Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91BDA06/2BFC8948713611E9869DBF10C4F9AE02/DCE5E9CA713611E9A71D3311C4F9AE02.roa
File:                     DCE5E9CA713611E9A71D3311C4F9AE02.roa (raw, json)
Hash identifier:          MfoY7jUmOisar1psO6c2ywlJIDw6cqEA61WVzaSNP5A=
Subject key identifier:   24:A2:5E:AE:EE:5B:DA:BD:03:FC:85:73:8A:E7:A1:86:CB:DC:C3:DD
Certificate issuer:       /CN=A91BDA06/serialNumber=7CF92898033021E03B3B93C0EEB88213C7FB5EC5
Certificate serial:       0E40
Authority key identifier: 7C:F9:28:98:03:30:21:E0:3B:3B:93:C0:EE:B8:82:13:C7:FB:5E:C5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fPkomAMwIeA7O5PA7riCE8f7XsU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BDA06/2BFC8948713611E9869DBF10C4F9AE02/DCE5E9CA713611E9A71D3311C4F9AE02.roa
Signing time:             Fri 02 Feb 2024 18:36:48 +0000
ROA not before:           Fri 02 Feb 2024 18:36:48 +0000
ROA not after:            Thu 01 May 2025 00:00:00 +0000
asID:                     136480
IP address blocks:        103.134.204.0/22 maxlen: 22
                          103.134.204.0/24 maxlen: 24
                          103.134.205.0/24 maxlen: 24
                          103.134.206.0/24 maxlen: 24
                          103.134.207.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91BDA06/2BFC8948713611E9869DBF10C4F9AE02/fPkomAMwIeA7O5PA7riCE8f7XsU.crl
                          rsync://rpki.apnic.net/member_repository/A91BDA06/2BFC8948713611E9869DBF10C4F9AE02/fPkomAMwIeA7O5PA7riCE8f7XsU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fPkomAMwIeA7O5PA7riCE8f7XsU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 17:39:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3648 (0xe40)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BDA06/serialNumber=7CF92898033021E03B3B93C0EEB88213C7FB5EC5
        Validity
            Not Before: Feb  2 18:36:48 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=65bd3640-683c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:99:23:3a:59:36:bf:0c:fc:c1:34:aa:57:13:
                    50:82:49:5c:14:82:32:1e:e2:b2:d0:ea:8e:a6:50:
                    a4:2e:1e:b6:44:fd:f8:aa:90:92:c2:f3:1f:f3:79:
                    32:58:d6:14:4c:0b:a3:c4:a0:fb:d5:92:1e:20:bc:
                    aa:72:68:3d:a0:0a:3d:46:10:53:ea:3e:00:2b:91:
                    d3:5a:81:10:68:0b:07:88:f3:b3:04:47:50:7f:c1:
                    06:54:ab:ae:f0:98:54:6d:97:37:46:f5:b7:1d:6d:
                    d9:40:4b:5a:1b:e9:60:c6:59:1a:70:62:ed:33:59:
                    af:1f:74:4a:17:cf:7e:36:0c:f7:37:58:53:5a:b0:
                    f9:d8:37:6a:da:c7:67:e2:cb:75:97:b4:71:f7:8e:
                    9a:66:51:89:7b:7d:8b:29:f4:7d:95:69:b1:6f:54:
                    51:fd:d3:a9:55:99:87:19:71:ba:63:e3:8f:5a:2e:
                    ad:ba:e7:ee:85:83:a7:87:4a:eb:32:33:49:51:d1:
                    54:61:08:b3:99:80:02:c9:3d:a7:ce:ef:45:a8:2c:
                    aa:71:6e:20:8d:66:fa:fc:d0:6e:3e:28:47:0d:43:
                    fe:b6:fd:ff:e0:7c:85:c9:ee:e9:b7:83:ef:b1:5e:
                    e6:e3:10:b3:26:3f:bb:8e:25:c8:94:0f:e3:5e:c7:
                    08:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:A2:5E:AE:EE:5B:DA:BD:03:FC:85:73:8A:E7:A1:86:CB:DC:C3:DD
