Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B346D/70E26EA4CE6A11EBB0774E80C4F9AE02/C708809CD06E11EBBBC4C43DC4F9AE02.roa
File:                     C708809CD06E11EBBBC4C43DC4F9AE02.roa (raw, json)
Hash identifier:          pZZRucXea/Bi1z2KjphqV9FqwANOK9zrGxvef1TPkDI=
Subject key identifier:   74:D0:EB:1B:31:1D:4B:FA:35:A4:BB:23:70:7E:CC:82:8D:34:9C:3F
Certificate issuer:       /CN=A91B346D/serialNumber=FFA095A2F4A27CA4631BC239E57E7A405B456BFF
Certificate serial:       04EB
Authority key identifier: FF:A0:95:A2:F4:A2:7C:A4:63:1B:C2:39:E5:7E:7A:40:5B:45:6B:FF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_6CVovSifKRjG8I55X56QFtFa_8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B346D/70E26EA4CE6A11EBB0774E80C4F9AE02/C708809CD06E11EBBBC4C43DC4F9AE02.roa
Signing time:             Sat 25 May 2024 01:35:44 +0000
ROA not before:           Sat 25 May 2024 01:35:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     142037
IP address blocks:        103.165.92.0/24 maxlen: 24
                          2001:df6:6480::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B346D/70E26EA4CE6A11EBB0774E80C4F9AE02/_6CVovSifKRjG8I55X56QFtFa_8.crl
                          rsync://rpki.apnic.net/member_repository/A91B346D/70E26EA4CE6A11EBB0774E80C4F9AE02/_6CVovSifKRjG8I55X56QFtFa_8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_6CVovSifKRjG8I55X56QFtFa_8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1259 (0x4eb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B346D/serialNumber=FFA095A2F4A27CA4631BC239E57E7A405B456BFF
        Validity
            Not Before: May 25 01:35:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6651406f-c083
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:8f:fe:92:45:a8:f9:cb:2f:1e:5b:4c:29:09:
                    43:80:1d:fb:40:2d:08:e7:d6:08:13:27:78:59:e5:
                    9e:b1:6e:47:45:43:36:9f:c0:e8:da:e1:93:12:82:
                    32:56:fc:30:74:9b:2b:1d:5b:9f:dd:23:2d:0b:85:
                    96:1d:a2:c6:6c:83:f1:bc:c3:e5:2d:d4:db:e5:77:
                    43:40:5d:c9:68:f0:51:63:52:7c:4d:07:20:bd:c2:
                    b9:ba:52:ca:d1:13:a7:2e:be:3c:50:99:66:e3:d8:
                    69:8a:df:c2:b0:14:d5:96:da:b7:97:e1:45:49:30:
                    0e:2d:72:5e:de:12:64:cb:4e:1c:43:d2:94:f3:98:
                    0d:b6:34:3c:c9:55:fc:01:bb:43:6c:fc:a0:94:90:
                    bb:5c:04:ab:f7:bd:69:38:c9:bd:bb:02:70:00:fe:
                    a5:c4:d1:7c:a6:7c:3e:82:07:fc:ee:06:29:72:9a:
                    a1:76:df:fa:a0:56:a9:63:3f:aa:9b:f8:6c:e8:af:
                    9a:0a:a2:c9:7e:bd:ff:b6:f3:c1:f2:67:f6:f3:52:
                    30:c0:30:74:f3:61:37:b4:98:f1:9c:7e:39:9c:21:
                    c3:c8:15:77:da:ab:4e:39:fe:13:0d:ff:63:55:3f:
                    b4:27:3f:ca:29:44:06:c2:ad:0e:22:57:ae:c1:9c:
                    42:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:D0:EB:1B:31:1D:4B:FA:35:A4:BB:23:70:7E:CC:82:8D:34:9C:3F
            X509v3 Authority Key Identifier:
                keyid:FF:A0:95:A2:F4:A2:7C:A4:63:1B:C2:39:E5:7E:7A:40:5B:45:6B:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B346D/70E26EA4CE6A11EBB0774E80C4F9AE02/_6CVovSifKRjG8I55X56QFtFa_8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_6CVovSifKRjG8I55X56QFtFa_8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B346D/70E26EA4CE6A11EBB0774E80C4F9AE02/C708809CD06E11EBBBC4C43DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.165.92.0/24
                IPv6:
                  2001:df6:6480::/48

    Signature Algorithm: sha256WithRSAEncryption
         07:4f:98:37:35:d9:2f:49:fe:4a:4b:c3:a2:47:95:14:8b:05:
         63:3f:ba:fc:c7:b6:25:74:fa:90:a8:c4:ad:8c:d4:69:77:6f:
         f3:f8:4f:cd:82:d9:62:53:bd:13:f9:b2:10:a2:8c:33:a2:96:
         f9:dd:e7:7c:bf:c6:17:79:cb:f8:9c:39:05:45:4c:de:7d:32:
         58:e5:4d:a4:e2:da:ee:d7:f7:88:aa:df:be:e5:00:52:4f:db:
         45:17:23:d8:94:6d:3f:55:8f:a8:e8:b6:a6:99:23:80:5f:35:
         57:14:f8:48:2b:3f:60:c0:d0:a8:75:e5:ef:9f:e2:e0:14:ec:
         a5:55:71:5e:57:75:35:f8:04:1e:ab:7b:e8:a9:2c:1a:31:03:
         b2:9a:75:c7:0f:8f:a7:e5:c3:1b:55:c3:64:4b:39:de:36:14:
         c3:8e:7c:70:aa:2a:fd:23:62:df:f1:99:b5:05:b7:82:4d:32:
         99:6c:ae:12:a8:3b:75:42:9b:57:82:79:cd:da:5b:6d:d9:0f:
         92:a9:40:ee:d9:10:55:70:65:19:e8:97:dd:b8:a2:8c:60:7f:
         0c:0b:90:d7:6d:31:d4:c2:d0:7a:f1:fb:57:cb:14:90:c5:7d:
         61:fc:a1:59:43:6e:f0:f7:cb:81:8e:d8:f9:56:32:01:a3:8c:
         31:a0:c0:ba
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBOswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjM0NkQxMTAvBgNVBAUTKEZGQTA5NUEyRjRBMjdDQTQ2MzFCQzIzOUU1N0U3QTQw
NUI0NTZCRkYwHhcNMjQwNTI1MDEzNTQ0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjUxNDA2Zi1jMDgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx4/+kkWo+csvHltMKQlDgB37QC0I59YIEyd4WeWesW5HRUM2n8Do2uGTEoIy
VvwwdJsrHVuf3SMtC4WWHaLGbIPxvMPlLdTb5XdDQF3JaPBRY1J8TQcgvcK5ulLK
0ROnLr48UJlm49hpit/CsBTVltq3l+FFSTAOLXJe3hJky04cQ9KU85gNtjQ8yVX8
AbtDbPyglJC7XASr971pOMm9uwJwAP6lxNF8pnw+ggf87gYpcpqhdt/6oFapYz+q
m/hs6K+aCqLJfr3/tvPB8mf281IwwDB082E3tJjxnH45nCHDyBV32qtOOf4TDf9j
VT+0Jz/KKUQGwq0OIleuwZxCZwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFHTQ6xsx
HUv6NaS7I3B+zIKNNJw/MB8GA1UdIwQYMBaAFP+glaL0onykYxvCOeV+ekBbRWv/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMzQ2RC83MEUyNkVBNENF
NkExMUVCQjA3NzRFODBDNEY5QUUwMi9fNkNWb3ZTaWZLUmpHOEk1NVg1NlFGdEZh
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL182Q1ZvdlNpZktSakc4STU1WDU2UUZ0RmFfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjM0NkQvNzBFMjZFQTRDRTZBMTFFQkIwNzc0RTgwQzRGOUFFMDIvQzcwODgwOUNE
MDZFMTFFQkJCQzRDNDNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnpVwwDwQCAAIwCQMHACABDfZkgDANBgkqhkiG9w0BAQsF
AAOCAQEAB0+YNzXZL0n+SkvDokeVFIsFYz+6/Me2JXT6kKjErYzUaXdv8/hPzYLZ
YlO9E/myEKKMM6KW+d3nfL/GF3nL+Jw5BUVM3n0yWOVNpOLa7tf3iKrfvuUAUk/b
RRcj2JRtP1WPqOi2ppkjgF81VxT4SCs/YMDQqHXl75/i4BTspVVxXld1NfgEHqt7
6KksGjEDspp1xw+Pp+XDG1XDZEs53jYUw458cKoq/SNi3/GZtQW3gk0ymWyuEqg7
dUKbV4J5zdpbbdkPkqlA7tkQVXBlGeiX3biijGB/DAuQ120x1MLQevH7V8sUkMV9
YfyhWUNu8PfLgY7Y+VYyAaOMMaDAug==
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:49:37 2024 by rpki-client on console-fra.rpki-client.org