Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/54376ADC1E0111E9A590C837C4F9AE02.roa
File:                     54376ADC1E0111E9A590C837C4F9AE02.roa (raw, json)
Hash identifier:          bGUmFPhSWLZWSwd58bHB5xL+lVnGJq0DUoB6Yv3RNJ4=
Subject key identifier:   E7:6D:29:74:DD:40:A2:D5:92:27:CD:2B:D0:6C:11:D1:67:D6:78:FE
Certificate issuer:       /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial:       3A0D
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/54376ADC1E0111E9A590C837C4F9AE02.roa
Signing time:             Mon 14 Jul 2025 14:51:28 +0000
ROA not before:           Mon 14 Jul 2025 14:51:28 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     55844
IP address blocks:        119.46.243.0/24 maxlen: 24
                          2001:fb0:1078::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
                          rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 14:20:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14861 (0x3a0d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9137ABC, serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
        Validity
            Not Before: Jul 14 14:51:28 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=68751970-019a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:11:8b:e9:13:aa:d2:0a:5f:d5:f2:1a:5c:78:
                    63:f2:07:6f:53:95:86:e1:70:33:d8:23:6b:08:fc:
                    5c:57:14:77:89:81:34:6d:78:2f:63:1d:55:0c:e2:
                    63:6b:96:fe:ba:14:52:a3:49:e0:2a:49:19:3a:a7:
                    61:9f:60:56:77:20:1c:c1:74:69:af:ce:02:58:72:
                    1a:c2:af:7f:78:77:b6:47:a0:2a:f6:ef:b9:ba:47:
                    86:b4:2c:e4:59:7e:28:1e:05:d3:d9:05:8c:c7:31:
                    93:c8:a8:b5:12:a3:5f:da:8c:0b:7f:88:59:98:c5:
                    6d:69:cb:e9:0c:cd:a1:12:0e:4a:b1:8d:33:f2:a3:
                    96:80:2c:b0:ce:aa:91:5e:28:1d:be:00:d1:f9:fa:
                    db:f2:0d:b6:d9:7f:82:c8:5d:f3:63:3f:5d:0f:40:
                    1c:79:5f:44:b4:e7:7a:0f:a6:3b:3e:8f:ec:26:70:
                    5e:3c:9a:e1:a6:af:3c:6b:c9:a0:8e:ae:f0:1e:00:
                    65:42:92:ba:cc:5e:78:6b:15:11:d1:8f:e4:63:d4:
                    36:fc:0d:c4:b1:67:15:8b:fd:51:15:da:fc:a5:da:
                    1b:09:28:d8:2d:e6:56:e9:e8:52:cb:97:ac:19:97:
                    40:19:01:f5:cf:bc:52:7a:bf:f8:e8:f6:56:e8:e4:
                    89:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:6D:29:74:DD:40:A2:D5:92:27:CD:2B:D0:6C:11:D1:67:D6:78:FE
            X509v3 Authority Key Identifier:
                keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/54376ADC1E0111E9A590C837C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  119.46.243.0/24
                IPv6:
                  2001:fb0:1078::/48

    Signature Algorithm: sha256WithRSAEncryption
         0c:fa:86:2e:14:bf:be:cd:3b:ea:2b:ca:fb:5b:11:46:f9:26:
         5d:8d:45:a5:4a:5b:10:55:04:0b:bb:04:1a:5e:49:e2:dc:ce:
         42:06:7b:98:0e:66:ae:ce:cb:7e:ca:d6:37:d6:e3:bf:96:ee:
         f5:09:f1:c4:bb:e8:b9:3c:8d:b1:32:35:10:a2:42:77:92:f9:
         02:6d:63:9f:57:1c:ec:01:8a:b7:c1:60:63:95:eb:82:06:a9:
         db:f4:fd:11:37:73:d2:3c:13:56:72:92:50:ab:4f:b5:1c:ca:
         10:ac:de:3f:d6:d9:2e:54:e9:80:e9:bc:97:2a:c2:6d:b8:22:
         c0:bc:3e:d3:2f:55:cf:df:1c:56:36:90:40:6e:ba:2a:38:23:
         7e:3e:64:60:64:86:d3:7d:7b:5f:c4:f4:2d:86:73:13:90:70:
         60:58:fc:e7:25:73:79:94:5d:b2:ce:63:ac:65:04:84:35:34:
         12:e8:63:cc:2d:df:96:e1:9c:bd:5c:ef:59:d9:bb:2b:fd:1b:
         2f:d1:1b:43:b2:7d:a0:1c:d3:8f:c9:03:01:d2:99:a0:e8:9a:
         47:96:1d:8e:65:a7:1a:41:e0:a5:f6:99:d3:19:a5:9d:ff:fb:
         6a:15:85:ba:97:1b:f5:65:b8:01:64:3f:14:33:9b:53:2d:4f:
         6f:d5:6f:cd
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOg0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjUwNzE0MTQ1MTI4WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODc1MTk3MC0wMTlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvxGL6ROq0gpf1fIaXHhj8gdvU5WG4XAz2CNrCPxcVxR3iYE0bXgvYx1VDOJj
a5b+uhRSo0ngKkkZOqdhn2BWdyAcwXRpr84CWHIawq9/eHe2R6Aq9u+5ukeGtCzk
WX4oHgXT2QWMxzGTyKi1EqNf2owLf4hZmMVtacvpDM2hEg5KsY0z8qOWgCywzqqR
XigdvgDR+frb8g222X+CyF3zYz9dD0AceV9EtOd6D6Y7Po/sJnBePJrhpq88a8mg
jq7wHgBlQpK6zF54axUR0Y/kY9Q2/A3EsWcVi/1RFdr8pdobCSjYLeZW6ehSy5es
GZdAGQH1z7xSer/46PZW6OSJjwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFOdtKXTd
QKLVkifNK9BsEdFn1nj+MB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvNTQzNzZBREMx
RTAxMTFFOUE1OTBDODM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAB3LvMwDwQCAAIwCQMHACABD7AQeDANBgkqhkiG9w0BAQsF
AAOCAQEADPqGLhS/vs076ivK+1sRRvkmXY1FpUpbEFUEC7sEGl5J4tzOQgZ7mA5m
rs7LfsrWN9bjv5bu9QnxxLvouTyNsTI1EKJCd5L5Am1jn1cc7AGKt8FgY5Xrggap
2/T9ETdz0jwTVnKSUKtPtRzKEKzeP9bZLlTpgOm8lyrCbbgiwLw+0y9Vz98cVjaQ
QG66Kjgjfj5kYGSG0317X8T0LYZzE5BwYFj85yVzeZRdss5jrGUEhDU0EuhjzC3f
luGcvVzvWdm7K/0bL9EbQ7J9oBzTj8kDAdKZoOiaR5YdjmWnGkHgpfaZ0xmlnf/7
ahWFupcb9WW4AWQ/FDObUy1Pb9VvzQ==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:19:34 2025 by rpki-client