Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/F33309A2B72011EFB3A5D772C4F9AE02.roa
File:                     F33309A2B72011EFB3A5D772C4F9AE02.roa (raw, json)
Hash identifier:          sPYK904wHIWBGcH5mDdbXVeuBhglZFt8rbG1ZnupH8c=
Subject key identifier:   44:34:F5:A8:B9:AD:1B:42:D8:28:38:F8:36:33:1D:30:01:9E:0B:47
Certificate issuer:       /CN=A91982EF/serialNumber=87197FD546DC31523111DD9390B1BA3F3D702656
Certificate serial:       84
Authority key identifier: 87:19:7F:D5:46:DC:31:52:31:11:DD:93:90:B1:BA:3F:3D:70:26:56
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/F33309A2B72011EFB3A5D772C4F9AE02.roa
Signing time:             Wed 09 Jul 2025 08:13:51 +0000
ROA not before:           Wed 09 Jul 2025 08:13:51 +0000
ROA not after:            Mon 31 Aug 2026 00:00:00 +0000
asID:                     13445
IP address blocks:        2402:2500:10::/44 maxlen: 44
                          2402:2500:20::/44 maxlen: 44
                          2402:2500:30::/44 maxlen: 44
                          2402:2500:40::/44 maxlen: 44
                          2402:2500:50::/44 maxlen: 44
                          2402:2500:100::/40 maxlen: 40
                          2402:2500:200::/40 maxlen: 40
                          2402:2500:300::/40 maxlen: 40
                          2402:2500:400::/40 maxlen: 40
                          2402:2500:500::/40 maxlen: 40
                          2402:2500:1010::/44 maxlen: 44
                          2402:2500:1020::/44 maxlen: 44
                          2402:2500:1030::/44 maxlen: 44
                          2402:2500:1040::/44 maxlen: 44
                          2402:2500:1050::/44 maxlen: 44
                          2402:2500:10a0::/44 maxlen: 44
                          2402:2500:10a0::/48 maxlen: 48
                          2402:2500:10a1::/48 maxlen: 48
                          2402:2500:10a2::/48 maxlen: 48
                          2402:2500:10a3::/48 maxlen: 48
                          2402:2500:10a4::/48 maxlen: 48
                          2402:2500:10a5::/48 maxlen: 48
                          2402:2500:10a6::/48 maxlen: 48
                          2402:2500:10a7::/48 maxlen: 48
                          2402:2500:10a8::/48 maxlen: 48
                          2402:2500:10a9::/48 maxlen: 48
                          2402:2500:10aa::/48 maxlen: 48
                          2402:2500:10ab::/48 maxlen: 48
                          2402:2500:10ac::/48 maxlen: 48
                          2402:2500:10ad::/48 maxlen: 48
                          2402:2500:10ae::/48 maxlen: 48
                          2402:2500:10af::/48 maxlen: 48
                          2402:2500:1100::/44 maxlen: 44
                          2402:2500:1200::/44 maxlen: 44
                          2402:2500:1300::/44 maxlen: 44
                          2402:2500:1400::/44 maxlen: 44
                          2402:2500:1500::/44 maxlen: 44
                          2402:2500:2010::/44 maxlen: 44
                          2402:2500:2020::/44 maxlen: 44
                          2402:2500:2030::/44 maxlen: 44
                          2402:2500:2040::/44 maxlen: 44
                          2402:2500:2050::/44 maxlen: 44
                          2402:2500:20a0::/44 maxlen: 44
                          2402:2500:20a0::/48 maxlen: 48
                          2402:2500:20a1::/48 maxlen: 48
