Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9A431410948F11ECBDE81D52C4F9AE02.roa
File:                     9A431410948F11ECBDE81D52C4F9AE02.roa (raw, json)
Hash identifier:          5QxCtofgIGV5nieKNx4nr1EF96XXEDK92Akbch3KQQ8=
Subject key identifier:   76:AD:31:52:06:10:83:72:A3:48:DF:E6:93:01:04:7C:5E:BC:ED:46
Certificate issuer:       /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial:       B3E5
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9A431410948F11ECBDE81D52C4F9AE02.roa
Signing time:             Thu 08 May 2025 16:06:57 +0000
ROA not before:           Thu 08 May 2025 16:06:57 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     136351
IP address blocks:        103.179.147.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
                          rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 17 Jun 2025 15:22:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 46053 (0xb3e5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
        Validity
            Not Before: May  8 16:06:57 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=681cd6a1-fd33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:36:f8:2e:97:c4:d7:c6:14:a1:dc:39:b8:ae:
                    6c:11:c1:e2:34:21:c9:8b:e9:a5:cc:8d:c9:cc:2a:
                    55:e5:fc:2c:c1:90:00:58:dd:f0:92:56:0e:4b:5f:
                    08:87:05:33:51:8f:02:a3:c4:0b:e5:c7:7d:66:2c:
                    80:2f:d8:c5:38:a5:2a:8b:55:49:0b:a7:29:6a:a6:
                    84:6b:1d:a2:be:c2:4f:36:22:52:e3:bb:7c:f1:e4:
                    c3:ec:26:78:16:e6:8b:55:fd:f4:11:1f:85:5d:ed:
                    d4:c6:35:b6:8a:44:9b:a9:e3:da:db:ea:f8:21:e1:
                    4c:42:49:69:1a:3a:55:5f:02:84:1b:db:92:a3:f6:
                    72:a4:61:fc:25:01:3c:60:08:48:cd:58:02:c3:0c:
                    a6:cd:c6:b0:67:bc:39:c1:32:0c:08:cf:1f:2f:f7:
                    5c:7b:f1:fd:da:20:d7:b9:65:1d:99:6d:75:89:af:
                    39:b1:b7:a9:9b:dd:a7:11:27:70:ed:1a:37:35:d9:
                    36:6b:90:71:3d:f0:01:8d:1a:6b:c5:ec:9d:f8:12:
                    a2:23:c9:e2:79:08:47:fd:58:80:7d:ad:5d:ca:e5:
                    2c:4a:e1:20:d6:44:63:e6:d6:15:89:72:76:0e:5b:
                    af:a2:a1:3e:df:9d:34:46:02:dc:57:fd:4b:3c:cb:
                    6d:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:AD:31:52:06:10:83:72:A3:48:DF:E6:93:01:04:7C:5E:BC:ED:46
            X509v3 Authority Key Identifier:
                keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9A431410948F11ECBDE81D52C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.179.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:14:45:a3:32:b2:d0:eb:94:55:8e:6c:9e:65:e2:b7:d4:95:
         14:5c:f2:c9:c5:01:63:03:d7:e2:83:a8:a8:24:69:8a:48:89:
         73:a7:cd:b1:3e:71:33:ef:cb:8b:7f:c4:83:1a:f2:3e:df:5f:
         29:ff:79:29:85:1e:a7:eb:87:05:5e:38:aa:7d:80:97:fd:f3:
         49:56:f4:29:18:51:91:1d:f3:1f:1c:cc:50:04:b5:e3:f2:c5:
         75:39:62:28:00:cc:a4:42:81:19:a7:0f:16:c9:7c:6f:6a:10:
         a1:d8:09:80:8f:81:45:2d:0f:04:5f:1d:41:4c:8a:f5:2d:11:
         ba:58:15:4a:f2:01:c0:c8:7c:e4:dd:35:99:26:6e:f7:66:93:
         b2:bb:19:e9:d1:00:55:17:9e:6d:11:28:40:34:09:b3:10:8a:
         24:b0:28:20:3f:9a:04:25:69:66:ac:1b:3b:f6:3c:a9:86:77:
         de:84:22:47:d1:72:cf:cb:42:12:9d:2d:98:bc:eb:e1:a7:a4:
         19:e3:20:f0:0c:63:56:d7:8d:04:4d:72:48:a1:2f:20:da:f6:
         a7:0f:e2:98:5d:83:0f:4b:97:56:6d:7d:89:f9:eb:79:1f:3d:
         14:a2:64:90:29:82:59:fa:50:98:60:f4:43:3b:a8:ad:85:84:
         b9:41:f3:cd
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDALPlMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE2MDY1N1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2Q2YTEtZmQzMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK82+C6XxNfGFKHcObiubBHB4jQhyYvppcyNycwqVeX8LMGQAFjd8JJWDktf
CIcFM1GPAqPEC+XHfWYsgC/YxTilKotVSQunKWqmhGsdor7CTzYiUuO7fPHkw+wm
eBbmi1X99BEfhV3t1MY1topEm6nj2tvq+CHhTEJJaRo6VV8ChBvbkqP2cqRh/CUB
PGAISM1YAsMMps3GsGe8OcEyDAjPHy/3XHvx/dog17llHZltdYmvObG3qZvdpxEn
cO0aNzXZNmuQcT3wAY0aa8XsnfgSoiPJ4nkIR/1YgH2tXcrlLErhINZEY+bWFYly
dg5br6KhPt+dNEYC3Ff9SzzLbdkCAwEAAaOCApUwggKRMB0GA1UdDgQWBBR2rTFS
BhCDcqNI3+aTAQR8XrztRjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzlBNDMxNDEw
OTQ4RjExRUNCREU4MUQ1MkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQAZ7OTMA0GCSqGSIb3DQEBCwUAA4IBAQBTFEWjMrLQ65RV
jmyeZeK31JUUXPLJxQFjA9fig6ioJGmKSIlzp82xPnEz78uLf8SDGvI+318p/3kp
hR6n64cFXjiqfYCX/fNJVvQpGFGRHfMfHMxQBLXj8sV1OWIoAMykQoEZpw8WyXxv
ahCh2AmAj4FFLQ8EXx1BTIr1LRG6WBVK8gHAyHzk3TWZJm73ZpOyuxnp0QBVF55t
EShANAmzEIoksCggP5oEJWlmrBs79jyphnfehCJH0XLPy0ISnS2YvOvhp6QZ4yDw
DGNW140ETXJIoS8g2vanD+KYXYMPS5dWbX2J+et5Hz0UomSQKYJZ+lCYYPRDO6it
hYS5QfPN
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:50:17 2025 by rpki-client