Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B653B/29383CDEC20C11EAB812A01AC4F9AE02/2015E6B2C66F11EAA0B1B019C4F9AE02.roa
File:                     2015E6B2C66F11EAA0B1B019C4F9AE02.roa (raw, json)
Hash identifier:          UR1VNNIL2Jtpf585UHu33VQKoA2N0pYarJyInownUiU=
Subject key identifier:   1B:BC:83:91:33:2D:D0:74:82:2E:48:1A:03:70:FB:63:83:B3:F8:0F
Certificate issuer:       /CN=A91B653B/serialNumber=BCAE5732EF219732B49AC8284DB1814E92C86B11
Certificate serial:       0710
Authority key identifier: BC:AE:57:32:EF:21:97:32:B4:9A:C8:28:4D:B1:81:4E:92:C8:6B:11
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vK5XMu8hlzK0msgoTbGBTpLIaxE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B653B/29383CDEC20C11EAB812A01AC4F9AE02/2015E6B2C66F11EAA0B1B019C4F9AE02.roa
Signing time:             Tue 06 Jun 2023 23:35:34 +0000
ROA not before:           Tue 06 Jun 2023 23:35:34 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        103.150.161.0/24 maxlen: 24
                          103.161.77.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B653B/29383CDEC20C11EAB812A01AC4F9AE02/vK5XMu8hlzK0msgoTbGBTpLIaxE.crl
                          rsync://rpki.apnic.net/member_repository/A91B653B/29383CDEC20C11EAB812A01AC4F9AE02/vK5XMu8hlzK0msgoTbGBTpLIaxE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vK5XMu8hlzK0msgoTbGBTpLIaxE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 21:46:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1808 (0x710)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B653B/serialNumber=BCAE5732EF219732B49AC8284DB1814E92C86B11
        Validity
            Not Before: Jun  6 23:35:34 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=647fc2c6-276d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:6b:7b:33:5c:17:50:8a:11:ea:41:f5:8c:d5:
                    e1:ca:e9:1a:ae:e3:48:2f:fc:eb:e0:4d:3c:cf:af:
                    e7:aa:4f:37:5d:97:87:62:d7:a8:39:f9:15:72:f1:
                    a3:e7:21:a3:b7:b9:fa:17:31:de:04:8b:9b:f5:c5:
                    54:04:bb:b9:ad:eb:4b:33:3e:34:81:a4:92:91:15:
                    ea:ed:e6:58:5a:bf:c4:3a:08:ac:83:c2:7f:3e:05:
                    a8:21:33:d8:c5:f0:1c:69:2d:6d:46:51:d2:46:dc:
                    62:4f:67:b6:79:a7:d0:0c:3e:16:5a:14:1b:22:c2:
                    7c:4e:e3:0c:77:32:17:14:2d:2e:2c:2a:25:81:09:
                    75:0f:26:9a:92:f4:fa:f8:73:c7:84:d8:c0:d9:b3:
                    a2:37:bc:f2:6f:2e:f4:5a:3a:4b:84:96:d1:cc:43:
                    eb:cc:70:a3:cb:db:03:65:7c:e5:f9:f9:b1:6d:79:
                    c4:18:b7:18:f3:6b:e6:f5:c6:30:30:17:79:4a:50:
                    04:92:79:ba:7c:60:77:20:b6:b8:6f:02:02:bc:85:
                    2a:38:0e:d8:bb:f4:91:56:70:8b:8f:72:a2:76:13:
                    e0:48:77:be:6c:0e:71:4b:06:23:00:8f:5c:b9:b6:
                    58:a6:e2:48:91:10:d2:69:1f:fc:a5:d2:cb:a1:7e:
                    3d:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:BC:83:91:33:2D:D0:74:82:2E:48:1A:03:70:FB:63:83:B3:F8:0F
            X509v3 Authority Key Identifier:
