Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/26C39BB6010511EE8C750D39C4F9AE02.roa
File:                     26C39BB6010511EE8C750D39C4F9AE02.roa (raw, json)
Hash identifier:          qHE4CVNPl2hfbb1z0WR6L0xNSdCigOSFLS7QO+iIYEU=
Subject key identifier:   2A:9D:38:8F:CC:DF:3E:DA:6E:35:34:2F:4C:70:3B:1D:34:6A:1F:B9
Certificate issuer:       /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Certificate serial:       3921
Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/26C39BB6010511EE8C750D39C4F9AE02.roa
Signing time:             Fri 04 Jul 2025 14:50:42 +0000
ROA not before:           Fri 04 Jul 2025 14:50:42 +0000
ROA not after:            Mon 31 Aug 2026 00:00:00 +0000
asID:                     38393
IP address blocks:        103.143.79.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
                          rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 14:22:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14625 (0x3921)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9149F3E, serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
        Validity
            Not Before: Jul  4 14:50:42 2025 GMT
            Not After : Aug 31 00:00:00 2026 GMT
        Subject: CN=6867ea42-aea7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:8b:cd:0d:e0:cf:9e:43:2c:9f:f2:54:f5:81:
                    30:95:1f:db:33:f3:20:c1:89:87:7d:c6:c2:fd:e3:
                    df:d7:7f:2a:c5:7c:47:39:2b:da:a5:36:c6:6a:08:
                    f2:0a:48:b1:a9:94:39:a5:23:ce:72:df:29:e8:c5:
                    79:c7:d9:56:27:52:84:20:fc:83:0c:b9:25:b6:ed:
                    d8:8e:5e:98:e5:00:3e:9a:87:8f:c2:bf:c2:c0:32:
                    1c:e2:b5:43:b5:eb:75:f3:42:30:18:39:b7:98:dc:
                    ad:92:6b:82:83:8b:03:ad:4e:cb:7f:c1:5e:c3:6e:
                    bb:99:0c:36:d1:c8:6b:f0:65:88:1f:3c:36:22:89:
                    e2:ce:46:f4:27:4f:51:59:d9:9c:f1:20:c3:56:cb:
                    2f:0c:d8:ef:be:89:5d:8a:16:0f:9a:5d:24:05:f6:
                    42:a9:d9:55:53:79:17:4b:d4:0c:80:1e:8f:26:9c:
                    64:50:e4:d9:2a:2a:48:f5:c0:38:0b:86:08:25:bb:
                    4f:4c:2d:b1:ae:0f:6c:49:ae:15:2c:fb:5d:b2:a5:
                    fc:26:4a:b8:23:6d:7f:a8:30:22:cb:e7:65:3c:13:
                    26:b9:8d:24:12:23:0c:e3:88:14:af:12:44:5e:8c:
                    2a:a3:2f:84:26:bb:b2:41:d7:1d:d5:2b:e8:07:9a:
                    cb:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:9D:38:8F:CC:DF:3E:DA:6E:35:34:2F:4C:70:3B:1D:34:6A:1F:B9
            X509v3 Authority Key Identifier:
                keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/26C39BB6010511EE8C750D39C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.143.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:17:f0:30:ce:3c:5c:46:2a:15:dd:65:94:82:98:ab:d0:3f:
         41:d3:e3:09:d5:b4:c6:6b:f3:2a:df:1d:c1:a1:95:96:82:7f:
         b9:89:30:d8:7b:a1:5d:c0:2d:b2:85:13:71:26:af:a5:b4:5f:
         8f:f7:b3:6f:20:dd:e9:81:42:bc:50:5c:24:28:61:b3:3e:a8:
         f8:22:86:2e:78:58:32:3b:31:e0:60:c8:b3:f9:9a:e1:29:8c:
         f5:f9:9a:2c:fb:6e:04:f1:45:f1:12:33:46:19:b3:09:01:2f:
         a2:b1:37:e8:5f:67:fc:bf:81:b4:10:c2:e9:1e:03:3f:a5:0a:
         36:33:d7:32:f0:19:89:ce:68:1f:bb:74:22:27:a1:94:72:cd:
         6f:3e:0b:10:b3:09:67:8e:90:db:91:17:de:63:ac:86:02:f0:
         69:5b:26:db:af:3a:f1:77:77:34:61:84:16:38:9c:5b:46:e1:
         91:31:9a:a8:e3:7a:38:2d:48:79:07:8f:ef:a0:ee:da:f0:47:
         7e:68:0d:96:0f:be:dc:ee:10:04:af:51:ca:41:21:47:ad:21:
         ae:f9:a9:1b:69:a9:d1:7c:f7:e6:4b:ad:bc:03:9c:df:ed:e1:
         13:70:7f:be:2a:fa:64:ef:f3:78:66:6e:dc:37:9d:6c:54:9a:
         63:21:5b:94
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICOSEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG
OURGN0M1NEIwHhcNMjUwNzA0MTQ1MDQyWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODY3ZWE0Mi1hZWE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA54vNDeDPnkMsn/JU9YEwlR/bM/MgwYmHfcbC/ePf138qxXxHOSvapTbGagjy
CkixqZQ5pSPOct8p6MV5x9lWJ1KEIPyDDLkltu3Yjl6Y5QA+moePwr/CwDIc4rVD
tet180IwGDm3mNytkmuCg4sDrU7Lf8Few267mQw20chr8GWIHzw2Ionizkb0J09R
Wdmc8SDDVssvDNjvvoldihYPml0kBfZCqdlVU3kXS9QMgB6PJpxkUOTZKipI9cA4
C4YIJbtPTC2xrg9sSa4VLPtdsqX8Jkq4I21/qDAiy+dlPBMmuY0kEiMM44gUrxJE
Xowqoy+EJruyQdcd1SvoB5rLxwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCqdOI/M
3z7abjU0L0xwOx00ah+5MB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE
ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvMjZDMzlCQjYw
MTA1MTFFRThDNzUwRDM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnj08wDQYJKoZIhvcNAQELBQADggEBAGMX8DDOPFxGKhXd
ZZSCmKvQP0HT4wnVtMZr8yrfHcGhlZaCf7mJMNh7oV3ALbKFE3Emr6W0X4/3s28g
3emBQrxQXCQoYbM+qPgihi54WDI7MeBgyLP5muEpjPX5miz7bgTxRfESM0YZswkB
L6KxN+hfZ/y/gbQQwukeAz+lCjYz1zLwGYnOaB+7dCInoZRyzW8+CxCzCWeOkNuR
F95jrIYC8GlbJtuvOvF3dzRhhBY4nFtG4ZExmqjjejgtSHkHj++g7trwR35oDZYP
vtzuEASvUcpBIUetIa75qRtpqdF89+ZLrbwDnN/t4RNwf74q+mTv83hmbtw3nWxU
mmMhW5Q=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:12:58 2025 by rpki-client