Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91841D2/F7223FB4845411EA8D6E350EC4F9AE02/96CBB6F021DD11EBBEEF997DC4F9AE02.roa
File:                     96CBB6F021DD11EBBEEF997DC4F9AE02.roa (raw, json)
Hash identifier:          XNLc2hzwG2rPDS1PYT/O9+b6/Uq/y3qUxEgGA8r+TxU=
Subject key identifier:   E4:7C:C2:57:6E:BF:0A:73:47:FB:0F:12:59:AC:F5:C2:D9:EA:4C:56
Certificate issuer:       /CN=A91841D2/serialNumber=7EE71AD847E9D56810CD49E27785C6385CCCF96B
Certificate serial:       09E8
Authority key identifier: 7E:E7:1A:D8:47:E9:D5:68:10:CD:49:E2:77:85:C6:38:5C:CC:F9:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fuca2Efp1WgQzUnid4XGOFzM-Ws.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91841D2/F7223FB4845411EA8D6E350EC4F9AE02/96CBB6F021DD11EBBEEF997DC4F9AE02.roa
Signing time:             Fri 20 Jun 2025 20:26:46 +0000
ROA not before:           Fri 20 Jun 2025 20:26:46 +0000
ROA not after:            Thu 30 Jul 2026 00:00:00 +0000
asID:                     135386
IP address blocks:        103.150.181.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91841D2/F7223FB4845411EA8D6E350EC4F9AE02/fuca2Efp1WgQzUnid4XGOFzM-Ws.crl
                          rsync://rpki.apnic.net/member_repository/A91841D2/F7223FB4845411EA8D6E350EC4F9AE02/fuca2Efp1WgQzUnid4XGOFzM-Ws.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fuca2Efp1WgQzUnid4XGOFzM-Ws.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 07 Jul 2025 20:07:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2536 (0x9e8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91841D2, serialNumber=7EE71AD847E9D56810CD49E27785C6385CCCF96B
        Validity
            Not Before: Jun 20 20:26:46 2025 GMT
            Not After : Jul 30 00:00:00 2026 GMT
        Subject: CN=6855c406-4b1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:c4:c6:db:31:4c:cc:8a:23:ed:57:0b:d7:5e:
                    97:d1:b0:b9:11:84:c7:bb:b1:f5:71:93:bf:8b:42:
                    54:de:74:86:fc:cb:42:ed:6e:ca:5e:6c:0e:39:98:
                    14:a9:e2:b8:b5:d8:aa:9b:b9:11:f9:09:fe:0a:3d:
                    eb:4c:9d:06:bc:28:ae:9c:4f:4b:85:26:61:1c:1d:
                    bc:b4:b6:f5:c6:7b:7d:47:78:b2:0b:fa:3d:51:d7:
                    e8:5e:21:a9:81:d4:b2:43:34:de:90:aa:36:42:84:
                    a1:a9:7a:e4:72:8d:52:ee:40:0d:88:8c:c8:76:b8:
                    a3:90:59:ce:a1:2c:3d:f4:b4:31:d7:1c:03:3f:98:
                    76:e5:45:f1:4a:48:6e:e2:ac:01:af:1b:af:9e:70:
                    5a:52:91:98:04:8e:a9:7b:9b:3f:78:a5:71:9e:df:
                    14:1c:a1:d8:06:0c:5c:28:8a:e2:31:d7:c3:92:8d:
                    89:5f:84:cc:d7:c7:85:dd:42:f7:b1:a7:8b:a2:bc:
                    6e:6d:7a:45:e1:90:b7:bc:d7:b9:cd:e0:9c:95:32:
                    9f:fd:48:8d:ab:31:a4:74:b6:aa:23:be:5d:8c:9e:
                    91:6c:b4:75:d6:6e:28:9b:16:e9:7e:b5:0d:b6:99:
                    a6:af:57:62:f0:b3:41:09:de:9b:22:9e:82:46:68:
                    f0:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:7C:C2:57:6E:BF:0A:73:47:FB:0F:12:59:AC:F5:C2:D9:EA:4C:56
            X509v3 Authority Key Identifier:
