Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/005C56227B2411EEBB6FC444C4F9AE02.roa
File:                     005C56227B2411EEBB6FC444C4F9AE02.roa (raw, json)
Hash identifier:          ygn3AzAbyKGDLM38q1a8apRTOB+aa/2tjm4v2oP2AYk=
Subject key identifier:   28:9A:E4:1C:E3:32:CA:D1:D3:4F:25:19:9B:71:9D:EB:D6:5A:84:24
Certificate issuer:       /CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Certificate serial:       B3
Authority key identifier: 45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/005C56227B2411EEBB6FC444C4F9AE02.roa
Signing time:             Sat 04 Nov 2023 15:08:25 +0000
ROA not before:           Sat 04 Nov 2023 15:08:25 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     399641
IP address blocks:        125.62.78.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.crl
                          rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 08 Mar 2024 06:09:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 179 (0xb3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
        Validity
            Not Before: Nov  4 15:08:25 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=65465e69-6a37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:51:0f:cc:09:56:51:ed:1d:a8:35:b8:80:a7:
                    70:4a:86:a7:dc:e0:18:08:fb:ba:de:70:e7:c7:5d:
                    68:0b:81:19:e0:83:eb:12:87:56:15:bd:7a:fa:97:
                    f3:71:8a:9b:ff:05:d4:92:7b:81:ad:6b:1f:90:e8:
                    b4:54:a8:9a:3f:ed:ef:1f:bb:25:de:d5:51:6d:c8:
                    bc:22:be:50:be:fd:0d:7e:f6:e2:22:b9:70:18:18:
                    fb:02:46:0b:ab:a1:0e:35:51:77:c3:cf:e0:ab:e4:
                    f5:5b:4e:52:4d:c7:64:1c:8a:09:21:74:c1:09:a4:
                    c2:59:e1:ff:33:81:de:5e:78:f7:e0:8b:40:86:51:
                    97:eb:ee:fc:ed:09:68:c4:60:ef:9f:b2:5b:0f:5e:
                    3f:da:1d:41:dc:b2:3d:77:3d:a4:ee:9b:c9:ed:47:
                    93:a8:10:9b:e6:9a:57:df:28:c8:81:15:d8:04:69:
                    6e:6d:83:02:00:86:3a:39:ff:1c:43:08:5a:74:cd:
                    1e:12:8a:1e:21:1a:bb:95:f6:5e:3b:1d:c3:5d:cd:
                    42:07:ed:5b:46:01:05:94:ca:ef:6c:8e:85:23:63:
                    27:23:dc:0a:06:36:88:ae:b1:c5:3f:13:7a:85:2c:
                    df:8f:22:46:d8:a0:f5:93:96:bc:7a:c5:6c:1f:8f:
                    f2:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:9A:E4:1C:E3:32:CA:D1:D3:4F:25:19:9B:71:9D:EB:D6:5A:84:24
            X509v3 Authority Key Identifier:
                keyid:45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/005C56227B2411EEBB6FC444C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  125.62.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:8d:32:d1:b8:5d:50:0c:f9:13:88:09:4c:4b:75:7a:68:21:
         4e:e8:23:d5:b1:14:85:d7:67:8e:e3:f6:6f:8c:76:c9:9f:66:
         5b:57:1f:d5:fa:04:65:16:79:be:48:4c:4b:ff:6f:7d:ea:96:
         9f:c7:da:86:71:0e:4b:6e:1e:92:62:ef:d9:ee:61:20:21:3c:
         64:51:8f:6f:f4:8c:6b:bd:28:a9:db:13:86:88:81:e4:f5:74:
         27:2f:cc:09:64:2a:51:d2:21:64:b4:79:52:e7:69:ab:5d:fd:
         c3:7e:8d:49:27:82:4c:51:9b:50:f8:cd:29:fe:5e:dc:c7:fc:
         f3:d3:bd:f8:6c:40:65:6a:51:7a:e2:37:d5:1a:c4:0d:03:de:
         1b:cf:a8:9c:f0:78:82:dc:a0:b2:b8:2e:df:d2:19:0c:79:ec:
         d5:04:04:ae:2b:bd:7d:b1:51:30:c0:88:8d:b0:3c:a4:8e:0e:
         30:a4:ec:ce:3f:ab:86:0c:e1:f6:6e:87:d9:7d:b4:04:2e:44:
         8d:13:39:e8:e1:9c:60:8c:76:68:0f:77:83:a0:d2:57:35:d4:
         de:da:a6:72:8d:8f:28:f9:91:69:3a:8e:1a:51:26:9e:e9:c1:
         25:66:1a:da:42:2f:b3:d1:d7:8e:8e:96:ed:86:91:40:10:87:
         fd:98:ea:9b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICALMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzY1NTAxMTAvBgNVBAUTKDQ1NkVFQTA2OTJDNkE0RjI2RjUzRDJEMjM3RDFDQjRE
Q0Q3ODMzMDUwHhcNMjMxMTA0MTUwODI1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ2NWU2OS02YTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApVEPzAlWUe0dqDW4gKdwSoan3OAYCPu63nDnx11oC4EZ4IPrEodWFb16+pfz
cYqb/wXUknuBrWsfkOi0VKiaP+3vH7sl3tVRbci8Ir5Qvv0NfvbiIrlwGBj7AkYL
q6EONVF3w8/gq+T1W05STcdkHIoJIXTBCaTCWeH/M4HeXnj34ItAhlGX6+787Qlo
xGDvn7JbD14/2h1B3LI9dz2k7pvJ7UeTqBCb5ppX3yjIgRXYBGlubYMCAIY6Of8c
QwhadM0eEooeIRq7lfZeOx3DXc1CB+1bRgEFlMrvbI6FI2MnI9wKBjaIrrHFPxN6
hSzfjyJG2KD1k5a8esVsH4/yNwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCia5Bzj
MsrR008lGZtxnevWWoQkMB8GA1UdIwQYMBaAFEVu6gaSxqTyb1PS0jfRy03NeDMF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjU1MC84NDAwOTU0QUNF
QzQxMUVEOEE4M0ZCMTFDNEY5QUUwMi9SVzdxQnBMR3BQSnZVOUxTTjlITFRjMTRN
d1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JXN3FCcExHcFBKdlU5TFNOOUhMVGMxNE13VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzY1NTAvODQwMDk1NEFDRUM0MTFFRDhBODNGQjExQzRGOUFFMDIvMDA1QzU2MjI3
QjI0MTFFRUJCNkZDNDQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB9Pk4wDQYJKoZIhvcNAQELBQADggEBAJaNMtG4XVAM+ROI
CUxLdXpoIU7oI9WxFIXXZ47j9m+MdsmfZltXH9X6BGUWeb5ITEv/b33qlp/H2oZx
DktuHpJi79nuYSAhPGRRj2/0jGu9KKnbE4aIgeT1dCcvzAlkKlHSIWS0eVLnaatd
/cN+jUkngkxRm1D4zSn+XtzH/PPTvfhsQGVqUXriN9UaxA0D3hvPqJzweILcoLK4
Lt/SGQx57NUEBK4rvX2xUTDAiI2wPKSODjCk7M4/q4YM4fZuh9l9tAQuRI0TOejh
nGCMdmgPd4Og0lc11N7apnKNjyj5kWk6jhpRJp7pwSVmGtpCL7PR146Olu2GkUAQ
h/2Y6ps=
-----END CERTIFICATE-----
Generated at Fri Mar 1 06:44:58 2024 by rpki-client on console-ams.rpki-client.org