Route Origin Authorization

$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3130332e3139322e3232362e302f32342d3234203d3e2036313334.roa
File:                     3130332e3139322e3232362e302f32342d3234203d3e2036313334.roa (raw, json)
Hash identifier:          adj2riG7gB+K6iWEOJrOJ/QkP4tFp6jIN7r40OZVmrw=
Subject key identifier:   6D:61:0E:B0:80:3F:AB:B2:8A:ED:F0:47:E2:1B:D4:29:9D:00:EA:C0
Certificate issuer:       /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B
Certificate serial:       0F3FB51368984A288231CB372AE531770BA1A2D4
Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer
Subject info access:      rsync://rpki.roa.net/rrdp/xTom/42/3130332e3139322e3232362e302f32342d3234203d3e2036313334.roa
Signing time:             Wed 06 Dec 2023 17:32:50 +0000
ROA not before:           Wed 06 Dec 2023 17:27:50 +0000
ROA not after:            Wed 04 Dec 2024 17:32:50 +0000
asID:                     6134
IP address blocks:        103.192.226.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl
                          rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 17 Jun 2024 20:52:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:3f:b5:13:68:98:4a:28:82:31:cb:37:2a:e5:31:77:0b:a1:a2:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B
        Validity
            Not Before: Dec  6 17:27:50 2023 GMT
            Not After : Dec  4 17:32:50 2024 GMT
        Subject: CN=6D610EB0803FABB28AEDF047E21BD4299D00EAC0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:ab:7c:31:11:79:69:7c:3d:db:fc:76:7c:d2:
                    ca:f7:5a:92:1f:1d:71:1d:a8:95:3b:44:bf:39:2b:
                    e5:84:a1:68:8a:5e:ab:19:f5:8e:4b:cd:5c:15:84:
                    95:84:e4:cb:a9:73:b3:66:d5:cf:a7:5f:47:ab:4d:
                    fe:59:0b:0d:37:cf:62:cd:10:80:de:7f:41:51:fc:
                    55:11:9a:81:f3:b6:75:5b:04:c1:3e:f7:4d:c9:44:
                    17:f3:4a:2d:fd:be:a0:11:91:df:75:c1:8b:b9:d8:
                    e2:ae:f2:b8:b6:b1:6e:23:70:b7:df:57:1c:b8:66:
                    2c:46:90:77:f1:db:6e:1e:92:9c:d2:5e:d5:96:b6:
                    c4:d8:7b:26:ab:2a:37:a9:68:19:86:d8:83:8c:00:
                    5a:be:2b:71:79:36:d4:50:2e:b6:04:79:54:45:fa:
                    5c:8e:d8:e5:eb:03:04:04:5d:33:d8:1e:e9:92:22:
                    a7:9c:03:fb:38:ee:9c:aa:ca:6a:b6:63:7b:be:8c:
                    55:10:15:93:1c:ae:a7:07:5a:13:89:59:3c:d9:0b:
                    13:de:a7:69:16:77:2a:0d:02:d7:18:12:30:bc:ea:
                    fc:6a:86:8c:58:f5:74:ac:17:d5:32:ae:d8:23:5a:
                    5a:e7:bb:6f:f9:92:cd:a0:d8:e6:c6:b2:2c:d1:6c:
                    02:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:61:0E:B0:80:3F:AB:B2:8A:ED:F0:47:E2:1B:D4:29:9D:00:EA:C0
            X509v3 Authority Key Identifier:
                keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3130332e3139322e3232362e302f32342d3234203d3e2036313334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.192.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:e5:b8:6d:95:48:99:10:49:46:ea:ae:88:9d:b8:9f:68:24:
         62:ab:bd:64:64:51:34:4b:c8:54:86:df:59:8b:a5:5e:76:cd:
         2d:0a:b7:07:85:34:c2:f6:be:28:60:ae:77:4a:f7:8b:45:03:
         6f:d1:ed:0d:c4:8a:b9:d4:b4:12:56:35:f9:56:2a:ac:66:12:
         76:09:60:9f:b5:93:d7:25:bc:78:a7:ea:b9:98:40:71:0d:40:
         d2:80:d7:bb:b2:2c:b1:ad:33:3d:d5:bf:4e:62:9c:d6:ff:7a:
         4a:ce:f5:fc:a6:03:fd:9d:9c:6a:aa:4c:fb:a3:92:e7:97:91:
         fa:5b:b5:32:d3:2b:ac:c7:5d:48:29:13:a3:8d:55:94:c6:cf:
         d8:0f:a8:ed:8c:8d:4a:b3:9d:cb:52:76:f4:09:5e:93:a1:97:
         a7:1b:d2:76:b2:11:ff:6d:25:53:6b:42:11:87:c8:43:a5:6a:
         58:a0:7f:d0:9f:54:6f:99:29:ec:30:d3:e4:2f:00:dc:c4:62:
         72:35:53:21:82:fd:a8:24:05:ca:80:03:21:6e:80:8c:13:59:
         aa:c5:cb:65:92:9a:66:5b:d2:86:52:56:6d:06:10:65:8f:1a:
         9c:46:34:55:4d:2b:79:d9:8d:bd:89:0c:50:57:2a:f0:2b:c0:
         04:1b:23:39
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIUDz+1E2iYSiiCMcs3KuUxdwuhotQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB
NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTIzMTIwNjE3Mjc1MFoX
DTI0MTIwNDE3MzI1MFowMzExMC8GA1UEAxMoNkQ2MTBFQjA4MDNGQUJCMjhBRURG
MDQ3RTIxQkQ0Mjk5RDAwRUFDMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKerfDEReWl8Pdv8dnzSyvdakh8dcR2olTtEvzkr5YShaIpeqxn1jkvNXBWE
lYTky6lzs2bVz6dfR6tN/lkLDTfPYs0QgN5/QVH8VRGagfO2dVsEwT73TclEF/NK
Lf2+oBGR33XBi7nY4q7yuLaxbiNwt99XHLhmLEaQd/Hbbh6SnNJe1Za2xNh7Jqsq
N6loGYbYg4wAWr4rcXk21FAutgR5VEX6XI7Y5esDBARdM9ge6ZIip5wD+zjunKrK
arZje76MVRAVkxyupwdaE4lZPNkLE96naRZ3Kg0C1xgSMLzq/GqGjFj1dKwX1TKu
2CNaWue7b/mSzaDY5sayLNFsAhsCAwEAAaOCAeowggHmMB0GA1UdDgQWBBRtYQ6w
gD+rsort8EfiG9QpnQDqwDAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He
GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp
LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE
NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi
cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx
RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j
ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vNDIvMzEzMDMzMmUzMTM5MzIyZTMyMzIzNjJlMzAyZjMy
MzQyZDMyMzQyMDNkM2UyMDM2MzEzMzM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ8DiMA0GCSqGSIb3
DQEBCwUAA4IBAQCp5bhtlUiZEElG6q6InbifaCRiq71kZFE0S8hUht9Zi6Veds0t
CrcHhTTC9r4oYK53SveLRQNv0e0NxIq51LQSVjX5ViqsZhJ2CWCftZPXJbx4p+q5
mEBxDUDSgNe7siyxrTM91b9OYpzW/3pKzvX8pgP9nZxqqkz7o5Lnl5H6W7Uy0yus
x11IKROjjVWUxs/YD6jtjI1Ks53LUnb0CV6ToZenG9J2shH/bSVTa0IRh8hDpWpY
oH/Qn1RvmSnsMNPkLwDcxGJyNVMhgv2oJAXKgAMhboCME1mqxctlkppmW9KGUlZt
BhBljxqcRjRVTSt52Y29iQxQVyrwK8AEGyM5
-----END CERTIFICATE-----
Generated at Sun Jun 16 19:22:31 2024 by rpki-client on console-ams.rpki-client.org