Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7B94/CC741BB6377011EE8DC8BB34C4F9AE02/B0562E7AEC6E11EEB7FC060BC4F9AE02.roa
File:                     B0562E7AEC6E11EEB7FC060BC4F9AE02.roa (raw, json)
Hash identifier:          OeW8BLgkc58uILCZYLvhTkPH8PzObHvU/yKQAx0JSC0=
Subject key identifier:   27:3F:07:F9:C5:CA:74:8D:C7:40:CF:4C:33:4F:F4:B9:90:15:B6:68
Certificate issuer:       /CN=A91A7B94/serialNumber=3126F4EF05E3AE75A09144B667D39347D4DAA890
Certificate serial:       81
Authority key identifier: 31:26:F4:EF:05:E3:AE:75:A0:91:44:B6:67:D3:93:47:D4:DA:A8:90
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MSb07wXjrnWgkUS2Z9OTR9TaqJA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A7B94/CC741BB6377011EE8DC8BB34C4F9AE02/B0562E7AEC6E11EEB7FC060BC4F9AE02.roa
Signing time:             Wed 27 Mar 2024 19:17:44 +0000
ROA not before:           Wed 27 Mar 2024 19:17:44 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     55020
IP address blocks:        103.112.96.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A7B94/CC741BB6377011EE8DC8BB34C4F9AE02/MSb07wXjrnWgkUS2Z9OTR9TaqJA.crl
                          rsync://rpki.apnic.net/member_repository/A91A7B94/CC741BB6377011EE8DC8BB34C4F9AE02/MSb07wXjrnWgkUS2Z9OTR9TaqJA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MSb07wXjrnWgkUS2Z9OTR9TaqJA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 02:50:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 129 (0x81)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A7B94/serialNumber=3126F4EF05E3AE75A09144B667D39347D4DAA890
        Validity
            Not Before: Mar 27 19:17:44 2024 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=660470d8-8dca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:fd:c4:87:4f:ac:79:7a:8e:f6:a9:2e:36:3d:
                    44:a1:e4:b5:59:0e:34:4a:8e:2e:38:49:5e:bc:da:
                    66:35:ba:f9:46:44:94:51:88:c1:f8:83:6d:2c:17:
                    5b:d2:fa:61:a3:07:e9:60:f3:0c:87:5f:1b:fb:f5:
                    42:b2:33:71:50:42:19:57:00:18:2c:07:0a:44:d9:
                    62:48:91:ba:e1:26:c8:65:22:fa:aa:52:0d:7f:ab:
                    d7:cc:01:c6:c2:42:8e:f4:79:30:d4:a9:1a:3f:22:
                    04:eb:f1:ea:fe:2b:7b:64:e1:42:6f:65:53:2c:3a:
                    93:29:b3:80:24:2d:27:31:37:41:6c:52:7e:4a:4c:
                    09:d1:1c:98:59:0f:41:60:a4:38:7e:49:56:af:bd:
                    a4:6e:f2:3a:bf:95:03:eb:75:ac:5b:f9:e6:63:cd:
                    ac:af:26:d8:fd:37:43:e1:69:b9:e7:8f:6e:19:ce:
                    0b:1e:34:7c:22:42:f1:c2:17:3f:09:2e:1b:e7:c1:
                    51:a8:fc:e1:6b:51:02:6d:a2:fa:c0:6e:7b:a5:56:
                    bd:b1:ed:25:bc:62:36:8d:ac:ff:01:2b:52:6a:52:
                    9d:6a:a2:4c:9e:74:b2:2e:8b:94:7d:85:1e:54:30:
                    63:ad:64:82:1c:da:e7:78:f0:2c:02:d0:3f:cf:8c:
                    49:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:3F:07:F9:C5:CA:74:8D:C7:40:CF:4C:33:4F:F4:B9:90:15:B6:68
            X509v3 Authority Key Identifier:
                keyid:31:26:F4:EF:05:E3:AE:75:A0:91:44:B6:67:D3:93:47:D4:DA:A8:90

