Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF24F/5F46732A02FA11EBA3A0A231C4F9AE02/47D255C8572811ECBE150619C4F9AE02.roa
File:                     47D255C8572811ECBE150619C4F9AE02.roa (raw, json)
Hash identifier:          QWuPNhrtMrdhkcYz/cJJ33xIaB3OVSXIin47ACFqM8k=
Subject key identifier:   79:03:B8:FD:04:6D:0E:12:BE:69:96:25:85:E1:34:E3:02:DF:33:5C
Certificate issuer:       /CN=A91EF24F/serialNumber=C24D8EA76BCA64983F532A4CDBB2CCF19B06250D
Certificate serial:       065C
Authority key identifier: C2:4D:8E:A7:6B:CA:64:98:3F:53:2A:4C:DB:B2:CC:F1:9B:06:25:0D
Authority info access:    rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/wk2Op2vKZJg_UypM27LM8ZsGJQ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EF24F/5F46732A02FA11EBA3A0A231C4F9AE02/47D255C8572811ECBE150619C4F9AE02.roa
Signing time:             Fri 18 Aug 2023 22:19:35 +0000
ROA not before:           Fri 18 Aug 2023 22:19:35 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     55705
IP address blocks:        188.209.154.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EF24F/5F46732A02FA11EBA3A0A231C4F9AE02/wk2Op2vKZJg_UypM27LM8ZsGJQ0.crl
                          rsync://rpki.apnic.net/member_repository/A91EF24F/5F46732A02FA11EBA3A0A231C4F9AE02/wk2Op2vKZJg_UypM27LM8ZsGJQ0.mft
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/wk2Op2vKZJg_UypM27LM8ZsGJQ0.cer
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 20:06:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1628 (0x65c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EF24F/serialNumber=C24D8EA76BCA64983F532A4CDBB2CCF19B06250D
        Validity
            Not Before: Aug 18 22:19:35 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=64dfee76-9175
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:81:d5:14:fe:17:cc:03:e5:90:0e:35:96:e9:
                    e8:d6:3c:cd:ab:c8:be:a5:b5:8b:1d:30:de:55:f8:
                    c9:7c:4e:b4:db:28:e9:d2:66:9d:6d:59:3b:15:8a:
                    fd:80:5e:ac:ff:32:00:33:e2:5a:22:54:8b:09:3d:
                    f8:c9:32:90:00:33:90:20:ff:38:09:f5:69:c6:91:
                    86:3f:f5:43:2f:6f:f2:c2:c2:69:21:d0:fd:4b:7f:
                    e0:7f:49:b4:ef:d0:d8:56:3b:d0:ba:ec:c9:0f:d0:
                    75:ae:37:50:49:65:fd:6a:0e:5d:8e:27:af:24:9a:
                    12:de:0a:27:54:ae:7d:f0:f7:08:ea:39:80:40:80:
                    71:a8:73:a4:9c:c8:de:ef:17:62:ae:6a:7c:12:7d:
                    40:bd:26:11:08:d0:ae:a9:ce:72:03:66:74:46:5b:
                    52:dd:98:c5:25:e8:9c:6b:e2:4d:d4:47:eb:d1:4c:
                    c0:b5:63:70:bd:d7:bf:e5:1f:4e:7a:10:20:a4:b1:
                    8a:f2:40:14:81:83:53:4f:1e:97:ac:d0:fa:22:cf:
                    88:a6:bc:15:42:4f:10:35:af:fb:9e:83:6c:eb:d0:
                    1a:2d:c8:30:32:f0:8c:eb:e0:45:2c:33:96:4f:f1:
                    17:78:db:26:c3:55:f6:9b:11:b6:66:12:e6:77:1b:
                    95:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:03:B8:FD:04:6D:0E:12:BE:69:96:25:85:E1:34:E3:02:DF:33:5C
            X509v3 Authority Key Identifier:
