Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9122D51/EAE5FCAAF23611EE8C8B9758C4F9AE02/6D610A58F23711EEA11AA759C4F9AE02.roa
File:                     6D610A58F23711EEA11AA759C4F9AE02.roa (raw, json)
Hash identifier:          7SbZ0PPfP01/krVCYjuDJBwjpFWYv8lnua4LUAxlPx0=
Subject key identifier:   80:D4:11:BF:1B:17:50:C9:56:90:CE:F5:FF:AB:ED:B2:2D:54:01:8F
Certificate issuer:       /CN=A9122D51/serialNumber=C4C67EBB6B2DDC6924BBB9655E7E0F8218530C65
Certificate serial:       ED
Authority key identifier: C4:C6:7E:BB:6B:2D:DC:69:24:BB:B9:65:5E:7E:0F:82:18:53:0C:65
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xMZ-u2st3Gkku7llXn4PghhTDGU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9122D51/EAE5FCAAF23611EE8C8B9758C4F9AE02/6D610A58F23711EEA11AA759C4F9AE02.roa
Signing time:             Sat 05 Jul 2025 05:41:30 +0000
ROA not before:           Sat 05 Jul 2025 05:41:30 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     136900
IP address blocks:        103.190.18.0/24 maxlen: 24
                          103.190.19.0/24 maxlen: 24
                          2400:8ba0::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9122D51/EAE5FCAAF23611EE8C8B9758C4F9AE02/xMZ-u2st3Gkku7llXn4PghhTDGU.crl
                          rsync://rpki.apnic.net/member_repository/A9122D51/EAE5FCAAF23611EE8C8B9758C4F9AE02/xMZ-u2st3Gkku7llXn4PghhTDGU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xMZ-u2st3Gkku7llXn4PghhTDGU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 28 Jul 2025 05:24:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 237 (0xed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9122D51, serialNumber=C4C67EBB6B2DDC6924BBB9655E7E0F8218530C65
        Validity
            Not Before: Jul  5 05:41:30 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=6868bb09-c156
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:78:94:86:66:aa:91:96:8b:93:ee:02:81:dd:
                    54:f1:66:bd:02:c4:e0:40:29:0d:78:15:d5:dd:a9:
                    4e:85:f4:d6:2c:51:8a:40:14:37:f2:cc:b7:d5:e9:
                    79:95:30:eb:49:71:57:0d:02:f5:2e:54:65:86:3b:
                    6a:ef:1a:8e:c3:1a:74:25:d1:80:b0:7a:26:dc:af:
                    14:ca:dc:cc:a8:25:3d:ef:0d:c4:36:19:b2:13:db:
                    61:2f:8e:3b:65:46:47:1e:88:6b:dd:d9:48:d9:68:
                    0a:63:75:3e:98:ee:14:bd:21:21:e1:a3:44:64:56:
                    00:90:5b:54:63:30:63:3c:50:c9:f6:0f:d5:3e:cb:
                    9f:42:9a:c7:81:75:3c:7b:00:c9:89:ec:19:1c:d3:
                    c7:4f:d8:92:13:20:84:91:2e:0a:e9:ee:c2:ed:e5:
                    a7:8f:9b:ec:24:05:cd:06:4b:90:78:68:37:17:42:
                    82:71:16:bf:01:25:b1:a8:b9:8f:4e:e9:62:e4:2f:
                    51:4b:8d:ea:c4:34:44:54:f1:1a:61:e6:86:21:36:
                    05:cb:e0:d0:dd:00:bf:e6:d0:44:2d:c0:cf:37:dc:
                    e4:c9:63:fd:08:3a:b6:9b:77:8d:b7:4e:aa:cb:57:
                    f7:e9:ed:b8:1a:0d:cb:05:9d:d7:80:34:44:12:4c:
                    9a:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:D4:11:BF:1B:17:50:C9:56:90:CE:F5:FF:AB:ED:B2:2D:54:01:8F
            X509v3 Authority Key Identifier:
                keyid:C4:C6:7E:BB:6B:2D:DC:69:24:BB:B9:65:5E:7E:0F:82:18:53:0C:65

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9122D51/EAE5FCAAF23611EE8C8B9758C4F9AE02/xMZ-u2st3Gkku7llXn4PghhTDGU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xMZ-u2st3Gkku7llXn4PghhTDGU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122D51/EAE5FCAAF23611EE8C8B9758C4F9AE02/6D610A58F23711EEA11AA759C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.190.18.0/23
                IPv6:
                  2400:8ba0::/32

    Signature Algorithm: sha256WithRSAEncryption
         74:eb:66:0b:c7:0d:01:c8:8b:c9:29:19:98:d8:85:a9:08:e8:
         df:77:ca:74:d4:01:dc:24:c9:fc:bd:d6:e5:4e:2c:dc:a5:2d:
         7f:72:d3:1b:f3:14:2c:9e:e7:5d:59:d4:67:3b:4f:9a:83:5d:
         3f:e2:a8:39:d4:2c:70:d4:31:55:c5:4e:81:a8:92:e3:44:b2:
         8e:e8:79:47:a2:2c:49:c7:ca:42:43:68:4f:13:a4:e1:18:9c:
         3c:65:97:11:73:22:65:c4:25:22:98:88:cf:09:91:06:67:8c:
         3b:b3:9a:52:88:97:4e:9d:92:37:bc:93:9c:72:4a:5b:1b:b9:
         58:a0:ee:76:97:d5:41:df:d4:82:ac:24:ee:2e:0a:19:0e:f8:
         08:70:d6:6e:33:4d:6e:26:cb:02:7c:3c:b6:57:f7:c5:b8:e7:
         00:ee:63:43:64:f1:45:0c:ea:8d:bd:4f:86:98:aa:0f:bb:a0:
         c7:90:96:85:76:c4:dd:31:16:bd:17:0e:64:30:eb:9e:96:9e:
         44:b6:90:fb:3a:48:ba:e8:fc:38:cf:54:f3:ed:98:79:a2:eb:
         23:47:db:b7:c5:62:cb:40:0d:cf:54:c6:de:eb:66:24:64:20:
         37:5f:80:08:f5:61:26:92:51:69:09:09:f5:ec:ef:e1:c0:2e:
         6e:e1:f8:45
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAO0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjJENTExMTAvBgNVBAUTKEM0QzY3RUJCNkIyRERDNjkyNEJCQjk2NTVFN0UwRjgy
MTg1MzBDNjUwHhcNMjUwNzA1MDU0MTMwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODY4YmIwOS1jMTU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuXiUhmaqkZaLk+4Cgd1U8Wa9AsTgQCkNeBXV3alOhfTWLFGKQBQ38sy31el5
lTDrSXFXDQL1LlRlhjtq7xqOwxp0JdGAsHom3K8UytzMqCU97w3ENhmyE9thL447
ZUZHHohr3dlI2WgKY3U+mO4UvSEh4aNEZFYAkFtUYzBjPFDJ9g/VPsufQprHgXU8
ewDJiewZHNPHT9iSEyCEkS4K6e7C7eWnj5vsJAXNBkuQeGg3F0KCcRa/ASWxqLmP
Tuli5C9RS43qxDREVPEaYeaGITYFy+DQ3QC/5tBELcDPN9zkyWP9CDq2m3eNt06q
y1f36e24Gg3LBZ3XgDREEkya4wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFIDUEb8b
F1DJVpDO9f+r7bItVAGPMB8GA1UdIwQYMBaAFMTGfrtrLdxpJLu5ZV5+D4IYUwxl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMkQ1MS9FQUU1RkNBQUYy
MzYxMUVFOEM4Qjk3NThDNEY5QUUwMi94TVotdTJzdDNHa2t1N2xsWG40UGdoaFRE
R1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hNWi11MnN0M0dra3U3bGxYbjRQZ2hoVERHVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjJENTEvRUFFNUZDQUFGMjM2MTFFRThDOEI5NzU4QzRGOUFFMDIvNkQ2MTBBNThG
MjM3MTFFRUExMUFBNzU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnvhIwDQQCAAIwBwMFACQAi6AwDQYJKoZIhvcNAQELBQAD
ggEBAHTrZgvHDQHIi8kpGZjYhakI6N93ynTUAdwkyfy91uVOLNylLX9y0xvzFCye
511Z1Gc7T5qDXT/iqDnULHDUMVXFToGokuNEso7oeUeiLEnHykJDaE8TpOEYnDxl
lxFzImXEJSKYiM8JkQZnjDuzmlKIl06dkje8k5xySlsbuVig7naX1UHf1IKsJO4u
ChkO+Ahw1m4zTW4mywJ8PLZX98W45wDuY0Nk8UUM6o29T4aYqg+7oMeQloV2xN0x
Fr0XDmQw656WnkS2kPs6SLro/DjPVPPtmHmi6yNH27fFYstADc9Uxt7rZiRkIDdf
gAj1YSaSUWkJCfXs7+HALm7h+EU=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:25:23 2025 by rpki-client