Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918770D/176D4114ED2311E6938FD318C4F9AE02/6C5A7912ED2311E680140D19C4F9AE02.roa
File:                     6C5A7912ED2311E680140D19C4F9AE02.roa (raw, json)
Hash identifier:          w+6iR/F583nwtLejN1ZMM4mivM5f0eBnZv1CsfpH8hw=
Subject key identifier:   1F:A4:8B:97:30:B2:C4:8C:8B:9A:DF:EE:F9:38:FC:FF:E8:F2:F4:95
Certificate issuer:       /CN=A918770D/serialNumber=1BAF8251D1A13F4188060AB19A030D36CAA7ABD4
Certificate serial:       1C16
Authority key identifier: 1B:AF:82:51:D1:A1:3F:41:88:06:0A:B1:9A:03:0D:36:CA:A7:AB:D4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G6-CUdGhP0GIBgqxmgMNNsqnq9Q.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918770D/176D4114ED2311E6938FD318C4F9AE02/6C5A7912ED2311E680140D19C4F9AE02.roa
Signing time:             Thu 22 May 2025 16:44:22 +0000
ROA not before:           Thu 22 May 2025 16:44:22 +0000
ROA not after:            Thu 30 Jul 2026 00:00:00 +0000
asID:                     135371
IP address blocks:        103.215.192.0/22 maxlen: 22
                          103.215.192.0/24 maxlen: 24
                          103.215.193.0/24 maxlen: 24
                          103.215.194.0/24 maxlen: 24
                          103.215.195.0/24 maxlen: 24
                          157.119.76.0/22 maxlen: 22
                          157.119.76.0/24 maxlen: 24
                          157.119.77.0/24 maxlen: 24
                          157.119.78.0/24 maxlen: 24
                          157.119.79.0/24 maxlen: 24
                          2406:e480::/32 maxlen: 32
                          2406:e480::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918770D/176D4114ED2311E6938FD318C4F9AE02/G6-CUdGhP0GIBgqxmgMNNsqnq9Q.crl
                          rsync://rpki.apnic.net/member_repository/A918770D/176D4114ED2311E6938FD318C4F9AE02/G6-CUdGhP0GIBgqxmgMNNsqnq9Q.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G6-CUdGhP0GIBgqxmgMNNsqnq9Q.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 17 Jun 2025 16:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7190 (0x1c16)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918770D, serialNumber=1BAF8251D1A13F4188060AB19A030D36CAA7ABD4
        Validity
            Not Before: May 22 16:44:22 2025 GMT
            Not After : Jul 30 00:00:00 2026 GMT
        Subject: CN=682f5465-55fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:94:03:86:61:a6:ee:0e:f9:df:76:bd:15:03:
                    83:6c:9f:49:97:01:1b:5e:ee:ac:3c:7c:77:d0:56:
                    40:8a:44:44:63:c5:67:59:55:25:8f:aa:93:6d:de:
                    39:9c:27:ac:e2:74:da:b0:ee:d2:27:61:ed:e6:86:
                    60:96:11:66:95:ba:e6:63:82:d7:53:b1:bc:14:8b:
                    f2:7e:7c:9a:c3:92:9f:81:22:4e:ed:db:44:f0:1b:
                    ad:be:03:8a:ad:d6:74:08:ec:7f:ea:c1:10:ba:d1:
                    33:d0:45:fb:ca:e6:3d:68:e3:bb:9c:31:0d:90:1e:
                    55:f0:75:54:85:fe:f9:f0:a7:ec:dd:b1:a4:40:24:
                    ed:c5:d7:cb:a4:f0:07:5e:fd:63:6f:18:b8:67:48:
                    0c:4f:d9:3e:b1:24:e1:77:1e:9a:50:42:7e:e5:3b:
                    86:9f:8e:e0:bb:93:22:33:46:95:f4:a6:ab:1d:ad:
                    ac:c1:e8:fe:d9:32:25:3a:fa:4e:3b:7a:c8:5a:a7:
                    67:93:ef:9f:40:23:14:a8:b3:2d:63:a4:1f:42:52:
                    87:e0:87:37:e6:13:04:3f:55:1f:c0:83:2d:51:1f:
                    e1:d2:be:f4:d0:ed:c4:f3:23:47:93:6c:58:89:cd:
                    6f:7d:fe:ae:94:c2:3c:0e:7e:2a:83:cf:bf:be:06:
                    1e:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:A4:8B:97:30:B2:C4:8C:8B:9A:DF:EE:F9:38:FC:FF:E8:F2:F4:95
            X509v3 Authority Key Identifier:
                keyid:1B:AF:82:51:D1:A1:3F:41:88:06:0A:B1:9A:03:0D:36:CA:A7:AB:D4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918770D/176D4114ED2311E6938FD318C4F9AE02/G6-CUdGhP0GIBgqxmgMNNsqnq9Q.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G6-CUdGhP0GIBgqxmgMNNsqnq9Q.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918770D/176D4114ED2311E6938FD318C4F9AE02/6C5A7912ED2311E680140D19C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.215.192.0/22
                  157.119.76.0/22
                IPv6:
                  2406:e480::/32

    Signature Algorithm: sha256WithRSAEncryption
         61:81:50:d6:b0:04:22:70:29:df:cc:a7:fb:ef:ed:1d:d4:12:
         c0:62:08:29:94:79:ee:a7:f5:bd:82:d5:94:90:a9:78:43:89:
         58:fb:fd:37:8d:05:1c:38:6b:9a:e0:8f:51:1c:57:87:3d:8a:
         9e:a0:81:72:05:b6:4a:e0:88:d0:9c:ce:c7:55:ea:db:65:13:
         2e:1b:b1:8c:42:1e:9e:96:09:35:dd:aa:67:87:c4:11:66:db:
         46:24:97:b8:34:16:19:03:fa:27:e3:48:b9:31:51:7f:27:39:
         c4:67:f4:8b:7c:60:8b:95:58:d3:2b:e2:87:ff:50:54:15:d6:
         c2:99:c2:bc:2b:8b:22:27:31:6f:c5:15:e8:07:0f:ac:d3:b3:
         f3:50:ae:b2:b8:aa:c5:cc:5c:f2:34:24:cb:98:e6:ba:5d:a8:
         8c:3f:6a:9b:24:b2:24:bb:d7:44:9b:d4:87:0a:1f:72:ab:63:
         38:ed:99:90:b8:24:d1:3b:c1:61:c7:28:3d:63:9e:03:ce:fe:
         48:79:2b:f0:30:b2:f3:c5:61:07:2e:6c:c8:6e:c8:cb:70:88:
         02:5e:76:4d:95:0e:7f:41:be:aa:10:b2:0a:f1:4b:2a:ad:1e:
         08:54:2a:db:97:04:a3:4c:e6:2f:0e:d7:50:f7:e8:98:8c:7a:
         7d:b1:7d:5f
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICHBYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODc3MEQxMTAvBgNVBAUTKDFCQUY4MjUxRDFBMTNGNDE4ODA2MEFCMTlBMDMwRDM2
Q0FBN0FCRDQwHhcNMjUwNTIyMTY0NDIyWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJmNTQ2NS01NWZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAppQDhmGm7g7533a9FQODbJ9JlwEbXu6sPHx30FZAikREY8VnWVUlj6qTbd45
nCes4nTasO7SJ2Ht5oZglhFmlbrmY4LXU7G8FIvyfnyaw5KfgSJO7dtE8ButvgOK
rdZ0COx/6sEQutEz0EX7yuY9aOO7nDENkB5V8HVUhf758Kfs3bGkQCTtxdfLpPAH
Xv1jbxi4Z0gMT9k+sSThdx6aUEJ+5TuGn47gu5MiM0aV9KarHa2swej+2TIlOvpO
O3rIWqdnk++fQCMUqLMtY6QfQlKH4Ic35hMEP1UfwIMtUR/h0r700O3E8yNHk2xY
ic1vff6ulMI8Dn4qg8+/vgYenQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFB+ki5cw
ssSMi5rf7vk4/P/o8vSVMB8GA1UdIwQYMBaAFBuvglHRoT9BiAYKsZoDDTbKp6vU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NzcwRC8xNzZENDExNEVE
MjMxMUU2OTM4RkQzMThDNEY5QUUwMi9HNi1DVWRHaFAwR0lCZ3F4bWdNTk5zcW5x
OVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0c2LUNVZEdoUDBHSUJncXhtZ01OTnNxbnE5US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODc3MEQvMTc2RDQxMTRFRDIzMTFFNjkzOEZEMzE4QzRGOUFFMDIvNkM1QTc5MTJF
RDIzMTFFNjgwMTQwRDE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJn18ADBAKdd0wwDQQCAAIwBwMFACQG5IAwDQYJKoZIhvcN
AQELBQADggEBAGGBUNawBCJwKd/Mp/vv7R3UEsBiCCmUee6n9b2C1ZSQqXhDiVj7
/TeNBRw4a5rgj1EcV4c9ip6ggXIFtkrgiNCczsdV6ttlEy4bsYxCHp6WCTXdqmeH
xBFm20Ykl7g0FhkD+ifjSLkxUX8nOcRn9It8YIuVWNMr4of/UFQV1sKZwrwriyIn
MW/FFegHD6zTs/NQrrK4qsXMXPI0JMuY5rpdqIw/apsksiS710Sb1IcKH3KrYzjt
mZC4JNE7wWHHKD1jngPO/kh5K/AwsvPFYQcubMhuyMtwiAJedk2VDn9BvqoQsgrx
SyqtHghUKtuXBKNM5i8O11D36JiMen2xfV8=
-----END CERTIFICATE-----
Generated at Wed Jun 11 06:15:07 2025 by rpki-client