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A7B94/CC741BB6377011EE8DC8BB34C4F9AE02/MSb07wXjrnWgkUS2Z9OTR9TaqJA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MSb07wXjrnWgkUS2Z9OTR9TaqJA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7B94/CC741BB6377011EE8DC8BB34C4F9AE02/B0562E7AEC6E11EEB7FC060BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.112.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         18:64:2f:92:c6:6c:9e:6d:d4:c1:b1:83:c2:c8:84:6a:07:77:
         51:ba:4e:d0:90:6c:08:44:c9:f9:34:ba:20:14:83:d7:eb:a5:
         43:87:72:e1:8c:de:60:27:3e:be:a9:81:57:7c:5e:dc:6c:b1:
         4b:8b:96:9d:7e:5a:2e:cc:ed:a5:91:57:0b:c6:ed:c5:72:44:
         0d:be:84:76:6c:3f:3a:95:4a:6f:5a:77:e3:dc:08:db:9a:dd:
         45:1c:e6:92:27:84:a8:d6:70:f3:a4:0a:a4:07:e5:8d:ef:6e:
         c9:22:f3:9f:69:fe:c5:7a:e1:13:d6:b3:91:6e:70:11:e1:23:
         b2:ad:07:eb:61:e5:fa:7b:62:21:be:9c:24:ca:ca:29:aa:aa:
         58:0c:06:04:f1:44:c0:d9:5d:61:18:3f:34:38:cf:bd:fa:73:
         c3:73:24:91:16:35:ec:a9:88:42:b1:ab:8a:e1:d1:40:ea:6f:
         db:b4:0d:0d:81:ac:f4:44:2e:94:ec:4c:e8:70:85:6e:d7:48:
         97:7e:b1:55:03:dc:84:9e:b7:db:de:aa:64:b2:a1:ed:81:1f:
         1b:4c:ed:8d:f4:47:10:a5:6d:78:85:c9:35:07:01:71:56:b3:
         96:70:ce:60:28:70:99:10:4e:e3:ad:81:27:f8:b6:54:09:f7:
         8a:7a:31:27
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAIEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTdCOTQxMTAvBgNVBAUTKDMxMjZGNEVGMDVFM0FFNzVBMDkxNDRCNjY3RDM5MzQ3
RDREQUE4OTAwHhcNMjQwMzI3MTkxNzQ0WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjA0NzBkOC04ZGNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzP3Eh0+seXqO9qkuNj1EoeS1WQ40So4uOElevNpmNbr5RkSUUYjB+INtLBdb
0vphowfpYPMMh18b+/VCsjNxUEIZVwAYLAcKRNliSJG64SbIZSL6qlINf6vXzAHG
wkKO9Hkw1KkaPyIE6/Hq/it7ZOFCb2VTLDqTKbOAJC0nMTdBbFJ+SkwJ0RyYWQ9B
YKQ4fklWr72kbvI6v5UD63WsW/nmY82srybY/TdD4Wm5549uGc4LHjR8IkLxwhc/
CS4b58FRqPzha1ECbaL6wG57pVa9se0lvGI2jaz/AStSalKdaqJMnnSyLouUfYUe
VDBjrWSCHNrnePAsAtA/z4xJcwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCc/B/nF
ynSNx0DPTDNP9LmQFbZoMB8GA1UdIwQYMBaAFDEm9O8F4651oJFEtmfTk0fU2qiQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBN0I5NC9DQzc0MUJCNjM3
NzAxMUVFOERDOEJCMzRDNEY5QUUwMi9NU2IwN3dYanJuV2drVVMyWjlPVFI5VGFx
SkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01TYjA3d1hqcm5XZ2tVUzJaOU9UUjlUYXFKQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTdCOTQvQ0M3NDFCQjYzNzcwMTFFRThEQzhCQjM0QzRGOUFFMDIvQjA1NjJFN0FF
QzZFMTFFRUI3RkMwNjBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJncGAwDQYJKoZIhvcNAQELBQADggEBABhkL5LGbJ5t1MGx
g8LIhGoHd1G6TtCQbAhEyfk0uiAUg9frpUOHcuGM3mAnPr6pgVd8XtxssUuLlp1+
Wi7M7aWRVwvG7cVyRA2+hHZsPzqVSm9ad+PcCNua3UUc5pInhKjWcPOkCqQH5Y3v
bski859p/sV64RPWs5FucBHhI7KtB+th5fp7YiG+nCTKyimqqlgMBgTxRMDZXWEY
PzQ4z736c8NzJJEWNeypiEKxq4rh0UDqb9u0DQ2BrPRELpTsTOhwhW7XSJd+sVUD
3ISet9veqmSyoe2BHxtM7Y30RxClbXiFyTUHAXFWs5ZwzmAocJkQTuOtgSf4tlQJ
94p6MSc=
-----END CERTIFICATE-----
Generated at Sat Jun 15 10:27:25 2024 by rpki-client on console-ams.rpki-client.org