Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9119010/6A7E940A0C3A11EA93557C79C4F9AE02/6AAE9EC03C6D11F0890C1546C4F9AE02.roa
File:                     6AAE9EC03C6D11F0890C1546C4F9AE02.roa (raw, json)
Hash identifier:          Fjs0TU9gzU04QRaG0LDDD3BWVYWiyk2BOJBnhSA8Uzo=
Subject key identifier:   06:74:00:8F:86:76:8C:EC:EC:86:FC:DF:A7:DE:82:28:57:E4:81:45
Certificate issuer:       /CN=A9119010/serialNumber=751A8B3D5B62E81F46A4C7BD4695BF3A8069CA3E
Certificate serial:       1F
Authority key identifier: 75:1A:8B:3D:5B:62:E8:1F:46:A4:C7:BD:46:95:BF:3A:80:69:CA:3E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dRqLPVti6B9GpMe9RpW_OoBpyj4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9119010/6A7E940A0C3A11EA93557C79C4F9AE02/6AAE9EC03C6D11F0890C1546C4F9AE02.roa
Signing time:             Thu 29 May 2025 09:16:38 +0000
ROA not before:           Thu 29 May 2025 09:16:38 +0000
ROA not after:            Sat 31 Jan 2026 00:00:00 +0000
asID:                     139806
IP address blocks:        103.145.74.0/24 maxlen: 24
                          2001:df5:4680::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9119010/6A7E940A0C3A11EA93557C79C4F9AE02/dRqLPVti6B9GpMe9RpW_OoBpyj4.crl
                          rsync://rpki.apnic.net/member_repository/A9119010/6A7E940A0C3A11EA93557C79C4F9AE02/dRqLPVti6B9GpMe9RpW_OoBpyj4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dRqLPVti6B9GpMe9RpW_OoBpyj4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 19 Jun 2025 18:27:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 31 (0x1f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9119010, serialNumber=751A8B3D5B62E81F46A4C7BD4695BF3A8069CA3E
        Validity
            Not Before: May 29 09:16:38 2025 GMT
            Not After : Jan 31 00:00:00 2026 GMT
        Subject: CN=683825f6-2376
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:3d:45:47:74:72:44:0b:db:cc:fc:d1:9e:62:
                    0f:1d:68:a4:13:22:0f:0b:8b:30:4a:22:00:fe:42:
                    26:51:0c:44:e8:cf:78:c1:3a:97:29:52:a7:9a:12:
                    23:f5:9b:eb:f2:db:40:7b:e5:90:4d:78:93:f1:c1:
                    9c:e4:50:11:04:51:8a:99:df:49:5b:58:84:26:f4:
                    00:dd:04:27:61:5b:06:d8:41:df:49:d7:cc:35:2b:
                    ac:e1:71:0a:09:3b:98:48:9f:61:56:1a:07:4c:83:
                    7f:a7:1b:8c:37:21:8c:21:2c:b2:00:d0:97:4b:76:
                    e9:e2:79:35:a0:2e:32:a2:b2:3a:ea:46:e4:f9:6c:
                    7d:2a:53:c8:4d:b7:06:13:cf:aa:90:22:2c:6d:74:
                    a5:7c:8f:f3:11:9d:08:f0:72:22:8e:cc:05:09:18:
                    ac:59:2a:91:f9:dd:74:cb:8a:b4:e9:3e:38:5e:c2:
                    2b:88:45:c0:92:92:e0:ef:fa:8a:03:78:7b:a3:0c:
                    8b:07:d9:e4:25:2b:e0:ec:8d:85:7e:3d:5c:2f:b8:
                    0b:3a:73:d3:30:31:e0:dd:14:3d:43:98:37:cb:c2:
                    12:13:64:ed:35:c4:31:b8:37:c8:bb:d0:1c:b5:6c:
                    e9:c6:ed:6a:a9:5c:64:fc:2f:e8:5e:7a:a7:85:92:
                    fc:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:74:00:8F:86:76:8C:EC:EC:86:FC:DF:A7:DE:82:28:57:E4:81:45
            X509v3 Authority Key Identifier:
