Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E33/877A79B6E9D111E8AC892770C4F9AE02/4551BE2CD19D11EAA120EE14C4F9AE02.roa
File:                     4551BE2CD19D11EAA120EE14C4F9AE02.roa (raw, json)
Hash identifier:          Zb8K4a4S76xzShJsXA+J8BCfBTGu/Fav49T1ERobF/g=
Subject key identifier:   19:6B:4B:CA:26:E1:A7:C7:33:26:48:70:AD:BE:3D:CA:55:9C:48:EA
Certificate issuer:       /CN=A91E3E33/serialNumber=379743714CE012230AA978BB1AA8C790E70667AB
Certificate serial:       118C
Authority key identifier: 37:97:43:71:4C:E0:12:23:0A:A9:78:BB:1A:A8:C7:90:E7:06:67:AB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/N5dDcUzgEiMKqXi7GqjHkOcGZ6s.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E3E33/877A79B6E9D111E8AC892770C4F9AE02/4551BE2CD19D11EAA120EE14C4F9AE02.roa
Signing time:             Wed 18 Sep 2024 17:35:36 +0000
ROA not before:           Wed 18 Sep 2024 17:35:36 +0000
ROA not after:            Fri 31 Oct 2025 00:00:00 +0000
asID:                     134520
IP address blocks:        103.81.247.0/24 maxlen: 24
                          103.82.4.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E3E33/877A79B6E9D111E8AC892770C4F9AE02/N5dDcUzgEiMKqXi7GqjHkOcGZ6s.crl
                          rsync://rpki.apnic.net/member_repository/A91E3E33/877A79B6E9D111E8AC892770C4F9AE02/N5dDcUzgEiMKqXi7GqjHkOcGZ6s.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/N5dDcUzgEiMKqXi7GqjHkOcGZ6s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 17:13:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4492 (0x118c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E3E33/serialNumber=379743714CE012230AA978BB1AA8C790E70667AB
        Validity
            Not Before: Sep 18 17:35:36 2024 GMT
            Not After : Oct 31 00:00:00 2025 GMT
        Subject: CN=66eb0f68-aa2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:72:f9:d2:68:e6:e8:07:0a:1a:11:e7:e0:24:
                    cb:43:41:88:fa:37:d7:0c:a3:70:fa:ad:d1:44:34:
                    82:2d:b6:d3:01:db:62:cf:31:a2:db:b5:e7:ba:bf:
                    13:2a:5f:39:14:83:11:62:ab:9d:8e:21:5e:f3:4f:
                    22:fa:48:5b:e0:6a:d7:f2:89:92:f1:dd:51:ca:97:
                    60:e5:8b:f8:41:e7:b8:c9:45:48:59:e9:08:ea:ff:
                    86:cc:36:77:d8:43:52:6b:bd:d4:47:fc:ee:e0:ff:
                    f3:37:89:66:0b:6f:b2:46:08:80:83:61:54:74:ba:
                    4c:14:3f:3e:d2:14:df:aa:34:13:81:14:f9:20:7d:
                    63:83:d6:be:ba:43:97:5d:10:97:cc:3a:a2:18:ad:
                    d1:50:39:92:31:7a:76:0c:f2:b1:37:e1:32:31:fd:
                    4e:f2:71:d8:3b:c8:b1:81:43:a5:5a:50:ba:57:15:
                    d2:18:90:83:3b:96:9c:40:2d:ec:36:5f:e7:7a:58:
                    cd:95:64:a2:6b:f8:21:27:fd:d3:25:b5:d9:32:11:
                    25:4e:79:5e:f2:53:7c:24:ff:f2:66:57:17:53:bb:
                    99:15:83:37:13:37:7f:32:87:a1:52:3e:54:46:e9:
                    36:9e:7e:14:a8:53:e2:f3:5d:cf:00:08:37:d4:da:
                    88:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:6B:4B:CA:26:E1:A7:C7:33:26:48:70:AD:BE:3D:CA:55:9C:48:EA
            X509v3 Authority Key Identifier:
