Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9155001/DD1CBD72603E11EF866FE83EC4F9AE02/9FB99556604111EFB4652062C4F9AE02.roa
File:                     9FB99556604111EFB4652062C4F9AE02.roa (raw, json)
Hash identifier:          NCosWXhfz0UWkuSBHKgiBpQqoUl/ccm+dyT7ONrL1+0=
Subject key identifier:   11:9F:6C:BC:93:72:64:D3:F6:EE:AC:37:50:FA:18:E1:3D:BC:F8:BB
Certificate issuer:       /CN=A9155001/serialNumber=565C8EC4E83447ECFFA69E1DEE1637C15F45A3FE
Certificate serial:       AE
Authority key identifier: 56:5C:8E:C4:E8:34:47:EC:FF:A6:9E:1D:EE:16:37:C1:5F:45:A3:FE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VlyOxOg0R-z_pp4d7hY3wV9Fo_4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9155001/DD1CBD72603E11EF866FE83EC4F9AE02/9FB99556604111EFB4652062C4F9AE02.roa
Signing time:             Tue 01 Jul 2025 07:11:25 +0000
ROA not before:           Tue 01 Jul 2025 07:11:25 +0000
ROA not after:            Mon 31 Aug 2026 00:00:00 +0000
asID:                     7545
IP address blocks:        103.65.233.0/24 maxlen: 24
                          103.220.46.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9155001/DD1CBD72603E11EF866FE83EC4F9AE02/VlyOxOg0R-z_pp4d7hY3wV9Fo_4.crl
                          rsync://rpki.apnic.net/member_repository/A9155001/DD1CBD72603E11EF866FE83EC4F9AE02/VlyOxOg0R-z_pp4d7hY3wV9Fo_4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VlyOxOg0R-z_pp4d7hY3wV9Fo_4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 26 Jul 2025 06:20:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 174 (0xae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9155001, serialNumber=565C8EC4E83447ECFFA69E1DEE1637C15F45A3FE
        Validity
            Not Before: Jul  1 07:11:25 2025 GMT
            Not After : Aug 31 00:00:00 2026 GMT
        Subject: CN=68638a1d-94b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:f5:c1:5e:42:90:b5:58:d3:e7:cd:be:90:25:
                    76:07:1a:d3:2b:45:c0:54:0a:98:2f:23:db:3d:1d:
                    ff:0d:a1:fa:c3:16:1e:fa:2d:d4:5b:25:3a:bd:29:
                    e5:72:6d:2f:b6:54:b8:6c:2c:80:2d:10:e5:b5:83:
                    c3:4b:23:49:f6:6b:f2:49:98:a4:d1:30:e9:3d:4f:
                    89:90:a7:4c:18:7e:48:9f:a6:32:24:fd:2b:c4:e1:
                    74:8c:86:38:ad:5f:01:00:35:1b:4c:fb:8d:6e:0e:
                    f3:0f:c5:1a:04:54:b4:dd:71:88:5e:8c:2a:85:05:
                    39:bb:28:f6:1a:08:f3:45:bb:9d:f3:04:ee:eb:6f:
                    1a:4b:40:a9:6e:00:29:87:81:85:14:cd:3f:2f:cb:
                    2a:54:03:b8:be:2b:1a:23:cb:8a:df:f7:75:a1:12:
                    ce:ff:4a:35:b9:28:06:8b:9b:80:6b:b1:43:e3:2b:
                    a1:46:7d:3f:5d:b4:1f:6d:52:7a:aa:ed:71:77:39:
                    07:1e:99:6d:96:b3:e6:f3:b6:15:9d:e9:29:c5:6a:
                    29:85:ca:60:a7:f1:f6:77:12:ed:5b:48:3c:8f:79:
                    cb:3a:bb:a7:22:8f:a0:17:73:5c:3f:25:56:7d:29:
                    6a:12:d4:ca:c1:09:62:9d:bc:e7:65:88:95:1c:f7:
                    3b:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:9F:6C:BC:93:72:64:D3:F6:EE:AC:37:50:FA:18:E1:3D:BC:F8:BB
            X509v3 Authority Key Identifier:
                keyid:56:5C:8E:C4:E8:34:47:EC:FF:A6:9E:1D:EE:16:37:C1:5F:45:A3:FE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9155001/DD1CBD72603E11EF866FE83EC4F9AE02/VlyOxOg0R-z_pp4d7hY3wV9Fo_4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VlyOxOg0R-z_pp4d7hY3wV9Fo_4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155001/DD1CBD72603E11EF866FE83EC4F9AE02/9FB99556604111EFB4652062C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.65.233.0/24
                  103.220.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:7e:b9:c1:c8:2e:36:14:72:a4:ac:3c:2f:6d:0d:23:af:be:
         90:7b:91:9d:de:92:75:00:75:c8:f5:16:e6:43:8c:c0:7e:72:
         10:61:1f:49:92:dd:f4:96:03:8d:c2:e4:eb:95:6e:54:d4:7e:
         ce:8f:b6:2e:b0:98:11:35:77:1d:52:63:c0:36:d1:5f:ae:98:
         b6:30:81:2e:7e:96:27:91:fd:93:6c:f1:f9:a7:68:67:c7:88:
         9c:9b:34:73:c6:76:03:55:3b:ea:4e:6b:9c:30:2e:c3:06:80:
         4f:77:da:cd:df:70:bd:a8:67:e3:1a:04:30:41:ad:30:b5:c6:
         82:c1:6b:15:71:83:71:b2:df:6e:b9:eb:35:12:6b:59:02:d5:
         63:69:63:35:95:b5:8b:00:a8:76:d7:4c:28:09:a6:81:8c:68:
         81:f5:5a:27:d6:78:31:11:75:f9:31:26:f0:0b:bb:03:75:07:
         6e:55:bd:f4:d8:c2:f3:9e:ae:88:c6:b0:0b:48:93:3d:0b:85:
         f9:7e:ac:26:34:b6:6a:04:ff:e3:bd:6f:60:95:3e:0d:43:47:
         df:57:ed:d8:92:90:24:08:09:87:2c:3e:39:2f:17:0c:46:03:
         13:b6:2b:b1:58:7e:83:b6:0d:60:35:e2:b9:4f:e1:62:78:cd:
         db:a5:0a:b7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAK4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTUwMDExMTAvBgNVBAUTKDU2NUM4RUM0RTgzNDQ3RUNGRkE2OUUxREVFMTYzN0Mx
NUY0NUEzRkUwHhcNMjUwNzAxMDcxMTI1WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODYzOGExZC05NGIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzPXBXkKQtVjT582+kCV2BxrTK0XAVAqYLyPbPR3/DaH6wxYe+i3UWyU6vSnl
cm0vtlS4bCyALRDltYPDSyNJ9mvySZik0TDpPU+JkKdMGH5In6YyJP0rxOF0jIY4
rV8BADUbTPuNbg7zD8UaBFS03XGIXowqhQU5uyj2GgjzRbud8wTu628aS0CpbgAp
h4GFFM0/L8sqVAO4visaI8uK3/d1oRLO/0o1uSgGi5uAa7FD4yuhRn0/XbQfbVJ6
qu1xdzkHHpltlrPm87YVnekpxWophcpgp/H2dxLtW0g8j3nLOrunIo+gF3NcPyVW
fSlqEtTKwQlinbznZYiVHPc7PwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBGfbLyT
cmTT9u6sN1D6GOE9vPi7MB8GA1UdIwQYMBaAFFZcjsToNEfs/6aeHe4WN8FfRaP+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTAwMS9ERDFDQkQ3MjYw
M0UxMUVGODY2RkU4M0VDNEY5QUUwMi9WbHlPeE9nMFItel9wcDRkN2hZM3dWOUZv
XzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZseU94T2cwUi16X3BwNGQ3aFkzd1Y5Rm9fNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTUwMDEvREQxQ0JENzI2MDNFMTFFRjg2NkZFODNFQzRGOUFFMDIvOUZCOTk1NTY2
MDQxMTFFRkI0NjUyMDYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnQekDBABn3C4wDQYJKoZIhvcNAQELBQADggEBADx+ucHI
LjYUcqSsPC9tDSOvvpB7kZ3eknUAdcj1FuZDjMB+chBhH0mS3fSWA43C5OuVblTU
fs6Pti6wmBE1dx1SY8A20V+umLYwgS5+lieR/ZNs8fmnaGfHiJybNHPGdgNVO+pO
a5wwLsMGgE932s3fcL2oZ+MaBDBBrTC1xoLBaxVxg3Gy32656zUSa1kC1WNpYzWV
tYsAqHbXTCgJpoGMaIH1WifWeDERdfkxJvALuwN1B25VvfTYwvOerojGsAtIkz0L
hfl+rCY0tmoE/+O9b2CVPg1DR99X7diSkCQICYcsPjkvFwxGAxO2K7FYfoO2DWA1
4rlP4WJ4zdulCrc=
-----END CERTIFICATE-----
Generated at Sun Jul 20 10:25:09 2025 by rpki-client