Route Origin Authorization

$ rpki-client -vvf rpki.sub.apnic.net/repository/A91A61310000/0/3130332e3233382e3133302e302f32332d3233203d3e203630353034.roa
File:                     3130332e3233382e3133302e302f32332d3233203d3e203630353034.roa (raw, json)
Hash identifier:          hSgeFRDNgcytawmZFFf1q2DYiUjtHHnWORTt4OdXqug=
Subject key identifier:   6C:EC:8B:5C:9A:A7:B5:43:F0:FF:96:D0:0E:CE:D0:20:E3:D4:4D:6A
Certificate issuer:       /CN=A91A61310000/serialNumber=72EC0D8B386D96FBC741C05F3661CB7ADA8EB800
Certificate serial:       2685F88C931E49596FFE48FA433B9FF918F4F3D3
Authority key identifier: 72:EC:0D:8B:38:6D:96:FB:C7:41:C0:5F:36:61:CB:7A:DA:8E:B8:00
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cuwNizhtlvvHQcBfNmHLetqOuAA.cer
Subject info access:      rsync://rpki.sub.apnic.net/repository/A91A61310000/0/3130332e3233382e3133302e302f32332d3233203d3e203630353034.roa
Signing time:             Thu 11 Jan 2024 06:59:23 +0000
ROA not before:           Thu 11 Jan 2024 06:54:23 +0000
ROA not after:            Thu 09 Jan 2025 06:59:23 +0000
asID:                     60504
IP address blocks:        103.238.130.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.sub.apnic.net/repository/A91A61310000/0/72EC0D8B386D96FBC741C05F3661CB7ADA8EB800.crl
                          rsync://rpki.sub.apnic.net/repository/A91A61310000/0/72EC0D8B386D96FBC741C05F3661CB7ADA8EB800.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cuwNizhtlvvHQcBfNmHLetqOuAA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 14 Jun 2024 03:09:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:85:f8:8c:93:1e:49:59:6f:fe:48:fa:43:3b:9f:f9:18:f4:f3:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A61310000/serialNumber=72EC0D8B386D96FBC741C05F3661CB7ADA8EB800
        Validity
            Not Before: Jan 11 06:54:23 2024 GMT
            Not After : Jan  9 06:59:23 2025 GMT
        Subject: CN=6CEC8B5C9AA7B543F0FF96D00ECED020E3D44D6A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:30:e2:64:b0:5e:d2:20:14:57:95:db:32:30:
                    dd:2e:0c:1b:81:4e:a3:f0:b9:70:30:ee:28:c0:ba:
                    b4:7d:7b:fd:48:89:f1:ce:93:cb:c3:ed:ae:bb:7b:
                    b2:b4:1f:50:f0:be:ad:b5:70:fc:20:59:83:f2:1f:
                    a3:70:9c:27:22:e8:57:36:d2:66:68:f1:26:f1:a9:
                    bc:cf:72:b7:3b:3e:f1:54:a1:d4:5e:b6:31:c1:38:
                    8b:28:b2:8a:63:ce:39:db:73:d7:a2:04:7a:cc:74:
                    d7:99:39:ba:5e:db:e7:00:8e:c8:b0:5a:a2:b9:03:
                    38:ec:a3:5e:7a:b8:fd:15:59:03:5b:51:96:d2:1f:
                    59:5c:e3:34:3f:c5:23:57:08:df:c4:07:e2:51:6d:
                    62:ed:bf:d3:43:5e:a2:b8:e2:a5:37:9b:f4:65:c1:
                    e5:63:bf:5a:8d:ae:6c:19:f5:5b:ee:66:5c:5c:91:
                    28:43:dd:ed:a4:a3:bb:d0:2c:e2:f7:c2:f8:45:48:
                    ad:b6:6c:80:2e:39:f3:37:ee:3a:28:5c:db:9e:2a:
                    99:f2:22:e2:e8:40:76:e6:e6:f4:f0:64:15:fa:13:
                    1e:eb:e6:5c:76:84:2c:20:76:9a:14:88:6a:37:ba:
                    39:4c:9d:b0:37:1f:11:d7:e6:9a:bd:e6:72:81:c5:
                    2b:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:EC:8B:5C:9A:A7:B5:43:F0:FF:96:D0:0E:CE:D0:20:E3:D4:4D:6A
            X509v3 Authority Key Identifier:
                keyid:72:EC:0D:8B:38:6D:96:FB:C7:41:C0:5F:36:61:CB:7A:DA:8E:B8:00

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.sub.apnic.net/repository/A91A61310000/0/72EC0D8B386D96FBC741C05F3661CB7ADA8EB800.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cuwNizhtlvvHQcBfNmHLetqOuAA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91A61310000/0/3130332e3233382e3133302e302f32332d3233203d3e203630353034.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.238.130.0/23

