Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E04FE/86A6F654B73F11EEAF12B87BC4F9AE02/5EE215CCC33D11EE97B67979C4F9AE02.roa
File:                     5EE215CCC33D11EE97B67979C4F9AE02.roa (raw, json)
Hash identifier:          8bgWpkcwwSpnHyrkYsdyUAYCC4K6G1edvEayFTb1/1Q=
Subject key identifier:   77:B0:56:BB:41:14:9F:C0:A6:81:49:DC:45:1A:1D:0D:66:B5:EB:64
Certificate issuer:       /CN=A91E04FE/serialNumber=2883741B0F5BCA764F4D3C83D3ED6A0F27CD2298
Certificate serial:       0F
Authority key identifier: 28:83:74:1B:0F:5B:CA:76:4F:4D:3C:83:D3:ED:6A:0F:27:CD:22:98
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KIN0Gw9bynZPTTyD0-1qDyfNIpg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E04FE/86A6F654B73F11EEAF12B87BC4F9AE02/5EE215CCC33D11EE97B67979C4F9AE02.roa
Signing time:             Sun 04 Feb 2024 09:11:25 +0000
ROA not before:           Sun 04 Feb 2024 09:11:25 +0000
ROA not after:            Mon 31 Mar 2025 00:00:00 +0000
asID:                     46783
IP address blocks:        113.192.60.0/24 maxlen: 24
                          113.192.61.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E04FE/86A6F654B73F11EEAF12B87BC4F9AE02/KIN0Gw9bynZPTTyD0-1qDyfNIpg.crl
                          rsync://rpki.apnic.net/member_repository/A91E04FE/86A6F654B73F11EEAF12B87BC4F9AE02/KIN0Gw9bynZPTTyD0-1qDyfNIpg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KIN0Gw9bynZPTTyD0-1qDyfNIpg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 20 Jun 2024 07:03:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15 (0xf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E04FE/serialNumber=2883741B0F5BCA764F4D3C83D3ED6A0F27CD2298
        Validity
            Not Before: Feb  4 09:11:25 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=65bf54bd-f9bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:bd:63:fb:f3:89:94:5d:b8:5d:16:e7:26:8d:
                    ec:3b:dd:38:58:9a:a6:2e:9e:7a:e0:c7:29:cc:5a:
                    9d:5d:5c:2f:a3:90:e0:75:e6:85:02:13:97:67:4b:
                    86:20:fb:71:f2:47:74:0b:5d:51:53:e8:52:37:1d:
                    a9:1c:99:67:c0:04:3a:17:74:37:e2:61:ec:86:4e:
                    92:9a:20:9d:d3:60:46:ea:af:63:6c:6f:57:c7:4b:
                    64:78:f1:0e:71:ef:6e:7b:11:0f:3a:0b:46:e4:e4:
                    06:ad:65:ec:f2:60:bf:40:3b:4d:2f:a6:79:16:4b:
                    4a:ec:90:95:dc:53:0f:a2:f3:de:ac:2b:52:16:5e:
                    a3:cd:34:a4:24:8e:7d:0e:5e:11:a0:3d:67:e1:37:
                    79:c6:b2:50:b9:fe:72:38:f6:7c:50:c6:02:83:2e:
                    90:8b:bc:68:e5:49:fd:2b:b2:d0:2e:68:c4:5a:05:
                    ec:2c:4c:cc:13:1b:08:00:c0:6a:4d:10:7f:c8:50:
                    a7:4e:8f:24:47:6f:6f:53:b0:98:17:f0:fb:51:ba:
                    0c:99:7d:f2:ce:ee:3e:65:f6:84:51:11:d5:03:e2:
                    62:85:1c:e7:87:55:97:26:73:4e:bb:53:85:43:73:
                    38:66:0c:22:1d:3d:d2:fe:21:4d:56:7c:e4:71:c8:
                    67:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:B0:56:BB:41:14:9F:C0:A6:81:49:DC:45:1A:1D:0D:66:B5:EB:64
            X509v3 Authority Key Identifier:
