Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918D5CF/98D0B4F87B1A11E88F3D0C14C4F9AE02/0802DFC67B1C11E8BC732C17C4F9AE02.roa
File:                     0802DFC67B1C11E8BC732C17C4F9AE02.roa (raw, json)
Hash identifier:          IY1KR2STRHWACxUYvedIZffoCYQxTjZXanC5kAZHVDk=
Subject key identifier:   A4:74:03:F7:EC:37:75:5B:A6:9C:EF:A7:C7:64:11:4E:23:A2:99:95
Certificate issuer:       /CN=A918D5CF/serialNumber=370393BC6460E52D0F5E021D552F5817433EB2E7
Certificate serial:       141A
Authority key identifier: 37:03:93:BC:64:60:E5:2D:0F:5E:02:1D:55:2F:58:17:43:3E:B2:E7
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NwOTvGRg5S0PXgIdVS9YF0M-suc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918D5CF/98D0B4F87B1A11E88F3D0C14C4F9AE02/0802DFC67B1C11E8BC732C17C4F9AE02.roa
Signing time:             Thu 22 May 2025 17:28:41 +0000
ROA not before:           Thu 22 May 2025 17:28:41 +0000
ROA not after:            Mon 31 Aug 2026 00:00:00 +0000
asID:                     9890
IP address blocks:        103.115.98.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918D5CF/98D0B4F87B1A11E88F3D0C14C4F9AE02/NwOTvGRg5S0PXgIdVS9YF0M-suc.crl
                          rsync://rpki.apnic.net/member_repository/A918D5CF/98D0B4F87B1A11E88F3D0C14C4F9AE02/NwOTvGRg5S0PXgIdVS9YF0M-suc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NwOTvGRg5S0PXgIdVS9YF0M-suc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 15 Jun 2025 16:49:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5146 (0x141a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918D5CF, serialNumber=370393BC6460E52D0F5E021D552F5817433EB2E7
        Validity
            Not Before: May 22 17:28:41 2025 GMT
            Not After : Aug 31 00:00:00 2026 GMT
        Subject: CN=682f5ec8-c9f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:b6:f4:2f:11:ee:16:29:39:b6:b8:05:69:79:
                    03:34:ce:33:7e:cd:b8:8d:b9:cf:34:8b:2e:1b:35:
                    a4:fc:0b:ef:c6:56:5f:a8:02:42:44:fd:a6:5e:e5:
                    b3:39:98:6d:8b:b9:45:4b:e1:4a:14:9e:c8:9a:9d:
                    98:47:42:9e:a6:b9:4a:6c:59:a8:91:ee:89:62:60:
                    fb:fb:bf:f1:79:f4:ac:b1:49:30:28:b4:25:3d:d7:
                    51:ec:b6:29:1d:40:a5:05:12:1e:76:15:b8:58:71:
                    4b:a8:1e:b1:4b:ab:85:48:5e:0a:22:4d:a8:9f:90:
                    5d:1f:b0:6b:f2:53:22:f2:72:de:7e:2d:69:60:e0:
                    58:34:db:05:fc:ed:71:ad:c3:65:c2:7b:d3:31:a2:
                    fe:15:df:5c:a2:4f:2b:47:5b:2c:6c:73:30:0c:f0:
                    8e:44:1d:96:4d:1e:c7:bf:1b:fa:3f:14:b2:68:aa:
                    69:9a:84:08:ab:d4:75:73:da:e2:17:26:06:aa:76:
                    c0:bf:ad:32:4f:21:f6:d6:2d:98:c7:d2:47:a6:69:
                    73:43:7d:c4:83:95:89:78:8e:0c:c7:e0:8f:d2:78:
                    de:e5:62:0b:13:29:a4:d2:b6:6f:e9:c9:7e:44:5b:
                    13:26:6a:a0:95:c4:a4:8d:8d:17:bc:58:25:42:95:
                    12:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:74:03:F7:EC:37:75:5B:A6:9C:EF:A7:C7:64:11:4E:23:A2:99:95
            X509v3 Authority Key Identifier:
                keyid:37:03:93:BC:64:60:E5:2D:0F:5E:02:1D:55:2F:58:17:43:3E:B2:E7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918D5CF/98D0B4F87B1A11E88F3D0C14C4F9AE02/NwOTvGRg5S0PXgIdVS9YF0M-suc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NwOTvGRg5S0PXgIdVS9YF0M-suc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D5CF/98D0B4F87B1A11E88F3D0C14C4F9AE02/0802DFC67B1C11E8BC732C17C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.115.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:e9:d4:41:8f:a1:64:4b:d4:e3:15:f0:ea:5b:06:62:37:79:
         a9:ed:fe:af:de:6c:31:98:3b:fd:1f:ad:29:25:2d:50:67:13:
         82:ba:c7:71:7c:10:17:05:e7:1d:83:4b:d3:1b:0c:af:8d:a5:
         8c:cb:b0:ad:e3:58:78:32:9b:7e:80:ab:55:62:46:21:5e:77:
         1e:3d:fe:75:c8:dd:9b:8c:af:14:66:02:9a:47:c5:dc:33:09:
         c7:44:6b:39:9b:97:02:df:70:0d:c8:bb:0f:52:8d:e9:50:b6:
         0f:c0:c4:cb:00:a1:11:ed:0f:76:af:05:dd:c9:ad:ae:7f:64:
         70:fe:58:cd:0a:13:88:12:ee:c0:6e:84:4f:ad:2c:ec:93:f1:
         31:fc:ec:cf:3b:8f:7d:d7:f7:1b:91:df:65:8d:fd:77:3b:08:
         25:49:7c:c7:86:b4:02:36:ba:9b:86:f7:17:2a:13:e7:56:bf:
         9a:ea:ca:20:61:6b:97:b4:6b:42:0c:f4:f9:2a:72:3d:83:26:
         50:6c:41:cb:28:69:32:6e:67:9b:70:f3:a2:0c:e3:cf:68:01:
         4e:64:ba:21:a6:de:0c:14:fc:b0:89:1d:a7:3e:a6:8b:e6:bd:
         63:8e:16:97:e8:04:cc:c8:b3:06:6a:d4:63:41:7e:40:7a:c7:
         ad:63:32:bd
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICFBowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQ1Q0YxMTAvBgNVBAUTKDM3MDM5M0JDNjQ2MEU1MkQwRjVFMDIxRDU1MkY1ODE3
NDMzRUIyRTcwHhcNMjUwNTIyMTcyODQxWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJmNWVjOC1jOWY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoLb0LxHuFik5trgFaXkDNM4zfs24jbnPNIsuGzWk/AvvxlZfqAJCRP2mXuWz
OZhti7lFS+FKFJ7Imp2YR0KeprlKbFmoke6JYmD7+7/xefSssUkwKLQlPddR7LYp
HUClBRIedhW4WHFLqB6xS6uFSF4KIk2on5BdH7Br8lMi8nLefi1pYOBYNNsF/O1x
rcNlwnvTMaL+Fd9cok8rR1ssbHMwDPCORB2WTR7Hvxv6PxSyaKppmoQIq9R1c9ri
FyYGqnbAv60yTyH21i2Yx9JHpmlzQ33Eg5WJeI4Mx+CP0nje5WILEymk0rZv6cl+
RFsTJmqglcSkjY0XvFglQpUSBwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKR0A/fs
N3Vbppzvp8dkEU4jopmVMB8GA1UdIwQYMBaAFDcDk7xkYOUtD14CHVUvWBdDPrLn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDVDRi85OEQwQjRGODdC
MUExMUU4OEYzRDBDMTRDNEY5QUUwMi9Od09UdkdSZzVTMFBYZ0lkVlM5WUYwTS1z
dWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL053T1R2R1JnNVMwUFhnSWRWUzlZRjBNLXN1Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEQ1Q0YvOThEMEI0Rjg3QjFBMTFFODhGM0QwQzE0QzRGOUFFMDIvMDgwMkRGQzY3
QjFDMTFFOEJDNzMyQzE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnc2IwDQYJKoZIhvcNAQELBQADggEBAETp1EGPoWRL1OMV
8OpbBmI3eant/q/ebDGYO/0frSklLVBnE4K6x3F8EBcF5x2DS9MbDK+NpYzLsK3j
WHgym36Aq1ViRiFedx49/nXI3ZuMrxRmAppHxdwzCcdEazmblwLfcA3Iuw9SjelQ
tg/AxMsAoRHtD3avBd3Jra5/ZHD+WM0KE4gS7sBuhE+tLOyT8TH87M87j33X9xuR
32WN/Xc7CCVJfMeGtAI2upuG9xcqE+dWv5rqyiBha5e0a0IM9Pkqcj2DJlBsQcso
aTJuZ5tw86IM489oAU5kuiGm3gwU/LCJHac+povmvWOOFpfoBMzIswZq1GNBfkB6
x61jMr0=
-----END CERTIFICATE-----
Generated at Tue Jun 10 09:17:32 2025 by rpki-client