Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/2605BA6A267D11ECAF7F166DC4F9AE02.roa
File:                     2605BA6A267D11ECAF7F166DC4F9AE02.roa (raw, json)
Hash identifier:          Ixq9geRxUKKGOgHHhaiXOEHSRL++Qm2+qsdIs46ukkY=
Subject key identifier:   D1:5B:F5:2A:AA:12:D7:06:BB:10:27:F9:C2:DC:89:9F:61:6B:A6:27
Certificate issuer:       /CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Certificate serial:       07CF
Authority key identifier: D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/2605BA6A267D11ECAF7F166DC4F9AE02.roa
Signing time:             Wed 02 Jul 2025 22:31:19 +0000
ROA not before:           Wed 02 Jul 2025 22:31:19 +0000
ROA not after:            Thu 30 Jul 2026 00:00:00 +0000
asID:                     20473
IP address blocks:        45.114.190.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1eU68RWZfH-juGVS-V9RFK80Bek.crl
                          rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1eU68RWZfH-juGVS-V9RFK80Bek.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 10 Jul 2025 03:15:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1999 (0x7cf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916D0D2, serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
        Validity
            Not Before: Jul  2 22:31:19 2025 GMT
            Not After : Jul 30 00:00:00 2026 GMT
        Subject: CN=6865b336-0d21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:42:be:fc:4d:ec:ef:cd:22:fe:83:97:13:7f:
                    06:7b:8d:50:61:37:18:3e:ff:11:7c:3c:1c:81:1e:
                    09:5a:07:49:14:f1:04:6a:df:3e:15:70:a3:fe:98:
                    ed:d7:45:43:74:84:fe:90:ad:35:68:09:b3:7e:71:
                    19:4c:66:25:b1:8e:47:c6:1c:59:2a:05:af:b9:cc:
                    f9:ea:45:45:6b:ae:45:d8:43:50:5f:65:49:fe:e7:
                    37:94:04:0c:13:59:17:0a:15:43:19:6d:fe:b7:34:
                    a0:cd:97:a7:ea:a8:1f:29:12:6d:67:da:dc:85:a2:
                    1b:c8:39:d7:49:cc:26:98:ee:94:d1:38:b3:dc:a5:
                    04:31:c3:6a:16:ab:03:4a:41:62:3f:07:05:8c:a3:
                    48:f5:a0:73:5f:e9:e7:85:4c:55:da:c1:18:1b:82:
                    55:af:4c:27:bc:48:f8:64:07:27:97:32:f8:fe:a0:
                    49:5e:85:e9:74:6e:b7:9a:b6:71:4f:b1:10:a6:36:
                    ed:12:98:c1:2c:f2:3b:5f:23:08:0a:35:0e:2d:63:
                    14:35:95:dc:21:3d:41:38:21:5b:10:59:8d:d6:5b:
                    75:47:be:60:2b:a2:d2:1b:9f:39:da:47:a4:05:74:
                    20:61:db:ac:b6:81:55:a6:f7:0c:59:42:b1:b9:f1:
                    0c:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:5B:F5:2A:AA:12:D7:06:BB:10:27:F9:C2:DC:89:9F:61:6B:A6:27
            X509v3 Authority Key Identifier:
                keyid:D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1eU68RWZfH-juGVS-V9RFK80Bek.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/2605BA6A267D11ECAF7F166DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.114.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:55:72:f4:23:1f:cf:05:a9:89:25:27:a1:0c:4a:b8:14:46:
         0d:8b:57:cd:06:f3:bc:ae:de:e2:aa:25:9c:6b:84:cc:d6:f0:
         02:f6:57:f2:d9:e9:85:5f:87:0d:10:f4:ca:6a:5e:0c:c9:14:
         d0:2f:ad:c1:61:b1:ee:35:66:14:ae:d1:41:47:b5:03:24:bf:
         ad:13:8b:da:92:c5:0f:70:6d:52:b8:2e:9d:4c:68:3f:35:fa:
         b2:40:b0:ea:f6:d6:df:87:e9:14:51:ba:fa:c1:56:39:50:af:
         ba:bb:d0:a4:d4:7f:bf:0a:86:fe:b0:41:53:9e:01:0b:ff:78:
         80:37:cf:95:b4:54:3b:34:2e:f4:eb:91:5d:b5:c1:3d:d0:89:
         f6:b3:af:43:f1:3f:63:e2:c0:97:83:56:50:84:b3:51:8c:5b:
         fb:a9:e1:84:e0:85:11:3e:39:a6:29:69:c8:a1:ac:a4:71:21:
         07:59:2f:1c:d7:fb:67:7c:89:c4:c2:dc:d7:e9:de:a9:d2:ab:
         a7:76:29:fc:72:f2:dd:03:90:e9:b5:73:91:74:b4:36:f7:a4:
         e8:4b:81:c9:d0:e0:34:be:21:ab:dc:02:89:cc:ff:49:e8:76:
         3d:0d:26:9d:29:4a:0e:d5:62:7e:cf:65:df:09:6b:fc:3b:d3:
         6b:f9:91:2c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB88wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQwRDIxMTAvBgNVBAUTKEQ1RTUzQUYxMTU5OTdDN0ZBM0I4NjU1MkY5NUY1MTE0
QUYzNDA1RTkwHhcNMjUwNzAyMjIzMTE5WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODY1YjMzNi0wZDIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxUK+/E3s780i/oOXE38Ge41QYTcYPv8RfDwcgR4JWgdJFPEEat8+FXCj/pjt
10VDdIT+kK01aAmzfnEZTGYlsY5HxhxZKgWvucz56kVFa65F2ENQX2VJ/uc3lAQM
E1kXChVDGW3+tzSgzZen6qgfKRJtZ9rchaIbyDnXScwmmO6U0Tiz3KUEMcNqFqsD
SkFiPwcFjKNI9aBzX+nnhUxV2sEYG4JVr0wnvEj4ZAcnlzL4/qBJXoXpdG63mrZx
T7EQpjbtEpjBLPI7XyMICjUOLWMUNZXcIT1BOCFbEFmN1lt1R75gK6LSG5852kek
BXQgYdustoFVpvcMWUKxufEM/wIDAQABo4IClTCCApEwHQYDVR0OBBYEFNFb9Sqq
EtcGuxAn+cLciZ9ha6YnMB8GA1UdIwQYMBaAFNXlOvEVmXx/o7hlUvlfURSvNAXp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDBEMi81OTM3RDQzRTM1
QUQxMUVCODFFRUFEMTJDNEY5QUUwMi8xZVU2OFJXWmZILWp1R1ZTLVY5UkZLODBC
ZWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFlVTY4UldaZkgtanVHVlMtVjlSRks4MEJlay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQwRDIvNTkzN0Q0M0UzNUFEMTFFQjgxRUVBRDEyQzRGOUFFMDIvMjYwNUJBNkEy
NjdEMTFFQ0FGN0YxNjZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAtcr4wDQYJKoZIhvcNAQELBQADggEBAApVcvQjH88FqYkl
J6EMSrgURg2LV80G87yu3uKqJZxrhMzW8AL2V/LZ6YVfhw0Q9MpqXgzJFNAvrcFh
se41ZhSu0UFHtQMkv60Ti9qSxQ9wbVK4Lp1MaD81+rJAsOr21t+H6RRRuvrBVjlQ
r7q70KTUf78Khv6wQVOeAQv/eIA3z5W0VDs0LvTrkV21wT3Qifazr0PxP2PiwJeD
VlCEs1GMW/up4YTghRE+OaYpacihrKRxIQdZLxzX+2d8icTC3Nfp3qnSq6d2Kfxy
8t0DkOm1c5F0tDb3pOhLgcnQ4DS+IavcAonM/0nodj0NJp0pSg7VYn7PZd8Ja/w7
02v5kSw=
-----END CERTIFICATE-----
Generated at Sun Jul 6 23:48:03 2025 by rpki-client