Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917748E/4D78926A4FA911EDADE5157CC4F9AE02/82A6D4C4373711F0B4C22F6AC4F9AE02.roa
File:                     82A6D4C4373711F0B4C22F6AC4F9AE02.roa (raw, json)
Hash identifier:          PE1GT2A7EmT71tkAdrtk5aTsSiGLh2+65uV6vdi3L2w=
Subject key identifier:   EC:35:6C:32:D1:42:80:BE:2B:CD:83:0A:CE:72:52:FD:DB:58:94:E8
Certificate issuer:       /CN=A917748E/serialNumber=4B3B5A01A8952FB5642D2484B7F0205AE7DCC761
Certificate serial:       01F5
Authority key identifier: 4B:3B:5A:01:A8:95:2F:B5:64:2D:24:84:B7:F0:20:5A:E7:DC:C7:61
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/SztaAaiVL7VkLSSEt_AgWufcx2E.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917748E/4D78926A4FA911EDADE5157CC4F9AE02/82A6D4C4373711F0B4C22F6AC4F9AE02.roa
Signing time:             Thu 22 May 2025 18:06:40 +0000
ROA not before:           Thu 22 May 2025 18:06:40 +0000
ROA not after:            Tue 30 Dec 2025 00:00:00 +0000
asID:                     198949
IP address blocks:        66.116.192.0/18 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917748E/4D78926A4FA911EDADE5157CC4F9AE02/SztaAaiVL7VkLSSEt_AgWufcx2E.crl
                          rsync://rpki.apnic.net/member_repository/A917748E/4D78926A4FA911EDADE5157CC4F9AE02/SztaAaiVL7VkLSSEt_AgWufcx2E.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/SztaAaiVL7VkLSSEt_AgWufcx2E.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 18 Jun 2025 02:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 501 (0x1f5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917748E, serialNumber=4B3B5A01A8952FB5642D2484B7F0205AE7DCC761
        Validity
            Not Before: May 22 18:06:40 2025 GMT
            Not After : Dec 30 00:00:00 2025 GMT
        Subject: CN=682f67b0-c988
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:44:a1:53:fe:ae:06:0c:ed:d2:78:99:2d:47:
                    25:30:18:68:2c:83:1d:9d:55:08:54:cd:c2:1b:5b:
                    fb:00:dc:83:f0:05:95:8a:3a:27:4d:45:ce:88:4e:
                    0e:b4:22:cf:8e:ce:ae:fb:cd:39:46:31:11:c8:ef:
                    30:ee:60:68:03:05:8b:30:2e:62:b5:5e:d6:e2:b8:
                    38:ee:f5:92:b5:42:76:bf:ed:21:60:a1:69:84:d2:
                    2b:62:3d:56:d0:8f:a2:8f:88:3d:a5:c3:f0:62:24:
                    c8:80:20:3d:71:30:16:e0:00:66:77:f4:4e:ba:ce:
                    5c:a7:30:88:93:78:e3:6a:22:91:31:09:16:cb:83:
                    b7:51:31:08:69:dc:d9:73:17:d5:be:26:66:5a:4d:
                    2d:6d:12:74:86:3b:6e:ce:e1:21:5b:28:0d:d1:b8:
                    05:9b:39:76:b9:ef:fa:70:5d:f6:c1:05:d3:6d:2b:
                    63:82:a2:99:ec:47:d7:9c:37:bc:f6:ad:cd:90:07:
                    c1:0e:d3:7b:92:4f:b9:6f:96:ed:96:7b:a8:9a:d3:
                    20:0f:82:83:9a:78:58:49:21:71:9f:1e:e3:ea:6d:
                    25:fb:b0:84:56:89:88:a1:8c:b5:7a:03:2b:ce:e1:
                    14:30:0f:83:c9:8b:f8:ea:45:10:e2:58:cb:9d:96:
                    06:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:35:6C:32:D1:42:80:BE:2B:CD:83:0A:CE:72:52:FD:DB:58:94:E8
            X509v3 Authority Key Identifier:
