Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB077/DB7B7006482411E794041D2DC4F9AE02/6C897E54597B11EDB603273AC4F9AE02.roa
File:                     6C897E54597B11EDB603273AC4F9AE02.roa (raw, json)
Hash identifier:          ag1Pddz2zGOl40000GuyzDYG6L53rMlZ4a9fYvlMEw4=
Subject key identifier:   37:AC:7A:A7:D8:10:66:41:5B:21:58:96:75:86:6A:F6:93:BC:6F:49
Certificate issuer:       /CN=A91EB077/serialNumber=386F6F8AA1E66C5254EA1E47888C103F4536222A
Certificate serial:       192B
Authority key identifier: 38:6F:6F:8A:A1:E6:6C:52:54:EA:1E:47:88:8C:10:3F:45:36:22:2A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OG9viqHmbFJU6h5HiIwQP0U2Iio.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EB077/DB7B7006482411E794041D2DC4F9AE02/6C897E54597B11EDB603273AC4F9AE02.roa
Signing time:             Tue 08 Aug 2023 16:53:44 +0000
ROA not before:           Tue 08 Aug 2023 16:53:44 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        2401:1d80:3000::/40 maxlen: 48
                          2401:1d80:3100::/40 maxlen: 46
                          2401:1d80:3200::/40 maxlen: 46
                          2401:1d80:3300::/40 maxlen: 46
                          2401:1d80:4000::/40 maxlen: 46
                          2401:1d80:4100::/40 maxlen: 46
                          2401:1d80:4200::/40 maxlen: 46
                          2401:1d80:4300::/40 maxlen: 46
                          2401:1d80:5000::/40 maxlen: 46
                          2401:1d80:5100::/40 maxlen: 46
                          2401:1d80:5200::/40 maxlen: 46
                          2401:1d80:5300::/40 maxlen: 46
                          2401:1d80:5800::/40 maxlen: 46
                          2401:1d80:5900::/40 maxlen: 46
                          2401:1d80:5a00::/40 maxlen: 46
                          2401:1d80:5b00::/40 maxlen: 46
                          2401:1d80:6000::/40 maxlen: 46
                          2401:1d80:6100::/40 maxlen: 46
                          2401:1d80:6200::/40 maxlen: 46
                          2401:1d80:6300::/40 maxlen: 46

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EB077/DB7B7006482411E794041D2DC4F9AE02/OG9viqHmbFJU6h5HiIwQP0U2Iio.crl
                          rsync://rpki.apnic.net/member_repository/A91EB077/DB7B7006482411E794041D2DC4F9AE02/OG9viqHmbFJU6h5HiIwQP0U2Iio.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OG9viqHmbFJU6h5HiIwQP0U2Iio.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 16:50:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6443 (0x192b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EB077/serialNumber=386F6F8AA1E66C5254EA1E47888C103F4536222A
        Validity
            Not Before: Aug  8 16:53:44 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=64d27318-7203
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:ee:17:c0:a5:bc:0f:f4:41:e8:0d:94:b7:7a:
                    22:67:ce:8a:aa:fa:46:66:9f:da:83:e8:59:99:7d:
                    53:c6:d1:a0:b5:43:bc:ab:31:16:b1:6c:65:15:94:
                    9c:ad:cd:16:a0:7f:e3:42:33:58:60:9b:1f:07:28:
                    55:d7:f7:a6:86:98:dc:db:e3:a5:cb:35:e5:ff:76:
                    ec:38:97:da:1e:22:b5:d7:b6:1c:73:ae:06:a7:eb:
                    19:e1:04:42:e0:b8:88:4a:e0:b5:98:95:84:4d:e5:
                    08:ec:f4:d2:12:a5:f3:57:f2:f5:f6:31:a2:fc:90:
                    98:e1:98:d7:d0:a9:cf:03:1d:62:70:63:b0:16:e2:
                    47:32:a3:25:e7:f4:f5:d0:1e:9e:c9:91:61:8f:1a:
                    5f:c7:17:f2:34:29:10:4a:94:e1:67:ab:d9:e2:10:
                    96:50:da:60:d9:2f:2f:df:60:92:32:1d:16:f7:fd:
                    6f:49:c6:3c:d3:7c:f2:28:c4:14:a9:47:24:54:3b:
                    1e:7a:81:9a:58:57:8b:79:89:1a:68:72:66:cd:b9:
