Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1323/084D88D495B711EABB824F1BC4F9AE02/B991BA26335E11F082E02017C4F9AE02.roa
File:                     B991BA26335E11F082E02017C4F9AE02.roa (raw, json)
Hash identifier:          kVECVPS0J+UoN2U9jXQQm5eeK1BW3uoSrd4V9IkubO8=
Subject key identifier:   D5:38:63:72:53:5D:48:08:93:A4:49:02:45:C9:BB:A1:DB:18:C3:66
Certificate issuer:       /CN=A91C1323/serialNumber=412A6511CFEDCFECB5590C96C8C361E2FED44857
Certificate serial:       60A0
Authority key identifier: 41:2A:65:11:CF:ED:CF:EC:B5:59:0C:96:C8:C3:61:E2:FE:D4:48:57
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSplEc_tz-y1WQyWyMNh4v7USFc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C1323/084D88D495B711EABB824F1BC4F9AE02/B991BA26335E11F082E02017C4F9AE02.roa
Signing time:             Wed 23 Jul 2025 07:06:41 +0000
ROA not before:           Wed 23 Jul 2025 07:06:41 +0000
ROA not after:            Thu 30 Jul 2026 00:00:00 +0000
asID:                     140881
IP address blocks:        118.143.172.0/24 maxlen: 24
                          210.3.21.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C1323/084D88D495B711EABB824F1BC4F9AE02/QSplEc_tz-y1WQyWyMNh4v7USFc.crl
                          rsync://rpki.apnic.net/member_repository/A91C1323/084D88D495B711EABB824F1BC4F9AE02/QSplEc_tz-y1WQyWyMNh4v7USFc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSplEc_tz-y1WQyWyMNh4v7USFc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 30 Jul 2025 07:30:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24736 (0x60a0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C1323, serialNumber=412A6511CFEDCFECB5590C96C8C361E2FED44857
        Validity
            Not Before: Jul 23 07:06:41 2025 GMT
            Not After : Jul 30 00:00:00 2026 GMT
        Subject: CN=68808a00-e53f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:a7:1a:56:45:58:e3:d6:ad:dc:b4:a8:72:6b:
                    d2:13:78:0e:b7:10:43:29:9c:71:a2:85:3f:02:5f:
                    65:6c:c8:ee:18:16:33:60:41:68:78:6e:ef:b0:2e:
                    b1:df:cd:33:59:94:05:78:a3:16:80:8f:00:60:71:
                    40:48:37:a3:ba:19:97:f9:d3:55:0d:21:18:bb:27:
                    0a:89:a5:86:13:fe:e1:56:5e:b8:55:10:bb:45:b3:
                    71:39:04:64:6b:23:28:7c:46:d8:8f:0d:fc:35:06:
                    3d:88:95:2e:b6:a8:46:7c:42:1a:2f:9b:94:1a:69:
                    88:17:4d:6b:ed:96:3c:b7:d7:24:08:ea:3a:45:19:
                    86:2d:03:e8:c4:fb:6d:57:5a:d2:5d:2c:3c:1d:b5:
                    d6:3b:54:e8:aa:97:79:46:ea:0c:75:3f:33:22:dc:
                    3d:d5:f4:44:83:46:dc:c3:87:d4:4c:94:e0:3b:f5:
                    ef:ad:c1:77:d7:0e:f8:b6:36:d5:e0:30:26:7f:b0:
                    db:24:5f:2b:6e:22:4f:eb:70:fa:b7:17:84:95:40:
                    ad:bd:99:96:f9:a5:5b:7a:99:91:b7:6b:cc:73:b8:
                    83:18:89:cc:65:d2:74:97:41:e2:5c:6b:88:80:7d:
                    23:4c:49:6c:15:07:84:74:fe:74:6c:c6:fe:f7:0e:
                    92:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:38:63:72:53:5D:48:08:93:A4:49:02:45:C9:BB:A1:DB:18:C3:66
            X509v3 Authority Key Identifier:
                keyid:41:2A:65:11:CF:ED:CF:EC:B5:59:0C:96:C8:C3:61:E2:FE:D4:48:57

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C1323/084D88D495B711EABB824F1BC4F9AE02/QSplEc_tz-y1WQyWyMNh4v7USFc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSplEc_tz-y1WQyWyMNh4v7USFc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1323/084D88D495B711EABB824F1BC4F9AE02/B991BA26335E11F082E02017C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.143.172.0/24
                  210.3.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:91:5f:8b:ac:3e:34:32:88:2a:e9:0c:46:ce:ca:e3:e6:1b:
         fd:10:9d:45:6c:ac:4b:71:fa:90:a6:77:5c:03:fa:e2:73:7e:
         b8:71:3c:23:e4:2b:ac:1b:83:a5:6d:c4:05:27:b8:9d:69:40:
         77:f6:09:90:11:19:3f:fc:f3:b8:61:db:63:c5:df:ff:73:ce:
         61:d8:f4:7b:b2:69:03:45:36:16:c3:4a:fa:de:00:5e:06:a3:
         4c:1e:2d:ac:fd:43:af:b6:26:9c:f7:24:9c:67:e1:66:2d:41:
         dc:fe:2d:ea:14:7c:10:3d:2c:1f:69:cc:52:9c:e6:24:d4:13:
         5b:26:5c:6d:58:b2:98:06:a2:f5:5d:f7:af:37:21:36:e1:f2:
         d1:73:18:79:bb:6c:36:7f:ff:92:eb:8b:0d:26:e6:b3:26:b8:
         59:91:47:c9:07:fc:73:99:7b:c9:49:99:56:ff:41:12:f6:fa:
         42:8a:eb:27:5c:1f:d8:64:0e:84:52:be:34:98:14:a9:7f:a4:
         2c:2d:13:b9:4c:8a:09:53:36:c0:e6:ee:1e:15:3f:06:04:20:
         4d:3e:7c:00:d3:0d:43:df:98:06:51:64:56:a9:6c:89:16:d4:
         ca:43:2b:00:80:ff:ab:cd:5a:02:10:f3:3d:e9:97:6a:b9:df:
         ce:85:55:0f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICYKAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzEzMjMxMTAvBgNVBAUTKDQxMkE2NTExQ0ZFRENGRUNCNTU5MEM5NkM4QzM2MUUy
RkVENDQ4NTcwHhcNMjUwNzIzMDcwNjQxWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODgwOGEwMC1lNTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4acaVkVY49at3LSocmvSE3gOtxBDKZxxooU/Al9lbMjuGBYzYEFoeG7vsC6x
380zWZQFeKMWgI8AYHFASDejuhmX+dNVDSEYuycKiaWGE/7hVl64VRC7RbNxOQRk
ayMofEbYjw38NQY9iJUutqhGfEIaL5uUGmmIF01r7ZY8t9ckCOo6RRmGLQPoxPtt
V1rSXSw8HbXWO1Toqpd5RuoMdT8zItw91fREg0bcw4fUTJTgO/XvrcF31w74tjbV
4DAmf7DbJF8rbiJP63D6txeElUCtvZmW+aVbepmRt2vMc7iDGInMZdJ0l0HiXGuI
gH0jTElsFQeEdP50bMb+9w6S8QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNU4Y3JT
XUgIk6RJAkXJu6HbGMNmMB8GA1UdIwQYMBaAFEEqZRHP7c/stVkMlsjDYeL+1EhX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMTMyMy8wODREODhENDk1
QjcxMUVBQkI4MjRGMUJDNEY5QUUwMi9RU3BsRWNfdHoteTFXUXlXeU1OaDR2N1VT
RmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FTcGxFY190ei15MVdReVd5TU5oNHY3VVNGYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzEzMjMvMDg0RDg4RDQ5NUI3MTFFQUJCODI0RjFCQzRGOUFFMDIvQjk5MUJBMjYz
MzVFMTFGMDgyRTAyMDE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAB2j6wDBADSAxUwDQYJKoZIhvcNAQELBQADggEBAG+RX4us
PjQyiCrpDEbOyuPmG/0QnUVsrEtx+pCmd1wD+uJzfrhxPCPkK6wbg6VtxAUnuJ1p
QHf2CZARGT/887hh22PF3/9zzmHY9HuyaQNFNhbDSvreAF4Go0weLaz9Q6+2Jpz3
JJxn4WYtQdz+LeoUfBA9LB9pzFKc5iTUE1smXG1YspgGovVd9683ITbh8tFzGHm7
bDZ//5Lriw0m5rMmuFmRR8kH/HOZe8lJmVb/QRL2+kKK6ydcH9hkDoRSvjSYFKl/
pCwtE7lMiglTNsDm7h4VPwYEIE0+fADTDUPfmAZRZFapbIkW1MpDKwCA/6vNWgIQ
8z3pl2q5386FVQ8=
-----END CERTIFICATE-----
Generated at Thu Jul 24 08:28:48 2025 by rpki-client