Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5B46/BA0B8430028811E5AE1E4761C4F9AE02/E2E360EEF3EE11ECBAE10054C4F9AE02.roa
File:                     E2E360EEF3EE11ECBAE10054C4F9AE02.roa (raw, json)
Hash identifier:          12dSzAt0pVOt5wwidTcnY5rhtJ+1Oe5cm3E7SduE+YU=
Subject key identifier:   5D:8D:58:EF:79:B3:29:94:DD:5C:4E:40:1F:62:C8:2B:E6:F7:EA:B5
Certificate issuer:       /CN=A91C5B46/serialNumber=56CD32D13F8CAE1E92F9C97F395F1A23ABB9C6F7
Certificate serial:       2504
Authority key identifier: 56:CD:32:D1:3F:8C:AE:1E:92:F9:C9:7F:39:5F:1A:23:AB:B9:C6:F7
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vs0y0T-Mrh6S-cl_OV8aI6u5xvc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C5B46/BA0B8430028811E5AE1E4761C4F9AE02/E2E360EEF3EE11ECBAE10054C4F9AE02.roa
Signing time:             Thu 18 Apr 2024 16:22:59 +0000
ROA not before:           Thu 18 Apr 2024 16:22:59 +0000
ROA not after:            Mon 31 Mar 2025 00:00:00 +0000
asID:                     6453
IP address blocks:        123.136.16.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C5B46/BA0B8430028811E5AE1E4761C4F9AE02/Vs0y0T-Mrh6S-cl_OV8aI6u5xvc.crl
                          rsync://rpki.apnic.net/member_repository/A91C5B46/BA0B8430028811E5AE1E4761C4F9AE02/Vs0y0T-Mrh6S-cl_OV8aI6u5xvc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vs0y0T-Mrh6S-cl_OV8aI6u5xvc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 27 Nov 2024 15:43:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9476 (0x2504)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C5B46/serialNumber=56CD32D13F8CAE1E92F9C97F395F1A23ABB9C6F7
        Validity
            Not Before: Apr 18 16:22:59 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=662148e3-f90e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:f4:09:ce:6c:fc:0b:40:94:18:0f:d6:7d:d9:
                    3f:92:0d:a1:6d:bf:3d:29:ca:5f:ec:38:06:80:50:
                    9d:f2:da:26:5c:b5:d4:3b:db:6e:5a:1b:75:f8:3b:
                    5d:15:ba:2e:50:4c:1b:30:fd:48:38:f9:ed:3e:f9:
                    b6:89:e2:5d:fa:88:b0:83:fd:55:f6:a2:23:16:f5:
                    54:01:2f:14:2e:39:d6:3a:fd:87:64:1a:ed:85:eb:
                    f4:6a:36:7f:2c:b5:06:2e:2e:3e:65:c1:c7:e9:9b:
                    d5:4c:d7:57:ec:93:c8:99:3c:ce:31:3f:18:81:c9:
                    1a:94:84:3f:99:66:65:ab:36:19:8a:5b:20:b3:a7:
                    44:38:b6:8b:9d:fb:6b:29:7f:94:0a:af:b1:9e:08:
                    af:9c:8b:c7:a1:fb:64:5a:a9:04:e5:4a:b7:00:f0:
                    df:bd:b0:70:92:96:e2:c4:12:ea:7e:e0:a7:e0:c2:
                    37:68:9e:7a:b1:89:95:7c:51:36:5e:91:e6:b7:c7:
                    bf:d8:f9:8d:8d:c9:26:21:74:9d:09:e7:fb:4c:17:
                    38:1f:c8:f0:61:da:85:3d:d9:d1:04:83:36:d4:03:
                    b6:dc:4f:fd:de:1d:b2:79:1f:b6:6a:fa:fb:22:72:
                    33:6f:77:5a:89:40:64:20:8b:57:1c:ba:b6:9f:bf:
                    53:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:8D:58:EF:79:B3:29:94:DD:5C:4E:40:1F:62:C8:2B:E6:F7:EA:B5
            X509v3 Authority Key Identifier:
                keyid:56:CD:32:D1:3F:8C:AE:1E:92:F9:C9:7F:39:5F:1A:23:AB:B9:C6:F7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C5B46/BA0B8430028811E5AE1E4761C4F9AE02/Vs0y0T-Mrh6S-cl_OV8aI6u5xvc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vs0y0T-Mrh6S-cl_OV8aI6u5xvc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5B46/BA0B8430028811E5AE1E4761C4F9AE02/E2E360EEF3EE11ECBAE10054C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.136.16.0/21

    Signature Algorithm: sha256WithRSAEncryption
         9e:c3:28:6f:81:69:ea:80:01:a1:3b:9d:1a:ce:a6:e5:62:f0:
         3d:92:f3:b1:f9:cf:7d:21:05:3d:fe:e4:63:0f:cd:dd:bf:2b:
         e5:f0:5b:97:1a:33:82:c4:ac:81:14:5f:a5:ae:bb:6b:db:b0:
         2f:c4:d4:60:e3:eb:63:16:57:73:d7:b8:6f:53:49:15:8f:29:
         3d:93:b2:e0:28:63:ec:fc:d2:86:ab:70:08:8d:07:2d:8b:05:
         81:74:a8:ba:52:62:db:ac:e4:aa:43:eb:86:15:86:cc:7c:91:
         3d:b1:93:a7:82:2e:bb:bc:a0:56:c5:78:e1:4d:4e:aa:a7:ee:
         41:b9:30:f1:3a:a8:a5:48:bc:c6:ac:ee:ad:2f:64:c8:bd:c8:
         cc:ae:a6:4a:22:94:64:51:74:cc:8a:c7:0c:17:b7:90:d6:f8:
         cf:52:09:23:cd:49:ef:ff:0c:78:38:e5:d9:23:f4:c8:73:72:
         f5:56:0d:10:80:22:2f:7c:67:f9:38:37:49:92:96:02:0a:25:
         a8:06:35:aa:9e:17:bd:3b:16:5a:c9:d2:0a:c8:f4:8c:41:33:
         ae:a1:65:d8:4b:a8:06:fc:c3:e5:0c:77:fa:a7:67:10:d1:65:
         02:78:2d:bb:98:3f:51:75:e7:26:a8:36:af:ed:b3:3b:40:7a:
         cc:9a:21:c5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJQQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzVCNDYxMTAvBgNVBAUTKDU2Q0QzMkQxM0Y4Q0FFMUU5MkY5Qzk3RjM5NUYxQTIz
QUJCOUM2RjcwHhcNMjQwNDE4MTYyMjU5WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjIxNDhlMy1mOTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArvQJzmz8C0CUGA/Wfdk/kg2hbb89Kcpf7DgGgFCd8tomXLXUO9tuWht1+Dtd
FbouUEwbMP1IOPntPvm2ieJd+oiwg/1V9qIjFvVUAS8ULjnWOv2HZBrthev0ajZ/
LLUGLi4+ZcHH6ZvVTNdX7JPImTzOMT8YgckalIQ/mWZlqzYZilsgs6dEOLaLnftr
KX+UCq+xngivnIvHoftkWqkE5Uq3APDfvbBwkpbixBLqfuCn4MI3aJ56sYmVfFE2
XpHmt8e/2PmNjckmIXSdCef7TBc4H8jwYdqFPdnRBIM21AO23E/93h2yeR+2avr7
InIzb3daiUBkIItXHLq2n79TKQIDAQABo4IClTCCApEwHQYDVR0OBBYEFF2NWO95
symU3VxOQB9iyCvm9+q1MB8GA1UdIwQYMBaAFFbNMtE/jK4ekvnJfzlfGiOrucb3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNUI0Ni9CQTBCODQzMDAy
ODgxMUU1QUUxRTQ3NjFDNEY5QUUwMi9WczB5MFQtTXJoNlMtY2xfT1Y4YUk2dTV4
dmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZzMHkwVC1Ncmg2Uy1jbF9PVjhhSTZ1NXh2Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzVCNDYvQkEwQjg0MzAwMjg4MTFFNUFFMUU0NzYxQzRGOUFFMDIvRTJFMzYwRUVG
M0VFMTFFQ0JBRTEwMDU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAN7iBAwDQYJKoZIhvcNAQELBQADggEBAJ7DKG+BaeqAAaE7
nRrOpuVi8D2S87H5z30hBT3+5GMPzd2/K+XwW5caM4LErIEUX6Wuu2vbsC/E1GDj
62MWV3PXuG9TSRWPKT2TsuAoY+z80oarcAiNBy2LBYF0qLpSYtus5KpD64YVhsx8
kT2xk6eCLru8oFbFeOFNTqqn7kG5MPE6qKVIvMas7q0vZMi9yMyupkoilGRRdMyK
xwwXt5DW+M9SCSPNSe//DHg45dkj9MhzcvVWDRCAIi98Z/k4N0mSlgIKJagGNaqe
F707FlrJ0grI9IxBM66hZdhLqAb8w+UMd/qnZxDRZQJ4LbuYP1F15yaoNq/tsztA
esyaIcU=
-----END CERTIFICATE-----
Generated at Wed Nov 20 18:45:05 2024 by rpki-client on console-fra.rpki-client.org