            X509v3 Authority Key Identifier:
                keyid:7C:F9:28:98:03:30:21:E0:3B:3B:93:C0:EE:B8:82:13:C7:FB:5E:C5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BDA06/2BFC8948713611E9869DBF10C4F9AE02/fPkomAMwIeA7O5PA7riCE8f7XsU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fPkomAMwIeA7O5PA7riCE8f7XsU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BDA06/2BFC8948713611E9869DBF10C4F9AE02/DCE5E9CA713611E9A71D3311C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.134.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         40:73:be:c7:be:18:8d:81:28:1b:7f:04:11:86:d0:05:9f:8e:
         d5:44:ab:ad:15:84:30:b9:06:2a:65:cd:39:4e:7c:1f:38:88:
         da:ee:e4:1f:71:68:37:62:e9:48:d6:ea:31:71:9e:1a:09:6a:
         53:4f:f3:a9:37:51:94:31:1c:78:a3:bd:02:47:0c:92:63:cc:
         03:93:05:b2:39:af:7b:51:6a:82:71:10:89:0a:0f:56:a6:0b:
         4a:de:32:e1:b2:5f:ce:06:65:05:be:75:78:55:d9:cf:e9:dd:
         cd:87:68:91:6c:16:c4:e6:96:4d:ba:ca:6b:0f:b3:b0:b4:a0:
         1f:ce:2d:ca:eb:1a:6a:25:c1:cf:1c:ef:da:5e:2a:83:36:7a:
         78:64:cf:5f:99:84:e1:c3:69:18:9a:a7:e1:2a:8f:1f:36:75:
         3d:08:87:71:f5:c5:79:46:54:fa:9a:0c:9b:59:23:c7:e5:cf:
         95:7e:5d:eb:55:96:07:ee:cd:51:71:27:c1:0e:be:20:e3:0d:
         86:c5:ad:19:86:8f:00:ff:3f:fd:42:73:47:ca:f5:09:66:03:
         d7:2d:a9:1d:94:8c:cb:12:88:32:41:7a:1d:3d:31:3a:61:4f:
         b5:d1:a2:13:2b:20:26:d6:e1:81:dd:bc:85:81:c5:be:65:65:
         9a:0c:b3:dc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDkAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkRBMDYxMTAvBgNVBAUTKDdDRjkyODk4MDMzMDIxRTAzQjNCOTNDMEVFQjg4MjEz
QzdGQjVFQzUwHhcNMjQwMjAyMTgzNjQ4WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWJkMzY0MC02ODNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2JkjOlk2vwz8wTSqVxNQgklcFIIyHuKy0OqOplCkLh62RP34qpCSwvMf83ky
WNYUTAujxKD71ZIeILyqcmg9oAo9RhBT6j4AK5HTWoEQaAsHiPOzBEdQf8EGVKuu
8JhUbZc3RvW3HW3ZQEtaG+lgxlkacGLtM1mvH3RKF89+Ngz3N1hTWrD52Ddq2sdn
4st1l7Rx946aZlGJe32LKfR9lWmxb1RR/dOpVZmHGXG6Y+OPWi6tuufuhYOnh0rr
MjNJUdFUYQizmYACyT2nzu9FqCyqcW4gjWb6/NBuPihHDUP+tv3/4HyFye7pt4Pv
sV7m4xCzJj+7jiXIlA/jXscIqQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCSiXq7u
W9q9A/yFc4rnoYbL3MPdMB8GA1UdIwQYMBaAFHz5KJgDMCHgOzuTwO64ghPH+17F
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCREEwNi8yQkZDODk0ODcx
MzYxMUU5ODY5REJGMTBDNEY5QUUwMi9mUGtvbUFNd0llQTdPNVBBN3JpQ0U4ZjdY
c1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZQa29tQU13SWVBN081UEE3cmlDRThmN1hzVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkRBMDYvMkJGQzg5NDg3MTM2MTFFOTg2OURCRjEwQzRGOUFFMDIvRENFNUU5Q0E3
MTM2MTFFOUE3MUQzMzExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnhswwDQYJKoZIhvcNAQELBQADggEBAEBzvse+GI2BKBt/
BBGG0AWfjtVEq60VhDC5BiplzTlOfB84iNru5B9xaDdi6UjW6jFxnhoJalNP86k3
UZQxHHijvQJHDJJjzAOTBbI5r3tRaoJxEIkKD1amC0reMuGyX84GZQW+dXhV2c/p
3c2HaJFsFsTmlk26ymsPs7C0oB/OLcrrGmolwc8c79peKoM2enhkz1+ZhOHDaRia
p+Eqjx82dT0Ih3H1xXlGVPqaDJtZI8flz5V+XetVlgfuzVFxJ8EOviDjDYbFrRmG
jwD/P/1Cc0fK9QlmA9ctqR2UjMsSiDJBeh09MTphT7XRohMrICbW4YHdvIWBxb5l
ZZoMs9w=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:16 2024 by rpki-client on console-ams.rpki-client.org