                keyid:4B:3B:5A:01:A8:95:2F:B5:64:2D:24:84:B7:F0:20:5A:E7:DC:C7:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917748E/4D78926A4FA911EDADE5157CC4F9AE02/SztaAaiVL7VkLSSEt_AgWufcx2E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/SztaAaiVL7VkLSSEt_AgWufcx2E.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917748E/4D78926A4FA911EDADE5157CC4F9AE02/82A6D4C4373711F0B4C22F6AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.116.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         59:95:a4:f7:f5:c5:5e:44:20:1c:72:35:30:b5:ec:5e:f3:9d:
         6d:ce:2c:95:38:fc:6e:8d:67:75:48:67:7c:75:6b:68:06:17:
         28:73:b6:68:f1:b9:cc:5e:58:30:60:35:09:f0:07:fd:51:f1:
         9e:29:b4:e8:cd:0a:fd:a8:16:22:7d:5a:ec:ad:43:d4:bb:ad:
         55:52:b7:7a:6e:e4:cc:b8:fc:76:cc:3b:78:c4:6f:fd:93:55:
         7f:b9:9b:f6:9b:e3:12:ac:70:07:bc:13:90:b3:fa:e4:f2:84:
         43:70:a4:df:b7:32:5b:0f:aa:28:5c:a9:32:ec:92:ee:f1:25:
         19:43:c4:5f:9f:e2:39:29:ef:f2:66:f8:05:7e:34:b8:6f:9c:
         c3:ef:89:5f:3a:63:da:3d:0f:19:05:27:e1:d1:b5:eb:fa:ba:
         f2:96:11:83:91:cd:67:ea:7e:84:56:37:83:3e:41:d3:a1:a3:
         3f:dc:b0:e8:d6:ab:0a:ad:6c:45:31:16:05:5f:23:73:74:48:
         d2:38:1d:ae:7d:9c:31:d2:1e:51:8c:09:95:7c:14:fa:46:b7:
         50:37:e9:8c:3c:b4:94:88:48:fa:88:2f:15:8a:5d:04:df:ff:
         45:ad:a0:08:2c:8c:83:37:42:54:bd:a5:46:93:53:9f:f9:54:
         ee:2f:a7:8d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAfUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzc0OEUxMTAvBgNVBAUTKDRCM0I1QTAxQTg5NTJGQjU2NDJEMjQ4NEI3RjAyMDVB
RTdEQ0M3NjEwHhcNMjUwNTIyMTgwNjQwWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJmNjdiMC1jOTg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA30ShU/6uBgzt0niZLUclMBhoLIMdnVUIVM3CG1v7ANyD8AWVijonTUXOiE4O
tCLPjs6u+805RjERyO8w7mBoAwWLMC5itV7W4rg47vWStUJ2v+0hYKFphNIrYj1W
0I+ij4g9pcPwYiTIgCA9cTAW4ABmd/ROus5cpzCIk3jjaiKRMQkWy4O3UTEIadzZ
cxfVviZmWk0tbRJ0hjtuzuEhWygN0bgFmzl2ue/6cF32wQXTbStjgqKZ7EfXnDe8
9q3NkAfBDtN7kk+5b5btlnuomtMgD4KDmnhYSSFxnx7j6m0l+7CEVomIoYy1egMr
zuEUMA+DyYv46kUQ4ljLnZYGVwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOw1bDLR
QoC+K82DCs5yUv3bWJToMB8GA1UdIwQYMBaAFEs7WgGolS+1ZC0khLfwIFrn3Mdh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzQ4RS80RDc4OTI2QTRG
QTkxMUVEQURFNTE1N0NDNEY5QUUwMi9TenRhQWFpVkw3VmtMU1NFdF9BZ1d1ZmN4
MkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1N6dGFBYWlWTDdWa0xTU0V0X0FnV3VmY3gyRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Nzc0OEUvNEQ3ODkyNkE0RkE5MTFFREFERTUxNTdDQzRGOUFFMDIvODJBNkQ0QzQz
NzM3MTFGMEI0QzIyRjZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAZCdMAwDQYJKoZIhvcNAQELBQADggEBAFmVpPf1xV5EIBxy
NTC17F7znW3OLJU4/G6NZ3VIZ3x1a2gGFyhztmjxucxeWDBgNQnwB/1R8Z4ptOjN
Cv2oFiJ9WuytQ9S7rVVSt3pu5My4/HbMO3jEb/2TVX+5m/ab4xKscAe8E5Cz+uTy
hENwpN+3MlsPqihcqTLsku7xJRlDxF+f4jkp7/Jm+AV+NLhvnMPviV86Y9o9DxkF
J+HRtev6uvKWEYORzWfqfoRWN4M+QdOhoz/csOjWqwqtbEUxFgVfI3N0SNI4Ha59
nDHSHlGMCZV8FPpGt1A36Yw8tJSISPqILxWKXQTf/0WtoAgsjIM3QlS9pUaTU5/5
VO4vp40=
-----END CERTIFICATE-----
Generated at Thu Jun 12 16:38:22 2025 by rpki-client