                keyid:28:83:74:1B:0F:5B:CA:76:4F:4D:3C:83:D3:ED:6A:0F:27:CD:22:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E04FE/86A6F654B73F11EEAF12B87BC4F9AE02/KIN0Gw9bynZPTTyD0-1qDyfNIpg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KIN0Gw9bynZPTTyD0-1qDyfNIpg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E04FE/86A6F654B73F11EEAF12B87BC4F9AE02/5EE215CCC33D11EE97B67979C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  113.192.60.0/23

    Signature Algorithm: sha256WithRSAEncryption
         46:d9:14:fe:1a:e7:25:e6:a3:aa:4e:9b:46:7a:70:9c:aa:3d:
         1a:99:f2:7a:4a:bd:e2:c8:6e:9d:44:57:48:18:45:c1:56:3b:
         d2:1d:68:dd:3b:6b:07:ea:c6:15:cc:da:db:4d:25:16:9d:dc:
         97:82:dc:46:e7:06:21:27:40:fa:c3:dc:ff:7f:f1:76:a8:8b:
         b2:10:12:84:0a:4f:b4:b0:8f:8c:9e:50:a7:bd:70:47:53:ca:
         9c:68:f9:08:93:5c:0f:5c:bb:af:72:c0:2a:28:20:e5:68:b9:
         59:43:56:9d:b2:4e:42:81:37:12:82:68:32:fa:e7:e4:7e:7e:
         8d:56:02:ff:f8:0c:81:87:15:16:fa:72:1e:fa:f6:c5:89:c3:
         f4:93:7b:3e:3f:50:d1:4e:c6:17:d1:ae:24:fd:b7:0b:1b:c2:
         e8:71:3d:5d:f6:8c:40:91:16:4a:c4:c9:08:06:9e:24:b1:10:
         5e:ef:b5:07:e5:49:08:33:35:ee:70:c8:bb:e2:94:84:82:da:
         91:a0:34:1d:0f:63:20:7e:49:2f:05:98:8c:7e:6a:f7:66:9f:
         a6:66:07:29:06:18:6b:7c:bc:42:80:6f:f7:13:01:b8:40:3f:
         db:4f:8a:45:60:67:3c:40:83:aa:18:a1:a5:bf:89:e2:7b:cc:
         2d:d2:13:57
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBDzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
MDRGRTExMC8GA1UEBRMoMjg4Mzc0MUIwRjVCQ0E3NjRGNEQzQzgzRDNFRDZBMEYy
N0NEMjI5ODAeFw0yNDAyMDQwOTExMjVaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YmY1NGJkLWY5YmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQvWP784mUXbhdFucmjew73ThYmqYunnrgxynMWp1dXC+jkOB15oUCE5dnS4Yg
+3HyR3QLXVFT6FI3HakcmWfABDoXdDfiYeyGTpKaIJ3TYEbqr2Nsb1fHS2R48Q5x
7257EQ86C0bk5AatZezyYL9AO00vpnkWS0rskJXcUw+i896sK1IWXqPNNKQkjn0O
XhGgPWfhN3nGslC5/nI49nxQxgKDLpCLvGjlSf0rstAuaMRaBewsTMwTGwgAwGpN
EH/IUKdOjyRHb29TsJgX8PtRugyZffLO7j5l9oRREdUD4mKFHOeHVZcmc067U4VD
czhmDCIdPdL+IU1WfORxyGf1AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUd7BWu0EU
n8CmgUncRRodDWa162QwHwYDVR0jBBgwFoAUKIN0Gw9bynZPTTyD0+1qDyfNIpgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUwNEZFLzg2QTZGNjU0Qjcz
RjExRUVBRjEyQjg3QkM0RjlBRTAyL0tJTjBHdzlieW5aUFRUeUQwLTFxRHlmTklw
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvS0lOMEd3OWJ5blpQVFR5RDAtMXFEeWZOSXBnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
MDRGRS84NkE2RjY1NEI3M0YxMUVFQUYxMkI4N0JDNEY5QUUwMi81RUUyMTVDQ0Mz
M0QxMUVFOTdCNjc5NzlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAXHAPDANBgkqhkiG9w0BAQsFAAOCAQEARtkU/hrnJeajqk6b
RnpwnKo9Gpnyekq94shunURXSBhFwVY70h1o3TtrB+rGFcza200lFp3cl4LcRucG
ISdA+sPc/3/xdqiLshAShApPtLCPjJ5Qp71wR1PKnGj5CJNcD1y7r3LAKigg5Wi5
WUNWnbJOQoE3EoJoMvrn5H5+jVYC//gMgYcVFvpyHvr2xYnD9JN7Pj9Q0U7GF9Gu
JP23CxvC6HE9XfaMQJEWSsTJCAaeJLEQXu+1B+VJCDM17nDIu+KUhILakaA0HQ9j
IH5JLwWYjH5q92afpmYHKQYYa3y8QoBv9xMBuEA/20+KRWBnPECDqhihpb+J4nvM
LdITVw==
-----END CERTIFICATE-----
Generated at Thu Jun 13 10:59:51 2024 by rpki-client on console-ams.rpki-client.org