Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91100B2/0AF6EB2A73E811EA8851F87CC4F9AE02/6EA6EB5A355011EBAAB1E56EC4F9AE02.roa
File:                     6EA6EB5A355011EBAAB1E56EC4F9AE02.roa (raw, json)
Hash identifier:          AyvIys4YJpvtkuF9JFLjVCqCEs8F48qLv5mACdRRucI=
Subject key identifier:   0C:5C:3D:1E:E4:E4:DC:FF:F3:2A:3E:8A:32:40:09:5F:64:F2:B1:5C
Certificate issuer:       /CN=A91100B2/serialNumber=93A7D835E13858BB59951C399A5F9EAB0E2EB931
Certificate serial:       0755
Authority key identifier: 93:A7:D8:35:E1:38:58:BB:59:95:1C:39:9A:5F:9E:AB:0E:2E:B9:31
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k6fYNeE4WLtZlRw5ml-eqw4uuTE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91100B2/0AF6EB2A73E811EA8851F87CC4F9AE02/6EA6EB5A355011EBAAB1E56EC4F9AE02.roa
Signing time:             Sun 27 Jul 2025 14:28:51 +0000
ROA not before:           Sun 27 Jul 2025 14:28:51 +0000
ROA not after:            Mon 01 Dec 2025 00:00:00 +0000
asID:                     137551
IP address blocks:        103.121.188.0/24 maxlen: 24
                          103.121.189.0/24 maxlen: 24
                          103.121.190.0/24 maxlen: 24
                          103.121.191.0/24 maxlen: 24
                          103.195.0.0/22 maxlen: 24
                          139.5.132.0/22 maxlen: 22
                          139.5.132.0/24 maxlen: 24
                          139.5.133.0/24 maxlen: 24
                          139.5.134.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91100B2/0AF6EB2A73E811EA8851F87CC4F9AE02/k6fYNeE4WLtZlRw5ml-eqw4uuTE.crl
                          rsync://rpki.apnic.net/member_repository/A91100B2/0AF6EB2A73E811EA8851F87CC4F9AE02/k6fYNeE4WLtZlRw5ml-eqw4uuTE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k6fYNeE4WLtZlRw5ml-eqw4uuTE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 04 Aug 2025 20:09:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1877 (0x755)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91100B2, serialNumber=93A7D835E13858BB59951C399A5F9EAB0E2EB931
        Validity
            Not Before: Jul 27 14:28:51 2025 GMT
            Not After : Dec  1 00:00:00 2025 GMT
        Subject: CN=688637a3-5ecd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:20:0d:84:ae:a6:e0:5a:db:6b:b0:a8:3e:b6:
                    09:b8:e8:95:4d:9e:58:5c:58:f0:5a:b4:49:90:db:
                    2e:04:78:f8:b8:4f:5f:d4:ea:07:a4:e2:9c:7b:55:
                    4d:84:77:09:2a:cd:33:36:2c:55:2d:92:69:44:b1:
                    97:ae:c4:b9:1e:10:6e:8e:06:b4:21:fe:92:d1:bc:
                    c6:35:56:43:61:c0:db:3a:e2:e1:e7:3e:92:5d:ae:
                    ed:4c:9c:fd:d8:f5:92:b6:e8:53:11:f8:dd:41:b4:
                    93:90:2e:19:db:45:f5:4d:56:93:c4:cb:6f:7f:0d:
                    eb:fe:39:25:bf:38:5d:ac:41:0b:24:9a:a6:2a:0a:
                    dd:fe:f3:c3:af:36:1e:07:95:4c:c4:fe:f7:cc:0f:
                    cb:2b:ed:c0:61:7b:e2:14:13:d7:41:80:92:93:dc:
                    bd:e7:25:08:b4:5e:b0:ef:1c:bf:b7:00:8f:c8:8d:
                    5b:1f:40:3d:7b:46:93:c5:34:66:48:bd:98:fe:c4:
                    f4:38:48:a4:12:b9:12:5a:30:eb:86:e4:26:d9:49:
                    b2:de:28:5c:86:33:36:59:ab:9c:fe:c0:d5:12:bc:
                    57:24:fc:ab:15:25:38:3c:44:b2:c7:dd:41:fa:7c:
                    3d:b4:bd:83:48:ee:3b:36:a8:4c:6b:04:d8:97:63:
                    a0:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:5C:3D:1E:E4:E4:DC:FF:F3:2A:3E:8A:32:40:09:5F:64:F2:B1:5C
            X509v3 Authority Key Identifier:
                keyid:93:A7:D8:35:E1:38:58:BB:59:95:1C:39:9A:5F:9E:AB:0E:2E:B9:31

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91100B2/0AF6EB2A73E811EA8851F87CC4F9AE02/k6fYNeE4WLtZlRw5ml-eqw4uuTE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k6fYNeE4WLtZlRw5ml-eqw4uuTE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91100B2/0AF6EB2A73E811EA8851F87CC4F9AE02/6EA6EB5A355011EBAAB1E56EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.121.188.0/22
                  103.195.0.0/22
                  139.5.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         75:84:6d:af:3e:b7:17:66:65:dd:d4:5c:4c:e8:d0:1d:7d:3f:
         8c:75:a9:a4:eb:8d:4f:42:46:0f:5c:12:40:f1:d8:9b:c2:6d:
         03:b2:65:05:cd:02:0a:e8:dc:c0:e2:f8:0f:66:8c:10:56:73:
         8d:87:2f:8c:bc:72:13:9c:09:8c:e9:1c:da:40:79:db:70:a2:
         fe:c0:8f:bb:16:90:96:6d:47:fe:3c:32:53:2a:a5:24:81:89:
         37:04:c1:de:50:1c:53:d8:ef:92:69:91:b4:1c:17:6d:49:cc:
         19:47:9b:6d:a0:ad:d5:2d:54:a0:6e:f7:e9:9c:0c:74:00:af:
         c6:36:b5:a4:07:55:70:18:b1:53:4c:df:07:36:48:29:aa:7e:
         04:c5:5d:eb:af:70:d1:b7:3e:00:1a:0f:42:35:f6:9f:c0:04:
         5b:eb:c7:22:f8:66:84:70:83:9f:cf:57:22:ae:9f:57:7a:a6:
         42:22:6d:3e:84:f2:a1:42:d1:ee:86:37:c8:95:79:08:ce:19:
         9d:24:ff:bf:71:ce:8c:80:81:25:de:2d:46:ec:01:01:f1:16:
         ad:dd:51:19:b9:1d:ea:ae:ee:49:46:4a:ba:e8:99:a2:99:82:
         92:af:09:f7:0e:b9:f9:02:a3:b3:b6:41:8e:a1:d1:05:fe:a2:
         45:9a:80:40
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICB1UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTAwQjIxMTAvBgNVBAUTKDkzQTdEODM1RTEzODU4QkI1OTk1MUMzOTlBNUY5RUFC
MEUyRUI5MzEwHhcNMjUwNzI3MTQyODUxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODg2MzdhMy01ZWNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtiANhK6m4Frba7CoPrYJuOiVTZ5YXFjwWrRJkNsuBHj4uE9f1OoHpOKce1VN
hHcJKs0zNixVLZJpRLGXrsS5HhBujga0If6S0bzGNVZDYcDbOuLh5z6SXa7tTJz9
2PWStuhTEfjdQbSTkC4Z20X1TVaTxMtvfw3r/jklvzhdrEELJJqmKgrd/vPDrzYe
B5VMxP73zA/LK+3AYXviFBPXQYCSk9y95yUItF6w7xy/twCPyI1bH0A9e0aTxTRm
SL2Y/sT0OEikErkSWjDrhuQm2Umy3ihchjM2Wauc/sDVErxXJPyrFSU4PESyx91B
+nw9tL2DSO47NqhMawTYl2OgJwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFAxcPR7k
5Nz/8yo+ijJACV9k8rFcMB8GA1UdIwQYMBaAFJOn2DXhOFi7WZUcOZpfnqsOLrkx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMDBCMi8wQUY2RUIyQTcz
RTgxMUVBODg1MUY4N0NDNEY5QUUwMi9rNmZZTmVFNFdMdFpsUnc1bWwtZXF3NHV1
VEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2s2ZllOZUU0V0x0WmxSdzVtbC1lcXc0dXVURS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTAwQjIvMEFGNkVCMkE3M0U4MTFFQTg4NTFGODdDQzRGOUFFMDIvNkVBNkVCNUEz
NTUwMTFFQkFBQjFFNTZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJnebwDBAJnwwADBAKLBYQwDQYJKoZIhvcNAQELBQADggEB
AHWEba8+txdmZd3UXEzo0B19P4x1qaTrjU9CRg9cEkDx2JvCbQOyZQXNAgro3MDi
+A9mjBBWc42HL4y8chOcCYzpHNpAedtwov7Aj7sWkJZtR/48MlMqpSSBiTcEwd5Q
HFPY75JpkbQcF21JzBlHm22grdUtVKBu9+mcDHQAr8Y2taQHVXAYsVNM3wc2SCmq
fgTFXeuvcNG3PgAaD0I19p/ABFvrxyL4ZoRwg5/PVyKun1d6pkIibT6E8qFC0e6G
N8iVeQjOGZ0k/79xzoyAgSXeLUbsAQHxFq3dURm5Hequ7klGSrromaKZgpKvCfcO
ufkCo7O2QY6h0QX+okWagEA=
-----END CERTIFICATE-----
Generated at Tue Jul 29 00:15:24 2025 by rpki-client