                keyid:7E:E7:1A:D8:47:E9:D5:68:10:CD:49:E2:77:85:C6:38:5C:CC:F9:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91841D2/F7223FB4845411EA8D6E350EC4F9AE02/fuca2Efp1WgQzUnid4XGOFzM-Ws.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fuca2Efp1WgQzUnid4XGOFzM-Ws.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91841D2/F7223FB4845411EA8D6E350EC4F9AE02/96CBB6F021DD11EBBEEF997DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.150.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:46:ed:d2:34:2a:70:69:46:4f:0d:cd:a1:93:3e:df:70:9a:
         c5:ef:c4:38:08:fb:ee:87:c9:8a:bb:5b:73:12:4a:4b:2d:24:
         97:66:22:a5:39:a6:4c:05:ac:64:fc:25:c0:8a:43:8b:00:f3:
         f5:16:bb:83:8a:c1:20:1c:0c:28:04:3c:fb:64:8a:38:f5:d2:
         3c:2c:ac:ad:4f:62:e2:bd:16:de:93:59:54:cf:03:22:33:28:
         e7:67:2a:95:d1:8f:10:fb:c6:a4:bd:95:72:19:dc:9e:dc:91:
         05:14:a4:40:ad:57:2a:38:bd:a9:34:aa:97:49:8c:02:11:af:
         b1:9f:11:cf:a5:ea:c4:23:d2:65:6e:e5:43:1b:61:3e:18:52:
         25:37:57:c9:25:67:33:0c:2d:23:41:90:41:5d:ae:26:df:e2:
         d0:7e:9b:f8:dc:8b:a1:6a:5a:8b:bd:df:ff:75:f0:c9:49:29:
         91:cc:6e:26:1d:49:08:73:24:db:a2:ac:90:74:a2:f4:b5:70:
         88:93:f2:3b:85:4f:80:24:d2:ea:fe:9b:2a:f4:d7:8b:bf:33:
         a2:65:8f:ac:2d:d5:c4:e3:4c:54:53:22:ec:12:03:c9:3e:66:
         c3:bb:f7:82:10:4e:f0:69:2c:87:de:32:01:fe:c7:8b:4e:b8:
         2b:db:d8:a0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCegwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQxRDIxMTAvBgNVBAUTKDdFRTcxQUQ4NDdFOUQ1NjgxMENENDlFMjc3ODVDNjM4
NUNDQ0Y5NkIwHhcNMjUwNjIwMjAyNjQ2WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODU1YzQwNi00YjFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAocTG2zFMzIoj7VcL116X0bC5EYTHu7H1cZO/i0JU3nSG/MtC7W7KXmwOOZgU
qeK4tdiqm7kR+Qn+Cj3rTJ0GvCiunE9LhSZhHB28tLb1xnt9R3iyC/o9UdfoXiGp
gdSyQzTekKo2QoShqXrkco1S7kANiIzIdrijkFnOoSw99LQx1xwDP5h25UXxSkhu
4qwBrxuvnnBaUpGYBI6pe5s/eKVxnt8UHKHYBgxcKIriMdfDko2JX4TM18eF3UL3
saeLorxubXpF4ZC3vNe5zeCclTKf/UiNqzGkdLaqI75djJ6RbLR11m4omxbpfrUN
tpmmr1di8LNBCd6bIp6CRmjwqQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOR8wldu
vwpzR/sPElms9cLZ6kxWMB8GA1UdIwQYMBaAFH7nGthH6dVoEM1J4neFxjhczPlr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDFEMi9GNzIyM0ZCNDg0
NTQxMUVBOEQ2RTM1MEVDNEY5QUUwMi9mdWNhMkVmcDFXZ1F6VW5pZDRYR09Gek0t
V3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Z1Y2EyRWZwMVdnUXpVbmlkNFhHT0Z6TS1Xcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQxRDIvRjcyMjNGQjQ4NDU0MTFFQThENkUzNTBFQzRGOUFFMDIvOTZDQkI2RjAy
MUREMTFFQkJFRUY5OTdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnlrUwDQYJKoZIhvcNAQELBQADggEBAARG7dI0KnBpRk8N
zaGTPt9wmsXvxDgI++6HyYq7W3MSSkstJJdmIqU5pkwFrGT8JcCKQ4sA8/UWu4OK
wSAcDCgEPPtkijj10jwsrK1PYuK9Ft6TWVTPAyIzKOdnKpXRjxD7xqS9lXIZ3J7c
kQUUpECtVyo4vak0qpdJjAIRr7GfEc+l6sQj0mVu5UMbYT4YUiU3V8klZzMMLSNB
kEFdribf4tB+m/jci6FqWou93/918MlJKZHMbiYdSQhzJNuirJB0ovS1cIiT8juF
T4Ak0ur+myr014u/M6Jlj6wt1cTjTFRTIuwSA8k+ZsO794IQTvBpLIfeMgH+x4tO
uCvb2KA=
-----END CERTIFICATE-----
Generated at Wed Jul 2 01:57:34 2025 by rpki-client