                    76:8e:14:39:d6:d2:77:77:22:fa:69:68:ab:ab:1e:
                    e1:e5:32:61:3c:72:9f:b4:90:87:a9:a0:1f:5d:17:
                    d6:d4:24:24:e5:38:e6:1c:fa:4b:24:2d:1d:d4:f4:
                    9e:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:AC:7A:A7:D8:10:66:41:5B:21:58:96:75:86:6A:F6:93:BC:6F:49
            X509v3 Authority Key Identifier:
                keyid:38:6F:6F:8A:A1:E6:6C:52:54:EA:1E:47:88:8C:10:3F:45:36:22:2A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EB077/DB7B7006482411E794041D2DC4F9AE02/OG9viqHmbFJU6h5HiIwQP0U2Iio.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OG9viqHmbFJU6h5HiIwQP0U2Iio.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB077/DB7B7006482411E794041D2DC4F9AE02/6C897E54597B11EDB603273AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:1d80:3000::/38
                  2401:1d80:4000::/38
                  2401:1d80:5000::/38
                  2401:1d80:5800::/38
                  2401:1d80:6000::/38

    Signature Algorithm: sha256WithRSAEncryption
         36:7e:2f:16:9d:fa:57:59:0d:62:06:a4:29:53:f6:0a:c1:ed:
         fb:0a:d7:90:d4:ab:e1:f0:1a:4c:7c:ca:4e:31:eb:ab:d8:ee:
         73:dd:28:12:13:96:67:6e:30:50:9e:6d:1e:69:af:7f:75:b5:
         36:a6:17:31:02:7e:13:ae:ee:a5:4e:32:b4:a6:e0:c5:3b:71:
         08:2a:23:c0:cc:22:98:77:1b:63:7e:27:8e:b7:ab:6c:b8:1a:
         be:57:37:d0:b6:87:f1:87:84:b9:c6:96:6f:ac:09:52:e3:a6:
         ec:34:3d:35:21:71:cf:2f:37:fb:87:50:9d:cf:83:a6:fa:3e:
         f1:4c:ac:8b:19:06:47:29:53:ee:d5:8b:7b:0f:5c:83:01:57:
         48:1c:ed:a9:9c:dd:05:f5:52:b9:45:19:0b:d6:19:8c:57:5c:
         c9:78:bc:ab:6e:0b:7a:0f:15:5c:e4:e3:e8:c3:20:67:87:cf:
         c0:3a:a3:09:16:22:3a:ef:8f:38:5f:e7:f0:8a:6b:2a:a6:7f:
         79:d7:ed:00:39:8f:01:b8:4f:82:68:f6:9a:fc:01:ee:83:c4:
         ea:7f:3e:56:e9:79:5b:48:d9:15:b8:1f:d3:da:10:bf:12:bd:
         1d:12:ba:7a:cc:91:89:16:92:0e:f3:54:e4:ad:b9:2b:41:66:
         5b:96:83:47
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICGSswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUIwNzcxMTAvBgNVBAUTKDM4NkY2RjhBQTFFNjZDNTI1NEVBMUU0Nzg4OEMxMDNG
NDUzNjIyMkEwHhcNMjMwODA4MTY1MzQ0WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQyNzMxOC03MjAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApe4XwKW8D/RB6A2Ut3oiZ86KqvpGZp/ag+hZmX1TxtGgtUO8qzEWsWxlFZSc
rc0WoH/jQjNYYJsfByhV1/emhpjc2+OlyzXl/3bsOJfaHiK117Ycc64Gp+sZ4QRC
4LiISuC1mJWETeUI7PTSEqXzV/L19jGi/JCY4ZjX0KnPAx1icGOwFuJHMqMl5/T1
0B6eyZFhjxpfxxfyNCkQSpThZ6vZ4hCWUNpg2S8v32CSMh0W9/1vScY803zyKMQU
qUckVDseeoGaWFeLeYkaaHJmzbl2jhQ51tJ3dyL6aWirqx7h5TJhPHKftJCHqaAf
XRfW1CQk5TjmHPpLJC0d1PSe5wIDAQABo4ICtzCCArMwHQYDVR0OBBYEFDeseqfY
EGZBWyFYlnWGavaTvG9JMB8GA1UdIwQYMBaAFDhvb4qh5mxSVOoeR4iMED9FNiIq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjA3Ny9EQjdCNzAwNjQ4
MjQxMUU3OTQwNDFEMkRDNEY5QUUwMi9PRzl2aXFIbWJGSlU2aDVIaUl3UVAwVTJJ
aW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09HOXZpcUhtYkZKVTZoNUhpSXdRUDBVMklpby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUIwNzcvREI3QjcwMDY0ODI0MTFFNzk0MDQxRDJEQzRGOUFFMDIvNkM4OTdFNTQ1
OTdCMTFFREI2MDMyNzNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMC4EAgACMCgDBgIkAR2AMAMGAiQBHYBAAwYCJAEdgFADBgIkAR2AWAMGAiQB
HYBgMA0GCSqGSIb3DQEBCwUAA4IBAQA2fi8WnfpXWQ1iBqQpU/YKwe37CteQ1Kvh
8BpMfMpOMeur2O5z3SgSE5ZnbjBQnm0eaa9/dbU2phcxAn4Tru6lTjK0puDFO3EI
KiPAzCKYdxtjfieOt6tsuBq+VzfQtofxh4S5xpZvrAlS46bsND01IXHPLzf7h1Cd
z4Om+j7xTKyLGQZHKVPu1Yt7D1yDAVdIHO2pnN0F9VK5RRkL1hmMV1zJeLyrbgt6
DxVc5OPowyBnh8/AOqMJFiI67484X+fwimsqpn951+0AOY8BuE+CaPaa/AHug8Tq
fz5W6XlbSNkVuB/T2hC/Er0dErp6zJGJFpIO81TkrbkrQWZbloNH
-----END CERTIFICATE-----
Generated at Thu Mar 28 18:54:44 2024 by rpki-client on console-ams.rpki-client.org