Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/350FEB88D40611EDADEE3D1EC4F9AE02.roa
File:                     350FEB88D40611EDADEE3D1EC4F9AE02.roa (raw, json)
Hash identifier:          EMqyfxPHhDkEirOZ3LxPHg+w+AohZeB5bS2RIkYA/qk=
Subject key identifier:   4D:B0:05:80:F1:04:F8:75:6D:43:0F:08:81:33:6C:27:08:D8:C1:8B
Certificate issuer:       /CN=A91D51A0/serialNumber=C6EABEB93E1D06E2C32E1C4CBE147CFB39992539
Certificate serial:       0332
Authority key identifier: C6:EA:BE:B9:3E:1D:06:E2:C3:2E:1C:4C:BE:14:7C:FB:39:99:25:39
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xuq-uT4dBuLDLhxMvhR8-zmZJTk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/350FEB88D40611EDADEE3D1EC4F9AE02.roa
Signing time:             Fri 01 Mar 2024 03:05:08 +0000
ROA not before:           Fri 01 Mar 2024 03:05:08 +0000
ROA not after:            Thu 01 May 2025 00:00:00 +0000
asID:                     151062
IP address blocks:        2400:54a0:2a00::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/xuq-uT4dBuLDLhxMvhR8-zmZJTk.crl
                          rsync://rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/xuq-uT4dBuLDLhxMvhR8-zmZJTk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xuq-uT4dBuLDLhxMvhR8-zmZJTk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 May 2024 02:50:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 818 (0x332)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D51A0/serialNumber=C6EABEB93E1D06E2C32E1C4CBE147CFB39992539
        Validity
            Not Before: Mar  1 03:05:08 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=65e145e4-7581
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:e9:b1:a4:63:53:c9:76:4b:53:14:5c:c7:b1:
                    66:23:45:a4:4e:7b:00:b9:8e:0f:1c:81:89:43:fe:
                    52:85:80:4e:fa:3e:ea:f7:77:af:b7:72:f1:25:19:
                    41:e1:d9:4f:8d:63:66:ec:f7:6b:79:9e:46:a8:d9:
                    fd:76:02:b0:78:22:55:dc:70:d7:23:db:2b:d4:44:
                    f1:42:ad:39:8c:14:cf:1b:30:d3:2f:70:d4:77:04:
                    dc:08:93:5c:7b:82:38:bc:99:0c:d5:6c:26:58:d2:
                    37:0c:04:4f:00:d0:50:62:da:ce:44:ff:a9:39:8a:
                    0c:85:05:54:05:fb:fc:a2:bd:7b:fa:57:d2:1e:e4:
                    c9:b3:75:ff:88:42:50:11:e7:ce:73:43:4c:80:c5:
                    7d:6d:94:e2:57:04:fd:8b:56:ee:46:b3:3b:08:6d:
                    9c:5b:ba:12:e8:c8:4a:9a:e4:10:8a:da:a9:a8:ae:
                    2a:d3:22:ae:9e:d7:2c:68:51:95:4a:09:7b:21:ed:
                    6e:58:58:3e:1c:9d:40:6a:89:f8:26:2e:28:d7:7a:
                    85:14:2f:32:1a:34:06:6a:27:9d:07:5b:b0:0d:42:
                    3c:a3:59:b0:8b:40:4c:9f:72:dc:2f:9f:6d:d2:42:
                    9b:cd:38:2f:a2:a5:d1:4e:8c:43:0c:82:ad:be:3c:
                    47:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:B0:05:80:F1:04:F8:75:6D:43:0F:08:81:33:6C:27:08:D8:C1:8B
            X509v3 Authority Key Identifier:
                keyid:C6:EA:BE:B9:3E:1D:06:E2:C3:2E:1C:4C:BE:14:7C:FB:39:99:25:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/xuq-uT4dBuLDLhxMvhR8-zmZJTk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xuq-uT4dBuLDLhxMvhR8-zmZJTk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/350FEB88D40611EDADEE3D1EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:54a0:2a00::/44

    Signature Algorithm: sha256WithRSAEncryption
         9e:6c:14:cc:82:17:99:c6:17:41:90:21:c3:78:0d:80:e1:c7:
         b8:12:74:40:84:44:17:cd:5c:b6:39:67:7b:38:9a:d9:2d:33:
         3e:fc:fe:a4:90:fc:df:09:30:10:68:d6:78:9b:f3:0c:fe:b5:
         e5:4b:97:a0:e0:da:e6:25:a1:a2:40:16:3a:fc:45:1f:8c:18:
         dd:8e:67:00:06:3b:1c:58:01:73:f9:ce:cd:87:4e:27:1e:01:
         e7:cf:45:ba:e7:5a:f1:79:49:89:0b:4c:b7:3e:36:c8:01:5d:
         c8:cc:79:68:c5:cf:ae:46:db:0f:5d:08:da:66:87:b8:f7:b8:
         21:44:b5:c5:f1:e1:90:eb:e6:ba:eb:f7:a0:2e:33:51:bd:70:
         54:a5:fe:78:e4:2e:43:9e:2c:36:9c:a0:25:3d:d7:3a:e1:66:
         aa:5d:1d:7b:32:35:2c:4b:73:09:b9:86:ff:16:c8:34:ff:9b:
         31:a4:98:07:59:88:8a:37:a1:09:d0:a5:1d:07:6a:6d:c3:22:
         03:7a:ba:b5:4a:55:a6:be:b7:8b:f5:75:e8:e6:b4:31:80:6f:
         18:53:f1:91:6b:6b:7b:b0:4a:11:27:70:fe:e5:99:61:1a:58:
         cb:ec:3e:f7:5f:99:4a:9e:8a:99:bd:08:ce:4c:db:1d:67:fa:
         b7:99:f6:84
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAzIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDUxQTAxMTAvBgNVBAUTKEM2RUFCRUI5M0UxRDA2RTJDMzJFMUM0Q0JFMTQ3Q0ZC
Mzk5OTI1MzkwHhcNMjQwMzAxMDMwNTA4WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUxNDVlNC03NTgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoumxpGNTyXZLUxRcx7FmI0WkTnsAuY4PHIGJQ/5ShYBO+j7q93evt3LxJRlB
4dlPjWNm7PdreZ5GqNn9dgKweCJV3HDXI9sr1ETxQq05jBTPGzDTL3DUdwTcCJNc
e4I4vJkM1WwmWNI3DARPANBQYtrORP+pOYoMhQVUBfv8or17+lfSHuTJs3X/iEJQ
EefOc0NMgMV9bZTiVwT9i1buRrM7CG2cW7oS6MhKmuQQitqpqK4q0yKuntcsaFGV
Sgl7Ie1uWFg+HJ1Aaon4Ji4o13qFFC8yGjQGaiedB1uwDUI8o1mwi0BMn3LcL59t
0kKbzTgvoqXRToxDDIKtvjxHKwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFE2wBYDx
BPh1bUMPCIEzbCcI2MGLMB8GA1UdIwQYMBaAFMbqvrk+HQbiwy4cTL4UfPs5mSU5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTFBMC83QzUzOTEwQzdG
ODQxMUVDODA1MThFNTFDNEY5QUUwMi94dXEtdVQ0ZEJ1TERMaHhNdmhSOC16bVpK
VGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h1cS11VDRkQnVMRExoeE12aFI4LXptWkpUay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDUxQTAvN0M1MzkxMEM3Rjg0MTFFQzgwNTE4RTUxQzRGOUFFMDIvMzUwRkVCODhE
NDA2MTFFREFERUUzRDFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQkAFSgKgAwDQYJKoZIhvcNAQELBQADggEBAJ5sFMyCF5nG
F0GQIcN4DYDhx7gSdECERBfNXLY5Z3s4mtktMz78/qSQ/N8JMBBo1nib8wz+teVL
l6Dg2uYloaJAFjr8RR+MGN2OZwAGOxxYAXP5zs2HTiceAefPRbrnWvF5SYkLTLc+
NsgBXcjMeWjFz65G2w9dCNpmh7j3uCFEtcXx4ZDr5rrr96AuM1G9cFSl/njkLkOe
LDacoCU91zrhZqpdHXsyNSxLcwm5hv8WyDT/mzGkmAdZiIo3oQnQpR0Ham3DIgN6
urVKVaa+t4v1dejmtDGAbxhT8ZFra3uwShEncP7lmWEaWMvsPvdfmUqeipm9CM5M
2x1n+reZ9oQ=
-----END CERTIFICATE-----
Generated at Sun May 19 03:48:52 2024 by rpki-client on console-fra.rpki-client.org