Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/92E79D5C03DC11EBBC0DBC0BC4F9AE02.roa
File:                     92E79D5C03DC11EBBC0DBC0BC4F9AE02.roa (raw, json)
Hash identifier:          E5vRfEH5E/h66qLxvyj70quGBEGLdeUxGVeDBcXammI=
Subject key identifier:   8B:DC:3F:81:3E:84:6C:D8:AD:6F:9B:56:4D:6A:E5:DE:49:7E:12:C9
Certificate issuer:       /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial:       B12C
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/92E79D5C03DC11EBBC0DBC0BC4F9AE02.roa
Signing time:             Thu 08 May 2025 15:56:08 +0000
ROA not before:           Thu 08 May 2025 15:56:08 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     132137
IP address blocks:        45.112.0.0/22 maxlen: 24
                          45.123.92.0/22 maxlen: 24
                          45.252.68.0/22 maxlen: 24
                          103.1.48.0/23 maxlen: 24
                          103.36.44.0/22 maxlen: 24
                          103.51.72.0/22 maxlen: 24
                          103.74.196.0/22 maxlen: 24
                          103.75.28.0/22 maxlen: 24
                          103.135.200.0/24 maxlen: 24
                          103.135.201.0/24 maxlen: 24
                          103.135.202.0/24 maxlen: 24
                          103.135.203.0/24 maxlen: 24
                          103.162.162.0/23 maxlen: 24
                          103.221.68.0/22 maxlen: 24
                          103.246.240.0/22 maxlen: 24
                          110.44.100.0/22 maxlen: 24
                          111.125.244.0/24 maxlen: 24
                          113.30.216.0/22 maxlen: 24
                          183.87.192.0/24 maxlen: 24
                          183.87.240.0/21 maxlen: 24
                          183.87.248.0/23 maxlen: 24
                          2401:e500::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
                          rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 16 Jun 2025 08:26:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 45356 (0xb12c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
        Validity
            Not Before: May  8 15:56:08 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=681cd417-016f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:4b:a1:59:9e:65:15:98:71:5c:c5:69:ea:98:
                    30:22:4a:3d:4b:6c:87:49:28:93:23:6a:02:2a:bc:
                    4d:1f:b0:be:3e:d8:29:0d:d2:82:99:aa:b5:3b:c3:
                    a8:0f:31:4b:38:30:ec:c5:8d:70:2c:6e:01:82:60:
                    a9:0c:d5:8a:f6:52:07:54:a7:1c:12:e5:88:35:13:
                    27:a1:a7:76:30:8f:65:2b:64:d3:97:2f:5c:6d:4b:
                    63:16:1b:0a:a4:88:5d:0a:34:73:ca:7f:64:e6:d6:
                    89:05:8d:c2:0f:e8:9a:46:a0:a1:b0:2d:e8:bd:be:
                    93:b3:e5:d3:68:fd:a8:b2:c5:1d:3b:e3:aa:be:69:
                    f5:4c:18:42:8a:1c:89:d5:da:99:2f:60:b7:ab:fd:
                    fe:a0:05:26:f9:01:bd:c9:8e:28:ec:a0:79:09:0e:
                    45:d3:e7:45:94:b8:59:48:31:07:c6:d0:d6:9b:7d:
                    19:87:b5:e7:53:9f:d0:9f:19:33:f8:8c:72:c4:d4:
                    05:2d:b1:1c:22:94:c6:f1:0e:32:d2:ed:08:30:9b:
                    48:d5:41:20:30:2b:13:8d:13:3e:3e:ce:b3:34:0c:
                    1b:d6:53:d8:9c:f6:3f:32:36:62:18:8e:8c:f3:6a:
                    c0:72:b2:f9:7b:0a:d6:15:df:d0:31:57:e4:2d:c5:
                    e6:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:DC:3F:81:3E:84:6C:D8:AD:6F:9B:56:4D:6A:E5:DE:49:7E:12:C9
            X509v3 Authority Key Identifier:
                keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/92E79D5C03DC11EBBC0DBC0BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.112.0.0/22
                  45.123.92.0/22
                  45.252.68.0/22
                  103.1.48.0/23
                  103.36.44.0/22
                  103.51.72.0/22
                  103.74.196.0/22
                  103.75.28.0/22
                  103.135.200.0/22
                  103.162.162.0/23
                  103.221.68.0/22
                  103.246.240.0/22
                  110.44.100.0/22
                  111.125.244.0/24
                  113.30.216.0/22
                  183.87.192.0/24
                  183.87.240.0-183.87.249.255
                IPv6:
                  2401:e500::/32

    Signature Algorithm: sha256WithRSAEncryption
         4b:f6:fe:e8:bd:d7:09:6a:4a:a4:c0:c0:33:ee:cb:71:cb:ea:
         77:9f:f8:5d:54:7e:72:12:a0:b9:49:d4:dd:a2:8c:d2:97:0c:
         65:52:86:c4:20:54:63:47:ed:88:00:d4:20:b6:f0:4a:c8:ee:
         2f:b3:9b:b4:86:95:22:d8:67:67:02:00:04:9d:1e:9a:aa:1f:
         53:3d:0f:d5:2c:a7:f6:7f:66:c0:3d:8e:c6:72:01:10:d8:dd:
         26:2f:96:be:9b:62:7a:4f:1d:b5:51:08:00:f2:b8:0c:ee:7a:
         a1:da:02:4d:38:53:86:34:e4:9f:78:50:10:eb:a3:51:3d:c0:
         d3:30:60:69:7a:af:1e:59:ee:85:70:26:22:20:89:c3:b3:81:
         76:71:20:31:fc:77:6a:97:45:3a:66:7e:64:47:55:90:25:b1:
         8f:6e:bb:2a:d7:09:03:d9:b4:ce:21:33:1e:14:c9:bc:b6:9e:
         63:f1:71:1c:f6:61:1a:2a:a7:66:e4:9f:a5:ce:b8:ae:2c:93:
         57:20:3a:50:cb:cd:f1:9a:1e:d6:fb:6e:94:a2:8c:db:3c:15:
         7b:cf:ba:7b:f8:91:38:73:12:01:be:d0:eb:53:2a:9e:d6:b4:
         64:ca:0e:f3:49:a6:12:cd:57:9c:64:d0:67:16:43:29:89:8f:
         df:b2:1f:d9
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgIDALEsMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE1NTYwOFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2Q0MTctMDE2ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9LoVmeZRWYcVzFaeqYMCJKPUtsh0kokyNqAiq8TR+wvj7YKQ3SgpmqtTvD
qA8xSzgw7MWNcCxuAYJgqQzVivZSB1SnHBLliDUTJ6GndjCPZStk05cvXG1LYxYb
CqSIXQo0c8p/ZObWiQWNwg/omkagobAt6L2+k7Pl02j9qLLFHTvjqr5p9UwYQooc
idXamS9gt6v9/qAFJvkBvcmOKOygeQkORdPnRZS4WUgxB8bQ1pt9GYe151Of0J8Z
M/iMcsTUBS2xHCKUxvEOMtLtCDCbSNVBIDArE40TPj7OszQMG9ZT2Jz2PzI2YhiO
jPNqwHKy+XsK1hXf0DFX5C3F5kUCAwEAAaOCAw8wggMLMB0GA1UdDgQWBBSL3D+B
PoRs2K1vm1ZNauXeSX4SyTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzkyRTc5RDVD
MDNEQzExRUJCQzBEQkMwQkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGYBggrBgEFBQcBBwEB
/wSBiDCBhTB0BAIAATBuAwQCLXAAAwQCLXtcAwQCLfxEAwQBZwEwAwQCZyQsAwQC
ZzNIAwQCZ0rEAwQCZ0scAwQCZ4fIAwQBZ6KiAwQCZ91EAwQCZ/bwAwQCbixkAwQA
b330AwQCcR7YAwQAt1fAMAwDBAS3V/ADBAG3V/gwDQQCAAIwBwMFACQB5QAwDQYJ
KoZIhvcNAQELBQADggEBAEv2/ui91wlqSqTAwDPuy3HL6nef+F1UfnISoLlJ1N2i
jNKXDGVShsQgVGNH7YgA1CC28ErI7i+zm7SGlSLYZ2cCAASdHpqqH1M9D9Usp/Z/
ZsA9jsZyARDY3SYvlr6bYnpPHbVRCADyuAzueqHaAk04U4Y05J94UBDro1E9wNMw
YGl6rx5Z7oVwJiIgicOzgXZxIDH8d2qXRTpmfmRHVZAlsY9uuyrXCQPZtM4hMx4U
yby2nmPxcRz2YRoqp2bkn6XOuK4sk1cgOlDLzfGaHtb7bpSijNs8FXvPunv4kThz
EgG+0OtTKp7WtGTKDvNJphLNV5xk0GcWQymJj9+yH9k=
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:22:14 2025 by rpki-client