Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9168D00/F70A80C2AC0811EB86E42B6BC4F9AE02/7054AB4AAC5611EBA1C1D381C4F9AE02.roa
File:                     7054AB4AAC5611EBA1C1D381C4F9AE02.roa (raw, json)
Hash identifier:          OFrwiJWAkGGk5FsDremtK39rCrSaFqlUshUtXmOJ9aQ=
Subject key identifier:   11:5C:B0:C5:FD:5C:0F:41:EC:B0:44:FC:42:22:ED:96:CB:2F:80:45
Certificate issuer:       /CN=A9168D00/serialNumber=2C36A90BA44793E50840CF65F6652882BFCFB8F2
Certificate serial:       061B
Authority key identifier: 2C:36:A9:0B:A4:47:93:E5:08:40:CF:65:F6:65:28:82:BF:CF:B8:F2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LDapC6RHk-UIQM9l9mUogr_PuPI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9168D00/F70A80C2AC0811EB86E42B6BC4F9AE02/7054AB4AAC5611EBA1C1D381C4F9AE02.roa
Signing time:             Fri 18 Jul 2025 18:29:45 +0000
ROA not before:           Fri 18 Jul 2025 18:29:45 +0000
ROA not after:            Thu 30 Jul 2026 00:00:00 +0000
asID:                     142049
IP address blocks:        103.165.180.0/24 maxlen: 24
                          2001:df6:6e80::/48 maxlen: 48
                          2402:19e0::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9168D00/F70A80C2AC0811EB86E42B6BC4F9AE02/LDapC6RHk-UIQM9l9mUogr_PuPI.crl
                          rsync://rpki.apnic.net/member_repository/A9168D00/F70A80C2AC0811EB86E42B6BC4F9AE02/LDapC6RHk-UIQM9l9mUogr_PuPI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LDapC6RHk-UIQM9l9mUogr_PuPI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 23:10:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1563 (0x61b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9168D00, serialNumber=2C36A90BA44793E50840CF65F6652882BFCFB8F2
        Validity
            Not Before: Jul 18 18:29:45 2025 GMT
            Not After : Jul 30 00:00:00 2026 GMT
        Subject: CN=687a9298-c91b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:01:64:3b:cd:5f:21:78:e3:ce:69:47:c0:f4:
                    eb:5b:a1:b4:99:06:85:f7:d4:d0:af:87:df:99:30:
                    96:63:44:88:fa:3a:f3:35:67:a1:d4:8b:cf:8e:87:
                    00:cd:f3:99:d1:2d:42:b3:85:4e:52:b0:d7:21:ca:
                    50:1c:2a:2d:2d:b6:61:2b:3e:ca:da:30:ce:fa:4e:
                    32:8f:51:9f:e0:23:5a:96:71:f5:9d:cc:bb:a1:7e:
                    35:fe:28:59:5e:56:5b:0c:43:71:f4:3a:ef:35:23:
                    08:f8:bb:7b:80:74:19:a4:1a:97:f3:74:34:a9:bc:
                    00:a6:c1:dc:65:31:d0:be:ea:75:27:a3:7e:2b:ad:
                    04:fb:0d:f0:4b:8f:37:a0:dc:25:e9:73:3a:60:a3:
                    aa:83:e7:09:e0:89:c3:ce:54:6a:93:81:90:df:68:
                    e8:54:b8:dd:d5:a9:c8:ad:2b:c2:03:9d:d1:96:03:
                    90:b6:1a:0a:88:3c:db:69:f5:18:6f:a1:35:28:21:
                    b5:ab:18:88:eb:7c:e2:43:2a:b5:4e:70:c0:3d:01:
                    fd:c2:01:c4:89:b8:f4:e9:b2:db:a0:e3:54:04:c3:
                    75:ef:21:34:f6:d1:dd:f9:98:31:af:e4:c6:4e:fd:
                    0c:b3:1d:49:68:3b:44:9a:cf:63:18:eb:91:29:86:
                    af:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:5C:B0:C5:FD:5C:0F:41:EC:B0:44:FC:42:22:ED:96:CB:2F:80:45
            X509v3 Authority Key Identifier:
                keyid:2C:36:A9:0B:A4:47:93:E5:08:40:CF:65:F6:65:28:82:BF:CF:B8:F2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9168D00/F70A80C2AC0811EB86E42B6BC4F9AE02/LDapC6RHk-UIQM9l9mUogr_PuPI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LDapC6RHk-UIQM9l9mUogr_PuPI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9168D00/F70A80C2AC0811EB86E42B6BC4F9AE02/7054AB4AAC5611EBA1C1D381C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.165.180.0/24
                IPv6:
                  2001:df6:6e80::/48
                  2402:19e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         c2:53:4e:b7:d5:e2:70:72:25:e6:e6:b7:cd:4f:51:58:85:7d:
         d9:a9:3e:50:3e:46:47:04:83:a2:b5:65:72:26:73:ed:02:73:
         cd:94:7e:84:a7:10:b1:76:88:81:41:67:79:db:c1:53:3c:d4:
         32:18:9e:ea:a3:35:63:73:e3:c6:50:a1:c6:91:ba:f3:e2:f9:
         0a:88:cc:49:9b:a1:ce:b0:50:42:68:4a:3c:5d:a3:f9:4e:33:
         94:83:51:3f:42:77:c5:20:8f:e8:9f:95:d6:0b:50:e9:76:66:
         06:0e:d8:dc:df:05:fd:33:68:ae:0d:a6:96:55:91:fe:d9:56:
         54:74:7c:88:2b:12:85:81:14:31:d2:a0:a0:65:0d:da:8d:24:
         e0:2a:90:61:50:fa:1e:e6:78:73:ff:45:bd:6c:6f:40:b5:17:
         8c:1b:d0:ee:1d:90:73:ee:51:21:9d:29:70:d2:94:52:98:be:
         59:79:0b:9a:07:b7:12:b8:b9:5d:d8:bc:7c:47:f0:fd:d4:14:
         95:7e:8f:be:65:8a:97:d6:ab:ed:f2:20:c2:34:5e:9b:95:3b:
         d1:70:99:d8:70:b8:99:63:f0:f4:27:0d:26:fc:3d:31:1e:a0:
         d3:4c:1a:5e:c9:b3:70:78:af:cc:be:ee:5b:82:ae:2d:98:27:
         e8:27:3a:5b
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICBhswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjhEMDAxMTAvBgNVBAUTKDJDMzZBOTBCQTQ0NzkzRTUwODQwQ0Y2NUY2NjUyODgy
QkZDRkI4RjIwHhcNMjUwNzE4MTgyOTQ1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODdhOTI5OC1jOTFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2AFkO81fIXjjzmlHwPTrW6G0mQaF99TQr4ffmTCWY0SI+jrzNWeh1IvPjocA
zfOZ0S1Cs4VOUrDXIcpQHCotLbZhKz7K2jDO+k4yj1Gf4CNalnH1ncy7oX41/ihZ
XlZbDENx9DrvNSMI+Lt7gHQZpBqX83Q0qbwApsHcZTHQvup1J6N+K60E+w3wS483
oNwl6XM6YKOqg+cJ4InDzlRqk4GQ32joVLjd1anIrSvCA53RlgOQthoKiDzbafUY
b6E1KCG1qxiI63ziQyq1TnDAPQH9wgHEibj06bLboONUBMN17yE09tHd+Zgxr+TG
Tv0Msx1JaDtEms9jGOuRKYavXwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFBFcsMX9
XA9B7LBE/EIi7ZbLL4BFMB8GA1UdIwQYMBaAFCw2qQukR5PlCEDPZfZlKIK/z7jy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OEQwMC9GNzBBODBDMkFD
MDgxMUVCODZFNDJCNkJDNEY5QUUwMi9MRGFwQzZSSGstVUlRTTlsOW1Vb2dyX1B1
UEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xEYXBDNlJIay1VSVFNOWw5bVVvZ3JfUHVQSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjhEMDAvRjcwQTgwQzJBQzA4MTFFQjg2RTQyQjZCQzRGOUFFMDIvNzA1NEFCNEFB
QzU2MTFFQkExQzFEMzgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMAwEAgABMAYDBABnpbQwFgQCAAIwEAMHACABDfZugAMFACQCGeAwDQYJKoZI
hvcNAQELBQADggEBAMJTTrfV4nByJebmt81PUViFfdmpPlA+RkcEg6K1ZXImc+0C
c82UfoSnELF2iIFBZ3nbwVM81DIYnuqjNWNz48ZQocaRuvPi+QqIzEmboc6wUEJo
Sjxdo/lOM5SDUT9Cd8Ugj+ifldYLUOl2ZgYO2NzfBf0zaK4NppZVkf7ZVlR0fIgr
EoWBFDHSoKBlDdqNJOAqkGFQ+h7meHP/Rb1sb0C1F4wb0O4dkHPuUSGdKXDSlFKY
vll5C5oHtxK4uV3YvHxH8P3UFJV+j75lipfWq+3yIMI0XpuVO9FwmdhwuJlj8PQn
DSb8PTEeoNNMGl7Js3B4r8y+7luCri2YJ+gnOls=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:21:19 2025 by rpki-client