Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E01B2/6DE9F410B66311EC8D54A449C4F9AE02/A9906244B66611ECAF76DA4CC4F9AE02.roa
File:                     A9906244B66611ECAF76DA4CC4F9AE02.roa (raw, json)
Hash identifier:          2BMnSUaVbf1wtJhhxxVU6VnaQor23drbSv3U2jHE+g4=
Subject key identifier:   E9:12:09:B0:9B:A8:8F:42:16:9A:08:DF:CA:FD:97:F9:60:0F:02:EF
Certificate issuer:       /CN=A91E01B2/serialNumber=C7E5790B05E0D4D209DB43DC680FB788279814A9
Certificate serial:       01FB
Authority key identifier: C7:E5:79:0B:05:E0:D4:D2:09:DB:43:DC:68:0F:B7:88:27:98:14:A9
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x-V5CwXg1NIJ20PcaA-3iCeYFKk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E01B2/6DE9F410B66311EC8D54A449C4F9AE02/A9906244B66611ECAF76DA4CC4F9AE02.roa
Signing time:             Mon 03 Jul 2023 02:31:56 +0000
ROA not before:           Mon 03 Jul 2023 02:31:56 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     396982
IP address blocks:        103.73.115.0/24 maxlen: 24
                          103.232.218.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E01B2/6DE9F410B66311EC8D54A449C4F9AE02/x-V5CwXg1NIJ20PcaA-3iCeYFKk.crl
                          rsync://rpki.apnic.net/member_repository/A91E01B2/6DE9F410B66311EC8D54A449C4F9AE02/x-V5CwXg1NIJ20PcaA-3iCeYFKk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x-V5CwXg1NIJ20PcaA-3iCeYFKk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 03 Apr 2024 03:21:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 507 (0x1fb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E01B2/serialNumber=C7E5790B05E0D4D209DB43DC680FB788279814A9
        Validity
            Not Before: Jul  3 02:31:56 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=64a2331c-3fc3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:ff:ec:1d:fd:4b:9e:70:f1:63:3b:83:f2:0a:
                    81:61:9c:07:49:8a:c3:7c:b8:6f:f9:9f:a9:23:41:
                    1f:70:d4:3f:82:e7:27:0c:f7:b5:7b:65:86:92:17:
                    2a:f6:f3:d1:28:8e:1a:5b:dd:56:46:6e:07:77:bd:
                    7a:39:3a:10:fe:da:5b:7f:8e:21:95:16:b5:2b:1b:
                    a1:f2:d8:30:1a:cf:61:ef:46:31:e3:63:91:b1:80:
                    59:5e:87:a3:d7:a2:ae:c3:91:30:c1:63:3d:28:30:
                    d4:31:3e:c7:37:f8:56:ca:2c:48:bc:d9:57:a6:b2:
                    53:ec:f6:f3:92:7b:1a:f7:b0:4e:bc:a9:63:e5:4a:
                    ac:8d:99:15:8e:a2:bd:7f:1f:83:37:9d:cb:bb:d1:
                    4b:ac:74:c7:73:f7:25:64:a1:b0:d1:88:1c:6e:ba:
                    95:97:3f:e6:bf:4c:51:8e:71:a8:a1:06:91:46:b2:
                    00:cf:e1:ed:d4:4f:b8:83:18:6d:8a:c9:d2:b9:94:
                    eb:aa:cb:c7:c1:56:d7:5d:bc:62:e3:af:ea:27:86:
                    bc:0f:ca:3a:f8:b6:1e:5a:f8:22:0d:61:6d:1e:e3:
                    69:03:b3:90:b4:3a:30:a7:79:48:e6:e1:8e:08:94:
                    68:1d:9a:be:24:7c:54:32:6e:eb:44:bd:07:4e:4a:
                    c9:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:12:09:B0:9B:A8:8F:42:16:9A:08:DF:CA:FD:97:F9:60:0F:02:EF
            X509v3 Authority Key Identifier:
