Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915EAD0/21FA5B0661EE11EA925D6225C4F9AE02/7F1EA1189B9111EDBC921164C4F9AE02.roa
File:                     7F1EA1189B9111EDBC921164C4F9AE02.roa (raw, json)
Hash identifier:          +r3x7TjQH2xnW46hg1hPTiKOH9bzDtcSJAR+NZYlHHc=
Subject key identifier:   B7:83:62:EF:FD:DB:B3:0B:4E:1B:C1:66:B3:C6:38:4C:3D:19:62:4C
Certificate issuer:       /CN=A915EAD0/serialNumber=51629BEB80FBDF94ED9A643FD78C81DA73B6BA1A
Certificate serial:       0A7F
Authority key identifier: 51:62:9B:EB:80:FB:DF:94:ED:9A:64:3F:D7:8C:81:DA:73:B6:BA:1A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UWKb64D735TtmmQ_14yB2nO2uho.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915EAD0/21FA5B0661EE11EA925D6225C4F9AE02/7F1EA1189B9111EDBC921164C4F9AE02.roa
Signing time:             Thu 12 Jun 2025 19:35:32 +0000
ROA not before:           Thu 12 Jun 2025 19:35:32 +0000
ROA not after:            Mon 31 Aug 2026 00:00:00 +0000
asID:                     45204
IP address blocks:        103.9.88.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A915EAD0/21FA5B0661EE11EA925D6225C4F9AE02/UWKb64D735TtmmQ_14yB2nO2uho.crl
                          rsync://rpki.apnic.net/member_repository/A915EAD0/21FA5B0661EE11EA925D6225C4F9AE02/UWKb64D735TtmmQ_14yB2nO2uho.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UWKb64D735TtmmQ_14yB2nO2uho.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 19 Jun 2025 19:35:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2687 (0xa7f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915EAD0, serialNumber=51629BEB80FBDF94ED9A643FD78C81DA73B6BA1A
        Validity
            Not Before: Jun 12 19:35:32 2025 GMT
            Not After : Aug 31 00:00:00 2026 GMT
        Subject: CN=684b2c04-3e6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:d1:14:f9:1f:37:45:13:85:e0:d9:47:85:13:
                    c9:f9:87:6d:62:ac:59:ed:80:52:3a:11:1a:ab:5c:
                    2d:2c:92:89:74:3a:fc:91:40:b9:dc:99:2c:7e:8f:
                    e3:9e:71:e8:d9:a0:eb:48:cf:46:ad:17:9e:f5:e4:
                    38:70:c9:72:1a:5c:70:4d:02:2d:de:1f:bd:d9:4f:
                    62:41:84:a6:c8:f6:db:d4:7e:7b:bd:e9:1e:21:50:
                    13:cd:74:ff:41:24:3b:70:0c:73:0e:62:9f:49:4f:
                    b8:c3:f5:6b:26:57:6f:b3:8b:9e:48:b6:25:b8:d2:
                    b5:9c:f4:f5:4b:09:2e:cd:86:00:e3:04:77:7f:76:
                    4c:9e:89:db:a1:d2:db:e6:cc:e6:d2:91:3d:b5:7e:
                    26:b3:5f:59:bc:f7:9f:0d:6b:fc:30:39:36:8d:ad:
                    25:ad:64:a5:7c:3b:d2:4e:ad:30:31:c0:74:ec:9c:
                    dc:e8:a4:e2:96:60:df:37:26:b5:55:03:8e:da:b6:
                    9a:74:bb:b7:e0:4d:f6:b0:07:18:e4:d4:48:cb:bc:
                    2c:97:90:dc:d2:fc:45:fb:96:ea:b8:9f:b8:10:4e:
                    0d:70:df:9b:df:e3:f1:2a:b6:08:5d:e8:0d:f0:0c:
                    d5:e2:9a:db:a4:54:0c:83:37:46:bc:04:34:8a:86:
                    67:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:83:62:EF:FD:DB:B3:0B:4E:1B:C1:66:B3:C6:38:4C:3D:19:62:4C
            X509v3 Authority Key Identifier:
                keyid:51:62:9B:EB:80:FB:DF:94:ED:9A:64:3F:D7:8C:81:DA:73:B6:BA:1A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915EAD0/21FA5B0661EE11EA925D6225C4F9AE02/UWKb64D735TtmmQ_14yB2nO2uho.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UWKb64D735TtmmQ_14yB2nO2uho.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EAD0/21FA5B0661EE11EA925D6225C4F9AE02/7F1EA1189B9111EDBC921164C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.9.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1f:e6:92:b0:5a:d0:e8:cd:7c:fc:a1:d0:45:a4:62:bf:70:32:
         4f:56:ab:75:8e:c2:8f:74:22:72:07:4f:0e:13:26:0c:49:20:
         77:40:26:c7:7c:6d:39:25:36:e0:5f:31:64:d0:64:8f:d1:d1:
         f6:a2:ec:ca:59:dc:f9:6d:f8:43:a5:09:13:4f:07:67:7f:3a:
         a6:95:00:10:fd:3c:da:7c:30:cb:5d:d2:2d:f9:38:d6:b0:9c:
         c1:b0:b2:0e:79:a9:ab:e4:ae:81:50:b4:a4:a1:9e:c0:6a:e9:
         5f:80:ae:19:39:e6:75:10:65:3d:a7:0a:c8:ba:8f:99:43:90:
         62:8b:38:be:9d:ac:74:f6:e2:1b:b2:90:bc:e5:72:68:54:64:
         fa:df:47:74:32:65:76:6c:e7:29:59:a6:59:5c:e9:e8:ca:81:
         eb:56:bf:a0:9a:6d:12:ae:06:4e:da:bc:32:00:b7:90:43:49:
         5d:7d:72:2d:67:a7:0b:a3:4f:40:30:94:d9:cb:f2:81:bd:31:
         4b:19:d6:8a:48:a2:0a:03:ad:6c:5c:82:ab:95:67:c0:b8:c8:
         7a:90:83:ff:d5:ba:25:8f:cd:22:b2:32:dd:89:90:03:d6:17:
         0f:16:f3:e7:0e:5b:a2:5e:77:17:52:90:38:86:e3:84:2c:a8:
         b6:07:55:d8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCn8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUVBRDAxMTAvBgNVBAUTKDUxNjI5QkVCODBGQkRGOTRFRDlBNjQzRkQ3OEM4MURB
NzNCNkJBMUEwHhcNMjUwNjEyMTkzNTMyWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODRiMmMwNC0zZTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoNEU+R83RROF4NlHhRPJ+YdtYqxZ7YBSOhEaq1wtLJKJdDr8kUC53Jksfo/j
nnHo2aDrSM9GrRee9eQ4cMlyGlxwTQIt3h+92U9iQYSmyPbb1H57vekeIVATzXT/
QSQ7cAxzDmKfSU+4w/VrJldvs4ueSLYluNK1nPT1SwkuzYYA4wR3f3ZMnonbodLb
5szm0pE9tX4ms19ZvPefDWv8MDk2ja0lrWSlfDvSTq0wMcB07Jzc6KTilmDfNya1
VQOO2raadLu34E32sAcY5NRIy7wsl5Dc0vxF+5bquJ+4EE4NcN+b3+PxKrYIXegN
8AzV4prbpFQMgzdGvAQ0ioZn0QIDAQABo4IClTCCApEwHQYDVR0OBBYEFLeDYu/9
27MLThvBZrPGOEw9GWJMMB8GA1UdIwQYMBaAFFFim+uA+9+U7ZpkP9eMgdpztroa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUFEMC8yMUZBNUIwNjYx
RUUxMUVBOTI1RDYyMjVDNEY5QUUwMi9VV0tiNjRENzM1VHRtbVFfMTR5QjJuTzJ1
aG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VXS2I2NEQ3MzVUdG1tUV8xNHlCMm5PMnVoby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUVBRDAvMjFGQTVCMDY2MUVFMTFFQTkyNUQ2MjI1QzRGOUFFMDIvN0YxRUExMTg5
QjkxMTFFREJDOTIxMTY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnCVgwDQYJKoZIhvcNAQELBQADggEBAB/mkrBa0OjNfPyh
0EWkYr9wMk9Wq3WOwo90InIHTw4TJgxJIHdAJsd8bTklNuBfMWTQZI/R0fai7MpZ
3Plt+EOlCRNPB2d/OqaVABD9PNp8MMtd0i35ONawnMGwsg55qavkroFQtKShnsBq
6V+Arhk55nUQZT2nCsi6j5lDkGKLOL6drHT24huykLzlcmhUZPrfR3QyZXZs5ylZ
pllc6ejKgetWv6CabRKuBk7avDIAt5BDSV19ci1npwujT0AwlNnL8oG9MUsZ1opI
ogoDrWxcgquVZ8C4yHqQg//VuiWPzSKyMt2JkAPWFw8W8+cOW6JedxdSkDiG44Qs
qLYHVdg=
-----END CERTIFICATE-----
Generated at Sat Jun 14 02:03:35 2025 by rpki-client