                          2402:2500:20a2::/48 maxlen: 48
                          2402:2500:20a3::/48 maxlen: 48
                          2402:2500:20a4::/48 maxlen: 48
                          2402:2500:20a5::/48 maxlen: 48
                          2402:2500:20a6::/48 maxlen: 48
                          2402:2500:20a7::/48 maxlen: 48
                          2402:2500:20a8::/48 maxlen: 48
                          2402:2500:20a9::/48 maxlen: 48
                          2402:2500:20aa::/48 maxlen: 48
                          2402:2500:20ab::/48 maxlen: 48
                          2402:2500:20ac::/48 maxlen: 48
                          2402:2500:20ad::/48 maxlen: 48
                          2402:2500:20ae::/48 maxlen: 48
                          2402:2500:20af::/48 maxlen: 48
                          2402:2500:2100::/44 maxlen: 44
                          2402:2500:2200::/44 maxlen: 44
                          2402:2500:2300::/44 maxlen: 44
                          2402:2500:2400::/44 maxlen: 44
                          2402:2500:2500::/44 maxlen: 44
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.crl
                          rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 28 Jul 2025 07:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 132 (0x84)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91982EF, serialNumber=87197FD546DC31523111DD9390B1BA3F3D702656
        Validity
            Not Before: Jul  9 08:13:51 2025 GMT
            Not After : Aug 31 00:00:00 2026 GMT
        Subject: CN=686e24bf-ac90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:20:b7:26:3c:e9:f3:a9:dd:f9:c9:ef:7d:16:
                    a2:38:eb:aa:ba:cc:e2:ec:23:2f:b6:0c:51:0f:93:
                    fd:df:f3:7c:13:9e:36:76:b6:9f:56:2e:fc:f5:99:
                    60:c7:21:d0:68:19:44:fa:11:0a:96:4f:a8:df:b9:
                    57:6f:b8:f7:f9:33:fc:27:e4:8f:93:1c:b5:aa:d7:
                    73:84:dd:1f:3b:25:97:1b:0b:97:d7:31:30:c6:e0:
                    46:00:09:f9:ae:54:bb:32:26:0e:90:cd:de:3d:0e:
                    3f:40:c9:00:db:95:cf:1e:e8:59:38:fd:3c:c5:77:
                    61:1d:3e:ea:8a:37:2e:cf:b4:53:ec:d6:1d:54:02:
                    bc:41:74:fb:9c:d9:0f:7b:fd:8b:20:47:c6:41:e9:
                    50:cc:f5:31:d2:c3:41:a9:20:a0:09:e3:d5:2e:29:
                    18:23:35:20:aa:02:fc:0f:67:3b:65:d2:6c:7f:f4:
                    d8:9e:46:e2:53:cf:bc:51:31:28:5b:24:c2:b9:a0:
                    6b:0c:c8:f6:99:a6:7a:10:53:10:6f:92:fa:18:48:
                    54:fc:3f:1b:e5:80:61:78:f3:0d:52:c4:43:3a:67:
                    0a:e2:fa:ed:8b:b0:4b:6c:03:15:2c:77:ab:21:41:
                    eb:07:2b:4e:1c:61:25:6c:6f:91:c4:a1:77:de:29:
                    09:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:34:F5:A8:B9:AD:1B:42:D8:28:38:F8:36:33:1D:30:01:9E:0B:47
            X509v3 Authority Key Identifier:
                keyid:87:19:7F:D5:46:DC:31:52:31:11:DD:93:90:B1:BA:3F:3D:70:26:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/F33309A2B72011EFB3A5D772C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2402:2500:10::-2402:2500:5f:ffff:ffff:ffff:ffff:ffff
                  2402:2500:100::-2402:2500:5ff:ffff:ffff:ffff:ffff:ffff
                  2402:2500:1010::-2402:2500:105f:ffff:ffff:ffff:ffff:ffff
                  2402:2500:10a0::/44
                  2402:2500:1100::/44