                keyid:BC:AE:57:32:EF:21:97:32:B4:9A:C8:28:4D:B1:81:4E:92:C8:6B:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B653B/29383CDEC20C11EAB812A01AC4F9AE02/vK5XMu8hlzK0msgoTbGBTpLIaxE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vK5XMu8hlzK0msgoTbGBTpLIaxE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B653B/29383CDEC20C11EAB812A01AC4F9AE02/2015E6B2C66F11EAA0B1B019C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.150.161.0/24
                  103.161.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:7a:f0:72:fc:b8:e4:92:60:80:28:da:a8:1c:a2:0b:9b:81:
         02:36:f2:85:c7:4a:6e:72:76:90:05:93:1f:22:b0:02:37:e5:
         3d:79:8a:2c:f1:ec:85:92:b9:2b:76:d0:4f:5c:11:bd:a7:cb:
         0e:0b:11:48:6c:ca:d1:eb:72:54:d7:fa:e0:3f:08:85:d4:91:
         a6:9e:87:78:30:79:77:b6:63:eb:c4:2a:32:43:eb:6c:5b:16:
         ab:5a:c7:70:a2:6c:89:e8:92:bd:b7:8e:88:f4:fa:53:73:58:
         f3:45:a2:4c:3c:1d:82:c8:c4:91:c0:b9:8b:34:45:96:2d:03:
         18:99:be:8e:12:ee:47:a8:c3:69:f5:dd:cf:2d:23:b8:48:b3:
         bb:48:a2:b3:f3:27:81:47:ca:ff:06:f4:11:05:b2:16:af:89:
         ed:5d:c9:74:4f:ac:11:14:1a:b3:af:7e:b9:7b:53:95:b1:f7:
         6a:07:4f:13:9d:7e:aa:c4:0e:b9:b6:7f:8b:bc:75:eb:70:0a:
         c2:e9:0c:5f:04:a0:d8:c3:f3:59:2b:a2:1c:00:f5:2e:00:9e:
         91:05:40:3b:cb:af:df:5f:a1:be:1c:9d:e2:15:f7:6c:d9:8b:
         d0:eb:65:63:23:ab:dd:53:d8:bb:d2:54:8f:05:77:66:2f:7e:
         6c:e2:6d:e4
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBxAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjY1M0IxMTAvBgNVBAUTKEJDQUU1NzMyRUYyMTk3MzJCNDlBQzgyODREQjE4MTRF
OTJDODZCMTEwHhcNMjMwNjA2MjMzNTM0WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdmYzJjNi0yNzZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzmt7M1wXUIoR6kH1jNXhyukaruNIL/zr4E08z6/nqk83XZeHYteoOfkVcvGj
5yGjt7n6FzHeBIub9cVUBLu5retLMz40gaSSkRXq7eZYWr/EOgisg8J/PgWoITPY
xfAcaS1tRlHSRtxiT2e2eafQDD4WWhQbIsJ8TuMMdzIXFC0uLColgQl1DyaakvT6
+HPHhNjA2bOiN7zyby70WjpLhJbRzEPrzHCjy9sDZXzl+fmxbXnEGLcY82vm9cYw
MBd5SlAEknm6fGB3ILa4bwICvIUqOA7Yu/SRVnCLj3KidhPgSHe+bA5xSwYjAI9c
ubZYpuJIkRDSaR/8pdLLoX49SwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBu8g5Ez
LdB0gi5IGgNw+2ODs/gPMB8GA1UdIwQYMBaAFLyuVzLvIZcytJrIKE2xgU6SyGsR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjUzQi8yOTM4M0NERUMy
MEMxMUVBQjgxMkEwMUFDNEY5QUUwMi92SzVYTXU4aGx6SzBtc2dvVGJHQlRwTElh
eEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZLNVhNdThobHpLMG1zZ29UYkdCVHBMSWF4RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjY1M0IvMjkzODNDREVDMjBDMTFFQUI4MTJBMDFBQzRGOUFFMDIvMjAxNUU2QjJD
NjZGMTFFQUEwQjFCMDE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnlqEDBABnoU0wDQYJKoZIhvcNAQELBQADggEBAGR68HL8
uOSSYIAo2qgcogubgQI28oXHSm5ydpAFkx8isAI35T15iizx7IWSuSt20E9cEb2n
yw4LEUhsytHrclTX+uA/CIXUkaaeh3gweXe2Y+vEKjJD62xbFqtax3CibInokr23
joj0+lNzWPNFokw8HYLIxJHAuYs0RZYtAxiZvo4S7keow2n13c8tI7hIs7tIorPz
J4FHyv8G9BEFshavie1dyXRPrBEUGrOvfrl7U5Wx92oHTxOdfqrEDrm2f4u8detw
CsLpDF8EoNjD81krohwA9S4AnpEFQDvLr99fob4cneIV92zZi9DrZWMjq91T2LvS
VI8Fd2YvfmzibeQ=
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:55:57 2024 by rpki-client on console-ams.rpki-client.org