Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91ABFD9/4AE8041EB9D711EA9CF51E5FC4F9AE02/E22ECDEAC4F811EAB8D31113C4F9AE02.roa
File:                     E22ECDEAC4F811EAB8D31113C4F9AE02.roa (raw, json)
Hash identifier:          btmAvtbg+cv8vIT238XnatcxOtJFH8w/wTzWY/BWnok=
Subject key identifier:   08:F3:B1:C0:81:91:91:BB:A2:48:26:06:91:84:92:9E:71:22:9A:D5
Certificate issuer:       /CN=A91ABFD9/serialNumber=E5EB180CD6DC516C66D352B047B9E9C5A50270E3
Certificate serial:       0762
Authority key identifier: E5:EB:18:0C:D6:DC:51:6C:66:D3:52:B0:47:B9:E9:C5:A5:02:70:E3
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5esYDNbcUWxm01KwR7npxaUCcOM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91ABFD9/4AE8041EB9D711EA9CF51E5FC4F9AE02/E22ECDEAC4F811EAB8D31113C4F9AE02.roa
Signing time:             Wed 02 Aug 2023 21:38:53 +0000
ROA not before:           Wed 02 Aug 2023 21:38:53 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     137443
IP address blocks:        103.152.170.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91ABFD9/4AE8041EB9D711EA9CF51E5FC4F9AE02/5esYDNbcUWxm01KwR7npxaUCcOM.crl
                          rsync://rpki.apnic.net/member_repository/A91ABFD9/4AE8041EB9D711EA9CF51E5FC4F9AE02/5esYDNbcUWxm01KwR7npxaUCcOM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5esYDNbcUWxm01KwR7npxaUCcOM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 02 Apr 2024 21:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1890 (0x762)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91ABFD9/serialNumber=E5EB180CD6DC516C66D352B047B9E9C5A50270E3
        Validity
            Not Before: Aug  2 21:38:53 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=64cacced-2382
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:23:2b:c5:1e:c7:a6:c0:49:70:86:93:30:87:
                    71:14:42:09:7e:b7:06:9a:25:38:bf:39:dc:2d:c3:
                    72:1b:d6:5a:2a:b0:76:21:d4:f2:94:33:91:e3:9c:
                    8b:82:36:8e:9a:07:86:ca:ba:8c:f0:eb:91:be:5c:
                    52:b3:33:82:67:cd:15:bc:42:e4:07:72:3d:e0:6f:
                    0d:b9:1f:7a:f1:65:ea:58:a6:b6:0d:10:18:e4:48:
                    11:60:66:37:98:4c:4e:87:b2:d3:3c:2a:55:87:9f:
                    18:fd:65:10:f8:59:80:78:dd:86:04:73:5b:aa:4f:
                    92:1d:63:64:d7:22:2a:e9:4e:18:33:9e:34:c5:7e:
                    5c:32:6b:5b:8a:d8:59:c8:3d:4c:24:2e:a4:bc:3f:
                    5c:a1:42:54:9b:60:84:8b:33:13:6f:0e:e4:f6:91:
                    cb:e8:1a:3d:36:9f:3b:fc:67:c3:bd:3c:93:64:41:
                    c4:30:31:5e:52:a0:d6:4f:b5:c8:44:8c:8b:14:4e:
                    bc:33:c3:a9:6a:96:24:6d:27:11:47:09:c6:f6:07:
                    fb:e9:ec:00:f4:b8:3c:74:85:2d:1a:08:e0:1f:51:
                    2c:d5:65:d6:dc:53:d8:49:6c:89:bb:67:d5:52:4c:
                    2d:c2:3a:89:7d:a3:e9:fe:c2:76:89:e3:dc:2b:af:
                    65:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:F3:B1:C0:81:91:91:BB:A2:48:26:06:91:84:92:9E:71:22:9A:D5
            X509v3 Authority Key Identifier:
                keyid:E5:EB:18:0C:D6:DC:51:6C:66:D3:52:B0:47:B9:E9:C5:A5:02:70:E3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91ABFD9/4AE8041EB9D711EA9CF51E5FC4F9AE02/5esYDNbcUWxm01KwR7npxaUCcOM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5esYDNbcUWxm01KwR7npxaUCcOM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ABFD9/4AE8041EB9D711EA9CF51E5FC4F9AE02/E22ECDEAC4F811EAB8D31113C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.152.170.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8f:64:e2:81:4c:cb:80:77:d8:fd:74:62:a9:4d:c3:c4:d3:dd:
         e4:d0:26:5f:11:ea:9b:bb:99:07:71:e7:79:f2:7a:3e:70:c5:
         e2:29:d6:d4:25:58:2b:8a:95:bc:d7:ee:3a:98:a3:19:16:6d:
         82:d4:1f:52:bd:45:7c:92:0a:a4:aa:81:95:e2:69:4a:78:49:
         d8:0b:db:f1:a5:14:5a:9e:08:92:e7:76:f1:9f:0c:47:02:a4:
         d8:85:12:be:ea:d2:90:40:da:c0:75:40:03:6c:89:61:dc:1c:
         19:35:f9:fb:2a:91:99:97:de:1f:ac:90:a1:d2:f9:de:28:78:
         fd:8f:44:f5:0c:0d:76:9a:60:b1:ea:c2:0a:03:7e:cc:e7:62:
         4b:af:a3:54:64:21:5b:29:e2:eb:24:43:38:b3:ba:7d:13:a4:
         8f:9e:cd:d8:da:26:d7:ff:54:ab:ed:e4:84:91:b7:5f:11:91:
         de:e6:12:22:3c:1d:0b:02:65:e0:f9:cd:37:60:d8:c1:59:75:
         e3:d1:33:bd:01:27:e1:4f:7a:05:9e:28:a5:d5:a3:d2:fa:f0:
         62:cb:cb:be:64:36:45:ed:f6:e9:8e:2d:51:36:6a:49:9f:a8:
         bc:64:c6:69:73:88:48:fc:0c:bc:2a:cc:b4:b0:bf:ab:e5:ac:
         5c:a2:bc:00
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB2IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUJGRDkxMTAvBgNVBAUTKEU1RUIxODBDRDZEQzUxNkM2NkQzNTJCMDQ3QjlFOUM1
QTUwMjcwRTMwHhcNMjMwODAyMjEzODUzWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNhY2NlZC0yMzgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqiMrxR7HpsBJcIaTMIdxFEIJfrcGmiU4vzncLcNyG9ZaKrB2IdTylDOR45yL
gjaOmgeGyrqM8OuRvlxSszOCZ80VvELkB3I94G8NuR968WXqWKa2DRAY5EgRYGY3
mExOh7LTPCpVh58Y/WUQ+FmAeN2GBHNbqk+SHWNk1yIq6U4YM540xX5cMmtbithZ
yD1MJC6kvD9coUJUm2CEizMTbw7k9pHL6Bo9Np87/GfDvTyTZEHEMDFeUqDWT7XI
RIyLFE68M8OpapYkbScRRwnG9gf76ewA9Lg8dIUtGgjgH1Es1WXW3FPYSWyJu2fV
UkwtwjqJfaPp/sJ2iePcK69l1QIDAQABo4IClTCCApEwHQYDVR0OBBYEFAjzscCB
kZG7okgmBpGEkp5xIprVMB8GA1UdIwQYMBaAFOXrGAzW3FFsZtNSsEe56cWlAnDj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQkZEOS80QUU4MDQxRUI5
RDcxMUVBOUNGNTFFNUZDNEY5QUUwMi81ZXNZRE5iY1VXeG0wMUt3UjducHhhVUNj
T00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVlc1lETmJjVVd4bTAxS3dSN25weGFVQ2NPTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUJGRDkvNEFFODA0MUVCOUQ3MTFFQTlDRjUxRTVGQzRGOUFFMDIvRTIyRUNERUFD
NEY4MTFFQUI4RDMxMTEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmKowDQYJKoZIhvcNAQELBQADggEBAI9k4oFMy4B32P10
YqlNw8TT3eTQJl8R6pu7mQdx53nyej5wxeIp1tQlWCuKlbzX7jqYoxkWbYLUH1K9
RXySCqSqgZXiaUp4SdgL2/GlFFqeCJLndvGfDEcCpNiFEr7q0pBA2sB1QANsiWHc
HBk1+fsqkZmX3h+skKHS+d4oeP2PRPUMDXaaYLHqwgoDfsznYkuvo1RkIVsp4usk
Qzizun0TpI+ezdjaJtf/VKvt5ISRt18Rkd7mEiI8HQsCZeD5zTdg2MFZdePRM70B
J+FPegWeKKXVo9L68GLLy75kNkXt9umOLVE2akmfqLxkxmlziEj8DLwqzLSwv6vl
rFyivAA=
-----END CERTIFICATE-----
Generated at Tue Mar 26 23:22:18 2024 by rpki-client on console-ams.rpki-client.org