Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/4C4AC452D67911ECBFC6CB7BC4F9AE02.roa
File:                     4C4AC452D67911ECBFC6CB7BC4F9AE02.roa (raw, json)
Hash identifier:          LnuO0pX8BwvbmAbZ4dXFrMEQsulixDbbXmR6ahAH9XQ=
Subject key identifier:   69:48:05:7A:2B:42:36:0A:A6:7E:83:24:3B:A9:B1:7B:BB:8D:88:34
Certificate issuer:       /CN=A913B805/serialNumber=42D3ECB9C8570AB090EB601EDB3379C0D3D8A6D0
Certificate serial:       2601
Authority key identifier: 42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/4C4AC452D67911ECBFC6CB7BC4F9AE02.roa
Signing time:             Mon 26 May 2025 17:49:44 +0000
ROA not before:           Mon 26 May 2025 17:49:44 +0000
ROA not after:            Fri 31 Oct 2025 00:00:00 +0000
asID:                     4294960000
IP address blocks:        103.138.210.0/24 maxlen: 26
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.crl
                          rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 09 Jun 2025 17:49:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9729 (0x2601)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913B805, serialNumber=42D3ECB9C8570AB090EB601EDB3379C0D3D8A6D0
        Validity
            Not Before: May 26 17:49:44 2025 GMT
            Not After : Oct 31 00:00:00 2025 GMT
        Subject: CN=6834a9b7-2216
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:75:48:79:15:a3:33:36:24:fb:1d:e2:b4:c9:
                    60:1c:76:ca:a0:75:18:32:98:3f:eb:95:67:2a:fe:
                    e8:93:a6:9b:ae:ab:ca:99:b6:06:a1:08:ba:99:fe:
                    33:92:f8:32:d6:76:ff:96:c6:b2:f4:c5:58:fc:bf:
                    55:06:b5:16:c2:85:66:eb:f2:31:28:f1:58:c6:32:
                    eb:01:b2:c2:c7:13:68:87:fd:c6:16:95:5c:b6:53:
                    96:ce:fe:ce:93:73:84:5d:82:04:a7:45:44:8a:d3:
                    5f:e4:0e:ae:db:11:aa:a7:54:ea:48:0d:86:84:ed:
                    da:cf:37:2c:f2:24:f9:1a:e1:b5:44:98:29:16:7e:
                    0f:d0:aa:c1:03:4e:02:39:80:fb:2c:de:9f:d6:f0:
                    d8:53:aa:66:fb:49:70:0a:11:65:84:32:8b:14:1d:
                    6a:2e:b0:b4:0c:24:9a:30:40:0e:73:62:1d:1e:36:
                    b0:b4:2a:50:12:9b:cb:3b:03:7f:a1:31:61:28:24:
                    ee:2f:c8:6e:56:19:1b:8f:f6:19:5f:12:ba:98:64:
                    83:a7:28:97:be:36:32:7c:26:88:10:bc:12:19:40:
                    3d:4a:5f:c9:ee:9e:36:f5:a3:75:ac:a7:8a:6d:41:
                    03:75:42:f7:a7:4b:78:74:a6:8d:1d:7e:1d:4a:27:
                    6d:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:48:05:7A:2B:42:36:0A:A6:7E:83:24:3B:A9:B1:7B:BB:8D:88:34
            X509v3 Authority Key Identifier:
                keyid:42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/4C4AC452D67911ECBFC6CB7BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.138.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:96:7c:5f:76:d2:36:d4:40:b3:a7:d8:06:6e:0d:b8:f1:c7:
         6e:e4:5f:4f:40:5a:11:d8:8a:99:38:64:ea:a8:90:ba:f1:73:
         bc:3c:e2:ae:5f:c9:52:0b:cc:ec:cf:d3:a1:4b:34:31:03:95:
         26:ba:ec:b5:7f:5d:64:ba:49:23:55:e8:36:72:0d:e4:61:7b:
         48:88:67:ce:7a:0f:b2:d5:1e:a4:ea:ef:a1:f2:ab:d7:0b:c5:
         92:38:8b:e9:eb:63:f7:76:8f:96:9d:5a:06:c5:33:77:bb:90:
         08:28:ee:8f:ec:2b:c4:c7:56:6d:21:f1:6a:c7:51:b2:c6:46:
         ba:19:25:6d:dd:1c:c8:26:75:69:f0:fc:44:aa:3b:76:5e:77:
         ff:87:3c:5c:ed:7e:c8:ee:ec:c5:f0:e9:15:8e:05:e5:4b:2a:
         58:97:ff:65:41:2c:a1:4a:ee:6f:fc:49:d9:a2:8f:f7:ee:6a:
         20:03:a5:6b:e0:57:7d:30:0a:35:2a:18:00:93:64:1a:5c:3d:
         e1:eb:1d:76:42:f2:e4:58:0d:0e:b0:23:8c:42:d6:67:10:c3:
         a0:fd:f3:26:26:2d:bb:30:bb:82:ff:fe:60:cd:31:7b:71:88:
         66:c7:17:e1:6e:34:d6:52:67:5f:e1:56:6c:57:15:c4:a0:96:
         5b:ab:ac:cc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJgEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0I4MDUxMTAvBgNVBAUTKDQyRDNFQ0I5Qzg1NzBBQjA5MEVCNjAxRURCMzM3OUMw
RDNEOEE2RDAwHhcNMjUwNTI2MTc0OTQ0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODM0YTliNy0yMjE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4nVIeRWjMzYk+x3itMlgHHbKoHUYMpg/65VnKv7ok6abrqvKmbYGoQi6mf4z
kvgy1nb/lsay9MVY/L9VBrUWwoVm6/IxKPFYxjLrAbLCxxNoh/3GFpVctlOWzv7O
k3OEXYIEp0VEitNf5A6u2xGqp1TqSA2GhO3azzcs8iT5GuG1RJgpFn4P0KrBA04C
OYD7LN6f1vDYU6pm+0lwChFlhDKLFB1qLrC0DCSaMEAOc2IdHjawtCpQEpvLOwN/
oTFhKCTuL8huVhkbj/YZXxK6mGSDpyiXvjYyfCaIELwSGUA9Sl/J7p429aN1rKeK
bUEDdUL3p0t4dKaNHX4dSidt/wIDAQABo4IClTCCApEwHQYDVR0OBBYEFGlIBXor
QjYKpn6DJDupsXu7jYg0MB8GA1UdIwQYMBaAFELT7LnIVwqwkOtgHtszecDT2KbQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjgwNS9GODA3NkI4QTdC
N0IxMUU5OEI2RUMwNzRDNEY5QUUwMi9RdFBzdWNoWENyQ1E2MkFlMnpONXdOUFlw
dEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1F0UHN1Y2hYQ3JDUTYyQWUyek41d05QWXB0QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0I4MDUvRjgwNzZCOEE3QjdCMTFFOThCNkVDMDc0QzRGOUFFMDIvNEM0QUM0NTJE
Njc5MTFFQ0JGQzZDQjdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnitIwDQYJKoZIhvcNAQELBQADggEBABKWfF920jbUQLOn
2AZuDbjxx27kX09AWhHYipk4ZOqokLrxc7w84q5fyVILzOzP06FLNDEDlSa67LV/
XWS6SSNV6DZyDeRhe0iIZ856D7LVHqTq76Hyq9cLxZI4i+nrY/d2j5adWgbFM3e7
kAgo7o/sK8THVm0h8WrHUbLGRroZJW3dHMgmdWnw/ESqO3Zed/+HPFztfsju7MXw
6RWOBeVLKliX/2VBLKFK7m/8Sdmij/fuaiADpWvgV30wCjUqGACTZBpcPeHrHXZC
8uRYDQ6wI4xC1mcQw6D98yYmLbswu4L//mDNMXtxiGbHF+FuNNZSZ1/hVmxXFcSg
llurrMw=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:02:27 2025 by rpki-client