Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/450B9058E3B511EF8A23824BC4F9AE02.roa
File:                     450B9058E3B511EF8A23824BC4F9AE02.roa (raw, json)
Hash identifier:          wj/1Mo7HUdvLQn991ZBW+Mw/nWFqliNn0q6RaB+vnjI=
Subject key identifier:   C4:50:F1:81:F6:8F:0E:07:74:9B:E7:C2:E2:A4:2D:2C:65:68:2B:23
Certificate issuer:       /CN=A919EDE5/serialNumber=23E983EB8BB7F86BA59235241A10160C8052C64E
Certificate serial:       34C9
Authority key identifier: 23:E9:83:EB:8B:B7:F8:6B:A5:92:35:24:1A:10:16:0C:80:52:C6:4E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I-mD64u3-GulkjUkGhAWDIBSxk4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/450B9058E3B511EF8A23824BC4F9AE02.roa
Signing time:             Mon 14 Jul 2025 06:36:09 +0000
ROA not before:           Mon 14 Jul 2025 06:36:09 +0000
ROA not after:            Tue 30 Dec 2025 00:00:00 +0000
asID:                     132618
IP address blocks:        49.237.8.0/22 maxlen: 22
                          49.237.8.0/24 maxlen: 24
                          49.237.9.0/24 maxlen: 24
                          49.237.10.0/24 maxlen: 24
                          49.237.11.0/24 maxlen: 24
                          49.237.32.0/22 maxlen: 22
                          49.237.32.0/24 maxlen: 24
                          49.237.33.0/24 maxlen: 24
                          49.237.34.0/24 maxlen: 24
                          49.237.35.0/24 maxlen: 24
                          49.237.36.0/22 maxlen: 22
                          49.237.36.0/24 maxlen: 24
                          49.237.37.0/24 maxlen: 24
                          49.237.38.0/24 maxlen: 24
                          49.237.39.0/24 maxlen: 24
                          49.237.64.0/21 maxlen: 21
                          49.237.64.0/24 maxlen: 24
                          49.237.65.0/24 maxlen: 24
                          49.237.66.0/24 maxlen: 24
                          49.237.67.0/24 maxlen: 24
                          49.237.68.0/24 maxlen: 24
                          49.237.69.0/24 maxlen: 24
                          49.237.70.0/24 maxlen: 24
                          49.237.71.0/24 maxlen: 24
                          49.237.72.0/21 maxlen: 21
                          49.237.72.0/24 maxlen: 24
                          49.237.73.0/24 maxlen: 24
                          49.237.74.0/24 maxlen: 24
                          49.237.75.0/24 maxlen: 24
                          49.237.76.0/24 maxlen: 24
                          49.237.77.0/24 maxlen: 24
                          49.237.78.0/24 maxlen: 24
                          49.237.79.0/24 maxlen: 24
                          49.237.80.0/21 maxlen: 21
                          49.237.80.0/24 maxlen: 24
                          49.237.81.0/24 maxlen: 24
                          49.237.82.0/24 maxlen: 24
                          49.237.83.0/24 maxlen: 24
                          49.237.84.0/24 maxlen: 24
                          49.237.85.0/24 maxlen: 24
                          49.237.86.0/24 maxlen: 24
                          49.237.87.0/24 maxlen: 24
                          49.237.88.0/21 maxlen: 21
                          49.237.88.0/24 maxlen: 24
                          49.237.89.0/24 maxlen: 24
                          49.237.90.0/24 maxlen: 24
                          49.237.91.0/24 maxlen: 24
                          49.237.92.0/24 maxlen: 24
                          49.237.93.0/24 maxlen: 24
                          49.237.94.0/24 maxlen: 24
                          49.237.95.0/24 maxlen: 24
                          49.237.96.0/21 maxlen: 21
                          49.237.112.0/21 maxlen: 21
                          49.237.168.0/22 maxlen: 22
                          49.237.168.0/24 maxlen: 24
                          49.237.169.0/24 maxlen: 24
                          49.237.170.0/24 maxlen: 24
                          49.237.171.0/24 maxlen: 24
                          49.237.176.0/22 maxlen: 22
                          49.237.176.0/24 maxlen: 24
