Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/1A0D44FA3B5411EABAC6EE18C4F9AE02.roa
File:                     1A0D44FA3B5411EABAC6EE18C4F9AE02.roa (raw, json)
Hash identifier:          vE1akHBF+FqKvgFH1UFzMveeA3YQT8LvEndWX1RJBkY=
Subject key identifier:   67:DB:66:62:31:50:E7:2A:0B:D3:E2:CC:2B:26:20:A8:00:21:86:4F
Certificate issuer:       /CN=A91EA198/serialNumber=5FEEDE9D382543F051527FA533D47A917077E632
Certificate serial:       1CCC
Authority key identifier: 5F:EE:DE:9D:38:25:43:F0:51:52:7F:A5:33:D4:7A:91:70:77:E6:32
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/1A0D44FA3B5411EABAC6EE18C4F9AE02.roa
Signing time:             Thu 28 Sep 2023 16:33:42 +0000
ROA not before:           Thu 28 Sep 2023 16:33:42 +0000
ROA not after:            Sun 02 Mar 2025 00:00:00 +0000
asID:                     37963
IP address blocks:        8.128.0.0/10 maxlen: 15
                          8.128.0.0/16 maxlen: 24
                          8.129.0.0/16 maxlen: 24
                          8.130.0.0/16 maxlen: 24
                          8.131.0.0/16 maxlen: 24
                          8.132.0.0/16 maxlen: 24
                          8.133.0.0/16 maxlen: 24
                          8.134.0.0/16 maxlen: 24
                          8.135.0.0/16 maxlen: 24
                          8.136.0.0/16 maxlen: 24
                          8.137.0.0/16 maxlen: 24
                          8.138.0.0/16 maxlen: 24
                          8.139.0.0/16 maxlen: 24
                          8.140.0.0/16 maxlen: 24
                          8.141.0.0/16 maxlen: 24
                          8.142.0.0/16 maxlen: 24
                          8.143.0.0/16 maxlen: 24
                          8.144.0.0/16 maxlen: 24
                          8.145.0.0/16 maxlen: 24
                          8.146.0.0/16 maxlen: 24
                          8.147.0.0/16 maxlen: 24
                          8.148.0.0/16 maxlen: 24
                          8.149.0.0/16 maxlen: 24
                          8.150.0.0/16 maxlen: 24
                          8.151.0.0/16 maxlen: 24
                          8.152.0.0/16 maxlen: 24
                          8.153.0.0/16 maxlen: 24
                          8.154.0.0/16 maxlen: 24
                          8.155.0.0/16 maxlen: 24
                          8.156.0.0/16 maxlen: 24
                          8.157.0.0/16 maxlen: 24
                          8.158.0.0/16 maxlen: 24
                          8.159.0.0/16 maxlen: 24
                          8.160.0.0/16 maxlen: 24
                          8.161.0.0/16 maxlen: 24
                          8.162.0.0/16 maxlen: 24
                          8.163.0.0/16 maxlen: 24
                          8.164.0.0/16 maxlen: 24
                          8.165.0.0/16 maxlen: 24
                          8.166.0.0/16 maxlen: 24
                          8.167.0.0/16 maxlen: 24
                          8.168.0.0/16 maxlen: 24
                          8.169.0.0/16 maxlen: 24
                          8.170.0.0/16 maxlen: 24
                          8.171.0.0/16 maxlen: 24
                          8.172.0.0/16 maxlen: 24
                          8.173.0.0/16 maxlen: 24
                          8.174.0.0/16 maxlen: 24
                          8.175.0.0/16 maxlen: 24
                          8.176.0.0/16 maxlen: 24
                          8.178.0.0/16 maxlen: 24
                          8.179.0.0/16 maxlen: 24
                          8.180.0.0/16 maxlen: 24
                          8.181.0.0/16 maxlen: 24
                          8.182.0.0/16 maxlen: 24
                          8.183.0.0/16 maxlen: 24
                          8.184.0.0/16 maxlen: 24
                          8.185.0.0/16 maxlen: 24
                          8.186.0.0/16 maxlen: 24
                          8.187.0.0/16 maxlen: 24
                          8.188.0.0/16 maxlen: 24
                          8.189.0.0/16 maxlen: 24
                          8.190.0.0/16 maxlen: 24
                          8.191.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.crl
                          rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 02:50:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7372 (0x1ccc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EA198/serialNumber=5FEEDE9D382543F051527FA533D47A917077E632
