Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5878F740672C11EEA565DE10C4F9AE02.roa
File:                     5878F740672C11EEA565DE10C4F9AE02.roa (raw, json)
Hash identifier:          x4o2ZTlzfxFCnIipU2rwbztP2H8AwGOFIspmC5KNfOc=
Subject key identifier:   03:A3:7B:62:3A:79:2D:37:C0:D5:59:6D:9D:C3:A8:B8:43:DA:CB:CD
Certificate issuer:       /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial:       B960
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5878F740672C11EEA565DE10C4F9AE02.roa
Signing time:             Thu 08 May 2025 16:28:13 +0000
ROA not before:           Thu 08 May 2025 16:28:13 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     151773
IP address blocks:        103.241.196.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
                          rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 16 Jun 2025 13:22:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 47456 (0xb960)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
        Validity
            Not Before: May  8 16:28:13 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=681cdb9d-12e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:40:c5:a9:07:81:ab:6c:dd:ed:6f:c4:ca:cc:
                    d6:ce:18:b1:ac:63:db:ac:f3:4f:9a:4a:d5:25:48:
                    b2:e4:74:45:51:10:53:b0:af:3e:2b:64:b8:d3:74:
                    09:dc:56:4d:d1:43:5a:d1:32:1c:3d:c1:c7:fa:7d:
                    9c:12:e1:c1:ce:9d:58:f8:4e:a3:90:c1:bb:cb:dc:
                    8b:ec:98:e1:a4:38:b5:cf:72:f1:cd:7d:31:3a:c5:
                    14:e8:c3:d2:32:df:0c:95:b5:d5:ef:36:e3:c1:a3:
                    1c:4d:ae:eb:5b:25:15:1c:d2:81:06:d2:ca:db:b1:
                    d5:72:23:8a:c2:1a:e0:97:13:ef:b1:50:d3:0d:05:
                    78:ea:6e:d0:9b:f9:08:f5:16:73:1a:5e:0e:81:ad:
                    bf:c4:eb:94:ec:5e:59:35:37:a7:30:89:4e:bd:cf:
                    ae:4a:92:57:3c:2d:a7:00:41:ff:c1:24:67:0e:af:
                    3b:a5:02:95:3c:69:08:71:fa:d2:00:36:1e:d0:85:
                    a8:0d:a4:d8:71:03:05:5e:9c:2d:f0:9c:ff:4e:7a:
                    9d:4c:14:72:c5:57:65:fb:68:70:3b:df:1c:53:e2:
                    60:bf:be:6a:e3:c0:17:4f:d8:50:1b:03:e2:e8:1a:
                    d0:c2:9c:ab:12:20:f2:63:53:1d:44:46:ee:9e:00:
                    7c:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:A3:7B:62:3A:79:2D:37:C0:D5:59:6D:9D:C3:A8:B8:43:DA:CB:CD
            X509v3 Authority Key Identifier:
                keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5878F740672C11EEA565DE10C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.241.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:51:c5:57:25:ae:ca:44:e1:fe:e2:4e:61:cb:bf:16:1f:f4:
         be:5f:58:0b:87:24:5d:18:41:2b:95:8d:9f:8e:d3:aa:63:b7:
         28:7a:b1:ea:6a:17:b8:8c:e1:c6:fd:ed:00:9e:fc:e0:f3:14:
         de:94:54:5a:74:12:be:19:4f:da:ff:7f:8a:ed:5e:dd:a8:cf:
         7c:a9:76:8d:39:a6:a2:d8:f1:6d:ad:9c:c1:68:3d:3b:e4:ac:
         55:90:1f:37:4e:9e:d1:0f:fb:31:07:43:0b:94:0c:81:b6:b8:
         85:85:53:95:5b:73:ac:ab:49:92:37:06:63:93:e2:ea:bf:7f:
         c7:05:ed:53:ae:86:dd:f1:51:25:8a:a5:72:46:d5:2d:a3:ec:
         ae:a1:cd:a7:24:e9:fe:43:6d:c3:3e:c0:e1:29:be:d4:c7:b8:
         dc:25:71:eb:86:19:b8:c9:7c:af:a8:a2:9a:e7:90:95:1e:6f:
         82:85:0f:21:fd:31:cb:bc:26:05:cb:b8:af:d6:53:e6:f0:0e:
         b1:a2:96:0f:85:5b:45:27:a8:47:ed:0d:b7:eb:16:e6:b7:e5:
         f6:a2:96:be:6f:8f:98:ef:c8:26:4a:f3:33:da:f2:df:c7:3f:
         b8:69:8f:72:59:81:4e:10:27:60:a5:fa:a5:66:29:55:ab:96:
         2f:da:72:37
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDALlgMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE2MjgxM1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2RiOWQtMTJlMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9AxakHgats3e1vxMrM1s4Ysaxj26zzT5pK1SVIsuR0RVEQU7CvPitkuNN0
CdxWTdFDWtEyHD3Bx/p9nBLhwc6dWPhOo5DBu8vci+yY4aQ4tc9y8c19MTrFFOjD
0jLfDJW11e8248GjHE2u61slFRzSgQbSytux1XIjisIa4JcT77FQ0w0FeOpu0Jv5
CPUWcxpeDoGtv8TrlOxeWTU3pzCJTr3PrkqSVzwtpwBB/8EkZw6vO6UClTxpCHH6
0gA2HtCFqA2k2HEDBV6cLfCc/056nUwUcsVXZftocDvfHFPiYL++auPAF0/YUBsD
4uga0MKcqxIg8mNTHURG7p4AfMcCAwEAAaOCApUwggKRMB0GA1UdDgQWBBQDo3ti
OnktN8DVWW2dw6i4Q9rLzTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzU4NzhGNzQw
NjcyQzExRUVBNTY1REUxMEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQAZ/HEMA0GCSqGSIb3DQEBCwUAA4IBAQCkUcVXJa7KROH+
4k5hy78WH/S+X1gLhyRdGEErlY2fjtOqY7coerHqahe4jOHG/e0Anvzg8xTelFRa
dBK+GU/a/3+K7V7dqM98qXaNOaai2PFtrZzBaD075KxVkB83Tp7RD/sxB0MLlAyB
triFhVOVW3Osq0mSNwZjk+Lqv3/HBe1Trobd8VEliqVyRtUto+yuoc2nJOn+Q23D
PsDhKb7Ux7jcJXHrhhm4yXyvqKKa55CVHm+ChQ8h/THLvCYFy7iv1lPm8A6xopYP
hVtFJ6hH7Q236xbmt+X2opa+b4+Y78gmSvMz2vLfxz+4aY9yWYFOECdgpfqlZilV
q5Yv2nI3
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:50:37 2025 by rpki-client