Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9119508/00020272ACC211EBABE1955EC4F9AE02/6D407F66ACC311EBA28FAD5FC4F9AE02.roa
File:                     6D407F66ACC311EBA28FAD5FC4F9AE02.roa (raw, json)
Hash identifier:          knpLwXQdC9MTp1jnTgeGf5Z4M6oM8mDDcMnK1p/I7B0=
Subject key identifier:   B5:CD:7F:90:77:77:52:05:14:6D:54:D4:AF:C2:04:E8:E1:B4:B1:EA
Certificate issuer:       /CN=A9119508/serialNumber=1D725C91C0D4722F340088D1374DD2DAF37D8312
Certificate serial:       065A
Authority key identifier: 1D:72:5C:91:C0:D4:72:2F:34:00:88:D1:37:4D:D2:DA:F3:7D:83:12
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HXJckcDUci80AIjRN03S2vN9gxI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9119508/00020272ACC211EBABE1955EC4F9AE02/6D407F66ACC311EBA28FAD5FC4F9AE02.roa
Signing time:             Thu 02 Oct 2025 22:53:52 +0000
ROA not before:           Thu 02 Oct 2025 22:53:52 +0000
ROA not after:            Tue 01 Dec 2026 00:00:00 +0000
asID:                     137443
IP address blocks:        103.155.110.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9119508/00020272ACC211EBABE1955EC4F9AE02/HXJckcDUci80AIjRN03S2vN9gxI.crl
                          rsync://rpki.apnic.net/member_repository/A9119508/00020272ACC211EBABE1955EC4F9AE02/HXJckcDUci80AIjRN03S2vN9gxI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HXJckcDUci80AIjRN03S2vN9gxI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Oct 2025 00:22:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1626 (0x65a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9119508, serialNumber=1D725C91C0D4722F340088D1374DD2DAF37D8312
        Validity
            Not Before: Oct  2 22:53:52 2025 GMT
            Not After : Dec  1 00:00:00 2026 GMT
        Subject: CN=68df0280-9bce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:a6:3a:c6:93:de:41:15:d3:11:37:b5:0d:ef:
                    b0:87:5f:98:d5:40:da:d3:5b:f6:b6:da:64:2e:d5:
                    f7:f0:05:d8:76:ba:e5:bc:cc:80:aa:11:f4:29:c1:
                    10:d8:89:70:52:ea:6f:46:bc:fe:2e:38:52:de:3a:
                    00:b9:7d:af:f3:27:9e:a5:6c:c7:b4:01:3b:3c:c5:
                    93:a7:25:38:de:d6:2d:ed:d8:81:98:c8:b2:1c:78:
                    44:02:8a:fb:4c:13:06:2e:0e:4e:1c:90:32:f0:53:
                    d4:01:56:14:b3:8b:83:b9:e5:d4:9a:8f:d7:bd:4b:
                    b2:d2:d7:1e:36:44:8b:9a:cd:70:f1:cb:5e:f0:2a:
                    47:a8:ba:cb:f8:7b:82:18:f3:58:38:a1:97:a4:63:
                    f9:60:3f:77:df:a0:b0:3d:dd:8a:7d:1a:6d:aa:49:
                    89:9f:86:d7:ce:6b:a4:6f:de:41:68:4a:a8:d1:d8:
                    21:0a:04:e0:9f:ba:96:83:48:b7:16:7c:9d:a4:97:
                    5e:f2:41:5a:11:38:36:2c:1c:3a:ba:9a:9b:5e:7a:
                    78:72:1a:38:00:b4:6f:cc:0d:5c:13:e0:dc:47:4a:
                    1d:95:74:f3:1e:41:ef:14:15:a5:82:da:4d:38:41:
                    16:09:e9:41:fe:a5:f1:74:79:34:d2:27:39:a2:54:
                    ae:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:CD:7F:90:77:77:52:05:14:6D:54:D4:AF:C2:04:E8:E1:B4:B1:EA
            X509v3 Authority Key Identifier:
                keyid:1D:72:5C:91:C0:D4:72:2F:34:00:88:D1:37:4D:D2:DA:F3:7D:83:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9119508/00020272ACC211EBABE1955EC4F9AE02/HXJckcDUci80AIjRN03S2vN9gxI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HXJckcDUci80AIjRN03S2vN9gxI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119508/00020272ACC211EBABE1955EC4F9AE02/6D407F66ACC311EBA28FAD5FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.155.110.0/23

    Signature Algorithm: sha256WithRSAEncryption
         23:69:a2:f8:8b:52:76:66:94:f2:46:3f:f8:90:9a:4a:7f:81:
         fe:7b:f8:1e:32:86:42:1d:e0:dd:a0:15:7a:56:bc:f4:54:23:
         52:2f:fa:88:93:48:31:ea:ab:97:19:e9:94:34:f5:87:c4:96:
         16:97:ad:f2:0b:3b:bc:f0:70:d6:fd:a3:e0:ac:56:b6:9b:41:
         57:42:da:d6:44:f3:6f:b4:95:23:c1:42:c2:64:8b:36:0d:8c:
         9f:9d:0d:3e:e2:e4:9d:00:80:43:86:45:4d:32:b5:c5:6b:4c:
         48:75:1d:b3:b0:9f:be:88:75:7a:56:b8:b2:7d:29:8c:9b:23:
         af:aa:eb:78:7c:bf:e0:d5:ac:a9:fb:1d:f9:42:46:c6:ca:4f:
         05:59:7e:19:94:71:af:b5:99:ee:c3:ae:fe:89:aa:3f:fe:d2:
         43:d8:3d:3d:67:cd:32:4d:6c:c3:75:12:8f:50:2d:7b:c2:83:
         d6:39:64:58:ca:f4:92:42:e1:3d:45:b9:50:f6:ea:1d:71:1f:
         07:b9:a3:ca:d7:e1:06:34:34:87:85:88:1b:b2:fb:2f:64:1d:
         31:53:f4:04:f1:46:c8:b7:cb:5c:74:be:e2:04:43:07:cf:18:
         9a:ac:56:4a:78:5a:4e:89:7c:9d:b4:a3:c4:3a:db:2c:3f:53:
         6f:78:d7:b3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBlowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTk1MDgxMTAvBgNVBAUTKDFENzI1QzkxQzBENDcyMkYzNDAwODhEMTM3NEREMkRB
RjM3RDgzMTIwHhcNMjUxMDAyMjI1MzUyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGRmMDI4MC05YmNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqKY6xpPeQRXTETe1De+wh1+Y1UDa01v2ttpkLtX38AXYdrrlvMyAqhH0KcEQ
2IlwUupvRrz+LjhS3joAuX2v8yeepWzHtAE7PMWTpyU43tYt7diBmMiyHHhEAor7
TBMGLg5OHJAy8FPUAVYUs4uDueXUmo/XvUuy0tceNkSLms1w8cte8CpHqLrL+HuC
GPNYOKGXpGP5YD9336CwPd2KfRptqkmJn4bXzmukb95BaEqo0dghCgTgn7qWg0i3
FnydpJde8kFaETg2LBw6upqbXnp4cho4ALRvzA1cE+DcR0odlXTzHkHvFBWlgtpN
OEEWCelB/qXxdHk00ic5olSu1QIDAQABo4IClTCCApEwHQYDVR0OBBYEFLXNf5B3
d1IFFG1U1K/CBOjhtLHqMB8GA1UdIwQYMBaAFB1yXJHA1HIvNACI0TdN0trzfYMS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTUwOC8wMDAyMDI3MkFD
QzIxMUVCQUJFMTk1NUVDNEY5QUUwMi9IWEpja2NEVWNpODBBSWpSTjAzUzJ2Tjln
eEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hYSmNrY0RVY2k4MEFJalJOMDNTMnZOOWd4SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTk1MDgvMDAwMjAyNzJBQ0MyMTFFQkFCRTE5NTVFQzRGOUFFMDIvNkQ0MDdGNjZB
Q0MzMTFFQkEyOEZBRDVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnm24wDQYJKoZIhvcNAQELBQADggEBACNpoviLUnZmlPJG
P/iQmkp/gf57+B4yhkId4N2gFXpWvPRUI1Iv+oiTSDHqq5cZ6ZQ09YfElhaXrfIL
O7zwcNb9o+CsVrabQVdC2tZE82+0lSPBQsJkizYNjJ+dDT7i5J0AgEOGRU0ytcVr
TEh1HbOwn76IdXpWuLJ9KYybI6+q63h8v+DVrKn7HflCRsbKTwVZfhmUca+1me7D
rv6Jqj/+0kPYPT1nzTJNbMN1Eo9QLXvCg9Y5ZFjK9JJC4T1FuVD26h1xHwe5o8rX
4QY0NIeFiBuy+y9kHTFT9ATxRsi3y1x0vuIEQwfPGJqsVkp4Wk6JfJ20o8Q62yw/
U29417M=
-----END CERTIFICATE-----
Generated at Fri Oct 17 06:11:00 2025 by rpki-client