Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/49C427709AEF11EC9717F22AC4F9AE02.roa
File:                     49C427709AEF11EC9717F22AC4F9AE02.roa (raw, json)
Hash identifier:          UfUPLF4+86xyeLJQPbyIvVSk49LDrcgNE/ZsBURWLqE=
Subject key identifier:   64:CB:E8:9C:43:5C:07:F2:19:A9:6A:21:92:38:1E:4A:95:09:DD:4A
Certificate issuer:       /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial:       B82D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/49C427709AEF11EC9717F22AC4F9AE02.roa
Signing time:             Thu 08 May 2025 16:23:31 +0000
ROA not before:           Thu 08 May 2025 16:23:31 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     149606
IP address blocks:        103.179.168.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
                          rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 17 Jun 2025 15:22:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 47149 (0xb82d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
        Validity
            Not Before: May  8 16:23:31 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=681cda83-eb8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:59:d7:0a:e0:59:6c:03:80:ce:df:7c:33:4e:
                    01:0f:94:0d:3d:92:47:af:78:48:b9:eb:de:2b:3e:
                    78:f4:ba:e2:ca:53:52:0b:b9:97:11:48:09:c6:37:
                    fd:c2:21:fb:8d:89:bc:52:74:f6:c3:e1:32:e6:12:
                    0f:ce:d1:bc:e3:1e:11:3e:4f:93:22:1b:66:78:7b:
                    9f:0a:5a:d7:68:73:18:54:21:af:42:4c:3e:5f:34:
                    4b:f8:e4:e4:4c:9e:43:97:c3:d6:01:e6:51:a7:07:
                    3d:bf:9f:56:1d:10:3c:8f:39:01:a3:ff:f1:67:c9:
                    94:b5:c9:71:ba:dd:7d:96:ff:d2:a7:6d:9b:eb:5d:
                    ca:92:f5:b9:ea:44:d6:6a:fa:0a:84:dd:63:25:33:
                    04:7e:71:25:8f:79:53:07:6f:0d:db:c6:47:b8:6a:
                    85:30:56:5d:c2:3a:a8:2c:b1:b8:c8:2c:f9:79:68:
                    01:3e:1a:98:e5:32:a5:ba:4a:18:71:2a:58:a3:92:
                    71:fc:5a:f3:61:d9:03:03:cf:43:b2:eb:9e:56:9c:
                    57:ad:9b:f5:99:0a:9e:37:74:24:9e:07:a3:d0:4d:
                    f9:a5:42:44:f8:92:68:45:86:66:f4:e4:a0:15:bc:
                    42:c3:f1:a4:02:90:81:d5:a3:87:25:6d:7b:fd:d0:
                    d3:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:CB:E8:9C:43:5C:07:F2:19:A9:6A:21:92:38:1E:4A:95:09:DD:4A
            X509v3 Authority Key Identifier:
                keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/49C427709AEF11EC9717F22AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.179.168.0/23

    Signature Algorithm: sha256WithRSAEncryption
         37:64:56:0a:ea:f8:6e:cb:d5:9a:35:4a:48:26:41:16:38:83:
         09:a6:19:ff:8a:31:bf:d8:36:32:4e:4e:9a:ca:65:47:67:7c:
         c3:69:3e:50:c1:a5:1c:aa:67:12:ba:d4:66:5e:59:c1:09:16:
         63:f2:9e:76:c7:c3:cf:a6:57:e8:a8:e7:db:8f:8d:38:8d:b6:
         f9:90:dc:7e:73:e6:36:ef:58:e2:b8:14:4b:f3:f4:2c:12:fd:
         93:11:04:e8:3e:63:86:aa:ba:32:38:25:f6:12:58:c3:a1:4b:
         d9:c4:ca:0a:55:51:2e:1e:90:e7:e3:8b:15:15:52:1b:05:63:
         ad:97:ac:90:9c:e5:fe:8c:5d:94:c0:2e:28:1f:06:f6:3c:53:
         63:9b:3c:af:2c:10:eb:d7:cf:bb:a4:58:ae:c0:e5:a8:1c:0d:
         05:45:16:51:7a:b5:e3:db:b2:47:b0:db:ef:2f:96:48:46:97:
         90:e1:40:97:9f:3b:82:4c:07:db:8c:72:77:2e:71:09:05:ec:
         bc:be:db:39:f1:b0:a9:08:fc:8b:1b:e8:49:52:61:a7:d8:55:
         65:fb:3e:df:ec:72:0d:8b:26:13:76:eb:76:03:df:ee:3f:30:
         ef:d0:cb:66:ea:b3:65:5c:a6:f7:6b:4e:2d:49:fe:45:3d:15:
         f7:5f:6b:8b
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDALgtMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE2MjMzMVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2RhODMtZWI4ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBZ1wrgWWwDgM7ffDNOAQ+UDT2SR694SLnr3is+ePS64spTUgu5lxFICcY3
/cIh+42JvFJ09sPhMuYSD87RvOMeET5PkyIbZnh7nwpa12hzGFQhr0JMPl80S/jk
5EyeQ5fD1gHmUacHPb+fVh0QPI85AaP/8WfJlLXJcbrdfZb/0qdtm+tdypL1uepE
1mr6CoTdYyUzBH5xJY95UwdvDdvGR7hqhTBWXcI6qCyxuMgs+XloAT4amOUypbpK
GHEqWKOScfxa82HZAwPPQ7LrnlacV62b9ZkKnjd0JJ4Ho9BN+aVCRPiSaEWGZvTk
oBW8QsPxpAKQgdWjhyVte/3Q0zMCAwEAAaOCApUwggKRMB0GA1UdDgQWBBRky+ic
Q1wH8hmpaiGSOB5KlQndSjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzQ5QzQyNzcw
OUFFRjExRUM5NzE3RjIyQUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQBZ7OoMA0GCSqGSIb3DQEBCwUAA4IBAQA3ZFYK6vhuy9Wa
NUpIJkEWOIMJphn/ijG/2DYyTk6aymVHZ3zDaT5QwaUcqmcSutRmXlnBCRZj8p52
x8PPplfoqOfbj404jbb5kNx+c+Y271jiuBRL8/QsEv2TEQToPmOGqroyOCX2EljD
oUvZxMoKVVEuHpDn44sVFVIbBWOtl6yQnOX+jF2UwC4oHwb2PFNjmzyvLBDr18+7
pFiuwOWoHA0FRRZRerXj27JHsNvvL5ZIRpeQ4UCXnzuCTAfbjHJ3LnEJBey8vts5
8bCpCPyLG+hJUmGn2FVl+z7f7HINiyYTdut2A9/uPzDv0Mtm6rNlXKb3a04tSf5F
PRX3X2uL
-----END CERTIFICATE-----
Generated at Tue Jun 10 17:48:11 2025 by rpki-client