Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3B91/A365336E3E2411EC9B55E152C4F9AE02/A82A33A6C0A711EE97A2E984C4F9AE02.roa
File:                     A82A33A6C0A711EE97A2E984C4F9AE02.roa (raw, json)
Hash identifier:          SOn2/YoiOnQcCPNXa5HjTXOEZ/tUCYCahIULlvuRhw4=
Subject key identifier:   EE:4B:A8:08:26:C4:7C:B7:08:B1:58:71:35:38:09:1D:67:97:BC:DE
Certificate issuer:       /CN=A91A3B91/serialNumber=AD102ED0289DC4E4FADE70B34D7660CA0D2BBD2B
Certificate serial:       03AA
Authority key identifier: AD:10:2E:D0:28:9D:C4:E4:FA:DE:70:B3:4D:76:60:CA:0D:2B:BD:2B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rRAu0CidxOT63nCzTXZgyg0rvSs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A3B91/A365336E3E2411EC9B55E152C4F9AE02/A82A33A6C0A711EE97A2E984C4F9AE02.roa
Signing time:             Sat 17 Feb 2024 02:14:54 +0000
ROA not before:           Sat 17 Feb 2024 02:14:54 +0000
ROA not after:            Sun 02 Mar 2025 00:00:00 +0000
asID:                     212806
IP address blocks:        103.175.234.0/23 maxlen: 23
                          103.175.234.0/24 maxlen: 24
                          103.175.235.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A3B91/A365336E3E2411EC9B55E152C4F9AE02/rRAu0CidxOT63nCzTXZgyg0rvSs.crl
                          rsync://rpki.apnic.net/member_repository/A91A3B91/A365336E3E2411EC9B55E152C4F9AE02/rRAu0CidxOT63nCzTXZgyg0rvSs.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rRAu0CidxOT63nCzTXZgyg0rvSs.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 02:50:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 938 (0x3aa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A3B91/serialNumber=AD102ED0289DC4E4FADE70B34D7660CA0D2BBD2B
        Validity
            Not Before: Feb 17 02:14:54 2024 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=65d0169e-64c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:04:0d:49:c2:e1:f8:a3:9e:4a:ea:73:d1:1e:
                    65:88:31:bd:88:6c:cc:4f:cb:70:df:17:5c:c5:8e:
                    d7:d0:73:c9:a9:a4:8c:7e:c0:f7:eb:bc:cb:39:23:
                    ab:f6:33:91:ab:54:3c:a4:4d:c2:09:a9:dd:89:86:
                    b9:4f:9c:d7:28:1e:62:35:26:f2:bc:03:47:5a:59:
                    13:d1:34:3c:14:8a:a1:b8:01:ee:35:62:5f:92:83:
                    e8:6a:e4:6e:c6:38:15:63:85:72:fb:98:49:01:22:
                    ef:8f:6c:dc:49:cb:fe:68:d5:6c:4b:cb:c5:f5:25:
                    25:0c:c2:a3:8a:80:e0:b7:4d:10:a0:0b:c8:8e:4f:
                    ef:7b:83:07:7d:78:e0:db:71:11:04:d8:c1:53:98:
                    e3:41:45:d9:44:04:dc:1d:fa:5d:ae:32:bf:4f:b3:
                    32:0c:27:31:c8:11:65:18:e8:af:59:f8:9a:85:f2:
                    34:7a:1a:fa:24:a4:16:25:72:11:c1:02:86:89:66:
                    8b:ee:57:c0:40:38:88:85:b5:ad:bd:16:07:4a:5d:
                    7b:da:fc:e0:c3:29:f3:02:24:03:08:67:76:8f:ec:
                    2d:a8:d6:e6:3c:4a:9d:c7:89:c6:84:a4:98:ed:9d:
                    eb:74:f7:a6:22:87:3a:4e:e3:a4:9d:39:6c:e5:19:
                    09:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:4B:A8:08:26:C4:7C:B7:08:B1:58:71:35:38:09:1D:67:97:BC:DE
