Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/24FDC2446F3211EDA3DCF033C4F9AE02.roa
File:                     24FDC2446F3211EDA3DCF033C4F9AE02.roa (raw, json)
Hash identifier:          bF9VY2BgbzFHTYog2mqnErYgbMHKat53WtoeKiEWwU0=
Subject key identifier:   F5:C7:35:0D:A8:5B:B2:9D:EF:AF:B9:35:BF:74:A1:EA:44:FC:FC:53
Certificate issuer:       /CN=A9123F84/serialNumber=91C4976DEAD3DE8778E5C0DCFF2603971AC2D4DB
Certificate serial:       01ED
Authority key identifier: 91:C4:97:6D:EA:D3:DE:87:78:E5:C0:DC:FF:26:03:97:1A:C2:D4:DB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kcSXberT3od45cDc_yYDlxrC1Ns.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/24FDC2446F3211EDA3DCF033C4F9AE02.roa
Signing time:             Thu 19 Jun 2025 02:39:30 +0000
ROA not before:           Thu 19 Jun 2025 02:39:30 +0000
ROA not after:            Mon 31 Aug 2026 00:00:00 +0000
asID:                     16509
IP address blocks:        203.55.215.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/kcSXberT3od45cDc_yYDlxrC1Ns.crl
                          rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/kcSXberT3od45cDc_yYDlxrC1Ns.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kcSXberT3od45cDc_yYDlxrC1Ns.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 10 Jul 2025 03:15:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 493 (0x1ed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9123F84, serialNumber=91C4976DEAD3DE8778E5C0DCFF2603971AC2D4DB
        Validity
            Not Before: Jun 19 02:39:30 2025 GMT
            Not After : Aug 31 00:00:00 2026 GMT
        Subject: CN=68537862-1c5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:29:69:55:f4:5d:00:f2:82:65:f6:a8:77:6c:
                    8d:7c:9e:c2:fe:4f:ee:08:57:90:07:99:6a:ae:98:
                    70:07:1c:9c:2e:9c:ff:4b:0e:ef:a4:8a:c2:b4:6a:
                    28:90:c8:75:5c:54:aa:44:c2:4b:3d:a2:2a:d4:74:
                    3c:1a:39:3e:9d:ae:ca:48:64:4c:59:7e:24:95:1f:
                    92:a3:58:ad:3b:55:64:a0:9b:64:6e:e6:09:e2:c4:
                    ca:21:ed:20:9d:ad:6b:46:75:8d:cd:e1:5d:29:22:
                    2c:37:d9:03:53:fa:84:70:94:7c:6c:2c:97:0c:fa:
                    88:77:e2:d1:28:b8:12:1c:dc:7b:dc:28:9f:28:a6:
                    1c:ca:5a:e7:8a:83:7a:f6:51:83:1f:60:6a:79:56:
                    52:40:d7:0a:a2:45:41:47:1b:2c:9f:5d:46:b4:ca:
                    95:89:13:75:40:e3:b4:5e:9f:25:e9:c0:bf:fa:99:
                    f7:6c:f1:f6:2e:3d:04:14:ce:82:66:50:03:b6:96:
                    12:3f:23:c6:e0:54:ff:a7:c4:c8:56:28:a9:3d:dd:
                    30:0a:2b:9f:b1:1a:c9:c9:a2:a6:68:d4:0e:4c:40:
                    ba:44:9a:cc:1b:87:54:9f:0e:06:33:e9:d2:b0:ba:
                    48:c2:5d:0b:5d:06:5a:be:7e:06:d2:0f:0a:f0:b2:
                    1f:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:C7:35:0D:A8:5B:B2:9D:EF:AF:B9:35:BF:74:A1:EA:44:FC:FC:53
            X509v3 Authority Key Identifier:
                keyid:91:C4:97:6D:EA:D3:DE:87:78:E5:C0:DC:FF:26:03:97:1A:C2:D4:DB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/kcSXberT3od45cDc_yYDlxrC1Ns.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kcSXberT3od45cDc_yYDlxrC1Ns.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/24FDC2446F3211EDA3DCF033C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.55.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:ba:60:58:40:c5:d7:ab:a7:79:71:b2:40:cb:8a:a1:87:89:
         16:b3:80:7f:a6:f1:48:da:e0:a3:7f:22:8f:0d:fa:b7:d8:fa:
         da:3c:0f:a4:c8:77:bc:c3:3f:f1:a7:f2:a2:c5:40:19:35:a7:
         73:f3:5c:e8:99:58:98:f1:55:d1:5a:ca:76:ff:87:30:99:25:
         1b:1e:23:e5:44:18:8f:41:8d:f1:d3:79:4d:a5:af:d4:e0:91:
         a1:d4:7e:31:39:68:3e:99:57:56:b0:6e:f0:ce:07:a8:d0:76:
         c9:23:f4:5d:fb:40:c4:14:40:9e:aa:e8:f0:87:07:c9:9c:56:
         6f:4f:c2:78:54:61:b3:3f:29:45:7d:e5:42:fb:f4:ed:8d:6a:
         51:51:78:23:24:99:e9:c5:a3:67:5c:dc:41:93:f4:a3:3b:61:
         c4:21:19:de:98:2c:1f:f6:b9:f5:1c:68:6a:3f:a9:05:8e:67:
         de:57:6c:f9:00:99:44:a0:e6:f4:d3:22:24:e8:7a:9a:9b:40:
         b6:01:e4:af:c8:e2:73:a7:15:6a:94:a5:dd:d6:73:9e:e3:e3:
         e9:b4:a6:00:65:fb:c7:c1:c6:62:03:5c:26:2f:97:19:2c:f0:
         d6:47:bb:6a:1a:18:8e:91:2e:83:07:47:39:a5:87:26:ae:94:
         0e:2f:37:e5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAe0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjNGODQxMTAvBgNVBAUTKDkxQzQ5NzZERUFEM0RFODc3OEU1QzBEQ0ZGMjYwMzk3
MUFDMkQ0REIwHhcNMjUwNjE5MDIzOTMwWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODUzNzg2Mi0xYzVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuilpVfRdAPKCZfaod2yNfJ7C/k/uCFeQB5lqrphwBxycLpz/Sw7vpIrCtGoo
kMh1XFSqRMJLPaIq1HQ8Gjk+na7KSGRMWX4klR+So1itO1VkoJtkbuYJ4sTKIe0g
na1rRnWNzeFdKSIsN9kDU/qEcJR8bCyXDPqId+LRKLgSHNx73CifKKYcylrnioN6
9lGDH2BqeVZSQNcKokVBRxssn11GtMqViRN1QOO0Xp8l6cC/+pn3bPH2Lj0EFM6C
ZlADtpYSPyPG4FT/p8TIViipPd0wCiufsRrJyaKmaNQOTEC6RJrMG4dUnw4GM+nS
sLpIwl0LXQZavn4G0g8K8LIfywIDAQABo4IClTCCApEwHQYDVR0OBBYEFPXHNQ2o
W7Kd76+5Nb90oepE/PxTMB8GA1UdIwQYMBaAFJHEl23q096HeOXA3P8mA5cawtTb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0Y4NC9GNDNBM0YwNDZG
MkYxMUVEQTg0QTY5MzNDNEY5QUUwMi9rY1NYYmVyVDNvZDQ1Y0RjX3lZRGx4ckMx
TnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tjU1hiZXJUM29kNDVjRGNfeVlEbHhyQzFOcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjNGODQvRjQzQTNGMDQ2RjJGMTFFREE4NEE2OTMzQzRGOUFFMDIvMjRGREMyNDQ2
RjMyMTFFREEzRENGMDMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLN9cwDQYJKoZIhvcNAQELBQADggEBAGa6YFhAxderp3lx
skDLiqGHiRazgH+m8Uja4KN/Io8N+rfY+to8D6TId7zDP/Gn8qLFQBk1p3PzXOiZ
WJjxVdFaynb/hzCZJRseI+VEGI9BjfHTeU2lr9TgkaHUfjE5aD6ZV1awbvDOB6jQ
dskj9F37QMQUQJ6q6PCHB8mcVm9PwnhUYbM/KUV95UL79O2NalFReCMkmenFo2dc
3EGT9KM7YcQhGd6YLB/2ufUcaGo/qQWOZ95XbPkAmUSg5vTTIiToepqbQLYB5K/I
4nOnFWqUpd3Wc57j4+m0pgBl+8fBxmIDXCYvlxks8NZHu2oaGI6RLoMHRzmlhyau
lA4vN+U=
-----END CERTIFICATE-----
Generated at Sat Jul 5 19:39:37 2025 by rpki-client