Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91ABFD9/4AE8041EB9D711EA9CF51E5FC4F9AE02/F1A54AC47A5611EB876D281FC4F9AE02.roa
File:                     F1A54AC47A5611EB876D281FC4F9AE02.roa (raw, json)
Hash identifier:          dDoSSqmj+1KqoTK5wDPnFr2+FIWdHPdVfbnO5yGmVKY=
Subject key identifier:   7B:7B:E0:E0:B0:FE:A3:97:39:C7:FE:F9:FC:4F:0D:41:BC:1D:40:18
Certificate issuer:       /CN=A91ABFD9/serialNumber=E5EB180CD6DC516C66D352B047B9E9C5A50270E3
Certificate serial:       0760
Authority key identifier: E5:EB:18:0C:D6:DC:51:6C:66:D3:52:B0:47:B9:E9:C5:A5:02:70:E3
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5esYDNbcUWxm01KwR7npxaUCcOM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91ABFD9/4AE8041EB9D711EA9CF51E5FC4F9AE02/F1A54AC47A5611EB876D281FC4F9AE02.roa
Signing time:             Wed 02 Aug 2023 21:38:51 +0000
ROA not before:           Wed 02 Aug 2023 21:38:51 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     132825
IP address blocks:        103.152.170.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91ABFD9/4AE8041EB9D711EA9CF51E5FC4F9AE02/5esYDNbcUWxm01KwR7npxaUCcOM.crl
                          rsync://rpki.apnic.net/member_repository/A91ABFD9/4AE8041EB9D711EA9CF51E5FC4F9AE02/5esYDNbcUWxm01KwR7npxaUCcOM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5esYDNbcUWxm01KwR7npxaUCcOM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 19 Jun 2024 22:13:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1888 (0x760)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91ABFD9/serialNumber=E5EB180CD6DC516C66D352B047B9E9C5A50270E3
        Validity
            Not Before: Aug  2 21:38:51 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=64cacceb-c1aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:28:62:13:e4:7b:05:2a:82:ec:0c:9b:14:76:
                    51:7a:a1:9c:71:c0:86:74:bf:ce:0c:f7:f9:bf:f8:
                    28:62:91:0e:c4:31:3d:49:0b:a0:d0:26:ed:f0:dc:
                    ad:a7:45:a9:ac:53:79:db:bc:7f:c4:c2:1d:43:bf:
                    5b:e0:d7:e7:97:6f:a2:96:8c:f7:61:fe:7f:63:1f:
                    2b:dd:1b:d3:aa:63:e9:1e:4a:94:0a:a7:72:3d:db:
                    32:1e:9f:c4:6c:83:fb:53:9c:cf:1d:0d:97:ff:6f:
                    fc:d9:02:7c:9f:b8:67:a9:7f:b2:6b:a3:bb:d7:b2:
                    a3:ad:89:29:4f:45:2f:20:42:b9:ab:b8:36:7c:a4:
                    4e:99:b6:9e:2a:ef:8b:09:4a:da:94:4e:19:54:f5:
                    36:a8:fa:33:e8:9f:5f:8e:0d:14:83:d0:73:ab:53:
                    81:ab:64:63:74:84:7a:bf:6d:c7:60:d5:87:2e:f5:
                    4f:59:5c:9c:2d:92:61:a9:67:b7:93:5e:05:b9:20:
                    3f:af:66:fa:55:ae:c2:c5:e4:76:92:18:11:e4:02:
                    f2:8e:e4:ed:50:78:c1:23:39:22:84:1b:13:66:64:
                    81:1f:ae:7d:b4:34:4c:c1:27:6d:8e:76:e4:75:b1:
                    7b:e0:5c:39:94:70:f9:85:ef:70:b2:f4:21:c0:f8:
                    64:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:7B:E0:E0:B0:FE:A3:97:39:C7:FE:F9:FC:4F:0D:41:BC:1D:40:18
            X509v3 Authority Key Identifier:
                keyid:E5:EB:18:0C:D6:DC:51:6C:66:D3:52:B0:47:B9:E9:C5:A5:02:70:E3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91ABFD9/4AE8041EB9D711EA9CF51E5FC4F9AE02/5esYDNbcUWxm01KwR7npxaUCcOM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5esYDNbcUWxm01KwR7npxaUCcOM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ABFD9/4AE8041EB9D711EA9CF51E5FC4F9AE02/F1A54AC47A5611EB876D281FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.152.170.0/23

    Signature Algorithm: sha256WithRSAEncryption
         08:34:c7:cb:d0:40:af:67:c2:c5:b3:3f:5e:55:00:74:bf:9b:
         77:55:e6:0f:6b:d2:33:6b:3b:ca:5d:d7:a6:0d:eb:9a:70:eb:
         19:b5:0a:1f:ea:28:37:0b:70:38:14:e7:3c:cf:a2:8b:06:19:
         b8:eb:cb:a5:ee:f8:96:4f:83:d5:74:47:dc:b3:90:a7:1b:51:
         95:fc:03:5d:7e:47:e5:49:50:c8:61:be:be:87:15:62:28:f4:
         e5:c1:37:91:49:d4:80:36:c4:ff:90:f3:43:eb:0b:c6:2d:a2:
         fd:fe:f9:9b:be:ac:25:77:b1:e5:c6:9d:e0:f7:a7:11:ba:e6:
         15:c1:2b:83:ff:0c:ba:7b:48:d2:4e:2c:ca:27:2b:00:c0:c8:
         4e:b1:b8:96:79:ae:13:9d:d0:ed:e0:8e:eb:44:9a:55:ce:28:
         9f:34:64:ff:14:98:3d:c6:01:9e:73:c0:67:58:bb:98:bd:de:
         48:f2:21:c0:30:d1:65:76:7e:00:df:63:4a:d5:77:17:9c:6a:
         d0:a3:fc:ba:d5:75:2d:31:ba:db:6c:1e:a1:fb:f7:10:d2:c7:
         ba:26:7a:69:bc:ab:18:45:d6:32:b7:31:ee:56:fe:6a:19:79:
         4d:66:bd:75:52:b4:4f:56:77:9d:64:70:20:07:17:20:ed:d4:
         03:91:c9:8f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB2AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUJGRDkxMTAvBgNVBAUTKEU1RUIxODBDRDZEQzUxNkM2NkQzNTJCMDQ3QjlFOUM1
QTUwMjcwRTMwHhcNMjMwODAyMjEzODUxWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNhY2NlYi1jMWFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8ChiE+R7BSqC7AybFHZReqGcccCGdL/ODPf5v/goYpEOxDE9SQug0Cbt8Nyt
p0WprFN527x/xMIdQ79b4Nfnl2+iloz3Yf5/Yx8r3RvTqmPpHkqUCqdyPdsyHp/E
bIP7U5zPHQ2X/2/82QJ8n7hnqX+ya6O717KjrYkpT0UvIEK5q7g2fKROmbaeKu+L
CUralE4ZVPU2qPoz6J9fjg0Ug9Bzq1OBq2RjdIR6v23HYNWHLvVPWVycLZJhqWe3
k14FuSA/r2b6Va7CxeR2khgR5ALyjuTtUHjBIzkihBsTZmSBH659tDRMwSdtjnbk
dbF74Fw5lHD5he9wsvQhwPhk+QIDAQABo4IClTCCApEwHQYDVR0OBBYEFHt74OCw
/qOXOcf++fxPDUG8HUAYMB8GA1UdIwQYMBaAFOXrGAzW3FFsZtNSsEe56cWlAnDj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQkZEOS80QUU4MDQxRUI5
RDcxMUVBOUNGNTFFNUZDNEY5QUUwMi81ZXNZRE5iY1VXeG0wMUt3UjducHhhVUNj
T00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVlc1lETmJjVVd4bTAxS3dSN25weGFVQ2NPTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUJGRDkvNEFFODA0MUVCOUQ3MTFFQTlDRjUxRTVGQzRGOUFFMDIvRjFBNTRBQzQ3
QTU2MTFFQjg3NkQyODFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmKowDQYJKoZIhvcNAQELBQADggEBAAg0x8vQQK9nwsWz
P15VAHS/m3dV5g9r0jNrO8pd16YN65pw6xm1Ch/qKDcLcDgU5zzPoosGGbjry6Xu
+JZPg9V0R9yzkKcbUZX8A11+R+VJUMhhvr6HFWIo9OXBN5FJ1IA2xP+Q80PrC8Yt
ov3++Zu+rCV3seXGneD3pxG65hXBK4P/DLp7SNJOLMonKwDAyE6xuJZ5rhOd0O3g
jutEmlXOKJ80ZP8UmD3GAZ5zwGdYu5i93kjyIcAw0WV2fgDfY0rVdxecatCj/LrV
dS0xuttsHqH79xDSx7omemm8qxhF1jK3Me5W/moZeU1mvXVStE9Wd51kcCAHFyDt
1AORyY8=
-----END CERTIFICATE-----
Generated at Thu Jun 13 01:42:36 2024 by rpki-client on console-ams.rpki-client.org