            X509v3 Authority Key Identifier:
                keyid:AD:10:2E:D0:28:9D:C4:E4:FA:DE:70:B3:4D:76:60:CA:0D:2B:BD:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A3B91/A365336E3E2411EC9B55E152C4F9AE02/rRAu0CidxOT63nCzTXZgyg0rvSs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rRAu0CidxOT63nCzTXZgyg0rvSs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3B91/A365336E3E2411EC9B55E152C4F9AE02/A82A33A6C0A711EE97A2E984C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.175.234.0/23

    Signature Algorithm: sha256WithRSAEncryption
         76:1c:a5:ea:aa:7d:06:64:ba:e0:33:ed:a6:6e:fb:d8:80:0c:
         fb:94:7c:dd:00:74:23:86:30:bf:ae:a1:ab:31:7a:52:d7:63:
         f0:6d:3c:c9:f6:32:35:5d:87:63:17:38:4c:19:11:48:33:b6:
         29:4b:76:7f:e3:e9:4b:ef:96:5f:c5:74:3f:6c:6c:04:c6:a9:
         f9:92:19:a8:57:ee:e4:fc:76:03:36:0f:1c:a7:b9:88:d7:b6:
         4f:f8:46:15:cb:58:b6:9a:76:dd:5d:3a:82:8a:44:ea:78:7d:
         b9:87:37:9a:e5:66:cd:37:a0:40:9a:5a:c8:f2:81:08:03:8a:
         e6:6a:00:77:5c:be:b8:e9:2f:2c:98:6b:d7:fd:3c:a9:cb:1a:
         2a:d2:01:f7:49:51:71:39:1d:39:f7:50:56:16:f6:f0:f7:c0:
         03:98:8c:fc:fd:b7:96:f4:39:dd:83:85:1f:69:fb:50:3f:df:
         53:22:34:fc:5c:08:eb:7f:f6:07:a4:0e:ec:08:c9:0a:8f:7f:
         11:5d:84:49:3f:33:7a:86:2e:bb:51:59:82:3b:06:40:e4:81:
         e0:ac:ba:e0:1b:30:43:eb:f8:6b:11:d0:9f:6d:36:a3:66:58:
         da:e5:b8:fc:49:b3:6c:6d:9c:79:2a:8d:2a:26:c3:03:32:a7:
         0f:d5:9f:00
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA6owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTNCOTExMTAvBgNVBAUTKEFEMTAyRUQwMjg5REM0RTRGQURFNzBCMzRENzY2MENB
MEQyQkJEMkIwHhcNMjQwMjE3MDIxNDU0WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQwMTY5ZS02NGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5AQNScLh+KOeSupz0R5liDG9iGzMT8tw3xdcxY7X0HPJqaSMfsD367zLOSOr
9jORq1Q8pE3CCandiYa5T5zXKB5iNSbyvANHWlkT0TQ8FIqhuAHuNWJfkoPoauRu
xjgVY4Vy+5hJASLvj2zcScv+aNVsS8vF9SUlDMKjioDgt00QoAvIjk/ve4MHfXjg
23ERBNjBU5jjQUXZRATcHfpdrjK/T7MyDCcxyBFlGOivWfiahfI0ehr6JKQWJXIR
wQKGiWaL7lfAQDiIhbWtvRYHSl172vzgwynzAiQDCGd2j+wtqNbmPEqdx4nGhKSY
7Z3rdPemIoc6TuOknTls5RkJSwIDAQABo4IClTCCApEwHQYDVR0OBBYEFO5LqAgm
xHy3CLFYcTU4CR1nl7zeMB8GA1UdIwQYMBaAFK0QLtAoncTk+t5ws012YMoNK70r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBM0I5MS9BMzY1MzM2RTNF
MjQxMUVDOUI1NUUxNTJDNEY5QUUwMi9yUkF1MENpZHhPVDYzbkN6VFhaZ3lnMHJ2
U3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JSQXUwQ2lkeE9UNjNuQ3pUWFpneWcwcnZTcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTNCOTEvQTM2NTMzNkUzRTI0MTFFQzlCNTVFMTUyQzRGOUFFMDIvQTgyQTMzQTZD
MEE3MTFFRTk3QTJFOTg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnr+owDQYJKoZIhvcNAQELBQADggEBAHYcpeqqfQZkuuAz
7aZu+9iADPuUfN0AdCOGML+uoasxelLXY/BtPMn2MjVdh2MXOEwZEUgztilLdn/j
6Uvvll/FdD9sbATGqfmSGahX7uT8dgM2DxynuYjXtk/4RhXLWLaadt1dOoKKROp4
fbmHN5rlZs03oECaWsjygQgDiuZqAHdcvrjpLyyYa9f9PKnLGirSAfdJUXE5HTn3
UFYW9vD3wAOYjPz9t5b0Od2DhR9p+1A/31MiNPxcCOt/9gekDuwIyQqPfxFdhEk/
M3qGLrtRWYI7BkDkgeCsuuAbMEPr+GsR0J9tNqNmWNrluPxJs2xtnHkqjSomwwMy
pw/VnwA=
-----END CERTIFICATE-----
Generated at Sat Jun 15 03:54:21 2024 by rpki-client on console-fra.rpki-client.org