Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915617D/18DC5742180811EBA8573012C4F9AE02/B2356D1A180911EB962CB216C4F9AE02.roa
File:                     B2356D1A180911EB962CB216C4F9AE02.roa (raw, json)
Hash identifier:          RbLdN/sBiJ5TXTjTcsJOAhQn9KJyZmQ2QyPUKPhkRDw=
Subject key identifier:   44:4A:4C:FC:82:26:9A:15:BD:DF:CE:27:2A:8F:B2:81:50:85:4A:C3
Certificate issuer:       /CN=A915617D/serialNumber=19EA5B45F01E80BE0A76DCDAC9926B6E6742F221
Certificate serial:       077A
Authority key identifier: 19:EA:5B:45:F0:1E:80:BE:0A:76:DC:DA:C9:92:6B:6E:67:42:F2:21
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GepbRfAegL4KdtzayZJrbmdC8iE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915617D/18DC5742180811EBA8573012C4F9AE02/B2356D1A180911EB962CB216C4F9AE02.roa
Signing time:             Fri 30 May 2025 21:51:01 +0000
ROA not before:           Fri 30 May 2025 21:51:01 +0000
ROA not after:            Mon 31 Aug 2026 00:00:00 +0000
asID:                     135423
IP address blocks:        45.250.156.0/22 maxlen: 22
                          45.250.156.0/24 maxlen: 24
                          45.250.157.0/24 maxlen: 24
                          45.250.158.0/24 maxlen: 24
                          45.250.159.0/24 maxlen: 24
                          103.219.68.0/22 maxlen: 22
                          103.219.68.0/24 maxlen: 24
                          103.219.69.0/24 maxlen: 24
                          103.219.70.0/24 maxlen: 24
                          103.219.71.0/24 maxlen: 24
                          2405:4d80::/32 maxlen: 37
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A915617D/18DC5742180811EBA8573012C4F9AE02/GepbRfAegL4KdtzayZJrbmdC8iE.crl
                          rsync://rpki.apnic.net/member_repository/A915617D/18DC5742180811EBA8573012C4F9AE02/GepbRfAegL4KdtzayZJrbmdC8iE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GepbRfAegL4KdtzayZJrbmdC8iE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 15 Jun 2025 21:10:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1914 (0x77a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915617D, serialNumber=19EA5B45F01E80BE0A76DCDAC9926B6E6742F221
        Validity
            Not Before: May 30 21:51:01 2025 GMT
            Not After : Aug 31 00:00:00 2026 GMT
        Subject: CN=683a2845-7269
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:32:ed:d4:20:36:7f:d5:2f:0d:d9:22:e2:7c:
                    f0:c6:73:63:e2:3c:e4:cf:b4:24:33:69:16:37:8d:
                    3b:a2:12:c8:93:2a:f3:f2:53:c3:c8:d8:b5:39:f3:
                    0b:da:09:9b:41:b5:26:d1:8a:7e:6c:75:e0:dc:1b:
                    ac:34:fa:2e:e3:a1:89:64:5f:e6:cf:95:07:e0:59:
                    cb:cb:ea:d6:f7:e6:9d:a1:55:32:1a:90:f1:7c:a7:
                    08:ba:e8:a1:0e:33:11:1e:8e:a8:ab:a1:28:5a:7c:
                    6d:27:f2:a8:2f:cf:e0:a4:29:20:8c:f2:37:e7:ca:
                    55:ed:8e:84:00:3f:87:09:3b:d8:46:a9:06:7f:c1:
                    a1:51:f6:17:a7:60:7a:09:a3:90:08:63:42:ed:1e:
                    54:0e:52:ce:2c:e0:60:35:08:6d:50:44:33:1a:41:
                    79:4d:32:3b:7f:50:6f:ef:9e:33:60:dd:68:a6:56:
                    1f:7f:94:ea:03:c7:a1:02:7e:dc:88:8e:b5:b1:00:
                    97:28:3b:23:ee:0f:4c:20:42:ad:89:73:b1:fa:83:
                    fe:fb:0e:06:21:b5:16:22:05:26:fd:00:fe:74:1f:
                    3c:44:a2:a8:7e:8b:51:3a:4b:23:4d:ab:f8:9f:87:
                    a8:a5:c5:dd:cd:f4:fc:79:4e:d1:9c:83:53:4b:72:
                    70:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:4A:4C:FC:82:26:9A:15:BD:DF:CE:27:2A:8F:B2:81:50:85:4A:C3
            X509v3 Authority Key Identifier:
                keyid:19:EA:5B:45:F0:1E:80:BE:0A:76:DC:DA:C9:92:6B:6E:67:42:F2:21

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915617D/18DC5742180811EBA8573012C4F9AE02/GepbRfAegL4KdtzayZJrbmdC8iE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GepbRfAegL4KdtzayZJrbmdC8iE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915617D/18DC5742180811EBA8573012C4F9AE02/B2356D1A180911EB962CB216C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.250.156.0/22
                  103.219.68.0/22
                IPv6:
                  2405:4d80::/32

    Signature Algorithm: sha256WithRSAEncryption
         b0:d3:bb:e4:9d:8c:ba:16:39:81:f8:67:1d:9a:80:f9:5f:6e:
         1d:d7:7a:66:33:1c:b4:79:b9:b7:a0:da:d5:75:80:50:68:fd:
         e4:ea:15:13:d3:04:65:72:d8:16:f2:f5:b9:37:14:43:42:13:
         8f:cc:88:1e:87:ed:80:de:77:f7:7a:c3:6d:b7:e9:4a:4d:2d:
         75:bc:a2:b7:41:24:11:db:aa:15:f9:5e:9f:d9:e9:b8:f4:f3:
         a7:e9:28:13:22:c3:c0:e4:63:f0:15:da:b0:8b:24:b1:6d:23:
         f4:77:d3:a3:8d:48:7a:94:7f:05:77:e2:3d:f7:b2:20:2e:0c:
         12:ff:80:d0:be:35:fc:44:3f:e3:7d:04:5b:02:34:85:3e:2b:
         27:46:92:82:ef:47:9c:c7:01:09:73:7b:21:a0:79:7e:98:c8:
         4d:b0:8d:61:09:0d:3c:3e:ad:11:ac:32:88:5b:b9:7d:14:69:
         0b:ee:5b:62:28:6b:b6:9a:b0:d7:e6:09:d5:25:31:46:b8:ba:
         ee:00:ef:e5:42:70:a9:35:48:46:f7:93:62:e2:f2:e8:18:21:
         97:28:90:d8:87:59:19:9b:5f:5d:11:83:a1:92:b5:9d:b8:86:
         30:fd:4e:cf:43:68:9b:13:65:ad:0e:4c:a4:d0:a9:d3:5e:25:
         7c:a9:5f:a3
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICB3owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTYxN0QxMTAvBgNVBAUTKDE5RUE1QjQ1RjAxRTgwQkUwQTc2RENEQUM5OTI2QjZF
Njc0MkYyMjEwHhcNMjUwNTMwMjE1MTAxWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODNhMjg0NS03MjY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoTLt1CA2f9UvDdki4nzwxnNj4jzkz7QkM2kWN407ohLIkyrz8lPDyNi1OfML
2gmbQbUm0Yp+bHXg3BusNPou46GJZF/mz5UH4FnLy+rW9+adoVUyGpDxfKcIuuih
DjMRHo6oq6EoWnxtJ/KoL8/gpCkgjPI358pV7Y6EAD+HCTvYRqkGf8GhUfYXp2B6
CaOQCGNC7R5UDlLOLOBgNQhtUEQzGkF5TTI7f1Bv754zYN1oplYff5TqA8ehAn7c
iI61sQCXKDsj7g9MIEKtiXOx+oP++w4GIbUWIgUm/QD+dB88RKKofotROksjTav4
n4eopcXdzfT8eU7RnINTS3JwvwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFERKTPyC
JpoVvd/OJyqPsoFQhUrDMB8GA1UdIwQYMBaAFBnqW0XwHoC+Cnbc2smSa25nQvIh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjE3RC8xOERDNTc0MjE4
MDgxMUVCQTg1NzMwMTJDNEY5QUUwMi9HZXBiUmZBZWdMNEtkdHpheVpKcmJtZEM4
aUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dlcGJSZkFlZ0w0S2R0emF5WkpyYm1kQzhpRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTYxN0QvMThEQzU3NDIxODA4MTFFQkE4NTczMDEyQzRGOUFFMDIvQjIzNTZEMUEx
ODA5MTFFQjk2MkNCMjE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAIt+pwDBAJn20QwDQQCAAIwBwMFACQFTYAwDQYJKoZIhvcN
AQELBQADggEBALDTu+SdjLoWOYH4Zx2agPlfbh3XemYzHLR5ubeg2tV1gFBo/eTq
FRPTBGVy2Bby9bk3FENCE4/MiB6H7YDed/d6w2236UpNLXW8ordBJBHbqhX5Xp/Z
6bj086fpKBMiw8DkY/AV2rCLJLFtI/R306ONSHqUfwV34j33siAuDBL/gNC+NfxE
P+N9BFsCNIU+KydGkoLvR5zHAQlzeyGgeX6YyE2wjWEJDTw+rRGsMohbuX0UaQvu
W2Ioa7aasNfmCdUlMUa4uu4A7+VCcKk1SEb3k2Li8ugYIZcokNiHWRmbX10Rg6GS
tZ24hjD9Ts9DaJsTZa0OTKTQqdNeJXypX6M=
-----END CERTIFICATE-----
Generated at Tue Jun 10 09:13:01 2025 by rpki-client