Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/4C4AC452D67911ECBFC6CB7BC4F9AE02.roa
File:                     4C4AC452D67911ECBFC6CB7BC4F9AE02.roa (raw, json)
Hash identifier:          MSzaop+NtM6eR5vhQ8IzHf7QK9SqJHOEvf0dM16xPxo=
Subject key identifier:   91:49:47:16:2A:E5:F7:C1:60:5D:8D:D0:A8:CA:2D:96:3E:DB:3C:AD
Certificate issuer:       /CN=A913B805/serialNumber=42D3ECB9C8570AB090EB601EDB3379C0D3D8A6D0
Certificate serial:       264A
Authority key identifier: 42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/4C4AC452D67911ECBFC6CB7BC4F9AE02.roa
Signing time:             Sun 14 Sep 2025 17:57:35 +0000
ROA not before:           Sun 14 Sep 2025 17:57:35 +0000
ROA not after:            Sat 31 Jan 2026 00:00:00 +0000
asID:                     4294960000
IP address blocks:        103.138.210.0/24 maxlen: 26
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.crl
                          rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 23 Sep 2025 17:42:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9802 (0x264a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913B805, serialNumber=42D3ECB9C8570AB090EB601EDB3379C0D3D8A6D0
        Validity
            Not Before: Sep 14 17:57:35 2025 GMT
            Not After : Jan 31 00:00:00 2026 GMT
        Subject: CN=68c7020f-0602
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:72:dc:0a:f2:22:2b:38:cf:db:29:49:34:52:
                    bd:e1:6f:c8:0c:30:1d:63:8a:89:a2:9f:56:44:13:
                    e6:ef:cb:1e:51:42:d5:89:0b:19:80:14:03:56:05:
                    bc:5e:45:56:0e:22:96:37:c5:d0:56:8d:4f:78:76:
                    b5:af:2e:92:e2:70:e7:a8:49:a6:90:e1:38:e4:4a:
                    2c:98:4c:84:8f:8c:50:84:49:30:a7:26:cd:79:7e:
                    55:9c:71:c6:b1:1e:93:17:60:1f:61:b3:b5:03:77:
                    db:68:a9:d1:5e:a0:f2:14:bf:43:dc:90:69:82:0e:
                    bf:fc:ed:34:a3:dd:89:e6:f1:ec:fc:ea:90:77:09:
                    e7:0f:43:8d:86:63:e7:e1:54:f0:aa:9c:c2:96:68:
                    2c:cd:62:7a:e4:a3:32:b8:1c:d0:58:1c:6b:43:80:
                    6e:05:40:cd:67:6e:08:f1:a7:b7:34:9f:90:76:a7:
                    f0:25:e4:06:3d:97:ec:5a:59:6d:3d:2f:36:5e:ba:
                    02:5d:b0:ca:a8:fb:6f:53:f4:ca:5a:eb:b3:05:f7:
                    92:2d:77:79:89:b2:89:81:57:f6:25:4b:c4:4f:d3:
                    26:f3:bd:e2:a9:49:7d:2d:89:5f:85:a6:a2:69:f4:
                    5c:03:91:b5:a9:59:5b:67:8a:b4:e4:cb:73:73:da:
                    8f:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:49:47:16:2A:E5:F7:C1:60:5D:8D:D0:A8:CA:2D:96:3E:DB:3C:AD
            X509v3 Authority Key Identifier:
                keyid:42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/4C4AC452D67911ECBFC6CB7BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.138.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:17:84:b3:ad:93:31:8b:a3:1e:e3:15:77:84:96:6a:67:ad:
         1d:08:f2:00:f6:a8:f9:a2:44:da:b8:48:d4:97:05:4f:55:dd:
         81:d1:33:c8:a8:d4:38:f8:ad:6f:ce:f9:b8:ad:5e:4e:4e:30:
         13:ec:6e:5f:67:f1:09:e5:18:10:19:d5:76:cb:57:29:6a:87:
         60:ee:25:0c:6b:6d:35:5e:6b:80:2d:47:05:64:5a:9d:f8:db:
         b0:5a:f4:cf:b2:23:58:83:d2:42:54:bb:d7:ab:cf:1a:1e:3b:
         99:70:e5:05:d7:8e:85:10:93:fd:16:11:6b:06:df:b3:97:2b:
         e5:e0:00:bc:00:96:8d:3b:6e:61:91:c0:b8:10:5d:e7:95:bb:
         20:4e:da:c8:62:b7:a9:fd:2e:ea:0e:35:21:fd:23:da:a7:85:
         11:66:fc:e4:46:93:e6:0a:c5:7f:68:4a:ee:91:97:7a:dc:96:
         e3:9e:60:f7:d0:c7:82:bd:44:7d:a0:38:0e:8a:ec:00:20:df:
         16:ae:d9:c2:9a:35:ac:e3:93:26:e3:53:2d:46:48:97:df:91:
         66:ab:83:fa:9e:54:39:26:fc:a9:94:4a:54:0e:30:ba:52:ec:
         cb:c2:3f:ff:b5:f2:4d:54:78:8b:15:3a:58:4d:ba:85:76:6e:
         26:cd:f4:ab
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJkowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0I4MDUxMTAvBgNVBAUTKDQyRDNFQ0I5Qzg1NzBBQjA5MEVCNjAxRURCMzM3OUMw
RDNEOEE2RDAwHhcNMjUwOTE0MTc1NzM1WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGM3MDIwZi0wNjAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq3LcCvIiKzjP2ylJNFK94W/IDDAdY4qJop9WRBPm78seUULViQsZgBQDVgW8
XkVWDiKWN8XQVo1PeHa1ry6S4nDnqEmmkOE45EosmEyEj4xQhEkwpybNeX5VnHHG
sR6TF2AfYbO1A3fbaKnRXqDyFL9D3JBpgg6//O00o92J5vHs/OqQdwnnD0ONhmPn
4VTwqpzClmgszWJ65KMyuBzQWBxrQ4BuBUDNZ24I8ae3NJ+QdqfwJeQGPZfsWllt
PS82XroCXbDKqPtvU/TKWuuzBfeSLXd5ibKJgVf2JUvET9Mm873iqUl9LYlfhaai
afRcA5G1qVlbZ4q05Mtzc9qPzwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJFJRxYq
5ffBYF2N0KjKLZY+2zytMB8GA1UdIwQYMBaAFELT7LnIVwqwkOtgHtszecDT2KbQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjgwNS9GODA3NkI4QTdC
N0IxMUU5OEI2RUMwNzRDNEY5QUUwMi9RdFBzdWNoWENyQ1E2MkFlMnpONXdOUFlw
dEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1F0UHN1Y2hYQ3JDUTYyQWUyek41d05QWXB0QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0I4MDUvRjgwNzZCOEE3QjdCMTFFOThCNkVDMDc0QzRGOUFFMDIvNEM0QUM0NTJE
Njc5MTFFQ0JGQzZDQjdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnitIwDQYJKoZIhvcNAQELBQADggEBAGkXhLOtkzGLox7j
FXeElmpnrR0I8gD2qPmiRNq4SNSXBU9V3YHRM8io1Dj4rW/O+bitXk5OMBPsbl9n
8QnlGBAZ1XbLVylqh2DuJQxrbTVea4AtRwVkWp3427Ba9M+yI1iD0kJUu9erzxoe
O5lw5QXXjoUQk/0WEWsG37OXK+XgALwAlo07bmGRwLgQXeeVuyBO2shit6n9LuoO
NSH9I9qnhRFm/ORGk+YKxX9oSu6Rl3rcluOeYPfQx4K9RH2gOA6K7AAg3xau2cKa
NazjkybjUy1GSJffkWarg/qeVDkm/KmUSlQOMLpS7MvCP/+18k1UeIsVOlhNuoV2
bibN9Ks=
-----END CERTIFICATE-----
Generated at Thu Sep 18 11:02:32 2025 by rpki-client