Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA1BE/4168FF762D3211ED92B8B761C4F9AE02/6E98B3182D3411ED92165562C4F9AE02.roa
File:                     6E98B3182D3411ED92165562C4F9AE02.roa (raw, json)
Hash identifier:          l0194bjdGtz77Fz9oaK/bKgSyyC0uvHnYK7BIpRjhCU=
Subject key identifier:   EA:15:2F:2A:EB:6F:86:AF:F4:6F:57:36:E1:1D:BF:7F:31:4B:14:46
Certificate issuer:       /CN=A91FA1BE/serialNumber=9526A672478AFA75445D8D07DCC57C058966EFE2
Certificate serial:       C6
Authority key identifier: 95:26:A6:72:47:8A:FA:75:44:5D:8D:07:DC:C5:7C:05:89:66:EF:E2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lSamckeK-nVEXY0H3MV8BYlm7-I.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91FA1BE/4168FF762D3211ED92B8B761C4F9AE02/6E98B3182D3411ED92165562C4F9AE02.roa
Signing time:             Fri 07 Jul 2023 03:42:37 +0000
ROA not before:           Fri 07 Jul 2023 03:42:37 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        103.10.127.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91FA1BE/4168FF762D3211ED92B8B761C4F9AE02/lSamckeK-nVEXY0H3MV8BYlm7-I.crl
                          rsync://rpki.apnic.net/member_repository/A91FA1BE/4168FF762D3211ED92B8B761C4F9AE02/lSamckeK-nVEXY0H3MV8BYlm7-I.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lSamckeK-nVEXY0H3MV8BYlm7-I.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 03 Apr 2024 03:29:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 198 (0xc6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FA1BE/serialNumber=9526A672478AFA75445D8D07DCC57C058966EFE2
        Validity
            Not Before: Jul  7 03:42:37 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=64a789ac-6102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:82:d0:f3:3c:52:e8:b1:da:8a:96:0f:58:c1:
                    2f:19:ba:62:ed:03:61:ba:06:a1:1a:25:5c:40:b4:
                    71:2f:19:49:f7:08:4a:5b:3f:9c:b9:71:46:8e:5c:
                    1b:4e:ab:2a:0f:7c:c6:95:8e:13:b1:e9:65:68:07:
                    11:20:a9:c2:27:36:8a:29:d6:1c:e4:19:bb:10:53:
                    8a:79:e0:df:cc:24:0f:39:31:a9:86:3e:90:e3:2a:
                    4c:b7:f9:18:78:0a:9e:64:bf:62:fe:5f:55:15:98:
                    77:09:f6:67:d3:b2:2c:e8:92:28:0e:a0:b3:df:b3:
                    e9:68:ba:cf:c3:34:b4:4c:ca:f4:a8:9b:f1:f3:6b:
                    70:da:2c:52:d1:5e:1e:b9:f5:c8:5f:2f:32:56:5b:
                    cd:43:da:e9:52:e8:b0:65:8c:03:67:76:f9:91:29:
                    5e:ee:70:79:ff:1b:6a:2d:94:1c:f5:e0:56:ca:91:
                    a6:6a:2a:c0:5b:15:c2:55:a6:c9:1e:75:95:d5:df:
                    f9:5a:94:52:70:5e:1f:08:40:25:ff:54:a9:72:61:
                    8d:08:0a:01:8b:d7:dd:d5:f5:39:7b:04:65:a4:4a:
                    78:61:47:c3:22:de:04:a8:4c:51:72:b5:64:05:96:
                    8c:a3:d0:e6:ec:c4:4a:d3:dd:d0:c2:7b:aa:68:ae:
                    7a:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:15:2F:2A:EB:6F:86:AF:F4:6F:57:36:E1:1D:BF:7F:31:4B:14:46
            X509v3 Authority Key Identifier:
                keyid:95:26:A6:72:47:8A:FA:75:44:5D:8D:07:DC:C5:7C:05:89:66:EF:E2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91FA1BE/4168FF762D3211ED92B8B761C4F9AE02/lSamckeK-nVEXY0H3MV8BYlm7-I.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lSamckeK-nVEXY0H3MV8BYlm7-I.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA1BE/4168FF762D3211ED92B8B761C4F9AE02/6E98B3182D3411ED92165562C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.10.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:b5:8e:b8:d3:cb:8e:20:4e:6d:b9:49:02:99:22:e6:70:a1:
         76:8f:8d:ff:d1:6f:1e:3d:8a:9c:39:52:76:32:44:bb:eb:42:
         15:80:f0:40:7f:9c:58:39:c6:57:ae:3c:f1:32:54:fc:17:fc:
         30:a8:ab:e1:7f:54:7b:b5:08:52:07:d3:23:6a:10:2a:2b:14:
         a2:2e:be:42:f9:ee:99:b5:33:03:09:67:a4:9d:c7:57:00:53:
         90:ba:f9:63:c6:d4:3a:03:d4:b5:45:d2:8f:d9:0e:1f:34:5f:
         a8:4f:10:9e:85:90:d6:f9:a5:15:cd:3d:20:d0:f5:45:c6:05:
         17:95:77:51:b8:70:ce:61:41:46:5e:78:4d:72:fd:b7:ce:69:
         81:e3:fa:9f:63:45:d6:ea:93:85:35:1a:16:49:99:86:d8:b0:
         af:9a:dc:24:ff:85:f6:8c:99:1c:17:b3:32:c4:15:6a:6f:77:
         1a:46:a5:38:60:df:99:bc:d6:ab:b8:44:61:e7:06:35:99:bb:
         36:0e:5a:35:8f:fa:c4:18:a4:c7:ea:31:e3:19:32:a2:0f:66:
         43:78:25:5c:66:04:f9:5d:bd:92:50:6e:b7:ce:70:41:ac:9d:
         55:f4:34:cc:f2:dc:a2:a3:89:02:cd:25:8e:1b:00:34:3e:12:
         94:74:f2:39
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkExQkUxMTAvBgNVBAUTKDk1MjZBNjcyNDc4QUZBNzU0NDVEOEQwN0RDQzU3QzA1
ODk2NkVGRTIwHhcNMjMwNzA3MDM0MjM3WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE3ODlhYy02MTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxYLQ8zxS6LHaipYPWMEvGbpi7QNhugahGiVcQLRxLxlJ9whKWz+cuXFGjlwb
TqsqD3zGlY4TsellaAcRIKnCJzaKKdYc5Bm7EFOKeeDfzCQPOTGphj6Q4ypMt/kY
eAqeZL9i/l9VFZh3CfZn07Is6JIoDqCz37PpaLrPwzS0TMr0qJvx82tw2ixS0V4e
ufXIXy8yVlvNQ9rpUuiwZYwDZ3b5kSle7nB5/xtqLZQc9eBWypGmairAWxXCVabJ
HnWV1d/5WpRScF4fCEAl/1SpcmGNCAoBi9fd1fU5ewRlpEp4YUfDIt4EqExRcrVk
BZaMo9Dm7MRK093QwnuqaK56pQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOoVLyrr
b4av9G9XNuEdv38xSxRGMB8GA1UdIwQYMBaAFJUmpnJHivp1RF2NB9zFfAWJZu/i
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTFCRS80MTY4RkY3NjJE
MzIxMUVEOTJCOEI3NjFDNEY5QUUwMi9sU2FtY2tlSy1uVkVYWTBIM01WOEJZbG03
LUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xTYW1ja2VLLW5WRVhZMEgzTVY4QllsbTctSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkExQkUvNDE2OEZGNzYyRDMyMTFFRDkyQjhCNzYxQzRGOUFFMDIvNkU5OEIzMTgy
RDM0MTFFRDkyMTY1NTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnCn8wDQYJKoZIhvcNAQELBQADggEBAGy1jrjTy44gTm25
SQKZIuZwoXaPjf/Rbx49ipw5UnYyRLvrQhWA8EB/nFg5xleuPPEyVPwX/DCoq+F/
VHu1CFIH0yNqECorFKIuvkL57pm1MwMJZ6Sdx1cAU5C6+WPG1DoD1LVF0o/ZDh80
X6hPEJ6FkNb5pRXNPSDQ9UXGBReVd1G4cM5hQUZeeE1y/bfOaYHj+p9jRdbqk4U1
GhZJmYbYsK+a3CT/hfaMmRwXszLEFWpvdxpGpThg35m81qu4RGHnBjWZuzYOWjWP
+sQYpMfqMeMZMqIPZkN4JVxmBPldvZJQbrfOcEGsnVX0NMzy3KKjiQLNJY4bADQ+
EpR08jk=
-----END CERTIFICATE-----
Generated at Wed Mar 27 05:24:34 2024 by rpki-client on console-fra.rpki-client.org