Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/E4BB99E2336E11EA94623E18C4F9AE02.roa
File:                     E4BB99E2336E11EA94623E18C4F9AE02.roa (raw, json)
Hash identifier:          qucjAVGWpouOPQ3WeFCClp/39PYcY3aBfMI0Mahgzo8=
Subject key identifier:   45:A6:06:79:0D:95:B4:7F:2C:4E:4C:F2:B4:F9:A4:51:87:01:8F:BB
Certificate issuer:       /CN=A91C6B27/serialNumber=9ECB22ACDE0967A05837E58FC731D357E37637F8
Certificate serial:       0B8B
Authority key identifier: 9E:CB:22:AC:DE:09:67:A0:58:37:E5:8F:C7:31:D3:57:E3:76:37:F8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nssirN4JZ6BYN-WPxzHTV-N2N_g.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/E4BB99E2336E11EA94623E18C4F9AE02.roa
Signing time:             Thu 10 Jul 2025 19:28:55 +0000
ROA not before:           Thu 10 Jul 2025 19:28:55 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     14618
IP address blocks:        202.52.43.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/nssirN4JZ6BYN-WPxzHTV-N2N_g.crl
                          rsync://rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/nssirN4JZ6BYN-WPxzHTV-N2N_g.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nssirN4JZ6BYN-WPxzHTV-N2N_g.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 27 Jul 2025 19:06:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2955 (0xb8b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C6B27, serialNumber=9ECB22ACDE0967A05837E58FC731D357E37637F8
        Validity
            Not Before: Jul 10 19:28:55 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=68701477-93a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:2a:dc:aa:f9:43:b4:df:df:93:f4:90:cd:92:
                    f4:aa:f2:64:2d:cb:62:3a:61:ba:2c:e1:43:99:45:
                    b7:7f:69:89:56:51:43:5c:78:0e:ac:6b:1e:01:38:
                    f9:73:da:ec:32:d6:07:fb:38:04:df:b4:89:67:52:
                    8c:56:e8:cd:43:f0:ca:9c:75:09:9b:1b:88:1c:39:
                    c1:2e:a9:33:fc:f6:c5:83:24:be:78:e0:db:53:a1:
                    c0:04:bd:59:79:8b:c4:f9:a4:90:bb:89:2d:04:ef:
                    9a:6d:bf:73:23:0d:bf:19:31:56:56:42:2f:f7:5c:
                    be:1c:9e:7b:ae:9b:4a:be:46:8f:db:e5:5f:15:44:
                    2c:73:b8:ed:04:06:80:c6:b7:8d:d5:28:6b:ba:22:
                    bf:2d:47:a3:d0:f8:02:4b:a4:7f:6d:ab:ad:b8:92:
                    ec:ef:c5:90:ad:c8:0e:54:f3:3e:b7:31:f3:ac:77:
                    28:4a:d2:be:29:e2:fc:41:85:33:e1:ee:87:92:ff:
                    df:2c:6b:79:25:5e:9a:c6:b7:0d:37:90:9d:bb:e9:
                    1c:19:94:25:73:4c:81:47:c7:82:79:ad:56:49:c7:
                    b7:fc:f4:c3:05:89:e0:f2:9c:94:4d:df:57:0f:62:
                    13:6b:9c:91:85:da:51:21:05:82:4c:f0:26:2a:23:
                    dd:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:A6:06:79:0D:95:B4:7F:2C:4E:4C:F2:B4:F9:A4:51:87:01:8F:BB
            X509v3 Authority Key Identifier:
                keyid:9E:CB:22:AC:DE:09:67:A0:58:37:E5:8F:C7:31:D3:57:E3:76:37:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/nssirN4JZ6BYN-WPxzHTV-N2N_g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nssirN4JZ6BYN-WPxzHTV-N2N_g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/E4BB99E2336E11EA94623E18C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.52.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b5:f7:2f:2b:aa:29:dc:92:e3:d3:65:47:82:a9:aa:7d:4a:08:
         d3:87:d3:7d:80:4e:a3:66:18:7b:c4:a6:48:c3:c1:ee:ae:fd:
         3a:fb:84:20:2c:69:2c:8e:61:d8:f3:e7:ec:a7:78:f1:aa:7b:
         36:2b:31:01:fe:6d:fd:db:84:81:e0:7d:2d:ea:1e:5d:eb:1c:
         59:bd:52:3b:ec:47:f6:1c:4a:66:74:ad:a3:59:5c:ac:7e:3f:
         bc:8c:a5:0c:6d:f7:bf:8f:69:b2:99:f1:a5:f6:bc:32:a9:85:
         55:21:15:a0:59:36:31:0f:0c:17:3f:24:ed:5a:4b:54:c4:0c:
         c0:f7:14:b9:07:06:f4:fa:a8:63:de:dd:1e:df:15:c6:09:86:
         96:de:e5:61:72:5c:1b:2d:99:e2:fb:a3:fc:70:69:77:c3:6d:
         12:05:20:82:e5:18:c5:c8:13:11:b8:0f:a8:60:f2:80:a2:1d:
         b2:22:10:77:4f:23:1c:86:83:2a:cf:53:e6:de:49:f7:cb:dc:
         6c:24:5a:40:b9:33:4f:14:7a:d2:54:ce:68:de:29:62:2b:e5:
         ca:9d:fc:43:c4:c3:1a:78:20:d2:c0:57:b2:5a:44:37:56:a4:
         4b:28:84:6c:3f:d7:ef:dd:f9:3e:07:79:df:b5:ed:b2:4c:36:
         56:e7:a4:38
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC4swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzZCMjcxMTAvBgNVBAUTKDlFQ0IyMkFDREUwOTY3QTA1ODM3RTU4RkM3MzFEMzU3
RTM3NjM3RjgwHhcNMjUwNzEwMTkyODU1WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODcwMTQ3Ny05M2EwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzSrcqvlDtN/fk/SQzZL0qvJkLctiOmG6LOFDmUW3f2mJVlFDXHgOrGseATj5
c9rsMtYH+zgE37SJZ1KMVujNQ/DKnHUJmxuIHDnBLqkz/PbFgyS+eODbU6HABL1Z
eYvE+aSQu4ktBO+abb9zIw2/GTFWVkIv91y+HJ57rptKvkaP2+VfFUQsc7jtBAaA
xreN1ShruiK/LUej0PgCS6R/bautuJLs78WQrcgOVPM+tzHzrHcoStK+KeL8QYUz
4e6Hkv/fLGt5JV6axrcNN5Cdu+kcGZQlc0yBR8eCea1WSce3/PTDBYng8pyUTd9X
D2ITa5yRhdpRIQWCTPAmKiPdqQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEWmBnkN
lbR/LE5M8rT5pFGHAY+7MB8GA1UdIwQYMBaAFJ7LIqzeCWegWDflj8cx01fjdjf4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNkIyNy84MkJGMkJGNDMw
NTQxMUVBQUZDOTExNkVDNEY5QUUwMi9uc3Npck40Slo2QllOLVdQeHpIVFYtTjJO
X2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25zc2lyTjRKWjZCWU4tV1B4ekhUVi1OMk5fZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzZCMjcvODJCRjJCRjQzMDU0MTFFQUFGQzkxMTZFQzRGOUFFMDIvRTRCQjk5RTIz
MzZFMTFFQTk0NjIzRTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKNCswDQYJKoZIhvcNAQELBQADggEBALX3LyuqKdyS49Nl
R4Kpqn1KCNOH032ATqNmGHvEpkjDwe6u/Tr7hCAsaSyOYdjz5+ynePGqezYrMQH+
bf3bhIHgfS3qHl3rHFm9UjvsR/YcSmZ0raNZXKx+P7yMpQxt97+PabKZ8aX2vDKp
hVUhFaBZNjEPDBc/JO1aS1TEDMD3FLkHBvT6qGPe3R7fFcYJhpbe5WFyXBstmeL7
o/xwaXfDbRIFIILlGMXIExG4D6hg8oCiHbIiEHdPIxyGgyrPU+beSffL3GwkWkC5
M08UetJUzmjeKWIr5cqd/EPEwxp4INLAV7JaRDdWpEsohGw/1+/d+T4Hed+17bJM
NlbnpDg=
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:13:09 2025 by rpki-client