Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/88B3BAE252C911EA93D1814FC4F9AE02.roa
File:                     88B3BAE252C911EA93D1814FC4F9AE02.roa (raw, json)
Hash identifier:          dZ+RRqFRKFWE7+accRlaOTbHRGehh9B72t+MdLCbbg8=
Subject key identifier:   67:78:9D:36:13:08:E7:D5:23:6F:FA:F1:16:F2:3D:CE:02:91:8E:CC
Certificate issuer:       /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial:       3A0A
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/88B3BAE252C911EA93D1814FC4F9AE02.roa
Signing time:             Mon 14 Jul 2025 14:51:26 +0000
ROA not before:           Mon 14 Jul 2025 14:51:26 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     55554
IP address blocks:        113.21.240.0/24 maxlen: 24
                          122.144.27.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
                          rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 14:20:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14858 (0x3a0a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9137ABC, serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
        Validity
            Not Before: Jul 14 14:51:26 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=6875196d-bb6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:20:38:6c:b7:a6:b9:99:28:88:f9:84:57:99:
                    0a:be:c1:14:f8:6e:62:87:d7:6b:0e:69:19:8f:c0:
                    33:c3:58:04:ea:4e:5f:e2:a6:1a:22:b0:c4:0c:88:
                    85:92:1e:0f:bf:5e:80:62:a4:ae:59:0b:e5:f9:0f:
                    99:3e:22:55:ec:84:09:db:2d:52:91:97:fd:56:9c:
                    f1:d3:77:fa:7d:5e:de:90:2e:05:0d:90:f2:60:48:
                    08:b0:8b:a6:58:97:d6:0b:79:1d:db:5b:e4:ad:d7:
                    30:1f:86:54:f9:27:e5:60:10:ba:3c:02:23:aa:2b:
                    19:d3:ab:09:64:b1:09:8e:e0:40:e1:bc:03:e9:a2:
                    8a:80:5a:3f:45:6f:8c:16:e6:27:d1:51:0e:37:e1:
                    70:be:b8:bb:88:b0:1e:eb:f0:9a:76:4f:e9:38:97:
                    af:61:72:22:88:67:6b:72:f4:a7:66:ec:c0:69:18:
                    8f:82:a2:fe:50:36:e1:07:d3:1f:01:55:cd:ca:8e:
                    e5:f8:21:8e:86:6a:6b:51:43:56:3c:26:ac:7d:c3:
                    2f:fc:5a:cf:de:2e:43:39:67:0b:f7:c2:17:66:3d:
                    4c:36:74:05:22:bd:7d:19:6f:42:90:8f:15:c9:c3:
                    cc:70:8c:fd:96:7c:17:a2:2b:a5:02:f8:55:74:a6:
                    9c:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:78:9D:36:13:08:E7:D5:23:6F:FA:F1:16:F2:3D:CE:02:91:8E:CC
            X509v3 Authority Key Identifier:
                keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/88B3BAE252C911EA93D1814FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  113.21.240.0/24
                  122.144.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:87:78:ba:55:3d:98:e0:21:eb:b3:78:fb:d7:a9:a7:0c:7c:
         9e:0c:76:e7:5a:0a:6c:56:da:11:54:0d:65:73:78:d8:51:aa:
         89:13:88:57:74:67:59:7a:be:e2:5c:99:d1:51:70:c4:10:db:
         b5:00:bd:52:95:0e:fe:a8:11:58:d8:8f:75:43:7c:f5:fe:87:
         75:f6:45:9c:eb:f6:c8:a4:09:b3:cc:7b:a4:e9:f7:c4:32:15:
         07:8d:c2:c1:96:47:66:b0:7f:33:3a:48:d3:cf:a0:e8:3d:c5:
         41:73:45:e1:35:52:a2:95:83:fe:40:1b:f7:d6:36:cc:c1:33:
         ea:42:e9:ed:67:33:c5:3b:c7:68:6f:2a:2c:47:80:eb:46:bc:
         0f:59:7a:a4:9a:68:b4:62:ad:94:06:c1:30:f1:bf:40:c3:cd:
         2a:15:2e:f2:35:e1:bc:38:23:ea:55:6f:fb:f1:b6:72:78:4d:
         5a:11:1e:e1:01:89:45:3b:e1:68:2e:21:47:77:45:dc:2f:47:
         88:90:7a:19:e0:e8:a7:1c:36:1c:22:b8:c2:10:90:0c:bb:fa:
         09:25:4e:46:5f:5a:e2:ac:60:c4:2c:b1:df:cb:81:36:58:fc:
         59:89:44:3f:65:4d:da:0d:70:32:af:06:1b:4f:25:84:89:06:
         09:7d:bc:04
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICOgowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjUwNzE0MTQ1MTI2WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODc1MTk2ZC1iYjZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1yA4bLemuZkoiPmEV5kKvsEU+G5ih9drDmkZj8Azw1gE6k5f4qYaIrDEDIiF
kh4Pv16AYqSuWQvl+Q+ZPiJV7IQJ2y1SkZf9Vpzx03f6fV7ekC4FDZDyYEgIsIum
WJfWC3kd21vkrdcwH4ZU+SflYBC6PAIjqisZ06sJZLEJjuBA4bwD6aKKgFo/RW+M
FuYn0VEON+Fwvri7iLAe6/Cadk/pOJevYXIiiGdrcvSnZuzAaRiPgqL+UDbhB9Mf
AVXNyo7l+CGOhmprUUNWPCasfcMv/FrP3i5DOWcL98IXZj1MNnQFIr19GW9CkI8V
ycPMcIz9lnwXoiulAvhVdKac4QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGd4nTYT
COfVI2/68RbyPc4CkY7MMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvODhCM0JBRTI1
MkM5MTFFQTkzRDE4MTRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABxFfADBAB6kBswDQYJKoZIhvcNAQELBQADggEBAE+HeLpV
PZjgIeuzePvXqacMfJ4MdudaCmxW2hFUDWVzeNhRqokTiFd0Z1l6vuJcmdFRcMQQ
27UAvVKVDv6oEVjYj3VDfPX+h3X2RZzr9sikCbPMe6Tp98QyFQeNwsGWR2awfzM6
SNPPoOg9xUFzReE1UqKVg/5AG/fWNszBM+pC6e1nM8U7x2hvKixHgOtGvA9ZeqSa
aLRirZQGwTDxv0DDzSoVLvI14bw4I+pVb/vxtnJ4TVoRHuEBiUU74WguIUd3Rdwv
R4iQehng6KccNhwiuMIQkAy7+gklTkZfWuKsYMQssd/LgTZY/FmJRD9lTdoNcDKv
BhtPJYSJBgl9vAQ=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:19:33 2025 by rpki-client