Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/216DB034DE9711EC9289256FC4F9AE02.roa
File:                     216DB034DE9711EC9289256FC4F9AE02.roa (raw, json)
Hash identifier:          hTxACudFmaxhiuRlVpfSZ+VLRwh/VJm74WXND1tMFVQ=
Subject key identifier:   DA:C4:33:7D:7B:02:6F:E9:B7:B0:6D:84:25:4C:6F:C4:8C:87:30:37
Certificate issuer:       /CN=A91DEB81/serialNumber=7776612A43C22D0A66B8F13680B3058BED5D9892
Certificate serial:       0327
Authority key identifier: 77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/216DB034DE9711EC9289256FC4F9AE02.roa
Signing time:             Wed 27 Dec 2023 02:14:37 +0000
ROA not before:           Wed 27 Dec 2023 02:14:37 +0000
ROA not after:            Sun 02 Mar 2025 00:00:00 +0000
asID:                     136526
IP address blocks:        103.254.74.0/24 maxlen: 24
                          192.51.188.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl
                          rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 27 Nov 2024 20:33:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 807 (0x327)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DEB81/serialNumber=7776612A43C22D0A66B8F13680B3058BED5D9892
        Validity
            Not Before: Dec 27 02:14:37 2023 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=658b888d-e81d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:46:98:78:a2:2b:dd:79:2e:b4:fa:27:d1:04:
                    f1:61:92:f8:41:5e:80:07:bd:53:5e:d7:95:f2:8c:
                    6d:17:7b:34:f1:0f:46:b8:2e:11:9a:2d:98:a6:c6:
                    dd:01:87:f2:c9:e0:a7:0f:d7:20:6f:9f:e3:95:01:
                    2b:02:30:ef:4c:cb:d5:b8:93:a2:8f:a0:7d:b8:bc:
                    d5:fa:b8:06:ff:ba:12:92:85:2d:c4:97:65:58:98:
                    d5:9e:f7:65:2e:35:11:2b:68:d6:3b:9e:2f:de:ce:
                    d0:50:65:c9:5c:03:92:5c:eb:38:c4:6f:2d:16:67:
                    5d:88:19:4c:09:52:d3:1f:fd:b3:67:4f:80:3e:94:
                    55:92:27:18:2a:d9:f1:bf:41:74:f6:e6:9e:c7:6e:
                    d8:4e:70:4c:2f:f6:b1:30:5a:ec:98:97:40:b2:4c:
                    cd:0f:9d:9b:fc:66:5c:64:4b:51:e8:5e:95:61:60:
                    c7:f7:a9:14:a0:d2:f8:ae:78:89:1b:78:86:1a:ee:
                    62:b4:bd:6f:ea:bd:49:a4:53:77:8f:a3:99:8d:ad:
                    ed:82:9b:c6:70:7c:e4:eb:fb:04:cf:35:39:d2:0d:
                    ae:bf:0d:ad:45:73:d7:f0:23:8d:b8:10:7e:a8:fc:
                    e3:4a:98:a6:29:40:6a:5c:d3:92:a4:a1:e3:a3:05:
                    3b:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:C4:33:7D:7B:02:6F:E9:B7:B0:6D:84:25:4C:6F:C4:8C:87:30:37
            X509v3 Authority Key Identifier:
                keyid:77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/216DB034DE9711EC9289256FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.254.74.0/24