                          49.237.177.0/24 maxlen: 24
                          49.237.178.0/24 maxlen: 24
                          49.237.179.0/24 maxlen: 24
                          49.237.180.0/22 maxlen: 22
                          49.237.180.0/24 maxlen: 24
                          49.237.181.0/24 maxlen: 24
                          49.237.182.0/24 maxlen: 24
                          49.237.183.0/24 maxlen: 24
                          49.237.204.0/23 maxlen: 23
                          223.24.172.0/23 maxlen: 23
                          223.24.192.0/21 maxlen: 21
                          223.24.192.0/24 maxlen: 24
                          223.24.193.0/24 maxlen: 24
                          223.24.194.0/24 maxlen: 24
                          223.24.195.0/24 maxlen: 24
                          223.24.196.0/24 maxlen: 24
                          223.24.197.0/24 maxlen: 24
                          223.24.198.0/24 maxlen: 24
                          223.24.199.0/24 maxlen: 24
                          223.24.200.0/21 maxlen: 21
                          223.24.200.0/24 maxlen: 24
                          223.24.201.0/24 maxlen: 24
                          223.24.202.0/24 maxlen: 24
                          223.24.203.0/24 maxlen: 24
                          223.24.204.0/24 maxlen: 24
                          223.24.205.0/24 maxlen: 24
                          223.24.206.0/24 maxlen: 24
                          223.24.207.0/24 maxlen: 24
                          223.24.208.0/21 maxlen: 21
                          223.24.208.0/24 maxlen: 24
                          223.24.209.0/24 maxlen: 24
                          223.24.210.0/24 maxlen: 24
                          223.24.211.0/24 maxlen: 24
                          223.24.212.0/24 maxlen: 24
                          223.24.213.0/24 maxlen: 24
                          223.24.214.0/24 maxlen: 24
                          223.24.215.0/24 maxlen: 24
                          223.24.216.0/21 maxlen: 21
                          223.24.216.0/24 maxlen: 24
                          223.24.217.0/24 maxlen: 24
                          223.24.218.0/24 maxlen: 24
                          223.24.219.0/24 maxlen: 24
                          223.24.220.0/24 maxlen: 24
                          223.24.221.0/24 maxlen: 24
                          223.24.222.0/24 maxlen: 24
                          223.24.223.0/24 maxlen: 24
                          223.24.224.0/21 maxlen: 21
                          223.24.240.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/I-mD64u3-GulkjUkGhAWDIBSxk4.crl
                          rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/I-mD64u3-GulkjUkGhAWDIBSxk4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I-mD64u3-GulkjUkGhAWDIBSxk4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 25 Jul 2025 15:03:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13513 (0x34c9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919EDE5, serialNumber=23E983EB8BB7F86BA59235241A10160C8052C64E
        Validity
            Not Before: Jul 14 06:36:09 2025 GMT
            Not After : Dec 30 00:00:00 2025 GMT
        Subject: CN=6874a559-12b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:6e:0a:b6:60:c1:67:9b:25:bd:c7:35:53:44:
                    af:88:aa:b2:36:96:9c:86:ad:ad:eb:d1:a9:97:fd:
                    45:32:ad:d3:e5:94:48:e6:a8:57:a1:a8:7f:79:3e:
                    87:3e:35:23:b2:db:eb:6e:8f:d7:11:c1:9f:d3:a4:
                    b2:53:e7:30:e9:4f:ce:5f:33:78:7e:a5:1a:d4:2f:
                    0f:f5:6d:f2:dd:f8:d6:de:60:af:b2:a6:c9:dc:f9:
                    dc:1f:aa:0e:60:ce:1c:1f:22:17:25:63:4f:13:36:
                    50:a0:f8:2a:f8:24:6e:0e:a2:65:64:c9:bd:f9:e0:
                    dc:4e:73:59:18:87:57:45:4c:0e:bb:4b:db:f6:7e:
                    ae:66:55:c4:b7:43:4a:d9:e6:51:bb:c9:83:90:3b:
                    74:d0:c9:bb:b2:95:26:3d:0f:96:45:49:65:5c:09:
                    ae:bb:54:70:e4:cb:e7:3a:88:04:65:f6:0a:01:3a:
                    2e:ca:09:3e:a3:ea:ed:3f:7c:d1:3b:3c:4f:2e:ce:
                    80:d0:7e:04:35:49:9e:1c:e1:15:75:f6:db:b9:ba:
                    9e:ef:bc:d2:a1:d5:b2:17:13:c4:f1:84:8d:e1:9d:
                    f7:8a:d4:aa:7b:42:5a:ff:b8:8c:e0:2d:d1:30:6f:
                    7e:85:7a:79:a4:2d:06:e9:ad:c3:2c:38:85:b3:45:
                    08:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:50:F1:81:F6:8F:0E:07:74:9B:E7:C2:E2:A4:2D:2C:65:68:2B:23
            X509v3 Authority Key Identifier:
                keyid:23:E9:83:EB:8B:B7:F8:6B:A5:92:35:24:1A:10:16:0C:80:52:C6:4E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/I-mD64u3-GulkjUkGhAWDIBSxk4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I-mD64u3-GulkjUkGhAWDIBSxk4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/450B9058E3B511EF8A23824BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.237.8.0/22
                  49.237.32.0/21
                  49.237.64.0-49.237.103.255
                  49.237.112.0/21
                  49.237.168.0/22
                  49.237.176.0/21
                  49.237.204.0/23
                  223.24.172.0/23
                  223.24.192.0-223.24.231.255
                  223.24.240.0/21

    Signature Algorithm: sha256WithRSAEncryption
         84:56:d4:bf:97:f2:1e:f7:ce:f9:20:db:d5:7b:48:d2:bd:98:
         c8:d8:b1:89:43:c0:fb:75:88:35:50:16:d9:75:90:ba:9a:a0:
         de:4b:f3:db:5b:5a:33:c0:89:19:bf:a1:49:03:09:78:71:96:
         1b:c7:7c:b1:b9:dd:61:61:e1:46:02:2c:53:d5:a2:e9:a5:7c:
         d4:52:26:99:63:96:29:62:47:7a:38:bf:31:ef:98:0f:1d:59:
         a9:d8:53:f1:e0:bb:f9:95:c9:35:c5:cc:97:4a:71:7a:78:cc:
         87:08:52:0f:0f:64:d6:19:3d:d4:15:23:b7:fe:e0:e0:66:a2:
         34:6d:df:a2:0c:49:cc:dc:9e:21:ab:32:f4:56:4d:56:df:46:
         b2:a1:76:7f:b9:63:d4:67:45:0c:44:fa:9f:b8:40:00:0d:ff:
         71:a1:3f:9c:55:27:a9:72:f1:bb:c2:dc:97:39:aa:fe:f0:21:
         c6:50:df:bf:ca:36:77:3d:dd:a1:0b:69:72:af:b0:be:44:ca:
         ad:0d:1f:ee:f5:d3:0e:a6:fd:ec:39:b6:b2:fc:9c:b2:7a:60:
         ca:2e:2b:0e:ea:fe:f9:50:ce:7f:d7:6c:a9:5a:c6:22:02:02:
         ba:4e:65:59:a0:42:0b:8b:fa:e2:d4:50:ad:83:fd:30:f2:a1:
         28:12:5e:c0
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgICNMkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVERTUxMTAvBgNVBAUTKDIzRTk4M0VCOEJCN0Y4NkJBNTkyMzUyNDFBMTAxNjBD
ODA1MkM2NEUwHhcNMjUwNzE0MDYzNjA5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODc0YTU1OS0xMmI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvG4KtmDBZ5slvcc1U0SviKqyNpachq2t69Gpl/1FMq3T5ZRI5qhXoah/eT6H
PjUjstvrbo/XEcGf06SyU+cw6U/OXzN4fqUa1C8P9W3y3fjW3mCvsqbJ3PncH6oO
YM4cHyIXJWNPEzZQoPgq+CRuDqJlZMm9+eDcTnNZGIdXRUwOu0vb9n6uZlXEt0NK
2eZRu8mDkDt00Mm7spUmPQ+WRUllXAmuu1Rw5MvnOogEZfYKATouygk+o+rtP3zR
OzxPLs6A0H4ENUmeHOEVdfbbubqe77zSodWyFxPE8YSN4Z33itSqe0Ja/7iM4C3R
MG9+hXp5pC0G6a3DLDiFs0UICQIDAQABo4IC2zCCAtcwHQYDVR0OBBYEFMRQ8YH2
jw4HdJvnwuKkLSxlaCsjMB8GA1UdIwQYMBaAFCPpg+uLt/hrpZI1JBoQFgyAUsZO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RURFNS80QTJCNkNDRTFE
OUUxMUUyOUNBMzA5OEUwOEIwMkNEMi9JLW1ENjR1My1HdWxralVrR2hBV0RJQlN4
azQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ktbUQ2NHUzLUd1bGtqVWtHaEFXRElCU3hrNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVERTUvNEEyQjZDQ0UxRDlFMTFFMjlDQTMwOThFMDhCMDJDRDIvNDUwQjkwNThF
M0I1MTFFRjhBMjM4MjRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZQYIKwYBBQUHAQcBAf8E
VjBUMFIEAgABMEwDBAIx7QgDBAMx7SAwDAMEBjHtQAMEAzHtYAMEAzHtcAMEAjHt
qAMEAzHtsAMEATHtzAMEAd8YrDAMAwQG3xjAAwQD3xjgAwQD3xjwMA0GCSqGSIb3
DQEBCwUAA4IBAQCEVtS/l/Ie9875INvVe0jSvZjI2LGJQ8D7dYg1UBbZdZC6mqDe
S/PbW1ozwIkZv6FJAwl4cZYbx3yxud1hYeFGAixT1aLppXzUUiaZY5YpYkd6OL8x
75gPHVmp2FPx4Lv5lck1xcyXSnF6eMyHCFIPD2TWGT3UFSO3/uDgZqI0bd+iDEnM
3J4hqzL0Vk1W30ayoXZ/uWPUZ0UMRPqfuEAADf9xoT+cVSepcvG7wtyXOar+8CHG
UN+/yjZ3Pd2hC2lyr7C+RMqtDR/u9dMOpv3sObay/JyyemDKLisO6v75UM5/12yp
WsYiAgK6TmVZoEILi/ri1FCtg/0w8qEoEl7A
-----END CERTIFICATE-----
Generated at Sun Jul 20 10:25:07 2025 by rpki-client