Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/E2E771C4D93A11EEA15D7A7FC4F9AE02.roa
File:                     E2E771C4D93A11EEA15D7A7FC4F9AE02.roa (raw, json)
Hash identifier:          OibfJHn3WPTwGCGlGXJddeWgVWAEHiJTJ/mH18ttdug=
Subject key identifier:   83:A4:A5:9C:0A:7A:E1:8A:F3:0A:02:8B:88:C8:52:AC:5E:1D:A0:38
Certificate issuer:       /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Certificate serial:       0EC7
Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/E2E771C4D93A11EEA15D7A7FC4F9AE02.roa
Signing time:             Thu 22 May 2025 20:07:27 +0000
ROA not before:           Thu 22 May 2025 20:07:27 +0000
ROA not after:            Thu 30 Jul 2026 00:00:00 +0000
asID:                     152598
IP address blocks:        2406:840:fecc::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl
                          rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 17 Jun 2025 19:55:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3783 (0xec7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917ED5C, serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
        Validity
            Not Before: May 22 20:07:27 2025 GMT
            Not After : Jul 30 00:00:00 2026 GMT
        Subject: CN=682f83fe-7f74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:d5:f0:87:5d:00:fa:cb:53:5d:98:2e:fd:53:
                    22:b6:d4:e2:e7:3b:75:ab:8c:43:01:fb:0a:d4:e1:
                    db:44:22:30:c6:6d:fa:2b:29:b1:78:a9:49:54:bd:
                    22:fb:df:4f:d1:33:67:7d:6d:88:85:5a:96:d1:f5:
                    0f:a4:43:7a:a1:a7:bb:a4:4e:8a:e6:f3:5b:5d:36:
                    ae:ac:c8:14:d3:f2:3e:1a:47:eb:fa:f8:ab:53:43:
                    ed:4a:40:9a:98:9e:80:25:a9:8e:5f:4c:e9:9d:80:
                    a7:d8:c4:a3:ce:1e:34:b3:b2:13:95:dd:a4:5f:db:
                    7b:14:46:78:f4:7c:d9:cd:11:58:2f:ae:55:7d:8b:
                    55:70:02:14:9f:41:52:3d:64:5e:c8:cc:12:6d:4a:
                    8f:97:62:6e:be:f9:1a:e4:a5:20:ca:3c:8a:22:5b:
                    58:eb:3c:ad:f2:99:27:92:60:26:6a:71:00:5e:ac:
                    85:09:fe:3b:33:62:e9:c3:34:52:8a:5a:61:49:18:
                    c5:41:6a:96:bf:aa:03:a9:4a:b0:00:76:9b:b1:23:
                    45:f3:96:21:1e:10:20:a5:b3:cf:81:90:6a:41:8b:
                    7e:47:53:e0:a7:92:a1:5c:0f:53:f4:5c:dd:e3:3a:
                    c9:89:ed:d9:06:d8:be:d6:d1:98:f7:11:79:2d:19:
                    40:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:A4:A5:9C:0A:7A:E1:8A:F3:0A:02:8B:88:C8:52:AC:5E:1D:A0:38
            X509v3 Authority Key Identifier:
                keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/E2E771C4D93A11EEA15D7A7FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:840:fecc::/48

    Signature Algorithm: sha256WithRSAEncryption
         20:e1:53:3f:cd:b1:d6:1c:ff:04:dc:fd:04:e9:2f:9b:cc:67:
         c2:a8:71:3e:a2:0b:30:68:fd:6b:49:13:18:2a:29:5a:c4:dd:
         86:ab:cd:bd:8b:63:5c:d8:2a:f9:e9:c4:97:0f:22:f9:c0:3f:
         85:f6:2a:22:de:ea:b0:01:aa:dc:29:e7:6c:d8:50:33:b5:f4:
         19:4b:d0:67:10:c8:12:e2:f9:ea:2c:31:5f:7f:55:2c:45:de:
         df:b5:fe:07:3f:f7:bc:cd:10:4f:04:aa:a5:f0:77:2b:f4:69:
         ae:7f:6f:93:b1:42:9f:28:bf:3c:6b:ba:ae:c2:fb:41:df:21:
         96:e6:09:22:a5:9c:64:5a:e8:db:93:15:93:8f:e4:a1:b9:c2:
         4a:11:1a:f5:2e:96:7a:34:c9:57:96:f2:45:c7:af:1e:2c:3d:
         63:90:da:91:57:9c:8b:53:81:46:08:13:23:2f:21:5d:e7:f3:
         c4:a2:38:82:3d:3c:f2:75:3e:5e:b2:97:56:d2:ec:e9:b7:3a:
         bc:78:a4:2d:5d:83:f8:60:12:89:bb:da:29:51:fd:40:8d:e9:
         d2:5e:17:4b:54:c6:07:ef:a5:8e:65:74:cf:d4:cd:1b:42:4b:
         e0:0e:d9:9a:27:ba:45:86:0b:07:7e:2f:39:fb:d4:c9:8a:98:
         af:95:54:ef
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICDscwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE
RTExQ0ExQTUwHhcNMjUwNTIyMjAwNzI3WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJmODNmZS03Zjc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA49Xwh10A+stTXZgu/VMittTi5zt1q4xDAfsK1OHbRCIwxm36KymxeKlJVL0i
+99P0TNnfW2IhVqW0fUPpEN6oae7pE6K5vNbXTaurMgU0/I+Gkfr+virU0PtSkCa
mJ6AJamOX0zpnYCn2MSjzh40s7ITld2kX9t7FEZ49HzZzRFYL65VfYtVcAIUn0FS
PWReyMwSbUqPl2Juvvka5KUgyjyKIltY6zyt8pknkmAmanEAXqyFCf47M2LpwzRS
ilphSRjFQWqWv6oDqUqwAHabsSNF85YhHhAgpbPPgZBqQYt+R1Pgp5KhXA9T9Fzd
4zrJie3ZBti+1tGY9xF5LRlAVQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFIOkpZwK
euGK8woCi4jIUqxeHaA4MB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2
MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvRTJFNzcxQzRE
OTNBMTFFRUExNUQ3QTdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkBghA/swwDQYJKoZIhvcNAQELBQADggEBACDhUz/NsdYc
/wTc/QTpL5vMZ8KocT6iCzBo/WtJExgqKVrE3Yarzb2LY1zYKvnpxJcPIvnAP4X2
KiLe6rABqtwp52zYUDO19BlL0GcQyBLi+eosMV9/VSxF3t+1/gc/97zNEE8EqqXw
dyv0aa5/b5OxQp8ovzxruq7C+0HfIZbmCSKlnGRa6NuTFZOP5KG5wkoRGvUulno0
yVeW8kXHrx4sPWOQ2pFXnItTgUYIEyMvIV3n88SiOII9PPJ1Pl6yl1bS7Om3Orx4
pC1dg/hgEom72ilR/UCN6dJeF0tUxgfvpY5ldM/UzRtCS+AO2ZonukWGCwd+Lzn7
1MmKmK+VVO8=
-----END CERTIFICATE-----
Generated at Thu Jun 12 00:20:19 2025 by rpki-client