    Signature Algorithm: sha256WithRSAEncryption
         58:3e:6f:7c:be:62:ed:7c:40:72:80:85:0f:b9:d5:c6:02:3f:
         42:f6:49:b0:fa:87:1a:4a:80:75:47:5f:91:81:62:61:ca:80:
         34:6a:34:6d:7f:d2:32:6b:77:fd:54:d4:0a:be:dd:1f:19:85:
         b7:88:a9:a2:06:ee:6b:29:e4:93:4e:e7:60:a0:03:f1:ea:d3:
         57:eb:5c:76:0e:b8:e5:83:01:a9:3f:ab:17:dd:73:07:d1:d7:
         c7:9c:5e:bf:a9:b2:9c:63:ae:b5:50:85:ba:db:91:ff:74:1e:
         90:00:2c:c5:fa:cc:3f:27:60:7d:65:70:62:6d:ef:3d:8a:7f:
         ea:1f:20:2f:dc:7e:dd:5f:75:bf:af:b7:37:43:98:47:6c:e1:
         99:dd:58:1f:36:05:21:38:9f:46:20:c3:62:3a:49:5a:18:90:
         ea:a5:92:b1:4e:66:58:8d:7f:96:65:86:56:08:72:4f:b8:fd:
         15:a5:be:29:68:f7:69:7a:d6:d5:c9:3d:e7:1e:40:6f:ce:58:
         36:21:10:fe:02:c3:a9:ff:75:11:50:8b:4e:4a:ea:c4:2b:c7:
         26:ad:a0:1d:f2:19:e5:f0:17:fc:8e:3a:47:e6:49:14:da:73:
         96:5c:32:07:44:78:3b:d4:b0:f4:a3:4d:8f:d1:3d:23:6e:9e:
         47:51:f0:03
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIUJoX4jJMeSVlv/kj6Qzuf+Rj089MwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQTYxMzEwMDAwMTEwLwYDVQQFEyg3MkVDMEQ4QjM4
NkQ5NkZCQzc0MUMwNUYzNjYxQ0I3QURBOEVCODAwMB4XDTI0MDExMTA2NTQyM1oX
DTI1MDEwOTA2NTkyM1owMzExMC8GA1UEAxMoNkNFQzhCNUM5QUE3QjU0M0YwRkY5
NkQwMEVDRUQwMjBFM0Q0NEQ2QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEw4mSwXtIgFFeV2zIw3S4MG4FOo/C5cDDuKMC6tH17/UiJ8c6Ty8Ptrrt7
srQfUPC+rbVw/CBZg/Ifo3CcJyLoVzbSZmjxJvGpvM9ytzs+8VSh1F62McE4iyiy
imPOOdtz16IEesx015k5ul7b5wCOyLBaorkDOOyjXnq4/RVZA1tRltIfWVzjND/F
I1cI38QH4lFtYu2/00NeorjipTeb9GXB5WO/Wo2ubBn1W+5mXFyRKEPd7aSju9As
4vfC+EVIrbZsgC458zfuOihc254qmfIi4uhAdubm9PBkFfoTHuvmXHaELCB2mhSI
aje6OUydsDcfEdfmmr3mcoHFK+ECAwEAAaOCAhQwggIQMB0GA1UdDgQWBBRs7Itc
mqe1Q/D/ltAOztAg49RNajAfBgNVHSMEGDAWgBRy7A2LOG2W+8dBwF82Yct62o64
ADAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTFBNjEzMTAwMDAvMC83MkVDMEQ4
QjM4NkQ5NkZCQzc0MUMwNUYzNjYxQ0I3QURBOEVCODAwLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9jdXdOaXpodGx2
dkhRY0JmTm1ITGV0cU91QUEuY2VyMIGOBggrBgEFBQcBCwSBgTB/MH0GCCsGAQUF
BzALhnFyc3luYzovL3Jwa2kuc3ViLmFwbmljLm5ldC9yZXBvc2l0b3J5L0E5MUE2
MTMxMDAwMC8wLzMxMzAzMzJlMzIzMzM4MmUzMTMzMzAyZTMwMmYzMjMzMmQzMjMz
MjAzZDNlMjAzNjMwMzUzMDM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ+6CMA0GCSqGSIb3DQEBCwUA
A4IBAQBYPm98vmLtfEBygIUPudXGAj9C9kmw+ocaSoB1R1+RgWJhyoA0ajRtf9Iy
a3f9VNQKvt0fGYW3iKmiBu5rKeSTTudgoAPx6tNX61x2DrjlgwGpP6sX3XMH0dfH
nF6/qbKcY661UIW625H/dB6QACzF+sw/J2B9ZXBibe89in/qHyAv3H7dX3W/r7c3
Q5hHbOGZ3VgfNgUhOJ9GIMNiOklaGJDqpZKxTmZYjX+WZYZWCHJPuP0Vpb4paPdp
etbVyT3nHkBvzlg2IRD+AsOp/3URUItOSurEK8cmraAd8hnl8Bf8jjpH5kkU2nOW
XDIHRHg71LD0o02P0T0jbp5HUfAD
-----END CERTIFICATE-----
Generated at Thu Jun 13 03:23:09 2024 by rpki-client on console-ams.rpki-client.org