                keyid:37:97:43:71:4C:E0:12:23:0A:A9:78:BB:1A:A8:C7:90:E7:06:67:AB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E3E33/877A79B6E9D111E8AC892770C4F9AE02/N5dDcUzgEiMKqXi7GqjHkOcGZ6s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/N5dDcUzgEiMKqXi7GqjHkOcGZ6s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E33/877A79B6E9D111E8AC892770C4F9AE02/4551BE2CD19D11EAA120EE14C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.81.247.0/24
                  103.82.4.0/23

    Signature Algorithm: sha256WithRSAEncryption
         82:18:75:15:14:c6:9b:6e:1f:6f:81:3d:a5:85:58:e7:3a:30:
         89:d8:8d:c3:dc:c1:f6:65:d3:4e:a8:59:e2:5f:f6:e6:3b:d9:
         d3:98:ae:f6:6d:a3:20:cc:69:99:dc:50:ea:11:e4:e4:7f:12:
         3f:0b:59:59:4c:42:ef:2f:6c:4e:20:fb:80:f2:05:a5:5a:dd:
         7c:26:13:35:f8:13:40:a3:48:95:18:c9:56:63:0e:58:69:4f:
         6e:3d:9c:45:1f:3c:be:b1:18:96:af:6c:b1:bd:14:56:13:73:
         b2:15:0b:15:66:5d:73:88:76:fa:34:e5:89:27:c1:1a:cf:f8:
         2e:71:30:9c:4e:ab:22:97:d1:8f:12:d6:6c:82:28:04:11:c0:
         64:c8:07:cc:17:43:8b:b9:6c:be:e0:cb:7e:94:d0:b1:94:aa:
         a4:09:a6:6d:a0:ed:af:ed:10:0d:e4:4a:fe:91:57:23:3c:e1:
         ee:09:45:44:05:3b:20:d6:ba:ec:b6:21:40:e4:9b:2b:5b:f1:
         9e:74:8d:2c:36:87:45:b2:43:4c:9e:71:0a:55:32:2c:a4:2f:
         d4:69:7e:bd:a9:50:c2:4c:c7:fe:ac:63:23:8b:ab:78:b5:c9:
         3b:50:95:72:16:a2:5c:f2:8e:35:44:cc:85:14:85:45:f4:c8:
         fc:2d:77:79
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICEYwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTNFMzMxMTAvBgNVBAUTKDM3OTc0MzcxNENFMDEyMjMwQUE5NzhCQjFBQThDNzkw
RTcwNjY3QUIwHhcNMjQwOTE4MTczNTM2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmViMGY2OC1hYTJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuHL50mjm6AcKGhHn4CTLQ0GI+jfXDKNw+q3RRDSCLbbTAdtizzGi27Xnur8T
Kl85FIMRYqudjiFe808i+khb4GrX8omS8d1Rypdg5Yv4Qee4yUVIWekI6v+GzDZ3
2ENSa73UR/zu4P/zN4lmC2+yRgiAg2FUdLpMFD8+0hTfqjQTgRT5IH1jg9a+ukOX
XRCXzDqiGK3RUDmSMXp2DPKxN+EyMf1O8nHYO8ixgUOlWlC6VxXSGJCDO5acQC3s
Nl/neljNlWSia/ghJ/3TJbXZMhElTnle8lN8JP/yZlcXU7uZFYM3Ezd/MoehUj5U
Ruk2nn4UqFPi813PAAg31NqI/QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBlrS8om
4afHMyZIcK2+PcpVnEjqMB8GA1UdIwQYMBaAFDeXQ3FM4BIjCql4uxqox5DnBmer
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UzMy84NzdBNzlCNkU5
RDExMUU4QUM4OTI3NzBDNEY5QUUwMi9ONWREY1V6Z0VpTUtxWGk3R3FqSGtPY0da
NnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL041ZERjVXpnRWlNS3FYaTdHcWpIa09jR1o2cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTNFMzMvODc3QTc5QjZFOUQxMTFFOEFDODkyNzcwQzRGOUFFMDIvNDU1MUJFMkNE
MTlEMTFFQUExMjBFRTE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnUfcDBAFnUgQwDQYJKoZIhvcNAQELBQADggEBAIIYdRUU
xptuH2+BPaWFWOc6MInYjcPcwfZl006oWeJf9uY72dOYrvZtoyDMaZncUOoR5OR/
Ej8LWVlMQu8vbE4g+4DyBaVa3XwmEzX4E0CjSJUYyVZjDlhpT249nEUfPL6xGJav
bLG9FFYTc7IVCxVmXXOIdvo05YknwRrP+C5xMJxOqyKX0Y8S1myCKAQRwGTIB8wX
Q4u5bL7gy36U0LGUqqQJpm2g7a/tEA3kSv6RVyM84e4JRUQFOyDWuuy2IUDkmytb
8Z50jSw2h0WyQ0yecQpVMiykL9Rpfr2pUMJMx/6sYyOLq3i1yTtQlXIWolzyjjVE
zIUUhUX0yPwtd3k=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:45:04 2024 by rpki-client on console-fra.rpki-client.org