Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/C13E824AC49F11EBAC936D7AC4F9AE02.roa
File:                     C13E824AC49F11EBAC936D7AC4F9AE02.roa (raw, json)
Hash identifier:          LhKQo3U+oEScw/Kkz5pzuY8n0wmOWUErN/K9Hepyn74=
Subject key identifier:   03:09:F2:E0:8D:AC:59:6B:95:1D:48:E0:64:F6:11:F5:7A:4A:E3:6D
Certificate issuer:       /CN=A91B625F/serialNumber=E155B82A87D28E877602F994F8FFD3E744AAF480
Certificate serial:       06CA
Authority key identifier: E1:55:B8:2A:87:D2:8E:87:76:02:F9:94:F8:FF:D3:E7:44:AA:F4:80
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4VW4KofSjod2AvmU-P_T50Sq9IA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/C13E824AC49F11EBAC936D7AC4F9AE02.roa
Signing time:             Mon 20 Nov 2023 22:50:23 +0000
ROA not before:           Mon 20 Nov 2023 22:50:23 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     141747
IP address blocks:        2406:9dc0:1010::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/4VW4KofSjod2AvmU-P_T50Sq9IA.crl
                          rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/4VW4KofSjod2AvmU-P_T50Sq9IA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4VW4KofSjod2AvmU-P_T50Sq9IA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 27 Nov 2024 20:33:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1738 (0x6ca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B625F/serialNumber=E155B82A87D28E877602F994F8FFD3E744AAF480
        Validity
            Not Before: Nov 20 22:50:23 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=655be2af-139f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:97:06:e2:a0:03:0c:5c:03:26:4d:32:c3:59:
                    1c:e8:0b:d3:6d:55:92:ac:a3:ba:6f:fb:6e:aa:33:
                    70:4d:cb:6f:52:b5:e8:1a:21:dd:a9:8e:41:56:65:
                    e3:87:32:c3:bf:13:73:8a:9f:0f:c9:4a:7d:13:fd:
                    8d:76:7f:9d:69:1b:22:b4:ac:49:6e:63:af:25:b2:
                    8b:f4:f9:d0:28:e6:12:2f:26:30:b8:08:f4:a1:7d:
                    58:56:7e:11:d8:ef:89:5a:08:16:b2:85:30:ed:f0:
                    9e:4f:3b:83:8a:fe:8a:fe:aa:63:97:18:45:fb:03:
                    19:14:13:86:0e:0b:be:08:0b:d1:10:df:f4:79:cf:
                    cd:85:cc:7d:3a:32:27:a5:8b:3c:8d:74:7b:f0:56:
                    49:b3:19:60:0a:56:c4:0c:f6:ae:63:1c:e8:bf:e6:
                    ed:2f:9f:a7:55:8c:52:ab:70:ca:a1:73:12:30:33:
                    3d:4d:84:4b:12:65:bf:33:a1:0d:73:65:c2:c2:cb:
                    47:71:79:9f:c0:e0:35:49:f7:a6:7b:3e:b5:89:b5:
                    2b:98:17:b2:b8:c3:44:e5:9d:7a:fd:7d:63:f3:f4:
                    0f:ed:71:67:49:78:19:d3:2f:d5:26:7e:b7:8d:89:
                    2a:56:54:7d:2c:01:d5:f0:24:41:3f:68:04:ee:f0:
                    de:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:09:F2:E0:8D:AC:59:6B:95:1D:48:E0:64:F6:11:F5:7A:4A:E3:6D
            X509v3 Authority Key Identifier:
