Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/63F5D1BE104B11F0B006D834C4F9AE02.roa
File:                     63F5D1BE104B11F0B006D834C4F9AE02.roa (raw, json)
Hash identifier:          Q83TRrwvFKahh2nW7UB9SzTxJsr1snrtxpezizdKUMg=
Subject key identifier:   58:D3:D0:80:2E:FB:3D:1C:F3:46:0B:98:79:6D:62:21:C3:A6:1B:1A
Certificate issuer:       /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial:       B21A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/63F5D1BE104B11F0B006D834C4F9AE02.roa
Signing time:             Thu 08 May 2025 15:59:49 +0000
ROA not before:           Thu 08 May 2025 15:59:49 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     133976
IP address blocks:        163.223.102.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
                          rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 16 Jun 2025 13:22:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 45594 (0xb21a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
        Validity
            Not Before: May  8 15:59:49 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=681cd4f5-0956
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:15:45:28:4f:92:5a:26:fe:1f:0e:04:83:15:
                    09:67:e6:2c:34:72:59:f1:06:f0:a9:a4:56:f1:32:
                    cc:bb:92:9e:4b:04:e1:09:7a:4f:00:cc:24:aa:ad:
                    2a:1f:f0:aa:21:27:60:77:44:76:27:33:64:19:98:
                    2d:2f:01:34:8d:6e:c5:cf:40:aa:1a:37:17:d4:67:
                    66:12:3b:d8:06:4b:5f:24:c1:c1:76:f7:4b:c2:51:
                    e3:1e:ac:40:5c:d7:09:73:d3:bd:5e:60:e3:e0:66:
                    7a:47:df:93:06:e6:b0:8e:4c:6d:78:80:b7:65:e9:
                    75:2c:68:41:07:4e:c4:4e:a4:44:38:48:c6:79:28:
                    c8:a5:24:44:7f:7e:ba:71:ac:f1:f7:68:2b:18:e5:
                    6b:b3:5e:9e:2a:0b:01:9d:c1:19:e8:08:82:73:19:
                    d9:96:0c:e2:c5:d9:92:71:2c:f2:f6:3d:40:d3:d8:
                    7b:57:24:65:d9:df:5b:52:2b:c1:ff:b8:d1:92:a9:
                    5f:2e:97:3b:bb:b3:5d:ea:04:01:15:51:d7:bb:cf:
                    3a:04:5f:e4:7e:fe:b5:32:86:a7:50:06:db:50:ab:
                    cb:89:bc:71:f8:f2:21:10:63:76:5d:2e:38:89:8f:
                    bd:3d:e2:60:65:e9:8b:4a:66:c7:b0:87:96:6f:39:
                    9f:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:D3:D0:80:2E:FB:3D:1C:F3:46:0B:98:79:6D:62:21:C3:A6:1B:1A
            X509v3 Authority Key Identifier:
                keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/63F5D1BE104B11F0B006D834C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.223.102.0/23

    Signature Algorithm: sha256WithRSAEncryption
         09:e8:49:77:06:03:58:d3:8f:bc:16:89:e7:08:ef:ad:cb:05:
         ec:b5:e3:91:5e:41:fa:80:2a:f2:cc:26:cf:bd:4d:32:27:92:
         36:d0:85:fe:e3:23:bc:91:be:57:9d:71:a9:2b:c9:90:7b:5b:
         74:ac:05:ad:ff:71:5a:76:9a:10:d8:ef:a5:63:a6:2e:6e:34:
         78:92:ea:71:41:91:fd:f3:d6:fc:22:7c:a2:64:5a:6f:15:2c:
         f1:4c:0b:bc:02:50:16:d1:e6:d1:01:c4:40:30:3b:4e:3e:88:
         cd:d2:cc:2e:32:f3:71:78:fb:dd:a6:de:f7:79:ff:48:23:41:
         e5:ec:f8:04:f9:80:fd:c8:cf:3e:a2:99:c5:e6:a7:84:da:b8:
         e4:4f:80:2b:4f:a0:6d:10:26:5d:07:af:cf:ed:43:76:14:88:
         18:d3:b2:e1:6b:0e:21:9c:26:62:93:67:8e:bf:54:d4:f1:f2:
         fa:76:58:00:97:ab:3a:6e:dc:1a:18:5c:24:89:7c:9a:fc:48:
         53:2f:e2:d8:68:ee:71:ef:64:f0:7c:f9:23:af:2a:33:a1:f1:
         f6:b6:cb:54:c2:fe:4d:56:e8:81:e8:9d:7b:17:d6:75:ac:55:
         ca:f8:0b:73:32:d0:f7:f0:45:de:a6:6c:be:7c:8f:72:1e:c9:
         83:dd:df:c6
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDALIaMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE1NTk0OVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2Q0ZjUtMDk1NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKoVRShPklom/h8OBIMVCWfmLDRyWfEG8KmkVvEyzLuSnksE4Ql6TwDMJKqt
Kh/wqiEnYHdEdiczZBmYLS8BNI1uxc9Aqho3F9RnZhI72AZLXyTBwXb3S8JR4x6s
QFzXCXPTvV5g4+BmekffkwbmsI5MbXiAt2XpdSxoQQdOxE6kRDhIxnkoyKUkRH9+
unGs8fdoKxjla7NenioLAZ3BGegIgnMZ2ZYM4sXZknEs8vY9QNPYe1ckZdnfW1Ir
wf+40ZKpXy6XO7uzXeoEARVR17vPOgRf5H7+tTKGp1AG21Cry4m8cfjyIRBjdl0u
OImPvT3iYGXpi0pmx7CHlm85n1MCAwEAAaOCApUwggKRMB0GA1UdDgQWBBRY09CA
Lvs9HPNGC5h5bWIhw6YbGjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzYzRjVEMUJF
MTA0QjExRjBCMDA2RDgzNEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQBo99mMA0GCSqGSIb3DQEBCwUAA4IBAQAJ6El3BgNY04+8
FonnCO+tywXsteORXkH6gCryzCbPvU0yJ5I20IX+4yO8kb5XnXGpK8mQe1t0rAWt
/3FadpoQ2O+lY6YubjR4kupxQZH989b8InyiZFpvFSzxTAu8AlAW0ebRAcRAMDtO
PojN0swuMvNxePvdpt73ef9II0Hl7PgE+YD9yM8+opnF5qeE2rjkT4ArT6BtECZd
B6/P7UN2FIgY07Lhaw4hnCZik2eOv1TU8fL6dlgAl6s6btwaGFwkiXya/EhTL+LY
aO5x72TwfPkjryozofH2tstUwv5NVuiB6J17F9Z1rFXK+AtzMtD38EXepmy+fI9y
HsmD3d/G
-----END CERTIFICATE-----
Generated at Tue Jun 10 02:01:03 2025 by rpki-client