Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91FAA31/DD644878609411E8B56C1810C4F9AE02/49CB8044609511E8BF4FB410C4F9AE02.roa
File:                     49CB8044609511E8BF4FB410C4F9AE02.roa (raw, json)
Hash identifier:          /tzB1l/pf/4O4pwElZ7x/pQMrvZg0eYZwPv9FLunIjM=
Subject key identifier:   DC:29:B5:F5:E9:B7:C3:16:5D:29:4E:2B:DC:1B:1D:B3:5A:87:3D:1C
Certificate issuer:       /CN=A91FAA31/serialNumber=01402253F31BCACFFB73D685D700C9B6B741043C
Certificate serial:       1329
Authority key identifier: 01:40:22:53:F3:1B:CA:CF:FB:73:D6:85:D7:00:C9:B6:B7:41:04:3C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AUAiU_Mbys_7c9aF1wDJtrdBBDw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91FAA31/DD644878609411E8B56C1810C4F9AE02/49CB8044609511E8BF4FB410C4F9AE02.roa
Signing time:             Thu 18 May 2023 17:57:06 +0000
ROA not before:           Thu 18 May 2023 17:57:06 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     38203
IP address blocks:        103.219.160.0/22 maxlen: 22
                          103.219.160.0/24 maxlen: 24
                          103.219.161.0/24 maxlen: 24
                          103.219.162.0/24 maxlen: 24
                          103.219.163.0/24 maxlen: 24
                          123.253.144.0/22 maxlen: 22
                          123.253.144.0/24 maxlen: 24
                          123.253.145.0/24 maxlen: 24
                          123.253.146.0/24 maxlen: 24
                          123.253.147.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91FAA31/DD644878609411E8B56C1810C4F9AE02/AUAiU_Mbys_7c9aF1wDJtrdBBDw.crl
                          rsync://rpki.apnic.net/member_repository/A91FAA31/DD644878609411E8B56C1810C4F9AE02/AUAiU_Mbys_7c9aF1wDJtrdBBDw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AUAiU_Mbys_7c9aF1wDJtrdBBDw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 19 Apr 2024 17:29:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4905 (0x1329)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FAA31/serialNumber=01402253F31BCACFFB73D685D700C9B6B741043C
        Validity
            Not Before: May 18 17:57:06 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=646666f2-a2af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:97:9a:4d:96:1d:dd:63:a2:7e:67:9f:da:9f:
                    b9:4d:41:37:6c:42:2b:a8:9b:5a:23:b8:ef:28:3c:
                    6e:45:88:6a:e0:69:1a:65:cb:f3:fc:53:49:5e:e1:
                    9d:36:84:a3:ec:f1:d9:f7:43:4d:c9:29:bf:d5:0a:
                    f7:e2:e6:ce:4c:0b:c7:c9:60:72:bd:26:70:bb:f6:
                    53:91:ce:d4:fa:4d:b6:c7:52:45:4f:87:95:3a:59:
                    c4:25:d9:b1:86:33:2a:58:29:8b:ed:38:f8:ea:3a:
                    46:e8:40:76:e2:9a:0a:3d:51:6d:22:30:c3:ed:4d:
                    29:df:bc:5a:f0:80:43:83:62:bf:8a:7b:40:41:6c:
                    8b:2e:b1:3a:71:91:f6:65:e3:db:de:1a:b6:7a:65:
                    82:ea:7f:02:99:dd:0f:3e:4b:fa:e1:1d:2d:69:6f:
                    83:f0:57:5d:be:d5:55:4f:26:c2:1e:1f:e3:64:cb:
                    6b:cc:8a:fb:b9:b8:fc:a9:c2:ef:a7:ab:5a:ec:ba:
                    a0:57:22:f6:3e:5a:52:66:cc:1f:0d:f1:b0:27:fe:
                    d8:cd:36:88:4a:1f:b2:df:24:78:7b:53:47:94:a4:
                    b8:ca:ec:73:a7:a7:f0:08:09:af:69:86:43:3f:72:
                    51:36:4d:9c:45:3c:b7:f7:76:f1:e0:8e:cf:6a:02:
                    2b:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:29:B5:F5:E9:B7:C3:16:5D:29:4E:2B:DC:1B:1D:B3:5A:87:3D:1C
            X509v3 Authority Key Identifier:
                keyid:01:40:22:53:F3:1B:CA:CF:FB:73:D6:85:D7:00:C9:B6:B7:41:04:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91FAA31/DD644878609411E8B56C1810C4F9AE02/AUAiU_Mbys_7c9aF1wDJtrdBBDw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AUAiU_Mbys_7c9aF1wDJtrdBBDw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FAA31/DD644878609411E8B56C1810C4F9AE02/49CB8044609511E8BF4FB410C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.219.160.0/22
                  123.253.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9e:43:e9:55:a0:cf:42:7d:2b:97:3d:42:52:44:38:d6:c3:cb:
         85:72:f0:af:e6:03:a0:76:e9:16:e8:39:2b:21:3b:64:8d:f0:
         c8:f7:4a:f8:e9:77:8d:d1:fe:fb:53:14:8f:da:76:ff:da:0a:
         25:ae:28:12:b4:8a:ca:8d:3b:ba:63:3b:98:0d:f6:57:bb:a7:
         2c:7c:ea:a7:10:a3:0a:b6:6c:5c:0b:4c:df:16:10:e1:cb:1b:
         7d:a5:08:53:7e:5d:24:95:1e:70:db:f7:eb:37:84:da:14:e1:
         75:83:84:1a:aa:27:63:dd:6f:28:c2:4b:35:c7:bc:5c:ac:62:
         10:ff:3c:68:53:f9:be:52:a0:e8:52:a4:5f:f5:5a:97:4c:8d:
         0d:66:da:a2:a2:5c:d6:79:65:f9:16:5d:b0:6a:28:ef:c4:e0:
         41:04:8a:ef:3a:56:49:78:f1:52:a7:75:3e:c8:0b:4d:f7:dc:
         8f:95:4d:1e:91:ec:3d:e3:bc:bb:bd:3d:c6:67:eb:1a:c9:7f:
         56:be:36:3d:33:1c:ae:4e:60:5d:75:5f:39:81:22:29:29:23:
         a9:98:88:af:38:1f:bc:ae:b9:11:c2:62:80:9e:1c:97:8d:59:
         36:4a:02:bc:a7:a4:b9:b6:dc:f6:c5:c7:73:bd:92:67:57:fb:
         18:8a:db:68
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICEykwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkFBMzExMTAvBgNVBAUTKDAxNDAyMjUzRjMxQkNBQ0ZGQjczRDY4NUQ3MDBDOUI2
Qjc0MTA0M0MwHhcNMjMwNTE4MTc1NzA2WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDY2NjZmMi1hMmFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwZeaTZYd3WOifmef2p+5TUE3bEIrqJtaI7jvKDxuRYhq4GkaZcvz/FNJXuGd
NoSj7PHZ90NNySm/1Qr34ubOTAvHyWByvSZwu/ZTkc7U+k22x1JFT4eVOlnEJdmx
hjMqWCmL7Tj46jpG6EB24poKPVFtIjDD7U0p37xa8IBDg2K/intAQWyLLrE6cZH2
ZePb3hq2emWC6n8Cmd0PPkv64R0taW+D8FddvtVVTybCHh/jZMtrzIr7ubj8qcLv
p6ta7LqgVyL2PlpSZswfDfGwJ/7YzTaISh+y3yR4e1NHlKS4yuxzp6fwCAmvaYZD
P3JRNk2cRTy393bx4I7PagIrEwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNwptfXp
t8MWXSlOK9wbHbNahz0cMB8GA1UdIwQYMBaAFAFAIlPzG8rP+3PWhdcAyba3QQQ8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQUEzMS9ERDY0NDg3ODYw
OTQxMUU4QjU2QzE4MTBDNEY5QUUwMi9BVUFpVV9NYnlzXzdjOWFGMXdESnRyZEJC
RHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FVQWlVX01ieXNfN2M5YUYxd0RKdHJkQkJEdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkFBMzEvREQ2NDQ4Nzg2MDk0MTFFOEI1NkMxODEwQzRGOUFFMDIvNDlDQjgwNDQ2
MDk1MTFFOEJGNEZCNDEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJn26ADBAJ7/ZAwDQYJKoZIhvcNAQELBQADggEBAJ5D6VWg
z0J9K5c9QlJEONbDy4Vy8K/mA6B26RboOSshO2SN8Mj3Svjpd43R/vtTFI/adv/a
CiWuKBK0isqNO7pjO5gN9le7pyx86qcQowq2bFwLTN8WEOHLG32lCFN+XSSVHnDb
9+s3hNoU4XWDhBqqJ2PdbyjCSzXHvFysYhD/PGhT+b5SoOhSpF/1WpdMjQ1m2qKi
XNZ5ZfkWXbBqKO/E4EEEiu86Vkl48VKndT7IC0333I+VTR6R7D3jvLu9PcZn6xrJ
f1a+Nj0zHK5OYF11XzmBIikpI6mYiK84H7yuuRHCYoCeHJeNWTZKArynpLm23PbF
x3O9kmdX+xiK22g=
-----END CERTIFICATE-----
Generated at Fri Apr 12 19:11:01 2024 by rpki-client on console-fra.rpki-client.org