Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B253D/86B0D73EF71F11EAAE96B225C4F9AE02/76EBD456F72011EA8776EC28C4F9AE02.roa
File:                     76EBD456F72011EA8776EC28C4F9AE02.roa (raw, json)
Hash identifier:          OSuo22pCpFQlpJJN8xkAzm6P90bv2Mjg2FXUApiRfIg=
Subject key identifier:   61:29:E7:4D:D7:E6:7E:5E:74:58:1E:E0:A8:BE:DA:F7:57:EF:EB:A9
Certificate issuer:       /CN=A91B253D/serialNumber=00C131E668B5FE94ECB43931847A728AACE82D4B
Certificate serial:       074A
Authority key identifier: 00:C1:31:E6:68:B5:FE:94:EC:B4:39:31:84:7A:72:8A:AC:E8:2D:4B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AMEx5mi1_pTstDkxhHpyiqzoLUs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B253D/86B0D73EF71F11EAAE96B225C4F9AE02/76EBD456F72011EA8776EC28C4F9AE02.roa
Signing time:             Thu 26 Sep 2024 21:20:45 +0000
ROA not before:           Thu 26 Sep 2024 21:20:45 +0000
ROA not after:            Mon 01 Dec 2025 00:00:00 +0000
asID:                     38203
IP address blocks:        103.155.178.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B253D/86B0D73EF71F11EAAE96B225C4F9AE02/AMEx5mi1_pTstDkxhHpyiqzoLUs.crl
                          rsync://rpki.apnic.net/member_repository/A91B253D/86B0D73EF71F11EAAE96B225C4F9AE02/AMEx5mi1_pTstDkxhHpyiqzoLUs.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AMEx5mi1_pTstDkxhHpyiqzoLUs.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 17 Dec 2024 21:06:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1866 (0x74a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B253D/serialNumber=00C131E668B5FE94ECB43931847A728AACE82D4B
        Validity
            Not Before: Sep 26 21:20:45 2024 GMT
            Not After : Dec  1 00:00:00 2025 GMT
        Subject: CN=66f5d02c-1a7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:31:17:24:5f:0f:78:9d:ff:30:3d:14:e1:40:
                    c3:4c:dd:a6:2c:9d:6a:83:03:0f:37:b9:e5:45:a1:
                    77:a8:17:0f:e3:1c:a5:d7:a1:c8:a0:70:bd:21:51:
                    25:4a:43:0d:79:d4:4e:0a:d0:7f:4b:82:52:f4:e0:
                    f3:44:d6:87:b7:73:7f:2a:05:46:61:a7:90:7f:fc:
                    fa:f9:c9:44:0a:37:a9:36:41:c1:33:5f:6d:b0:9d:
                    a2:af:0c:65:db:2a:22:f6:28:e1:83:2b:5e:ae:d6:
                    40:70:6b:1c:41:70:24:c1:98:82:d7:bc:d6:5c:ff:
                    b2:f1:5f:fb:0d:0e:91:bc:7d:46:be:cf:6b:29:9f:
                    b3:41:89:5e:0a:67:62:b6:5b:e4:58:09:87:8d:c1:
                    2e:28:7a:e1:32:db:0d:c8:74:36:8a:4d:fe:20:1b:
                    7e:19:0e:df:a1:3b:a6:db:4d:e5:87:cd:ba:87:2a:
                    d7:29:1a:9e:d5:cc:9a:db:4e:dd:f9:32:5e:8f:fb:
                    6b:47:90:10:51:53:10:d4:8f:c8:f6:5d:b2:c0:e4:
                    ab:05:39:0a:51:d0:8b:dd:2f:9e:e6:1d:7e:38:d5:
                    1e:8c:3c:aa:69:21:81:7c:0f:c1:43:c8:ea:eb:e1:
                    1c:69:b4:27:12:1a:99:1a:2d:9e:0f:14:7f:49:d1:
                    68:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:29:E7:4D:D7:E6:7E:5E:74:58:1E:E0:A8:BE:DA:F7:57:EF:EB:A9
            X509v3 Authority Key Identifier:
                keyid:00:C1:31:E6:68:B5:FE:94:EC:B4:39:31:84:7A:72:8A:AC:E8:2D:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B253D/86B0D73EF71F11EAAE96B225C4F9AE02/AMEx5mi1_pTstDkxhHpyiqzoLUs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AMEx5mi1_pTstDkxhHpyiqzoLUs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B253D/86B0D73EF71F11EAAE96B225C4F9AE02/76EBD456F72011EA8776EC28C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.155.178.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a9:2a:dc:2f:ec:7d:00:5a:95:03:c5:82:23:8b:3b:1b:d6:96:
         18:b7:a4:58:17:10:6a:26:ce:06:5c:20:90:9e:dc:57:0d:dd:
         bb:4c:34:46:a6:53:3c:26:f6:04:d4:e8:41:dd:40:71:69:4c:
         29:76:36:b8:b7:dd:c4:97:06:ab:31:6e:8c:03:52:5c:9b:06:
         7f:41:d3:34:09:d2:84:ea:b0:a0:40:3e:32:f2:6e:d6:d9:a3:
         9b:4d:63:15:f6:22:91:44:51:69:43:51:7a:5f:ba:9f:f1:b5:
         2f:c9:50:84:d5:3a:48:ab:97:ce:a4:ac:9a:08:b9:ea:68:26:
         5e:fb:cc:cb:6b:c8:c8:fd:43:82:b3:46:74:97:36:bc:31:b4:
         3d:36:c0:1d:55:24:1d:2e:d1:5d:18:17:01:1e:db:1f:07:77:
         00:8c:be:49:03:77:30:37:05:82:eb:26:e0:eb:14:f1:2a:30:
         b2:c8:81:08:8a:5d:bc:ed:e5:27:8c:5f:83:3a:f6:07:bc:99:
         b5:d4:2d:d9:24:95:c2:d0:3c:6a:bb:a1:65:d8:70:0d:6d:2f:
         ef:c1:cf:d6:72:d1:84:f0:6a:1f:25:f6:6e:37:27:02:c4:d2:
         7b:bb:b4:f7:03:a0:fc:4f:01:ee:8a:d3:97:74:9b:d8:c0:e0:
         e9:ec:9b:b5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB0owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjI1M0QxMTAvBgNVBAUTKDAwQzEzMUU2NjhCNUZFOTRFQ0I0MzkzMTg0N0E3MjhB
QUNFODJENEIwHhcNMjQwOTI2MjEyMDQ1WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY1ZDAyYy0xYTdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnzEXJF8PeJ3/MD0U4UDDTN2mLJ1qgwMPN7nlRaF3qBcP4xyl16HIoHC9IVEl
SkMNedROCtB/S4JS9ODzRNaHt3N/KgVGYaeQf/z6+clECjepNkHBM19tsJ2irwxl
2yoi9ijhgytertZAcGscQXAkwZiC17zWXP+y8V/7DQ6RvH1Gvs9rKZ+zQYleCmdi
tlvkWAmHjcEuKHrhMtsNyHQ2ik3+IBt+GQ7foTum203lh826hyrXKRqe1cya207d
+TJej/trR5AQUVMQ1I/I9l2ywOSrBTkKUdCL3S+e5h1+ONUejDyqaSGBfA/BQ8jq
6+EcabQnEhqZGi2eDxR/SdFoBQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGEp503X
5n5edFge4Ki+2vdX7+upMB8GA1UdIwQYMBaAFADBMeZotf6U7LQ5MYR6coqs6C1L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjUzRC84NkIwRDczRUY3
MUYxMUVBQUU5NkIyMjVDNEY5QUUwMi9BTUV4NW1pMV9wVHN0RGt4aEhweWlxem9M
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FNRXg1bWkxX3BUc3REa3hoSHB5aXF6b0xVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjI1M0QvODZCMEQ3M0VGNzFGMTFFQUFFOTZCMjI1QzRGOUFFMDIvNzZFQkQ0NTZG
NzIwMTFFQTg3NzZFQzI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnm7IwDQYJKoZIhvcNAQELBQADggEBAKkq3C/sfQBalQPF
giOLOxvWlhi3pFgXEGomzgZcIJCe3FcN3btMNEamUzwm9gTU6EHdQHFpTCl2Nri3
3cSXBqsxbowDUlybBn9B0zQJ0oTqsKBAPjLybtbZo5tNYxX2IpFEUWlDUXpfup/x
tS/JUITVOkirl86krJoIuepoJl77zMtryMj9Q4KzRnSXNrwxtD02wB1VJB0u0V0Y
FwEe2x8HdwCMvkkDdzA3BYLrJuDrFPEqMLLIgQiKXbzt5SeMX4M69ge8mbXULdkk
lcLQPGq7oWXYcA1tL+/Bz9Zy0YTwah8l9m43JwLE0nu7tPcDoPxPAe6K05d0m9jA
4Onsm7U=
-----END CERTIFICATE-----
Generated at Tue Dec 10 22:52:29 2024 by rpki-client on console-fra.rpki-client.org