Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/37B113181E0111E9A590C837C4F9AE02.roa
File:                     37B113181E0111E9A590C837C4F9AE02.roa (raw, json)
Hash identifier:          IgF/gQ5XGpwI1Q57OWaBCKl76DDADWCyfnnLJKFwBeI=
Subject key identifier:   6E:DF:E5:9B:95:34:39:3E:41:57:3D:BC:92:49:08:29:B4:35:49:7A
Certificate issuer:       /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial:       39C9
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/37B113181E0111E9A590C837C4F9AE02.roa
Signing time:             Mon 14 Jul 2025 14:50:30 +0000
ROA not before:           Mon 14 Jul 2025 14:50:30 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     135670
IP address blocks:        119.46.123.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
                          rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 14:20:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14793 (0x39c9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9137ABC, serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
        Validity
            Not Before: Jul 14 14:50:30 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=68751936-bb08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:c0:fe:8e:2a:a0:d7:2c:b4:96:40:9e:a3:45:
                    a2:60:dc:d1:40:cc:d4:b7:47:7e:a6:d0:90:03:f5:
                    6b:b7:58:25:d8:a4:50:f1:25:0e:d4:6c:93:54:90:
                    19:b5:a6:d7:4e:5b:00:1b:35:d4:fd:b5:dd:f3:1c:
                    13:e3:e2:85:8f:66:a4:85:90:21:68:ed:e8:52:ad:
                    72:61:b7:7d:dc:94:a7:dd:5a:9b:58:f3:c3:cd:90:
                    44:04:73:26:20:35:ec:6d:b9:4b:65:48:2d:0a:5e:
                    8c:83:6b:e6:a7:6f:83:32:69:d7:3a:e7:bd:8a:02:
                    55:12:77:c1:b1:23:26:38:c0:ed:89:11:27:58:e1:
                    b0:8f:05:77:dc:c8:4a:42:d9:d6:34:50:4b:5e:4e:
                    ec:c8:27:f5:a0:0c:1f:13:3c:ad:76:cf:39:34:e4:
                    cb:23:20:70:8a:32:6f:b7:9e:e7:06:6d:c3:b9:a5:
                    5e:50:ca:33:fe:cb:6d:5c:79:43:97:2f:72:be:15:
                    b4:61:91:49:03:53:58:05:11:4d:05:57:44:26:d0:
                    d4:ac:86:82:0d:97:40:ae:d9:bb:d6:a9:60:28:b4:
                    61:87:18:6d:c6:2e:d1:1c:6c:d8:12:0e:80:3a:ed:
                    ef:56:e4:4a:a7:e8:58:d9:ba:83:f8:67:4b:31:b4:
                    7e:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:DF:E5:9B:95:34:39:3E:41:57:3D:BC:92:49:08:29:B4:35:49:7A
            X509v3 Authority Key Identifier:
                keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/37B113181E0111E9A590C837C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  119.46.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:02:df:40:e0:cb:76:73:e3:4a:06:ba:2a:39:36:0f:58:d0:
         7d:e1:bf:dd:6e:c9:c0:93:c4:cb:d4:6c:39:61:73:ef:47:41:
         72:cb:05:a0:be:16:fa:3a:30:75:0a:67:8c:03:d6:2a:54:ba:
         b2:f3:dc:93:ac:2f:fd:a1:e3:7c:e1:71:92:f5:1f:7b:78:5f:
         75:9d:68:06:0d:f1:6e:3a:9e:b7:df:be:2c:d9:94:ab:41:aa:
         bc:51:4e:16:56:b0:8a:91:28:2f:df:9b:59:e8:e7:68:fd:b5:
         bd:a5:d5:3b:55:21:5f:ef:24:56:15:54:7b:87:4a:98:3f:ea:
         11:db:be:a6:b1:87:64:52:a7:39:a1:d5:1e:c0:66:aa:94:f1:
         a7:66:7a:26:60:4a:9b:ca:85:e6:3b:1f:e3:ef:31:e0:4c:d3:
         b9:6f:0a:59:96:39:41:70:41:6c:83:92:b2:d2:c2:5d:30:e1:
         72:e6:02:aa:ff:c4:2c:d6:63:71:bc:b0:f8:b3:95:24:60:32:
         53:99:9a:b2:fc:b3:79:7c:2f:21:23:17:b1:ad:3d:ca:c2:87:
         46:9c:4a:79:04:a3:c7:6e:ae:72:a8:0e:55:2f:28:59:99:a3:
         1e:40:2f:26:ad:26:72:79:60:af:54:fa:54:83:0b:16:44:36:
         e0:e9:d5:1e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICOckwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjUwNzE0MTQ1MDMwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODc1MTkzNi1iYjA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz8D+jiqg1yy0lkCeo0WiYNzRQMzUt0d+ptCQA/Vrt1gl2KRQ8SUO1GyTVJAZ
tabXTlsAGzXU/bXd8xwT4+KFj2akhZAhaO3oUq1yYbd93JSn3VqbWPPDzZBEBHMm
IDXsbblLZUgtCl6Mg2vmp2+DMmnXOue9igJVEnfBsSMmOMDtiREnWOGwjwV33MhK
QtnWNFBLXk7syCf1oAwfEzytds85NOTLIyBwijJvt57nBm3DuaVeUMoz/sttXHlD
ly9yvhW0YZFJA1NYBRFNBVdEJtDUrIaCDZdArtm71qlgKLRhhxhtxi7RHGzYEg6A
Ou3vVuRKp+hY2bqD+GdLMbR+JwIDAQABo4IClTCCApEwHQYDVR0OBBYEFG7f5ZuV
NDk+QVc9vJJJCCm0NUl6MB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvMzdCMTEzMTgx
RTAxMTFFOUE1OTBDODM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB3LnswDQYJKoZIhvcNAQELBQADggEBAIQC30Dgy3Zz40oG
uio5Ng9Y0H3hv91uycCTxMvUbDlhc+9HQXLLBaC+Fvo6MHUKZ4wD1ipUurLz3JOs
L/2h43zhcZL1H3t4X3WdaAYN8W46nrffvizZlKtBqrxRThZWsIqRKC/fm1no52j9
tb2l1TtVIV/vJFYVVHuHSpg/6hHbvqaxh2RSpzmh1R7AZqqU8admeiZgSpvKheY7
H+PvMeBM07lvClmWOUFwQWyDkrLSwl0w4XLmAqr/xCzWY3G8sPizlSRgMlOZmrL8
s3l8LyEjF7GtPcrCh0acSnkEo8durnKoDlUvKFmZox5ALyatJnJ5YK9U+lSDCxZE
NuDp1R4=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:14:54 2025 by rpki-client