Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/B6F19E94169A11EFA5557A2DC4F9AE02.roa
File:                     B6F19E94169A11EFA5557A2DC4F9AE02.roa (raw, json)
Hash identifier:          fYCEKAiD+0CbQbgCNRXdL37bQ/yzorg1n+JINWyYZdI=
Subject key identifier:   6F:0B:51:DA:4C:17:94:9A:A9:DA:30:0E:26:F9:5D:C9:FE:D5:2F:70
Certificate issuer:       /CN=A91C7C04/serialNumber=0AE222EC5E17A6E632B559D49C5B1EF332DA43CB
Certificate serial:       0614
Authority key identifier: 0A:E2:22:EC:5E:17:A6:E6:32:B5:59:D4:9C:5B:1E:F3:32:DA:43:CB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CuIi7F4XpuYytVnUnFse8zLaQ8s.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/B6F19E94169A11EFA5557A2DC4F9AE02.roa
Signing time:             Mon 20 May 2024 11:18:43 +0000
ROA not before:           Mon 20 May 2024 11:18:42 +0000
ROA not after:            Sun 02 Mar 2025 00:00:00 +0000
asID:                     134365
IP address blocks:        103.42.180.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/CuIi7F4XpuYytVnUnFse8zLaQ8s.crl
                          rsync://rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/CuIi7F4XpuYytVnUnFse8zLaQ8s.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CuIi7F4XpuYytVnUnFse8zLaQ8s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 00:23:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1556 (0x614)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C7C04/serialNumber=0AE222EC5E17A6E632B559D49C5B1EF332DA43CB
        Validity
            Not Before: May 20 11:18:42 2024 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=664b3192-b741
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:23:a0:13:6d:31:09:86:59:54:e9:8b:40:e1:
                    0d:04:11:73:9f:6a:74:ad:1e:3e:ba:d2:d6:e5:b0:
                    84:52:03:ae:df:ab:f7:6e:6b:bc:18:4a:ec:22:c6:
                    d5:74:2c:d7:37:86:3f:7e:49:5f:36:5a:6b:6c:df:
                    4f:75:15:09:33:18:ff:bb:40:0d:03:a2:d4:bd:90:
                    18:5c:2a:13:6b:4b:c0:dc:de:ce:15:fc:2f:2d:37:
                    b8:d8:d3:36:eb:fc:5f:bf:79:86:81:5b:6a:25:7b:
                    06:8b:8e:d9:b2:75:1c:9a:d6:03:77:97:bb:87:bc:
                    94:58:54:0f:59:07:c5:35:c7:9c:cc:2b:02:d3:0e:
                    e0:5b:55:bf:08:19:13:01:e0:a9:fb:52:6e:88:61:
                    55:de:a4:f4:74:92:b5:47:0c:81:44:d8:10:80:c9:
                    83:69:37:35:70:d3:39:b5:67:91:bb:2d:9c:7a:cb:
                    b6:0c:96:f0:30:9c:16:e9:09:49:73:75:01:17:f9:
                    18:99:ec:be:88:7b:56:d9:f0:31:c1:26:7d:1a:4f:
                    84:3b:e9:30:be:c4:41:c9:73:cf:e2:7a:26:17:32:
                    ac:24:37:da:c0:b4:a8:6d:d0:a2:07:a1:2e:b4:97:
                    82:98:38:01:00:f5:20:1d:6c:ee:1c:93:23:1d:f1:
                    51:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:0B:51:DA:4C:17:94:9A:A9:DA:30:0E:26:F9:5D:C9:FE:D5:2F:70
            X509v3 Authority Key Identifier:
                keyid:0A:E2:22:EC:5E:17:A6:E6:32:B5:59:D4:9C:5B:1E:F3:32:DA:43:CB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/CuIi7F4XpuYytVnUnFse8zLaQ8s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CuIi7F4XpuYytVnUnFse8zLaQ8s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/B6F19E94169A11EFA5557A2DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.42.180.0/22

    Signature Algorithm: sha256WithRSAEncryption
         71:4d:de:e1:1e:0a:e3:15:45:7e:d2:0c:d9:f8:1d:f2:dc:e1:
         88:dd:8b:08:b9:aa:40:68:5f:cb:dd:cb:49:38:8f:c6:76:25:
         16:f5:2f:3d:64:07:7d:ee:84:bb:24:30:55:ca:f7:e3:73:8c:
         93:6b:8a:6c:a2:42:ed:7b:f5:2d:27:25:bd:d8:cc:76:4f:22:
         98:1f:93:94:3c:77:1f:70:fe:03:91:2f:2b:c4:d0:fb:57:94:
         56:cb:6b:6b:be:9f:ae:f7:51:9e:d7:05:d2:0b:bc:0d:10:07:
         28:e9:8b:8f:e2:5a:23:94:89:d7:c3:fa:b3:a5:08:97:fd:0f:
         4f:33:6f:31:a3:8a:1c:e8:3f:a4:6a:7c:b6:9e:f9:2f:3e:ef:
         ec:00:04:a8:52:93:28:0e:fb:10:2a:51:e4:c5:b2:77:06:32:
         aa:56:f2:56:e6:e4:14:c2:c6:72:6f:0b:87:d1:f2:f4:33:db:
         54:27:59:7c:47:13:51:0e:7e:4b:34:3c:da:41:e6:20:cc:fe:
         77:ef:15:41:b3:92:a5:93:99:70:15:91:04:b0:cd:da:55:1f:
         c2:54:39:fa:25:1b:fe:92:15:18:b6:0b:06:da:3e:23:f9:22:
         5a:57:d2:75:e4:1e:5d:0e:3e:55:ed:b6:44:f9:04:b0:a0:08:
         8c:f5:79:92
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBhQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzdDMDQxMTAvBgNVBAUTKDBBRTIyMkVDNUUxN0E2RTYzMkI1NTlENDlDNUIxRUYz
MzJEQTQzQ0IwHhcNMjQwNTIwMTExODQyWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjRiMzE5Mi1iNzQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0SOgE20xCYZZVOmLQOENBBFzn2p0rR4+utLW5bCEUgOu36v3bmu8GErsIsbV
dCzXN4Y/fklfNlprbN9PdRUJMxj/u0ANA6LUvZAYXCoTa0vA3N7OFfwvLTe42NM2
6/xfv3mGgVtqJXsGi47ZsnUcmtYDd5e7h7yUWFQPWQfFNceczCsC0w7gW1W/CBkT
AeCp+1JuiGFV3qT0dJK1RwyBRNgQgMmDaTc1cNM5tWeRuy2cesu2DJbwMJwW6QlJ
c3UBF/kYmey+iHtW2fAxwSZ9Gk+EO+kwvsRByXPP4nomFzKsJDfawLSobdCiB6Eu
tJeCmDgBAPUgHWzuHJMjHfFRPQIDAQABo4IClTCCApEwHQYDVR0OBBYEFG8LUdpM
F5SaqdowDib5Xcn+1S9wMB8GA1UdIwQYMBaAFAriIuxeF6bmMrVZ1JxbHvMy2kPL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDN0MwNC9BMERCMzU1MjVG
QjQxMUVCQUI3QzZBMjNDNEY5QUUwMi9DdUlpN0Y0WHB1WXl0Vm5VbkZzZTh6TGFR
OHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0N1SWk3RjRYcHVZeXRWblVuRnNlOHpMYVE4cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzdDMDQvQTBEQjM1NTI1RkI0MTFFQkFCN0M2QTIzQzRGOUFFMDIvQjZGMTlFOTQx
NjlBMTFFRkE1NTU3QTJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnKrQwDQYJKoZIhvcNAQELBQADggEBAHFN3uEeCuMVRX7S
DNn4HfLc4Yjdiwi5qkBoX8vdy0k4j8Z2JRb1Lz1kB33uhLskMFXK9+NzjJNrimyi
Qu179S0nJb3YzHZPIpgfk5Q8dx9w/gORLyvE0PtXlFbLa2u+n673UZ7XBdILvA0Q
Byjpi4/iWiOUidfD+rOlCJf9D08zbzGjihzoP6RqfLae+S8+7+wABKhSkygO+xAq
UeTFsncGMqpW8lbm5BTCxnJvC4fR8vQz21QnWXxHE1EOfks0PNpB5iDM/nfvFUGz
kqWTmXAVkQSwzdpVH8JUOfolG/6SFRi2CwbaPiP5IlpX0nXkHl0OPlXttkT5BLCg
CIz1eZI=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:44:52 2024 by rpki-client on console-ams.rpki-client.org