                  2402:2500:1200::/44
                  2402:2500:1300::/44
                  2402:2500:1400::/44
                  2402:2500:1500::/44
                  2402:2500:2010::-2402:2500:205f:ffff:ffff:ffff:ffff:ffff
                  2402:2500:20a0::/44
                  2402:2500:2100::/44
                  2402:2500:2200::/44
                  2402:2500:2300::/44
                  2402:2500:2400::/44
                  2402:2500:2500::/44

    Signature Algorithm: sha256WithRSAEncryption
         59:f0:ea:45:2e:7d:58:91:98:02:3f:10:f9:4f:a4:21:7c:cd:
         b7:15:8f:f3:77:40:66:11:9f:fd:ec:6e:64:ea:8d:79:92:fe:
         10:95:6b:8f:5f:66:14:80:32:6d:58:25:6b:3d:3d:f1:74:2c:
         75:80:7d:a7:78:4c:94:64:2d:77:cf:e9:f1:fb:31:89:bf:3c:
         75:4b:ed:ec:2b:8a:54:8f:f8:06:da:84:41:77:47:b5:35:5d:
         0d:59:48:7e:4c:34:55:20:28:9e:12:d0:6b:c1:51:9a:cd:c5:
         d2:d2:82:e1:1c:1d:b2:af:71:bd:d3:35:3c:b5:fa:75:3a:c1:
         1f:65:fa:97:b0:a6:23:d9:5b:43:b1:87:8f:3f:ed:6b:5b:84:
         94:5d:38:a6:11:f7:3e:90:1a:a2:a3:ab:3c:16:61:d4:7c:a8:
         7d:6d:35:10:50:cc:83:ca:3e:c6:21:01:1e:83:59:ea:46:61:
         18:2d:2a:a9:40:e6:57:f4:f9:2b:a6:a8:0a:6c:22:c0:0e:e0:
         8b:18:63:61:a9:74:fc:2d:8b:7e:be:2e:3b:b4:95:2e:c6:e4:
         8a:ad:5f:56:ac:c4:6e:21:82:2e:31:38:9c:15:59:8e:81:12:
         c3:75:27:95:a8:0e:eb:69:6c:85:23:fc:b5:8d:9c:2f:e1:c1:
         a6:e6:c2:84
-----BEGIN CERTIFICATE-----
MIIGKjCCBRKgAwIBAgICAIQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTgyRUYxMTAvBgNVBAUTKDg3MTk3RkQ1NDZEQzMxNTIzMTExREQ5MzkwQjFCQTNG
M0Q3MDI2NTYwHhcNMjUwNzA5MDgxMzUxWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODZlMjRiZi1hYzkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAziC3Jjzp86nd+cnvfRaiOOuquszi7CMvtgxRD5P93/N8E542drafVi789Zlg
xyHQaBlE+hEKlk+o37lXb7j3+TP8J+SPkxy1qtdzhN0fOyWXGwuX1zEwxuBGAAn5
rlS7MiYOkM3ePQ4/QMkA25XPHuhZOP08xXdhHT7qijcuz7RT7NYdVAK8QXT7nNkP
e/2LIEfGQelQzPUx0sNBqSCgCePVLikYIzUgqgL8D2c7ZdJsf/TYnkbiU8+8UTEo
WyTCuaBrDMj2maZ6EFMQb5L6GEhU/D8b5YBhePMNUsRDOmcK4vrti7BLbAMVLHer
IUHrBytOHGElbG+RxKF33ikJnwIDAQABo4IDTjCCA0owHQYDVR0OBBYEFEQ09ai5
rRtC2Cg4+DYzHTABngtHMB8GA1UdIwQYMBaAFIcZf9VG3DFSMRHdk5Cxuj89cCZW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODJFRi9GQzY1MEI3MkI3
MUQxMUVGODk4MkM0MENDNEY5QUUwMi9oeGxfMVViY01WSXhFZDJUa0xHNlB6MXdK
bFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h4bF8xVWJjTVZJeEVkMlRrTEc2UHoxd0psWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTgyRUYvRkM2NTBCNzJCNzFEMTFFRjg5ODJDNDBDQzRGOUFFMDIvRjMzMzA5QTJC
NzIwMTFFRkIzQTVENzcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdcGCCsGAQUFBwEHAQH/
BIHHMIHEMIHBBAIAAjCBujASAwcEJAIlAAAQAwcFJAIlAABAMBADBgAkAiUAAQMG
ASQCJQAEMBIDBwQkAiUAEBADBwUkAiUAEEADBwQkAiUAEKADBwQkAiUAEQADBwQk
AiUAEgADBwQkAiUAEwADBwQkAiUAFAADBwQkAiUAFQAwEgMHBCQCJQAgEAMHBSQC
JQAgQAMHBCQCJQAgoAMHBCQCJQAhAAMHBCQCJQAiAAMHBCQCJQAjAAMHBCQCJQAk
AAMHBCQCJQAlADANBgkqhkiG9w0BAQsFAAOCAQEAWfDqRS59WJGYAj8Q+U+kIXzN
txWP83dAZhGf/exuZOqNeZL+EJVrj19mFIAybVglaz098XQsdYB9p3hMlGQtd8/p
8fsxib88dUvt7CuKVI/4BtqEQXdHtTVdDVlIfkw0VSAonhLQa8FRms3F0tKC4Rwd
sq9xvdM1PLX6dTrBH2X6l7CmI9lbQ7GHjz/ta1uElF04phH3PpAaoqOrPBZh1Hyo
fW01EFDMg8o+xiEBHoNZ6kZhGC0qqUDmV/T5K6aoCmwiwA7gixhjYal0/C2Lfr4u
O7SVLsbkiq1fVqzEbiGCLjE4nBVZjoESw3UnlagO62lshSP8tY2cL+HBpubChA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:25:14 2025 by rpki-client