        Validity
            Not Before: Sep 28 16:33:42 2023 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=6515aae5-2f00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:00:ab:5b:4f:08:a2:30:e0:0b:f8:da:98:c6:
                    d7:6b:fc:d6:7e:e4:d1:f7:de:fb:53:48:f2:d4:9a:
                    6a:bf:ee:a2:0c:7f:1e:39:54:7d:82:8a:a5:c3:a1:
                    6e:79:1b:d3:74:0e:76:ce:f1:64:f6:cc:32:4d:ce:
                    d3:ad:b2:ac:c2:47:59:a1:5c:eb:81:8e:f7:87:b2:
                    2c:d7:18:f1:1a:68:b2:c8:7c:3e:ba:39:57:40:9a:
                    02:2d:83:a2:a2:40:c4:ba:69:f4:f0:2a:8a:e1:47:
                    12:4d:25:f9:85:a5:4a:e4:c9:3d:b1:9a:69:0a:2c:
                    21:22:2c:46:62:17:cc:28:1b:d8:7e:1e:dc:cc:13:
                    e7:2c:5e:4d:90:f6:43:71:44:e9:ed:ed:16:73:19:
                    c6:2e:dd:c5:3f:64:71:93:5e:2c:43:0d:ec:e8:b7:
                    42:be:55:c7:df:b1:9e:0f:c3:6b:d6:2d:90:2d:d2:
                    7c:46:a2:20:fc:43:09:fa:9f:b6:8a:f6:12:16:67:
                    9f:2c:73:7d:bd:38:5a:18:03:92:48:de:e1:3a:5d:
                    75:94:58:6e:7c:13:a2:f5:27:40:0b:4c:64:21:e8:
                    0d:f5:91:98:50:4b:ec:6c:01:8f:82:f3:8a:d9:04:
                    82:bb:03:d9:01:cd:ea:9f:c9:96:bf:92:02:90:78:
                    83:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:DB:66:62:31:50:E7:2A:0B:D3:E2:CC:2B:26:20:A8:00:21:86:4F
            X509v3 Authority Key Identifier:
                keyid:5F:EE:DE:9D:38:25:43:F0:51:52:7F:A5:33:D4:7A:91:70:77:E6:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/1A0D44FA3B5411EABAC6EE18C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  8.128.0.0/10

    Signature Algorithm: sha256WithRSAEncryption
         29:d7:39:40:47:c8:3b:a7:22:a0:c1:2b:91:a4:af:a0:aa:1f:
         a8:35:95:a7:a9:ca:28:5e:2a:89:3a:08:da:c4:97:df:57:5b:
         ef:7b:18:ab:86:33:63:47:33:59:74:31:54:cb:65:12:4c:28:
         c1:32:12:4a:61:e7:c1:4d:26:0d:d5:a7:fe:96:3b:93:ee:02:
         91:fa:7d:53:ef:25:d1:8e:d5:1b:5c:e2:ea:74:a7:d3:24:0b:
         35:39:e2:90:9c:65:3a:52:5e:e1:fc:1d:66:14:2a:a1:92:b6:
         f2:11:c3:36:43:b3:9c:5e:31:23:9b:02:7f:67:f0:b5:34:2a:
         6a:fc:8e:fd:d6:68:06:6b:65:1e:14:6c:bb:25:94:d2:b6:c8:
         6a:4e:63:52:9f:07:a4:18:34:d5:e7:98:57:70:ce:07:83:2e:
         54:44:bd:c7:da:55:a6:16:ce:92:d8:ca:f6:9d:11:32:ef:66:
         2d:23:5e:1c:58:0b:93:8b:f5:8d:34:63:f1:1d:04:79:65:97:
         c7:d7:ec:57:85:6d:fc:b6:d6:fb:e5:4a:56:67:44:55:82:95:
         a6:c9:96:66:07:57:a1:88:ae:a1:4d:f9:4b:44:01:ee:cf:06:
         84:f6:31:5a:1b:25:fe:6e:a5:09:d8:bd:15:43:5f:08:40:57:
         e7:d0:d1:80
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICHMwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUExOTgxMTAvBgNVBAUTKDVGRUVERTlEMzgyNTQzRjA1MTUyN0ZBNTMzRDQ3QTkx
NzA3N0U2MzIwHhcNMjMwOTI4MTYzMzQyWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTE1YWFlNS0yZjAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7gCrW08IojDgC/jamMbXa/zWfuTR9977U0jy1Jpqv+6iDH8eOVR9goqlw6Fu
eRvTdA52zvFk9swyTc7TrbKswkdZoVzrgY73h7Is1xjxGmiyyHw+ujlXQJoCLYOi
okDEumn08CqK4UcSTSX5haVK5Mk9sZppCiwhIixGYhfMKBvYfh7czBPnLF5NkPZD
cUTp7e0WcxnGLt3FP2Rxk14sQw3s6LdCvlXH37GeD8Nr1i2QLdJ8RqIg/EMJ+p+2
ivYSFmefLHN9vThaGAOSSN7hOl11lFhufBOi9SdAC0xkIegN9ZGYUEvsbAGPgvOK
2QSCuwPZAc3qn8mWv5ICkHiDKwIDAQABo4IClDCCApAwHQYDVR0OBBYEFGfbZmIx
UOcqC9PizCsmIKgAIYZPMB8GA1UdIwQYMBaAFF/u3p04JUPwUVJ/pTPUepFwd+Yy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC9BRDYyOTIyMkI1
MjUxMUU2QUY2Qzg5NUVDNEY5QUUwMi9YLTdlblRnbFFfQlJVbi1sTTlSNmtYQjM1
akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1gtN2VuVGdsUV9CUlVuLWxNOVI2a1hCMzVqSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUExOTgvQUQ2MjkyMjJCNTI1MTFFNkFGNkM4OTVFQzRGOUFFMDIvMUEwRDQ0RkEz
QjU0MTFFQUJBQzZFRTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwYIgDANBgkqhkiG9w0BAQsFAAOCAQEAKdc5QEfIO6cioMEr
kaSvoKofqDWVp6nKKF4qiToI2sSX31db73sYq4YzY0czWXQxVMtlEkwowTISSmHn
wU0mDdWn/pY7k+4Ckfp9U+8l0Y7VG1zi6nSn0yQLNTnikJxlOlJe4fwdZhQqoZK2
8hHDNkOznF4xI5sCf2fwtTQqavyO/dZoBmtlHhRsuyWU0rbIak5jUp8HpBg01eeY
V3DOB4MuVES9x9pVphbOktjK9p0RMu9mLSNeHFgLk4v1jTRj8R0EeWWXx9fsV4Vt
/LbW++VKVmdEVYKVpsmWZgdXoYiuoU35S0QB7s8GhPYxWhsl/m6lCdi9FUNfCEBX
59DRgA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 05:37:18 2024 by rpki-client on console-ams.rpki-client.org