Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915C1FE/D118AABA1DAA11E2A2ECCAA608B02CD2/6BC5DC4AB10511E591A3E484C4F9AE02.roa
File:                     6BC5DC4AB10511E591A3E484C4F9AE02.roa (raw, json)
Hash identifier:          lhbAPGcQQjVfLeBPPvSfLGakAoAsie+moEAIzx57Z0Y=
Subject key identifier:   2E:57:AD:F4:9A:2E:EE:C0:E6:67:95:65:7D:8F:C5:1F:BB:3A:FF:BD
Certificate issuer:       /CN=A915C1FE/serialNumber=699A0F8D15A34F59956CB4800C6C4404DC0EBD5D
Certificate serial:       34C6
Authority key identifier: 69:9A:0F:8D:15:A3:4F:59:95:6C:B4:80:0C:6C:44:04:DC:0E:BD:5D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZoPjRWjT1mVbLSADGxEBNwOvV0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915C1FE/D118AABA1DAA11E2A2ECCAA608B02CD2/6BC5DC4AB10511E591A3E484C4F9AE02.roa
Signing time:             Thu 10 Jul 2025 15:51:06 +0000
ROA not before:           Thu 10 Jul 2025 15:51:06 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     58666
IP address blocks:        103.232.156.0/23 maxlen: 23
                          103.232.158.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A915C1FE/D118AABA1DAA11E2A2ECCAA608B02CD2/aZoPjRWjT1mVbLSADGxEBNwOvV0.crl
                          rsync://rpki.apnic.net/member_repository/A915C1FE/D118AABA1DAA11E2A2ECCAA608B02CD2/aZoPjRWjT1mVbLSADGxEBNwOvV0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZoPjRWjT1mVbLSADGxEBNwOvV0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 25 Jul 2025 15:21:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13510 (0x34c6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915C1FE, serialNumber=699A0F8D15A34F59956CB4800C6C4404DC0EBD5D
        Validity
            Not Before: Jul 10 15:51:06 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=686fe16a-25cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ad:14:43:52:37:e1:42:e2:9f:36:50:56:20:
                    d4:6c:8a:fc:c3:7c:8f:58:cc:44:c8:3d:db:8b:41:
                    57:f2:38:b0:07:c9:b8:e1:c7:82:e8:1a:0f:d8:9e:
                    1e:4b:90:e3:9e:cb:50:85:22:43:80:55:51:e8:d6:
                    b1:e7:41:97:63:ee:31:b8:c9:86:74:3b:75:c6:73:
                    7e:f8:db:2e:21:ea:66:da:6f:5d:cd:c0:bc:ca:23:
                    b0:7a:6f:bd:60:45:2a:d3:62:97:bf:c7:36:2f:f3:
                    93:69:a7:98:11:89:eb:d2:38:81:50:3c:66:dc:f8:
                    25:04:e1:a3:17:60:60:51:3c:ba:ae:0c:44:3d:ac:
                    a4:59:de:f3:38:77:45:85:93:87:f4:96:8c:0a:be:
                    86:b4:27:3f:e7:4f:af:d3:a7:51:f6:0e:04:57:0a:
                    d6:14:b4:c1:3a:6c:d9:cd:2c:d2:f6:73:ac:ab:23:
                    d7:39:52:e7:db:13:1f:1c:d3:34:85:b7:44:68:2a:
                    f5:26:3e:3d:b9:db:5f:a8:66:00:8c:81:82:12:90:
                    e6:f3:c2:0f:38:36:a9:d7:97:b6:ea:51:9b:d2:de:
                    91:da:7f:51:b3:ad:97:65:56:ea:71:f1:98:7c:21:
                    f9:a0:3e:bc:8e:31:a5:69:97:f1:a2:9b:23:77:28:
                    5b:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:57:AD:F4:9A:2E:EE:C0:E6:67:95:65:7D:8F:C5:1F:BB:3A:FF:BD
            X509v3 Authority Key Identifier:
                keyid:69:9A:0F:8D:15:A3:4F:59:95:6C:B4:80:0C:6C:44:04:DC:0E:BD:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915C1FE/D118AABA1DAA11E2A2ECCAA608B02CD2/aZoPjRWjT1mVbLSADGxEBNwOvV0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZoPjRWjT1mVbLSADGxEBNwOvV0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915C1FE/D118AABA1DAA11E2A2ECCAA608B02CD2/6BC5DC4AB10511E591A3E484C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.232.156.0-103.232.158.255

    Signature Algorithm: sha256WithRSAEncryption
         01:79:b4:f2:c2:e2:29:ca:54:bf:6f:d4:94:93:98:f5:18:86:
         29:84:7d:e8:85:a1:ba:91:3e:55:e3:24:21:f9:5f:dd:9f:71:
         ed:2c:bb:07:0b:8b:0e:c8:a3:1b:27:05:94:a1:e4:e0:8f:43:
         fb:51:fa:15:28:92:dc:94:90:9f:b6:d8:3e:14:b4:34:28:0b:
         f6:87:49:65:3b:92:5b:0f:5c:75:f5:7d:80:8b:c3:e6:93:55:
         33:17:af:5f:4b:b9:b3:8b:77:93:de:d2:cf:33:8c:67:46:d2:
         b6:e6:34:42:d0:72:6c:61:94:56:d3:cc:77:ef:99:4b:9f:f4:
         de:8d:6f:90:7e:4c:e7:7d:7d:6d:5c:f0:86:32:39:41:81:02:
         c2:c2:48:fb:ba:39:b2:49:42:83:76:cb:dd:21:a5:4e:28:45:
         dd:67:e7:53:6f:21:68:7b:49:0e:63:0c:2e:0f:fe:68:98:7a:
         23:06:64:a9:fc:9c:da:28:6b:41:8b:b3:09:26:c0:fc:63:14:
         cc:41:74:86:11:67:41:20:6d:6f:a1:b4:72:ea:f3:51:0e:96:
         df:7b:8a:1c:79:27:6f:32:b7:d3:8b:f4:35:3e:3c:68:3d:4f:
         3d:53:07:c2:ee:95:f8:19:e9:0d:7d:0b:dc:34:65:4d:b4:d6:
         58:65:13:e3
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICNMYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUMxRkUxMTAvBgNVBAUTKDY5OUEwRjhEMTVBMzRGNTk5NTZDQjQ4MDBDNkM0NDA0
REMwRUJENUQwHhcNMjUwNzEwMTU1MTA2WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODZmZTE2YS0yNWNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvK0UQ1I34ULinzZQViDUbIr8w3yPWMxEyD3bi0FX8jiwB8m44ceC6BoP2J4e
S5DjnstQhSJDgFVR6Nax50GXY+4xuMmGdDt1xnN++NsuIepm2m9dzcC8yiOwem+9
YEUq02KXv8c2L/OTaaeYEYnr0jiBUDxm3PglBOGjF2BgUTy6rgxEPaykWd7zOHdF
hZOH9JaMCr6GtCc/50+v06dR9g4EVwrWFLTBOmzZzSzS9nOsqyPXOVLn2xMfHNM0
hbdEaCr1Jj49udtfqGYAjIGCEpDm88IPODap15e26lGb0t6R2n9Rs62XZVbqcfGY
fCH5oD68jjGlaZfxopsjdyhbDwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFC5XrfSa
Lu7A5meVZX2PxR+7Ov+9MB8GA1UdIwQYMBaAFGmaD40Vo09ZlWy0gAxsRATcDr1d
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QzFGRS9EMTE4QUFCQTFE
QUExMUUyQTJFQ0NBQTYwOEIwMkNEMi9hWm9QalJXalQxbVZiTFNBREd4RUJOd092
VjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Fab1BqUldqVDFtVmJMU0FER3hFQk53T3ZWMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUMxRkUvRDExOEFBQkExREFBMTFFMkEyRUNDQUE2MDhCMDJDRDIvNkJDNURDNEFC
MTA1MTFFNTkxQTNFNDg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAmfonAMEAGfonjANBgkqhkiG9w0BAQsFAAOCAQEAAXm0
8sLiKcpUv2/UlJOY9RiGKYR96IWhupE+VeMkIflf3Z9x7Sy7BwuLDsijGycFlKHk
4I9D+1H6FSiS3JSQn7bYPhS0NCgL9odJZTuSWw9cdfV9gIvD5pNVMxevX0u5s4t3
k97SzzOMZ0bStuY0QtBybGGUVtPMd++ZS5/03o1vkH5M5319bVzwhjI5QYECwsJI
+7o5sklCg3bL3SGlTihF3WfnU28haHtJDmMMLg/+aJh6IwZkqfyc2ihrQYuzCSbA
/GMUzEF0hhFnQSBtb6G0curzUQ6W33uKHHknbzK304v0NT48aD1PPVMHwu6V+Bnp
DX0L3DRlTbTWWGUT4w==
-----END CERTIFICATE-----
Generated at Sun Jul 20 06:33:52 2025 by rpki-client