Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/D738574EE34F11ED9105DE54C4F9AE02.roa
File:                     D738574EE34F11ED9105DE54C4F9AE02.roa (raw, json)
Hash identifier:          KTgohCfjhYfyfH30rSNBzT1RfSvNFX+PKhR3SbbRNhg=
Subject key identifier:   7B:F0:C3:7B:1A:DA:76:3B:63:0B:6F:35:E1:5F:C3:7C:9D:01:65:99
Certificate issuer:       /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial:       0BBB
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/D738574EE34F11ED9105DE54C4F9AE02.roa
Signing time:             Wed 24 May 2023 23:25:25 +0000
ROA not before:           Wed 24 May 2023 23:25:25 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     140594
IP address blocks:        113.203.242.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
                          rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 21:46:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3003 (0xbbb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
        Validity
            Not Before: May 24 23:25:25 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=646e9ce5-2781
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:54:e8:c1:5f:ed:24:bd:9f:66:08:e2:09:27:
                    de:0f:f1:2b:e5:e2:cc:a4:e8:ae:05:97:64:26:59:
                    00:ec:93:6c:b5:9a:2e:30:ee:62:79:6b:5b:06:e3:
                    9c:26:a4:78:2b:3e:1d:81:54:be:32:55:1d:e5:a6:
                    fb:89:29:e2:69:41:53:e8:4a:bd:7f:d6:8d:8e:d3:
                    7b:f7:f4:44:61:a4:c7:a1:c9:b9:bc:5e:e5:ad:be:
                    b2:c1:c1:cd:41:8e:7e:47:9f:2a:15:f7:c0:37:21:
                    37:10:3c:fe:22:09:9a:12:22:19:25:f5:1a:8d:b9:
                    9d:c8:d1:0f:71:c2:ea:8f:82:f0:9d:cd:f3:b7:82:
                    51:3b:5b:0a:9c:c8:46:81:b6:dc:1f:77:be:77:d6:
                    66:e1:d9:7b:60:52:67:96:bf:ca:cc:76:ec:14:98:
                    ec:be:f6:ae:0e:53:32:6e:9e:7f:62:51:3a:be:9f:
                    34:9f:e4:f8:d3:2e:2b:90:e3:24:65:ae:a9:13:b0:
                    f4:98:18:e6:51:c4:13:20:bf:1d:fe:10:3b:fe:65:
                    ea:13:f7:05:1c:85:b2:39:1b:b2:40:c0:56:94:e4:
                    c9:c7:fc:42:5c:16:d5:57:2b:c6:84:36:d8:a2:d5:
                    ed:2f:e9:bd:8e:33:f1:c6:eb:b8:16:b2:b0:40:83:
                    a2:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:F0:C3:7B:1A:DA:76:3B:63:0B:6F:35:E1:5F:C3:7C:9D:01:65:99
            X509v3 Authority Key Identifier:
                keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/D738574EE34F11ED9105DE54C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  113.203.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:71:17:9a:9f:54:09:91:3b:2a:1b:67:35:7d:75:88:d1:69:
         18:be:bf:2a:a1:f2:9b:cd:b9:24:af:8d:b6:b5:6b:8e:63:e6:
         22:13:bf:ba:58:f4:2e:c7:97:4f:3a:3b:82:a5:5d:74:c2:09:
         99:14:59:78:5d:de:bc:18:df:66:d8:8c:19:e9:27:bb:5c:54:
         1a:f9:56:7f:d3:d5:e8:9d:ba:b1:31:8d:a6:6f:c8:54:9a:0c:
         7c:7d:b5:dd:bd:a4:e6:e8:e1:9a:49:fb:15:cd:66:a4:67:47:
         b0:0f:98:10:b8:da:5c:13:ad:2a:f5:58:47:88:10:f7:d6:9f:
         d6:84:78:c2:7a:d3:03:b0:42:db:eb:2c:a8:76:33:21:51:db:
         9f:b4:95:cc:af:c7:44:03:15:8e:8a:d4:ff:7b:60:99:09:f5:
         95:fb:3e:ed:90:e5:7e:fd:d2:0d:b9:a8:67:4d:3f:af:9d:a4:
         19:f0:d8:0b:cb:e1:e0:c7:7d:c1:1a:a1:d9:35:ee:f6:c1:d3:
         3b:01:22:a0:e2:83:18:d2:40:e9:6b:13:76:40:ee:61:ab:0c:
         6a:a1:98:11:98:9b:3e:40:4e:30:16:e2:f5:e9:df:59:5d:7d:
         4d:34:02:12:57:a1:31:45:19:2b:ac:05:f6:21:30:32:88:a6:
         a2:52:f9:44
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC7swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjMwNTI0MjMyNTI1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDZlOWNlNS0yNzgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw1TowV/tJL2fZgjiCSfeD/Er5eLMpOiuBZdkJlkA7JNstZouMO5ieWtbBuOc
JqR4Kz4dgVS+MlUd5ab7iSniaUFT6Eq9f9aNjtN79/REYaTHocm5vF7lrb6ywcHN
QY5+R58qFffANyE3EDz+IgmaEiIZJfUajbmdyNEPccLqj4Lwnc3zt4JRO1sKnMhG
gbbcH3e+d9Zm4dl7YFJnlr/KzHbsFJjsvvauDlMybp5/YlE6vp80n+T40y4rkOMk
Za6pE7D0mBjmUcQTIL8d/hA7/mXqE/cFHIWyORuyQMBWlOTJx/xCXBbVVyvGhDbY
otXtL+m9jjPxxuu4FrKwQIOiIQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHvww3sa
2nY7YwtvNeFfw3ydAWWZMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvRDczODU3NEVF
MzRGMTFFRDkxMDVERTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABxy/IwDQYJKoZIhvcNAQELBQADggEBABZxF5qfVAmROyob
ZzV9dYjRaRi+vyqh8pvNuSSvjba1a45j5iITv7pY9C7Hl086O4KlXXTCCZkUWXhd
3rwY32bYjBnpJ7tcVBr5Vn/T1eidurExjaZvyFSaDHx9td29pObo4ZpJ+xXNZqRn
R7APmBC42lwTrSr1WEeIEPfWn9aEeMJ60wOwQtvrLKh2MyFR25+0lcyvx0QDFY6K
1P97YJkJ9ZX7Pu2Q5X790g25qGdNP6+dpBnw2AvL4eDHfcEaodk17vbB0zsBIqDi
gxjSQOlrE3ZA7mGrDGqhmBGYmz5ATjAW4vXp31ldfU00AhJXoTFFGSusBfYhMDKI
pqJS+UQ=
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:56:00 2024 by rpki-client on console-ams.rpki-client.org