Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/550A6608F0A311EC8FE9181CC4F9AE02.roa
File:                     550A6608F0A311EC8FE9181CC4F9AE02.roa (raw, json)
Hash identifier:          +1RcTc3avE+DL63nOTXkmvZkmHBKxVaY+ilmzrItjsI=
Subject key identifier:   9D:05:1C:CE:BD:AC:88:82:0B:05:50:44:76:26:69:7E:0A:97:C0:95
Certificate issuer:       /CN=A91C9945/serialNumber=868ECB6425DA83328892E57BB0DF644E1AEB73B3
Certificate serial:       014C
Authority key identifier: 86:8E:CB:64:25:DA:83:32:88:92:E5:7B:B0:DF:64:4E:1A:EB:73:B3
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ho7LZCXagzKIkuV7sN9kThrrc7M.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/550A6608F0A311EC8FE9181CC4F9AE02.roa
Signing time:             Wed 03 May 2023 06:26:40 +0000
ROA not before:           Wed 03 May 2023 06:26:40 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        45.248.52.0/24 maxlen: 24
                          45.248.55.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/ho7LZCXagzKIkuV7sN9kThrrc7M.crl
                          rsync://rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/ho7LZCXagzKIkuV7sN9kThrrc7M.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ho7LZCXagzKIkuV7sN9kThrrc7M.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 02:50:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 332 (0x14c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C9945/serialNumber=868ECB6425DA83328892E57BB0DF644E1AEB73B3
        Validity
            Not Before: May  3 06:26:40 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=6451fe9f-a859
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:6b:f9:2f:51:4c:3e:05:ae:29:6d:74:18:38:
                    db:8b:9b:8f:53:02:c9:6f:ba:1c:1e:fe:ea:45:eb:
                    68:1f:cd:4e:57:ee:93:ec:e3:79:69:76:a3:86:99:
                    8b:2c:5c:51:1e:e2:9c:a2:f0:b8:10:59:1d:0a:2f:
                    6a:40:e4:49:38:ef:c2:78:e2:a4:65:2b:35:8e:c4:
                    d4:88:c5:26:0e:4f:71:cd:e2:c2:44:cf:5a:02:51:
                    fd:0f:40:41:cb:0a:c6:d1:fa:ee:ff:5d:2d:45:12:
                    9f:0c:d0:50:95:ba:4f:d5:f6:2f:2d:e4:83:db:2d:
                    0d:d4:15:d6:0e:e2:cb:21:d0:8e:ad:cc:7f:83:3f:
                    0a:6b:9b:3d:36:31:73:58:cf:18:35:93:2b:ad:c7:
                    d3:48:3b:c9:f6:1a:a8:6e:ce:48:80:77:eb:d9:01:
                    fb:7c:80:e9:7d:c4:f6:ff:f8:91:8c:ba:5d:77:cc:
                    5d:f4:56:fb:53:f2:32:e8:5f:a5:65:f4:df:c4:75:
                    f1:0a:be:59:b4:24:28:b0:72:01:3c:55:4c:fc:e2:
                    8a:d8:96:f2:b2:d8:43:10:bc:ff:67:a6:0c:c7:ef:
                    e4:bd:b6:18:4c:bb:70:1c:52:ca:a2:59:e6:6b:f8:
                    bd:89:d2:f3:bc:e1:aa:95:22:87:d5:16:12:42:51:
                    7f:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:05:1C:CE:BD:AC:88:82:0B:05:50:44:76:26:69:7E:0A:97:C0:95
            X509v3 Authority Key Identifier:
                keyid:86:8E:CB:64:25:DA:83:32:88:92:E5:7B:B0:DF:64:4E:1A:EB:73:B3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/ho7LZCXagzKIkuV7sN9kThrrc7M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ho7LZCXagzKIkuV7sN9kThrrc7M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/550A6608F0A311EC8FE9181CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.248.52.0/24
                  45.248.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:17:e7:a6:26:3e:a5:68:24:6d:80:67:c9:14:7d:e2:54:d1:
         c3:49:33:27:ca:5a:01:99:eb:fd:4f:32:34:89:33:9a:41:3d:
         1e:6f:cc:a7:4b:54:21:a5:81:2a:5c:55:66:60:71:e7:ee:e3:
         e0:c6:cc:ee:8a:86:e1:16:b5:e9:98:a0:cd:77:31:7d:fa:c9:
         c8:06:30:14:cb:76:e1:a8:be:56:15:1a:13:d1:97:ca:36:7c:
         d2:cd:be:a4:4c:f8:6f:ae:5c:d8:4f:c9:88:15:be:3e:06:3a:
         62:11:68:7d:7b:d0:3a:ea:a1:4c:9a:f6:9a:30:b6:8c:98:d5:
         7e:14:5c:ce:68:a4:b4:fb:a5:6b:40:fa:7c:5b:98:6f:73:8f:
         a9:e9:03:fd:1a:bd:1f:9c:51:c8:73:75:86:17:d0:e2:c1:a3:
         05:eb:ca:91:8d:f8:c6:c9:d9:cf:ce:6e:ae:df:ac:54:e5:d0:
         43:08:39:7b:97:81:6c:86:d8:4f:8d:f3:f8:35:87:49:24:04:
         8d:da:01:78:a1:df:2d:78:d0:80:ed:d5:f0:62:b7:07:53:f9:
         5b:5a:f4:ee:13:3f:7f:72:65:d4:f0:9d:cf:6e:5f:fe:06:4c:
         51:2f:9a:91:ac:51:1b:31:6e:ee:36:3e:a7:6a:83:5f:67:c5:
         d0:ae:a5:7b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAUwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qzk5NDUxMTAvBgNVBAUTKDg2OEVDQjY0MjVEQTgzMzI4ODkyRTU3QkIwREY2NDRF
MUFFQjczQjMwHhcNMjMwNTAzMDYyNjQwWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDUxZmU5Zi1hODU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzmv5L1FMPgWuKW10GDjbi5uPUwLJb7ocHv7qRetoH81OV+6T7ON5aXajhpmL
LFxRHuKcovC4EFkdCi9qQORJOO/CeOKkZSs1jsTUiMUmDk9xzeLCRM9aAlH9D0BB
ywrG0fru/10tRRKfDNBQlbpP1fYvLeSD2y0N1BXWDuLLIdCOrcx/gz8Ka5s9NjFz
WM8YNZMrrcfTSDvJ9hqobs5IgHfr2QH7fIDpfcT2//iRjLpdd8xd9Fb7U/Iy6F+l
ZfTfxHXxCr5ZtCQosHIBPFVM/OKK2JbysthDELz/Z6YMx+/kvbYYTLtwHFLKolnm
a/i9idLzvOGqlSKH1RYSQlF/WQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJ0FHM69
rIiCCwVQRHYmaX4Kl8CVMB8GA1UdIwQYMBaAFIaOy2Ql2oMyiJLle7DfZE4a63Oz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTk0NS9CQzAwQzhGMkYw
OUUxMUVDQUVFNzNFMTlDNEY5QUUwMi9obzdMWkNYYWd6S0lrdVY3c045a1RocnJj
N00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hvN0xaQ1hhZ3pLSWt1VjdzTjlrVGhycmM3TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qzk5NDUvQkMwMEM4RjJGMDlFMTFFQ0FFRTczRTE5QzRGOUFFMDIvNTUwQTY2MDhG
MEEzMTFFQzhGRTkxODFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAt+DQDBAAt+DcwDQYJKoZIhvcNAQELBQADggEBAFYX56Ym
PqVoJG2AZ8kUfeJU0cNJMyfKWgGZ6/1PMjSJM5pBPR5vzKdLVCGlgSpcVWZgcefu
4+DGzO6KhuEWtemYoM13MX36ycgGMBTLduGovlYVGhPRl8o2fNLNvqRM+G+uXNhP
yYgVvj4GOmIRaH170DrqoUya9powtoyY1X4UXM5opLT7pWtA+nxbmG9zj6npA/0a
vR+cUchzdYYX0OLBowXrypGN+MbJ2c/Obq7frFTl0EMIOXuXgWyG2E+N8/g1h0kk
BI3aAXih3y140IDt1fBitwdT+Vta9O4TP39yZdTwnc9uX/4GTFEvmpGsURsxbu42
Pqdqg19nxdCupXs=
-----END CERTIFICATE-----
Generated at Fri Mar 29 04:21:40 2024 by rpki-client on console-fra.rpki-client.org