Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/317841BAE79511EAA3AE7153C4F9AE02.roa
File:                     317841BAE79511EAA3AE7153C4F9AE02.roa (raw, json)
Hash identifier:          O7foL5Kc2TJ7DoSfnKHVYn3x8XCibBdyqwBdw/UDuFw=
Subject key identifier:   26:B3:3E:B3:5F:57:99:21:B8:EB:3E:F2:E9:9C:A9:CF:61:A5:C5:C9
Certificate issuer:       /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial:       B5E1
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/317841BAE79511EAA3AE7153C4F9AE02.roa
Signing time:             Thu 08 May 2025 16:14:42 +0000
ROA not before:           Thu 08 May 2025 16:14:42 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     140186
IP address blocks:        103.152.181.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
                          rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 17 Jun 2025 15:22:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 46561 (0xb5e1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
        Validity
            Not Before: May  8 16:14:42 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=681cd872-695b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:3f:2a:1a:9c:61:14:15:60:0d:b3:99:be:5a:
                    87:e5:45:78:e4:8b:61:ac:7f:bb:1e:ba:cf:29:e2:
                    d6:0f:65:87:c5:a6:b3:84:8a:4f:91:24:10:0d:7f:
                    b0:4d:92:d4:a1:e1:ad:c8:e1:fe:c1:5c:65:f4:d5:
                    db:6d:21:cc:fa:c2:cc:3f:1e:e8:8f:ee:9c:37:cb:
                    bd:69:11:95:fc:a8:1a:fa:c6:42:57:77:bf:8f:5c:
                    ca:22:9a:0e:1a:9b:d8:d0:a4:13:85:db:b6:cd:74:
                    b3:0d:f1:6f:bd:15:52:c6:64:24:09:43:99:41:cd:
                    98:b4:4c:98:97:07:66:88:e8:b7:11:6a:62:ef:8e:
                    82:b1:6a:4e:aa:a4:bd:52:56:b3:80:9d:6b:9f:23:
                    50:32:14:cd:77:83:a0:4b:b1:3b:55:34:94:45:fb:
                    70:f5:9a:12:70:2a:69:82:b2:86:f1:d3:8e:46:38:
                    42:7b:02:df:49:c8:b2:66:76:21:68:af:60:e3:cc:
                    0b:5a:55:20:16:ff:15:69:5a:33:30:44:9d:db:4b:
                    d0:59:8e:d0:12:31:cf:31:c9:0f:d5:7a:44:51:98:
                    92:bc:74:0d:d6:d9:13:22:7b:58:49:02:9d:21:1d:
                    30:25:b0:8d:c4:f8:11:d0:63:5f:59:c8:47:78:47:
                    ce:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:B3:3E:B3:5F:57:99:21:B8:EB:3E:F2:E9:9C:A9:CF:61:A5:C5:C9
            X509v3 Authority Key Identifier:
                keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/317841BAE79511EAA3AE7153C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.152.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:43:b1:fa:d8:06:fe:e1:bb:eb:98:f8:a2:f6:07:9a:fc:98:
         dd:e1:6d:13:5a:c7:ab:50:f0:47:5c:5e:e8:19:cc:9d:1c:1a:
         74:f9:6f:21:68:52:69:2b:75:57:46:86:54:6a:d0:d4:d4:4c:
         97:9b:98:92:8b:0d:1b:c5:cb:7c:c2:7f:7a:67:04:4f:35:d0:
         b6:dc:73:f9:49:22:50:1d:81:09:d1:2d:f4:b4:ba:19:fa:f5:
         59:dc:80:e0:d0:c6:f2:08:a0:4c:90:61:af:72:c9:7a:db:25:
         77:57:59:5f:7a:a9:e9:df:93:61:39:78:65:2d:96:49:5d:f3:
         94:d3:b8:8f:8f:c0:02:2c:2d:4b:fe:10:68:48:5b:a7:e5:99:
         41:66:46:41:14:bc:7f:76:74:97:d5:b6:ba:9f:ba:52:7e:64:
         72:dd:53:37:2b:d0:78:b0:66:08:11:30:25:1b:19:dd:c4:6c:
         de:d3:16:b7:72:cb:40:08:1b:a2:85:94:fe:fb:a7:0f:5b:f6:
         a4:5f:4e:ca:b6:e4:47:7d:29:88:48:76:a9:7f:18:71:ef:9d:
         76:12:b7:e0:87:2c:63:08:19:d1:58:d5:12:25:94:64:61:19:
         2c:ff:d2:c2:aa:ab:9c:29:a0:96:e3:fa:27:a1:cc:76:2b:46:
         6c:cd:c4:f7
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDALXhMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE2MTQ0MloXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2Q4NzItNjk1YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMA/KhqcYRQVYA2zmb5ah+VFeOSLYax/ux66zyni1g9lh8Wms4SKT5EkEA1/
sE2S1KHhrcjh/sFcZfTV220hzPrCzD8e6I/unDfLvWkRlfyoGvrGQld3v49cyiKa
Dhqb2NCkE4Xbts10sw3xb70VUsZkJAlDmUHNmLRMmJcHZojotxFqYu+OgrFqTqqk
vVJWs4Cda58jUDIUzXeDoEuxO1U0lEX7cPWaEnAqaYKyhvHTjkY4QnsC30nIsmZ2
IWivYOPMC1pVIBb/FWlaMzBEndtL0FmO0BIxzzHJD9V6RFGYkrx0DdbZEyJ7WEkC
nSEdMCWwjcT4EdBjX1nIR3hHzhECAwEAAaOCApUwggKRMB0GA1UdDgQWBBQmsz6z
X1eZIbjrPvLpnKnPYaXFyTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzMxNzg0MUJB
RTc5NTExRUFBM0FFNzE1M0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQAZ5i1MA0GCSqGSIb3DQEBCwUAA4IBAQCOQ7H62Ab+4bvr
mPii9gea/Jjd4W0TWserUPBHXF7oGcydHBp0+W8haFJpK3VXRoZUatDU1EyXm5iS
iw0bxct8wn96ZwRPNdC23HP5SSJQHYEJ0S30tLoZ+vVZ3IDg0MbyCKBMkGGvcsl6
2yV3V1lfeqnp35NhOXhlLZZJXfOU07iPj8ACLC1L/hBoSFun5ZlBZkZBFLx/dnSX
1ba6n7pSfmRy3VM3K9B4sGYIETAlGxndxGze0xa3cstACBuihZT++6cPW/akX07K
tuRHfSmISHapfxhx7512ErfghyxjCBnRWNUSJZRkYRks/9LCqqucKaCW4/onocx2
K0ZszcT3
-----END CERTIFICATE-----
Generated at Tue Jun 10 17:49:07 2025 by rpki-client