Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/C5218598F91711EDBB78FE3CC4F9AE02.roa
File:                     C5218598F91711EDBB78FE3CC4F9AE02.roa (raw, json)
Hash identifier:          xnMX5X2YJrVvWA8Z+ilrknMulrMIGU6wGg57HKZlkt0=
Subject key identifier:   E1:52:A2:DB:AF:8A:5C:78:32:BC:43:51:D1:E0:18:4A:41:70:F4:89
Certificate issuer:       /CN=A91275FD/serialNumber=5EBDD4D5F36C6AA59B012C9E899AAD3C27EAD8ED
Certificate serial:       2528
Authority key identifier: 5E:BD:D4:D5:F3:6C:6A:A5:9B:01:2C:9E:89:9A:AD:3C:27:EA:D8:ED
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Xr3U1fNsaqWbASyeiZqtPCfq2O0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/C5218598F91711EDBB78FE3CC4F9AE02.roa
Signing time:             Thu 22 May 2025 15:52:31 +0000
ROA not before:           Thu 22 May 2025 15:52:31 +0000
ROA not after:            Thu 30 Jul 2026 00:00:00 +0000
asID:                     59348
IP address blocks:        130.105.145.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/Xr3U1fNsaqWbASyeiZqtPCfq2O0.crl
                          rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/Xr3U1fNsaqWbASyeiZqtPCfq2O0.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Xr3U1fNsaqWbASyeiZqtPCfq2O0.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 17 Jun 2025 05:40:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9512 (0x2528)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91275FD, serialNumber=5EBDD4D5F36C6AA59B012C9E899AAD3C27EAD8ED
        Validity
            Not Before: May 22 15:52:31 2025 GMT
            Not After : Jul 30 00:00:00 2026 GMT
        Subject: CN=682f483f-0a24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:53:99:06:0b:e4:06:eb:78:98:4f:d9:65:86:
                    bf:47:35:6b:d4:fc:36:f2:86:67:b2:58:c9:a8:2b:
                    e6:c4:95:60:7b:b9:b8:54:3b:b5:2d:12:82:0c:1e:
                    ed:7f:a8:fa:c9:a1:36:0e:a3:3f:34:29:f1:5b:92:
                    10:96:cb:8f:f4:e7:5e:8c:62:cf:8a:65:df:08:e3:
                    94:29:58:2c:10:11:15:f0:7c:51:a7:83:6a:c3:03:
                    45:6b:d6:33:e0:52:1c:45:53:f3:79:3c:4a:1b:fd:
                    a1:b3:42:28:66:fa:94:5d:13:d4:ff:74:9f:a4:1b:
                    33:27:5f:df:c6:30:9b:11:24:05:9f:66:88:3e:db:
                    a7:ef:81:5b:4a:69:9a:aa:e3:22:3b:70:ff:4a:1a:
                    e2:7e:0e:f3:a7:8f:e2:99:2f:da:3d:84:9e:8b:0c:
                    f7:ef:0e:ff:a8:d6:1d:3e:7a:be:c8:47:da:7b:9a:
                    59:ef:0b:85:68:1e:0e:da:db:13:76:3f:be:cb:a9:
                    a1:70:93:c3:0f:43:4e:d3:7e:8e:2b:d4:8d:9f:e3:
                    fc:e2:fe:36:ef:43:cf:cb:b5:db:a5:2b:df:dc:12:
                    86:fa:67:57:28:a7:20:12:d4:a9:b0:41:25:2c:32:
                    21:96:f1:26:5e:c3:77:42:8c:12:e5:bf:21:bb:32:
                    2b:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:52:A2:DB:AF:8A:5C:78:32:BC:43:51:D1:E0:18:4A:41:70:F4:89
            X509v3 Authority Key Identifier:
                keyid:5E:BD:D4:D5:F3:6C:6A:A5:9B:01:2C:9E:89:9A:AD:3C:27:EA:D8:ED

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/Xr3U1fNsaqWbASyeiZqtPCfq2O0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Xr3U1fNsaqWbASyeiZqtPCfq2O0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91275FD/F48AD12226D911E5B24DA633C4F9AE02/C5218598F91711EDBB78FE3CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.105.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c9:5f:a9:16:53:6e:74:e7:a3:86:ac:39:2d:2a:f6:9c:00:19:
         e8:25:46:52:ec:c7:67:ea:c8:93:c9:4c:05:8d:47:1d:43:25:
         1c:db:90:96:0e:c3:1d:ac:21:9f:df:e3:b4:6f:6e:a1:0e:ff:
         22:f9:02:f0:28:9a:1e:2f:be:6c:ab:5e:47:12:54:19:1f:01:
         08:1b:22:ac:6e:1e:25:ef:1d:67:09:53:c5:52:31:7f:80:c8:
         ef:ef:e4:11:4f:d6:46:39:31:7f:20:17:66:5b:29:6a:d0:1d:
         10:29:c9:23:ef:8d:4e:53:55:d5:8a:cd:fe:c4:51:0c:a2:fa:
         74:94:af:36:20:23:5b:6d:65:0a:bc:5e:24:bb:2a:d6:7f:a4:
         eb:4d:6e:cb:0d:76:2e:9c:e8:3c:02:f7:76:59:80:46:b8:2e:
         30:e9:6a:d6:9a:a4:fd:92:00:77:3c:73:42:84:92:ea:5e:46:
         6a:1b:cb:b9:a8:ba:6f:1a:30:2f:72:96:73:e8:59:9e:80:48:
         b1:07:70:b6:5e:3d:13:93:53:40:eb:dc:96:06:c5:08:6e:f7:
         f1:5c:4b:ea:8a:7d:ce:1e:aa:7d:88:69:8e:f5:5a:15:ed:e7:
         46:75:ac:63:11:d9:07:be:23:22:f2:e9:d8:f7:db:61:e1:0e:
         b9:fb:54:5a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJSgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjc1RkQxMTAvBgNVBAUTKDVFQkRENEQ1RjM2QzZBQTU5QjAxMkM5RTg5OUFBRDND
MjdFQUQ4RUQwHhcNMjUwNTIyMTU1MjMxWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJmNDgzZi0wYTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0lOZBgvkBut4mE/ZZYa/RzVr1Pw28oZnsljJqCvmxJVge7m4VDu1LRKCDB7t
f6j6yaE2DqM/NCnxW5IQlsuP9OdejGLPimXfCOOUKVgsEBEV8HxRp4NqwwNFa9Yz
4FIcRVPzeTxKG/2hs0IoZvqUXRPU/3SfpBszJ1/fxjCbESQFn2aIPtun74FbSmma
quMiO3D/Shrifg7zp4/imS/aPYSeiwz37w7/qNYdPnq+yEfae5pZ7wuFaB4O2tsT
dj++y6mhcJPDD0NO036OK9SNn+P84v4270PPy7XbpSvf3BKG+mdXKKcgEtSpsEEl
LDIhlvEmXsN3QowS5b8huzIr6QIDAQABo4IClTCCApEwHQYDVR0OBBYEFOFSotuv
ilx4MrxDUdHgGEpBcPSJMB8GA1UdIwQYMBaAFF691NXzbGqlmwEsnomarTwn6tjt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzVGRC9GNDhBRDEyMjI2
RDkxMUU1QjI0REE2MzNDNEY5QUUwMi9YcjNVMWZOc2FxV2JBU3llaVpxdFBDZnEy
TzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1hyM1UxZk5zYXFXYkFTeWVpWnF0UENmcTJPMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjc1RkQvRjQ4QUQxMjIyNkQ5MTFFNUIyNERBNjMzQzRGOUFFMDIvQzUyMTg1OThG
OTE3MTFFREJCNzhGRTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACCaZEwDQYJKoZIhvcNAQELBQADggEBAMlfqRZTbnTno4as
OS0q9pwAGeglRlLsx2fqyJPJTAWNRx1DJRzbkJYOwx2sIZ/f47RvbqEO/yL5AvAo
mh4vvmyrXkcSVBkfAQgbIqxuHiXvHWcJU8VSMX+AyO/v5BFP1kY5MX8gF2ZbKWrQ
HRApySPvjU5TVdWKzf7EUQyi+nSUrzYgI1ttZQq8XiS7KtZ/pOtNbssNdi6c6DwC
93ZZgEa4LjDpataapP2SAHc8c0KEkupeRmoby7moum8aMC9ylnPoWZ6ASLEHcLZe
PROTU0Dr3JYGxQhu9/FcS+qKfc4eqn2IaY71WhXt50Z1rGMR2Qe+IyLy6dj322Hh
Drn7VFo=
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:57:06 2025 by rpki-client