1:79:0e:41:ab:a4:10:a2:73:
                    76:73:57:ae:33:fc:d2:0b:ec:8a:23:7c:08:32:12:
                    8d:a5:6c:9b:f6:2b:a3:70:5a:b2:60:5f:39:01:d4:
                    69:8b:78:01:88:f2:23:f1:21:ee:cc:89:95:d1:37:
                    db:8f:8e:ff:47:bc:c0:ab:65:e1:cb:a3:16:b6:b1:
                    88:fb:23:e6:bd:1e:76:5d:24:4a:68:34:31:aa:9c:
                    1c:99:27:0c:4a:fb:66:29:93:5d:86:17:17:2b:cc:
                    fe:b2:32:9a:d0:45:f9:b3:0a:b9:97:e5:d7:47:fe:
                    9a:fa:72:a3:ab:80:b7:af:51:40:db:67:fa:89:4b:
                    40:49:4f:4b:c8:f3:a5:58:dc:05:a9:1e:ed:7a:fe:
                    73:3e:7e:71:a5:a2:48:78:65:e8:d9:a5:79:01:06:
                    76:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:F1:FD:DC:A4:80:E8:5F:4A:77:58:A2:1E:B8:FF:69:FA:62:BD:D4
            X509v3 Authority Key Identifier:
                keyid:0B:A3:4E:64:30:B1:0E:6A:7F:2D:29:96:44:25:D1:F7:14:AF:86:5C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A279C/1CEB7718335111E7BF4B9586C4F9AE02/C6NOZDCxDmp_LSmWRCXR9xSvhlw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C6NOZDCxDmp_LSmWRCXR9xSvhlw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A279C/1CEB7718335111E7BF4B9586C4F9AE02/9D2302A4F1D011E88D564045C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.87.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cb:50:32:00:ad:b5:51:34:da:4d:7d:90:df:be:3f:3d:09:f0:
         68:ea:1d:16:67:36:e2:37:40:03:9f:7c:25:8d:2d:73:b3:9f:
         e8:c1:92:56:81:01:36:e9:c1:8a:c8:48:d3:0c:fd:da:3c:ab:
         91:6b:ce:b6:1b:77:51:2f:7b:b1:49:b4:37:d7:6a:3e:02:ef:
         34:c2:37:9a:70:bd:39:93:7b:c2:84:78:78:c9:f6:28:f3:cd:
         ba:ea:e6:1c:e5:95:2f:80:aa:fb:b1:4b:6f:90:0d:f1:ff:1a:
         42:da:b4:33:d7:2f:9e:21:41:80:c9:9a:75:04:2b:2b:d3:81:
         a0:f9:08:32:a5:5f:3b:72:b9:d7:0b:1c:4d:a1:3e:a3:68:25:
         04:da:34:22:7b:3a:50:0d:e4:c2:02:de:69:4e:16:5b:ce:2c:
         10:79:a7:8a:82:3e:42:32:d8:24:49:31:63:9f:91:30:0f:c5:
         9e:62:84:af:76:92:c7:c6:8a:f3:88:bc:f6:2b:68:8c:0c:25:
         a4:10:87:c8:1a:9a:07:a1:c5:06:9b:15:88:0f:bb:28:26:de:
         6f:bb:14:30:d0:84:5d:dc:70:b5:b8:6f:eb:06:40:a8:f3:c4:
         cd:50:57:e0:96:b6:0d:45:bc:4b:f8:d6:3f:f1:54:ce:3f:b8:
         3a:04:08:7c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGeowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTI3OUMxMTAvBgNVBAUTKDBCQTM0RTY0MzBCMTBFNkE3RjJEMjk5NjQ0MjVEMUY3
MTRBRjg2NUMwHhcNMjQwNTA4MTcwNDU4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNiYjBiOS05N2QxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsVqGpU2sonzSMXnymIEO85wBd5tqXO05i+L+YrCe7wkLhSwXO8Lhy+nr6+u7
DwsgAM7/LIatllaHhB1Tpdwr6vBLJfY151akXTWk1pfRHXiWOC8J5o27A6/0ceNi
TgGxeQ5Bq6QQonN2c1euM/zSC+yKI3wIMhKNpWyb9iujcFqyYF85AdRpi3gBiPIj
8SHuzImV0Tfbj47/R7zAq2Xhy6MWtrGI+yPmvR52XSRKaDQxqpwcmScMSvtmKZNd
hhcXK8z+sjKa0EX5swq5l+XXR/6a+nKjq4C3r1FA22f6iUtASU9LyPOlWNwFqR7t
ev5zPn5xpaJIeGXo2aV5AQZ2awIDAQABo4IClTCCApEwHQYDVR0OBBYEFPbx/dyk
gOhfSndYoh64/2n6Yr3UMB8GA1UdIwQYMBaAFAujTmQwsQ5qfy0plkQl0fcUr4Zc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMjc5Qy8xQ0VCNzcxODMz
NTExMUU3QkY0Qjk1ODZDNEY5QUUwMi9DNk5PWkRDeERtcF9MU21XUkNYUjl4U3Zo
bHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0M2Tk9aREN4RG1wX0xTbVdSQ1hSOXhTdmhsdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTI3OUMvMUNFQjc3MTgzMzUxMTFFN0JGNEI5NTg2QzRGOUFFMDIvOUQyMzAyQTRG
MUQwMTFFODhENTY0MDQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnV1swDQYJKoZIhvcNAQELBQADggEBAMtQMgCttVE02k19
kN++Pz0J8GjqHRZnNuI3QAOffCWNLXOzn+jBklaBATbpwYrISNMM/do8q5FrzrYb
d1Eve7FJtDfXaj4C7zTCN5pwvTmTe8KEeHjJ9ijzzbrq5hzllS+AqvuxS2+QDfH/
GkLatDPXL54hQYDJmnUEKyvTgaD5CDKlXztyudcLHE2hPqNoJQTaNCJ7OlAN5MIC
3mlOFlvOLBB5p4qCPkIy2CRJMWOfkTAPxZ5ihK92ksfGivOIvPYraIwMJaQQh8ga
mgehxQabFYgPuygm3m+7FDDQhF3ccLW4b+sGQKjzxM1QV+CWtg1FvEv41j/xVM4/
uDoECHw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:56:19 2024 by rpki-client on console-fra.rpki-client.org