Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/1334DF726CBD11EF9B080847C4F9AE02.roa
File:                     1334DF726CBD11EF9B080847C4F9AE02.roa (raw, json)
Hash identifier:          UqcUol0WhOeK9I0HJvHx37fp/EdlGMojk7VpuurGAYo=
Subject key identifier:   39:3B:DC:ED:01:71:C3:57:25:22:F2:35:BF:8A:85:C1:DB:36:C0:2C
Certificate issuer:       /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial:       469A
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/1334DF726CBD11EF9B080847C4F9AE02.roa
Signing time:             Sat 07 Sep 2024 02:01:20 +0000
ROA not before:           Sat 07 Sep 2024 02:01:20 +0000
ROA not after:            Fri 31 Oct 2025 00:00:00 +0000
asID:                     131129
IP address blocks:        103.147.36.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
                          rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 06 Dec 2024 04:20:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18074 (0x469a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
        Validity
            Not Before: Sep  7 02:01:20 2024 GMT
            Not After : Oct 31 00:00:00 2025 GMT
        Subject: CN=66dbb3f0-cfc9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:e8:37:76:cf:33:1d:ba:61:4e:61:0e:ad:09:
                    7b:2c:d8:57:55:c2:6b:82:14:89:a4:b6:de:ab:fd:
                    c0:11:3f:16:d8:eb:09:74:be:b3:6c:3b:09:02:94:
                    93:60:34:1c:34:95:04:c5:5f:76:59:25:7d:e6:91:
                    ff:86:1e:f1:51:de:33:c2:97:5f:c1:99:ce:30:e1:
                    76:d0:bd:ff:d7:db:2e:47:5f:6e:1f:de:e2:0f:6b:
                    7f:0f:dd:a8:eb:21:6d:51:37:ce:11:75:51:1e:c4:
                    f4:51:47:9b:5b:d7:6c:36:99:d8:f1:4d:68:5a:d8:
                    33:ef:d7:cb:5e:29:21:ec:48:95:a0:b6:78:8c:05:
                    ff:b8:27:97:a2:7d:9f:1c:07:2f:c6:8c:db:5c:b6:
                    85:fb:da:4b:ae:9a:d1:44:6e:a1:c0:bb:c7:d7:7c:
                    da:01:3e:b8:bb:9f:65:99:a3:08:d1:e6:c9:43:27:
                    80:ab:37:d1:ec:ae:b0:a8:f1:14:74:0d:d5:04:87:
                    84:49:9f:62:6a:13:3d:05:ec:ea:ea:6f:7c:68:77:
                    b2:6f:c4:27:8c:31:8f:ed:f4:24:b7:40:2d:b0:3f:
                    38:18:f6:d4:19:19:a6:9f:25:61:bc:6a:25:8e:d8:
                    d1:64:e1:b4:4b:88:ad:51:1d:83:19:91:c9:89:59:
                    73:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:3B:DC:ED:01:71:C3:57:25:22:F2:35:BF:8A:85:C1:DB:36:C0:2C
            X509v3 Authority Key Identifier:
                keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/1334DF726CBD11EF9B080847C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.147.36.0/23

    Signature Algorithm: sha256WithRSAEncryption
         69:88:00:b0:8a:c4:ea:50:23:1c:5e:a8:69:32:b7:9a:ff:3e:
         1b:5e:5e:ee:0b:c0:47:b9:b6:06:ec:7d:d1:42:65:ed:da:e3:
         29:fc:1e:9e:c8:55:34:28:5e:bf:7c:e7:b5:10:2c:52:70:83:
         83:43:76:3f:8d:a3:8a:c8:4d:89:87:55:d6:53:28:bb:e8:03:
         f1:ac:ab:1b:40:26:92:00:e8:4f:ca:ab:2c:84:80:85:33:a5:
         32:7e:34:85:f5:5f:43:4c:e9:cb:bf:17:da:1d:0c:f7:62:d9:
         79:c4:1c:e0:b8:c1:93:91:d4:b4:7a:3b:55:fc:4f:a5:3d:ec:
         17:09:ea:e8:6e:36:4c:a1:61:f1:c6:0c:22:5e:e2:3e:1a:ba:
         c3:4b:2d:e8:ba:b3:a5:20:66:1c:08:b2:29:34:47:e0:1a:8f:
         35:42:7f:94:5a:0f:b2:8d:97:31:c0:e2:1a:5e:2a:41:2c:75:
         34:cb:7f:e0:bf:c6:ca:a5:01:60:bd:e4:ac:d1:8b:0c:12:bf:
         dd:28:fd:5e:35:28:36:97:bd:b2:2f:55:15:4e:54:51:6a:8d:
         0d:c3:fb:40:18:08:5c:09:e2:17:73:21:7e:a7:e0:87:9a:b7:
         c7:85:48:6a:7c:a0:d7:e8:c9:1e:d2:94:7d:6f:11:07:b0:af:
         13:ce:85:43
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICRpowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA3MDIwMTIwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmRiYjNmMC1jZmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoeg3ds8zHbphTmEOrQl7LNhXVcJrghSJpLbeq/3AET8W2OsJdL6zbDsJApST
YDQcNJUExV92WSV95pH/hh7xUd4zwpdfwZnOMOF20L3/19suR19uH97iD2t/D92o
6yFtUTfOEXVRHsT0UUebW9dsNpnY8U1oWtgz79fLXikh7EiVoLZ4jAX/uCeXon2f
HAcvxozbXLaF+9pLrprRRG6hwLvH13zaAT64u59lmaMI0ebJQyeAqzfR7K6wqPEU
dA3VBIeESZ9iahM9Bezq6m98aHeyb8QnjDGP7fQkt0AtsD84GPbUGRmmnyVhvGol
jtjRZOG0S4itUR2DGZHJiVlztwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDk73O0B
ccNXJSLyNb+KhcHbNsAsMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvMTMzNERGNzI2
Q0JEMTFFRjlCMDgwODQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnkyQwDQYJKoZIhvcNAQELBQADggEBAGmIALCKxOpQIxxe
qGkyt5r/PhteXu4LwEe5tgbsfdFCZe3a4yn8Hp7IVTQoXr9857UQLFJwg4NDdj+N
o4rITYmHVdZTKLvoA/GsqxtAJpIA6E/KqyyEgIUzpTJ+NIX1X0NM6cu/F9odDPdi
2XnEHOC4wZOR1LR6O1X8T6U97BcJ6uhuNkyhYfHGDCJe4j4ausNLLei6s6UgZhwI
sik0R+AajzVCf5RaD7KNlzHA4hpeKkEsdTTLf+C/xsqlAWC95KzRiwwSv90o/V41
KDaXvbIvVRVOVFFqjQ3D+0AYCFwJ4hdzIX6n4Ieat8eFSGp8oNfoyR7SlH1vEQew
rxPOhUM=
-----END CERTIFICATE-----
Generated at Fri Nov 29 05:58:39 2024 by rpki-client on console-fra.rpki-client.org