                keyid:C2:4D:8E:A7:6B:CA:64:98:3F:53:2A:4C:DB:B2:CC:F1:9B:06:25:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EF24F/5F46732A02FA11EBA3A0A231C4F9AE02/wk2Op2vKZJg_UypM27LM8ZsGJQ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/wk2Op2vKZJg_UypM27LM8ZsGJQ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF24F/5F46732A02FA11EBA3A0A231C4F9AE02/47D255C8572811ECBE150619C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.209.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:f2:dd:a0:87:20:90:13:a7:57:1d:0f:bb:24:99:a0:2d:f8:
         bf:79:12:28:90:76:06:57:da:ea:29:e8:b1:4f:90:19:70:23:
         69:ca:ee:59:c8:39:13:e9:1f:3c:4d:a2:84:f1:8a:af:a0:e7:
         c5:6b:c2:9d:08:08:d2:d4:53:d3:de:c2:bf:56:89:3b:50:8d:
         db:bf:88:a5:a9:e4:a9:b2:de:d2:55:29:8c:ca:4e:6b:28:0b:
         4e:1b:90:47:d5:09:a0:38:08:4f:b7:4a:f7:81:2b:0a:85:6f:
         92:3c:78:00:3a:1a:ee:38:31:d2:e7:1a:00:24:8d:81:d4:83:
         7d:3c:55:98:ae:e5:0f:c4:69:4b:89:89:58:0f:e0:55:42:dd:
         94:df:43:48:ce:c5:14:19:86:84:e9:49:fd:83:26:28:25:25:
         5b:a0:78:d5:f1:14:08:dd:fc:1a:d1:77:d1:9a:fd:d3:e8:fc:
         a2:1c:95:e6:ad:b1:08:45:d8:2d:30:7e:99:2d:77:6c:59:42:
         09:55:52:09:8b:b2:cb:e1:c7:4e:b5:0c:0b:2b:ad:15:1a:48:
         1b:e6:72:6d:5f:47:d1:80:ef:65:46:86:bf:ca:71:f2:a8:e8:
         fc:88:b3:8f:f4:47:0f:25:c0:85:9e:ef:03:46:57:d9:60:f2:
         a9:22:34:c5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBlwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUYyNEYxMTAvBgNVBAUTKEMyNEQ4RUE3NkJDQTY0OTgzRjUzMkE0Q0RCQjJDQ0Yx
OUIwNjI1MEQwHhcNMjMwODE4MjIxOTM1WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRmZWU3Ni05MTc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyIHVFP4XzAPlkA41luno1jzNq8i+pbWLHTDeVfjJfE602yjp0madbVk7FYr9
gF6s/zIAM+JaIlSLCT34yTKQADOQIP84CfVpxpGGP/VDL2/ywsJpIdD9S3/gf0m0
79DYVjvQuuzJD9B1rjdQSWX9ag5djievJJoS3gonVK598PcI6jmAQIBxqHOknMje
7xdirmp8En1AvSYRCNCuqc5yA2Z0RltS3ZjFJeica+JN1Efr0UzAtWNwvde/5R9O
ehAgpLGK8kAUgYNTTx6XrND6Is+IprwVQk8QNa/7noNs69AaLcgwMvCM6+BFLDOW
T/EXeNsmw1X2mxG2ZhLmdxuVpwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHkDuP0E
bQ4SvmmWJYXhNOMC3zNcMB8GA1UdIwQYMBaAFMJNjqdrymSYP1MqTNuyzPGbBiUN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjI0Ri81RjQ2NzMyQTAy
RkExMUVCQTNBMEEyMzFDNEY5QUUwMi93azJPcDJ2S1pKZ19VeXBNMjdMTThac0dK
UTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL3drMk9wMnZLWkpnX1V5cE0yN0xNOFpzR0pRMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUYyNEYvNUY0NjczMkEwMkZBMTFFQkEzQTBBMjMxQzRGOUFFMDIvNDdEMjU1Qzg1
NzI4MTFFQ0JFMTUwNjE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAC80ZowDQYJKoZIhvcNAQELBQADggEBAG3y3aCHIJATp1cd
D7skmaAt+L95EiiQdgZX2uop6LFPkBlwI2nK7lnIORPpHzxNooTxiq+g58Vrwp0I
CNLUU9Pewr9WiTtQjdu/iKWp5Kmy3tJVKYzKTmsoC04bkEfVCaA4CE+3SveBKwqF
b5I8eAA6Gu44MdLnGgAkjYHUg308VZiu5Q/EaUuJiVgP4FVC3ZTfQ0jOxRQZhoTp
Sf2DJiglJVugeNXxFAjd/BrRd9Ga/dPo/KIcleatsQhF2C0wfpktd2xZQglVUgmL
ssvhx061DAsrrRUaSBvmcm1fR9GA72VGhr/KcfKo6PyIs4/0Rw8lwIWe7wNGV9lg
8qkiNMU=
-----END CERTIFICATE-----
Generated at Sun Jun 16 23:33:59 2024 by rpki-client on console-fra.rpki-client.org