                keyid:E1:55:B8:2A:87:D2:8E:87:76:02:F9:94:F8:FF:D3:E7:44:AA:F4:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/4VW4KofSjod2AvmU-P_T50Sq9IA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4VW4KofSjod2AvmU-P_T50Sq9IA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/C13E824AC49F11EBAC936D7AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:9dc0:1010::/44

    Signature Algorithm: sha256WithRSAEncryption
         72:f8:81:30:95:61:52:4f:9a:47:ab:2d:67:77:38:53:70:ca:
         90:64:12:8b:17:ea:be:95:ca:b4:66:4b:f5:c6:dc:d7:71:f4:
         e7:84:77:48:80:59:ca:1e:de:79:43:0d:6d:fc:90:68:06:ec:
         59:74:bb:8e:e0:52:cf:57:1a:23:16:6a:bb:7c:3b:bf:b6:cb:
         5f:2a:4c:0a:85:65:8d:67:58:18:40:4b:8c:cf:21:a9:42:e3:
         13:19:90:80:b5:f0:bf:fc:5c:03:39:09:2a:64:fd:53:98:6b:
         06:42:64:82:2c:13:d8:bc:56:a2:42:a2:52:66:76:b8:9f:39:
         e6:33:78:10:4a:0e:61:d0:f5:ca:90:cd:7a:07:2d:b3:1b:eb:
         fa:82:7c:6c:b9:54:2e:5d:df:59:5f:e0:b7:b3:78:55:6c:c9:
         ea:eb:9e:e0:b4:18:b0:d2:bc:24:e6:b7:1a:78:d0:ad:84:14:
         91:2b:a1:57:e5:07:62:22:2c:5b:22:70:7b:ee:36:10:e6:f4:
         fa:29:74:29:34:c5:12:92:e3:9f:d7:de:f7:6d:8b:d5:2f:9c:
         e7:36:da:d2:5b:e1:e0:d6:5e:d8:b6:37:ee:31:5d:d8:db:a0:
         9f:b7:0d:26:58:8b:fa:da:47:88:89:4e:99:4a:21:a5:f0:da:
         55:1e:c9:e7
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICBsowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjYyNUYxMTAvBgNVBAUTKEUxNTVCODJBODdEMjhFODc3NjAyRjk5NEY4RkZEM0U3
NDRBQUY0ODAwHhcNMjMxMTIwMjI1MDIzWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTViZTJhZi0xMzlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyJcG4qADDFwDJk0yw1kc6AvTbVWSrKO6b/tuqjNwTctvUrXoGiHdqY5BVmXj
hzLDvxNzip8PyUp9E/2Ndn+daRsitKxJbmOvJbKL9PnQKOYSLyYwuAj0oX1YVn4R
2O+JWggWsoUw7fCeTzuDiv6K/qpjlxhF+wMZFBOGDgu+CAvREN/0ec/Nhcx9OjIn
pYs8jXR78FZJsxlgClbEDPauYxzov+btL5+nVYxSq3DKoXMSMDM9TYRLEmW/M6EN
c2XCwstHcXmfwOA1Sfemez61ibUrmBeyuMNE5Z16/X1j8/QP7XFnSXgZ0y/VJn63
jYkqVlR9LAHV8CRBP2gE7vDePQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFAMJ8uCN
rFlrlR1I4GT2EfV6SuNtMB8GA1UdIwQYMBaAFOFVuCqH0o6HdgL5lPj/0+dEqvSA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjI1Ri8yMkQ5MUY3MjEx
Q0UxMUVCOEFEMDVBMkJDNEY5QUUwMi80Vlc0S29mU2pvZDJBdm1VLVBfVDUwU3E5
SUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRWVzRLb2ZTam9kMkF2bVUtUF9UNTBTcTlJQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjYyNUYvMjJEOTFGNzIxMUNFMTFFQjhBRDA1QTJCQzRGOUFFMDIvQzEzRTgyNEFD
NDlGMTFFQkFDOTM2RDdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQkBp3AEBAwDQYJKoZIhvcNAQELBQADggEBAHL4gTCVYVJP
mkerLWd3OFNwypBkEosX6r6VyrRmS/XG3Ndx9OeEd0iAWcoe3nlDDW38kGgG7Fl0
u47gUs9XGiMWart8O7+2y18qTAqFZY1nWBhAS4zPIalC4xMZkIC18L/8XAM5CSpk
/VOYawZCZIIsE9i8VqJColJmdrifOeYzeBBKDmHQ9cqQzXoHLbMb6/qCfGy5VC5d
31lf4LezeFVsyerrnuC0GLDSvCTmtxp40K2EFJEroVflB2IiLFsicHvuNhDm9Pop
dCk0xRKS45/X3vdti9UvnOc22tJb4eDWXti2N+4xXdjboJ+3DSZYi/raR4iJTplK
IaXw2lUeyec=
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:55:51 2024 by rpki-client on console-ams.rpki-client.org