                keyid:75:1A:8B:3D:5B:62:E8:1F:46:A4:C7:BD:46:95:BF:3A:80:69:CA:3E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9119010/6A7E940A0C3A11EA93557C79C4F9AE02/dRqLPVti6B9GpMe9RpW_OoBpyj4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dRqLPVti6B9GpMe9RpW_OoBpyj4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119010/6A7E940A0C3A11EA93557C79C4F9AE02/6AAE9EC03C6D11F0890C1546C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.145.74.0/24
                IPv6:
                  2001:df5:4680::/48

    Signature Algorithm: sha256WithRSAEncryption
         75:70:58:ba:34:cb:ea:c7:f2:7c:9c:58:f3:1a:dc:3b:5b:16:
         b5:ac:f6:6f:b0:1d:ae:3e:cb:f9:c9:1d:23:83:fd:a4:d9:fc:
         35:7f:e7:30:d9:c3:b2:4a:e2:82:15:77:41:60:a7:0c:f1:3f:
         13:ad:a3:6f:28:94:eb:66:01:96:41:ac:cd:03:86:5a:d8:2f:
         95:22:41:3a:85:81:a4:62:42:dc:4e:a5:e1:e0:5c:9a:52:4d:
         6c:df:07:9e:e0:2c:74:56:2a:b7:e0:a3:78:45:88:70:70:24:
         85:1f:ed:2b:5e:f9:77:7a:ee:4b:0e:26:c1:64:a1:c3:26:a1:
         88:25:fd:35:cd:c7:95:4e:1f:c4:14:09:00:cd:0e:54:1b:1c:
         d2:ac:21:30:67:e7:d4:c8:85:5e:8d:da:f8:57:8f:8d:ef:f6:
         72:22:fb:e1:da:0d:c7:b0:e9:26:f5:44:08:d3:d5:44:f9:0f:
         b3:6f:2e:ad:54:14:31:9c:4f:aa:9c:3a:23:3e:1b:78:10:b2:
         44:48:b9:1e:e0:8c:bd:b8:3b:c8:9c:ca:b5:f5:e8:c3:43:01:
         cf:d2:b4:b7:98:97:32:4e:65:e2:70:5f:32:bd:40:b3:2c:62:
         9f:35:12:f6:09:19:81:4c:17:39:54:00:77:a1:35:ec:a3:b8:
         52:c7:34:ed
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBHzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
OTAxMDExMC8GA1UEBRMoNzUxQThCM0Q1QjYyRTgxRjQ2QTRDN0JENDY5NUJGM0E4
MDY5Q0EzRTAeFw0yNTA1MjkwOTE2MzhaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4MzgyNWY2LTIzNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCiPUVHdHJEC9vM/NGeYg8daKQTIg8LizBKIgD+QiZRDEToz3jBOpcpUqeaEiP1
m+vy20B75ZBNeJPxwZzkUBEEUYqZ30lbWIQm9ADdBCdhWwbYQd9J18w1K6zhcQoJ
O5hIn2FWGgdMg3+nG4w3IYwhLLIA0JdLdunieTWgLjKisjrqRuT5bH0qU8hNtwYT
z6qQIixtdKV8j/MRnQjwciKOzAUJGKxZKpH53XTLirTpPjhewiuIRcCSkuDv+ooD
eHujDIsH2eQlK+DsjYV+PVwvuAs6c9MwMeDdFD1DmDfLwhITZO01xDG4N8i70By1
bOnG7WqpXGT8L+heeqeFkvy3AgMBAAGjggKmMIICojAdBgNVHQ4EFgQUBnQAj4Z2
jOzshvzfp96CKFfkgUUwHwYDVR0jBBgwFoAUdRqLPVti6B9GpMe9RpW/OoBpyj4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE5MDEwLzZBN0U5NDBBMEMz
QTExRUE5MzU1N0M3OUM0RjlBRTAyL2RScUxQVnRpNkI5R3BNZTlScFdfT29CcHlq
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZFJxTFBWdGk2QjlHcE1lOVJwV19Pb0JweWo0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
OTAxMC82QTdFOTQwQTBDM0ExMUVBOTM1NTdDNzlDNEY5QUUwMi82QUFFOUVDMDND
NkQxMUYwODkwQzE1NDZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAGeRSjAPBAIAAjAJAwcAIAEN9UaAMA0GCSqGSIb3DQEBCwUA
A4IBAQB1cFi6NMvqx/J8nFjzGtw7Wxa1rPZvsB2uPsv5yR0jg/2k2fw1f+cw2cOy
SuKCFXdBYKcM8T8TraNvKJTrZgGWQazNA4Za2C+VIkE6hYGkYkLcTqXh4FyaUk1s
3wee4Cx0Viq34KN4RYhwcCSFH+0rXvl3eu5LDibBZKHDJqGIJf01zceVTh/EFAkA
zQ5UGxzSrCEwZ+fUyIVejdr4V4+N7/ZyIvvh2g3HsOkm9UQI09VE+Q+zby6tVBQx
nE+qnDojPht4ELJESLke4Iy9uDvInMq19ejDQwHP0rS3mJcyTmXicF8yvUCzLGKf
NRL2CRmBTBc5VAB3oTXso7hSxzTt
-----END CERTIFICATE-----
Generated at Fri Jun 13 06:45:46 2025 by rpki-client