                keyid:C7:E5:79:0B:05:E0:D4:D2:09:DB:43:DC:68:0F:B7:88:27:98:14:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E01B2/6DE9F410B66311EC8D54A449C4F9AE02/x-V5CwXg1NIJ20PcaA-3iCeYFKk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x-V5CwXg1NIJ20PcaA-3iCeYFKk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E01B2/6DE9F410B66311EC8D54A449C4F9AE02/A9906244B66611ECAF76DA4CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.73.115.0/24
                  103.232.218.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:46:b2:57:ac:6b:02:d0:f2:15:71:1e:5a:25:a1:65:3c:e6:
         d3:58:bd:03:42:fe:52:f2:cc:d9:55:f5:7c:3d:26:8b:de:e7:
         22:a8:a2:de:df:16:3e:cb:1d:c2:bb:b6:4e:d4:81:8f:8a:2b:
         4c:b3:1a:06:c5:a6:ef:b4:62:45:6e:69:eb:f2:4c:03:e8:e1:
         55:9d:b0:b0:f2:9b:c0:7c:13:c4:c9:e0:55:74:a9:1d:a3:31:
         a5:97:ad:ee:58:7d:9d:44:f4:1e:3d:34:cc:a8:df:3c:fd:10:
         6d:11:f3:c0:08:fd:6b:d5:8a:1e:a3:5f:ba:0d:f2:e5:94:4b:
         f6:de:a6:79:ae:cd:a3:61:2b:d0:56:1b:5d:27:43:3d:78:10:
         c5:fe:a2:67:32:b8:da:a5:43:f1:08:94:48:d5:24:b5:88:b5:
         44:10:b8:6a:ef:00:4d:51:6c:bb:70:b9:73:9d:bf:4b:6b:2d:
         34:f8:f1:a6:b7:7d:4d:4c:58:62:04:b4:24:f0:b8:ea:af:2a:
         e8:8d:86:c1:39:e8:fd:b9:18:63:55:f7:70:d1:6d:a7:d3:95:
         2e:1a:9b:26:29:8c:3f:4b:09:47:ad:22:74:69:3c:fd:32:15:
         99:1d:13:73:c4:6f:1c:ae:e0:66:bb:f1:f7:9a:95:e1:ba:d8:
         f6:15:1e:16
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAfswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTAxQjIxMTAvBgNVBAUTKEM3RTU3OTBCMDVFMEQ0RDIwOURCNDNEQzY4MEZCNzg4
Mjc5ODE0QTkwHhcNMjMwNzAzMDIzMTU2WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGEyMzMxYy0zZmMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy//sHf1LnnDxYzuD8gqBYZwHSYrDfLhv+Z+pI0EfcNQ/gucnDPe1e2WGkhcq
9vPRKI4aW91WRm4Hd716OToQ/tpbf44hlRa1Kxuh8tgwGs9h70Yx42ORsYBZXoej
16Kuw5EwwWM9KDDUMT7HN/hWyixIvNlXprJT7Pbzknsa97BOvKlj5UqsjZkVjqK9
fx+DN53Lu9FLrHTHc/clZKGw0YgcbrqVlz/mv0xRjnGooQaRRrIAz+Ht1E+4gxht
isnSuZTrqsvHwVbXXbxi46/qJ4a8D8o6+LYeWvgiDWFtHuNpA7OQtDowp3lI5uGO
CJRoHZq+JHxUMm7rRL0HTkrJHQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFOkSCbCb
qI9CFpoI38r9l/lgDwLvMB8GA1UdIwQYMBaAFMfleQsF4NTSCdtD3GgPt4gnmBSp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDFCMi82REU5RjQxMEI2
NjMxMUVDOEQ1NEE0NDlDNEY5QUUwMi94LVY1Q3dYZzFOSUoyMFBjYUEtM2lDZVlG
S2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3gtVjVDd1hnMU5JSjIwUGNhQS0zaUNlWUZLay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTAxQjIvNkRFOUY0MTBCNjYzMTFFQzhENTRBNDQ5QzRGOUFFMDIvQTk5MDYyNDRC
NjY2MTFFQ0FGNzZEQTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnSXMDBABn6NowDQYJKoZIhvcNAQELBQADggEBAINGsles
awLQ8hVxHloloWU85tNYvQNC/lLyzNlV9Xw9Jove5yKoot7fFj7LHcK7tk7UgY+K
K0yzGgbFpu+0YkVuaevyTAPo4VWdsLDym8B8E8TJ4FV0qR2jMaWXre5YfZ1E9B49
NMyo3zz9EG0R88AI/WvVih6jX7oN8uWUS/bepnmuzaNhK9BWG10nQz14EMX+omcy
uNqlQ/EIlEjVJLWItUQQuGrvAE1RbLtwuXOdv0trLTT48aa3fU1MWGIEtCTwuOqv
KuiNhsE56P25GGNV93DRbafTlS4amyYpjD9LCUetInRpPP0yFZkdE3PEbxyu4Ga7
8fealeG62PYVHhY=
-----END CERTIFICATE-----
Generated at Wed Mar 27 04:41:39 2024 by rpki-client on console-ams.rpki-client.org