                  192.51.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:9a:be:d3:ed:66:91:ef:82:e0:d2:c9:bc:79:f3:e3:ad:8a:
         04:e4:8f:a5:bf:6d:ca:2e:ff:0a:5e:38:6c:ed:f9:83:89:fd:
         cd:15:77:75:f2:c1:b9:5c:7d:3a:db:2b:80:d6:e1:8a:b8:01:
         05:5f:f4:2b:95:d5:09:61:e9:3e:1c:59:1c:a9:53:47:b4:30:
         bf:cb:76:91:f7:09:49:79:86:fc:5f:a9:48:51:28:79:50:de:
         7b:11:17:16:71:33:8b:ac:9b:b8:61:30:2d:2a:95:36:83:d5:
         d4:7a:dc:3c:33:10:6b:c0:ce:32:5b:87:a3:7d:ef:00:9e:40:
         2d:11:6a:a1:ce:47:28:99:af:aa:a3:b0:69:f7:ea:94:a9:54:
         9f:9e:5f:2a:9a:0a:ce:c8:d5:c6:09:d1:79:b0:db:47:2a:53:
         b5:71:44:60:10:9a:a3:8b:13:c1:2f:19:2e:8d:dc:22:22:a1:
         09:5d:86:4f:d9:3f:52:73:07:b2:43:9f:3b:1a:d8:55:3b:bb:
         34:85:ca:e5:42:82:f2:ed:27:8a:8e:dd:fe:08:d8:0f:61:dd:
         34:87:37:42:f2:0b:a9:9b:90:ca:fa:db:a5:f6:15:a7:61:cd:
         a9:c4:76:48:b6:fe:df:18:8f:09:51:96:cb:e8:0f:3b:bb:5d:
         7d:77:e9:f2
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAycwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REVCODExMTAvBgNVBAUTKDc3NzY2MTJBNDNDMjJEMEE2NkI4RjEzNjgwQjMwNThC
RUQ1RDk4OTIwHhcNMjMxMjI3MDIxNDM3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NThiODg4ZC1lODFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA10aYeKIr3XkutPon0QTxYZL4QV6AB71TXteV8oxtF3s08Q9GuC4Rmi2Ypsbd
AYfyyeCnD9cgb5/jlQErAjDvTMvVuJOij6B9uLzV+rgG/7oSkoUtxJdlWJjVnvdl
LjURK2jWO54v3s7QUGXJXAOSXOs4xG8tFmddiBlMCVLTH/2zZ0+APpRVkicYKtnx
v0F09uaex27YTnBML/axMFrsmJdAskzND52b/GZcZEtR6F6VYWDH96kUoNL4rniJ
G3iGGu5itL1v6r1JpFN3j6OZja3tgpvGcHzk6/sEzzU50g2uvw2tRXPX8CONuBB+
qPzjSpimKUBqXNOSpKHjowU7XwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNrEM317
Am/pt7BthCVMb8SMhzA3MB8GA1UdIwQYMBaAFHd2YSpDwi0KZrjxNoCzBYvtXZiS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUI4MS9DRjk2NjNDNjcw
RjcxMUVDQjMxOEU0M0FDNEY5QUUwMi9kM1poS2tQQ0xRcG11UEUyZ0xNRmktMWRt
SkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2QzWmhLa1BDTFFwbXVQRTJnTE1GaS0xZG1KSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REVCODEvQ0Y5NjYzQzY3MEY3MTFFQ0IzMThFNDNBQzRGOUFFMDIvMjE2REIwMzRE
RTk3MTFFQzkyODkyNTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABn/koDBADAM7wwDQYJKoZIhvcNAQELBQADggEBABeavtPt
ZpHvguDSybx58+OtigTkj6W/bcou/wpeOGzt+YOJ/c0Vd3XywblcfTrbK4DW4Yq4
AQVf9CuV1Qlh6T4cWRypU0e0ML/LdpH3CUl5hvxfqUhRKHlQ3nsRFxZxM4usm7hh
MC0qlTaD1dR63DwzEGvAzjJbh6N97wCeQC0RaqHORyiZr6qjsGn36pSpVJ+eXyqa
Cs7I1cYJ0Xmw20cqU7VxRGAQmqOLE8EvGS6N3CIioQldhk/ZP1JzB7JDnzsa2FU7
uzSFyuVCgvLtJ4qO3f4I2A9h3TSHN0LyC6mbkMr626X2FadhzanEdki2/t8YjwlR
lsvoDzu7XX136fI=
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:26:05 2024 by rpki-client on console-ams.rpki-client.org