Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B1AB953E745C11EDAA779675C4F9AE02.roa
File:                     B1AB953E745C11EDAA779675C4F9AE02.roa (raw, json)
Hash identifier:          VK80+v1fvaWs50PybQLXCpPrGR7uhWzK/BeVrAj7+s8=
Subject key identifier:   F1:70:4C:01:04:F0:E0:28:25:24:D9:6D:34:69:E1:21:3B:F4:62:B8
Certificate issuer:       /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial:       BA27
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B1AB953E745C11EDAA779675C4F9AE02.roa
Signing time:             Thu 08 May 2025 16:31:15 +0000
ROA not before:           Thu 08 May 2025 16:31:15 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     45954
IP address blocks:        103.7.80.0/22 maxlen: 22
                          103.7.80.0/23 maxlen: 24
                          103.235.68.0/24 maxlen: 24
                          103.235.69.0/24 maxlen: 24
                          103.235.70.0/24 maxlen: 24
                          103.235.71.0/24 maxlen: 24
                          150.107.100.0/22 maxlen: 22
                          150.107.100.0/23 maxlen: 23
                          150.107.101.0/24 maxlen: 24
                          180.150.240.0/24 maxlen: 24
                          223.255.244.0/22 maxlen: 23
                          223.255.244.0/24 maxlen: 24
                          223.255.247.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
                          rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 16 Jun 2025 13:22:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 47655 (0xba27)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
        Validity
            Not Before: May  8 16:31:15 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=681cdc52-50ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:17:e0:5a:7a:b2:8d:41:ff:aa:95:51:3f:4f:
                    64:84:0b:f3:f1:6e:0e:b7:5c:6b:ca:f0:1b:bb:34:
                    1e:cb:0f:b9:94:ee:a1:3f:04:a6:d5:52:5b:68:e0:
                    d2:98:f2:10:11:50:35:fc:f2:3d:b6:45:08:43:89:
                    4f:37:6e:d4:26:58:09:90:e3:5e:ad:d1:2a:ba:b1:
                    dc:f8:7d:2c:75:7b:05:2d:b4:c6:45:b7:89:07:09:
                    2c:57:dd:a5:2f:75:5f:67:9e:f4:f2:75:99:64:e1:
                    4b:a1:9a:5c:a8:55:87:af:c2:5d:05:bb:9d:1c:84:
                    8b:ca:d4:6e:fa:29:59:84:8e:f6:a9:01:37:cf:6d:
                    ee:0a:8e:3c:28:20:b3:1d:ce:b1:7a:21:79:af:85:
                    5d:f4:4d:39:17:0f:4f:70:dc:0f:04:79:22:c3:40:
                    cb:c3:e5:ee:09:86:4b:a1:d9:b4:f8:04:63:31:30:
                    b0:ef:2d:60:b3:7b:fd:42:55:55:90:9e:8f:b7:92:
                    8b:07:b2:3d:93:2f:ce:1f:f5:66:14:ce:cb:d9:89:
                    d0:8f:f6:4d:87:02:f5:75:80:35:7c:a5:39:a8:5a:
                    7e:15:af:fa:f8:38:f1:2e:ba:97:20:10:c8:c8:ce:
                    24:e8:1a:57:90:65:00:4f:74:62:9c:95:7c:26:ec:
                    ac:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:70:4C:01:04:F0:E0:28:25:24:D9:6D:34:69:E1:21:3B:F4:62:B8
            X509v3 Authority Key Identifier:
                keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B1AB953E745C11EDAA779675C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.7.80.0/22
                  103.235.68.0/22
                  150.107.100.0/22
                  180.150.240.0/24
                  223.255.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         34:38:4f:fc:4f:74:20:41:be:d8:3b:c7:69:da:54:58:16:12:
         bc:46:f0:97:af:08:7c:36:5c:66:28:54:02:64:53:a1:0f:22:
         20:69:1c:73:7d:3b:db:ae:d1:da:62:53:c1:cb:5d:66:9d:60:
         37:61:a0:b7:e8:56:83:95:b1:31:76:df:44:50:58:b9:00:ab:
         be:03:a5:cf:77:7d:f7:10:9e:e9:32:dc:cc:74:60:02:8b:84:
         77:76:4b:bd:76:41:68:74:4a:42:d8:70:28:31:27:4d:c9:69:
         93:b8:93:72:56:c6:f0:e4:85:8e:a9:9b:51:85:98:92:78:05:
         52:f8:01:37:67:ed:26:74:2e:dc:8b:ee:af:55:46:0f:09:e4:
         41:1a:9f:8d:ff:ba:e9:b5:54:5d:86:d5:bc:d9:73:f6:d3:55:
         a8:9b:f1:6e:a0:c9:64:c9:74:30:f7:f5:c4:95:e1:b5:c2:98:
         e7:81:28:0a:64:4d:b8:fa:4f:47:ec:48:56:6a:68:9f:ef:6e:
         38:78:fb:ea:e3:b8:88:1b:fa:38:f8:5c:07:44:32:65:fa:19:
         88:85:b3:96:b6:57:ed:86:7c:68:b4:90:15:79:58:9b:d4:11:
         fc:bc:62:46:1a:c8:dc:91:68:cc:2d:69:57:42:2a:51:49:ec:
         db:3e:c9:86
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDALonMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE2MzExNVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2RjNTItNTBjZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUX4Fp6so1B/6qVUT9PZIQL8/FuDrdca8rwG7s0HssPuZTuoT8EptVSW2jg
0pjyEBFQNfzyPbZFCEOJTzdu1CZYCZDjXq3RKrqx3Ph9LHV7BS20xkW3iQcJLFfd
pS91X2ee9PJ1mWThS6GaXKhVh6/CXQW7nRyEi8rUbvopWYSO9qkBN89t7gqOPCgg
sx3OsXohea+FXfRNORcPT3DcDwR5IsNAy8Pl7gmGS6HZtPgEYzEwsO8tYLN7/UJV
VZCej7eSiweyPZMvzh/1ZhTOy9mJ0I/2TYcC9XWANXylOahafhWv+vg48S66lyAQ
yMjOJOgaV5BlAE90YpyVfCbsrPMCAwEAAaOCAq0wggKpMB0GA1UdDgQWBBTxcEwB
BPDgKCUk2W00aeEhO/RiuDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0IxQUI5NTNF
NzQ1QzExRURBQTc3OTY3NUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDcGCCsGAQUFBwEHAQH/
BCgwJjAkBAIAATAeAwQCZwdQAwQCZ+tEAwQClmtkAwQAtJbwAwQC3//0MA0GCSqG
SIb3DQEBCwUAA4IBAQA0OE/8T3QgQb7YO8dp2lRYFhK8RvCXrwh8NlxmKFQCZFOh
DyIgaRxzfTvbrtHaYlPBy11mnWA3YaC36FaDlbExdt9EUFi5AKu+A6XPd333EJ7p
MtzMdGACi4R3dku9dkFodEpC2HAoMSdNyWmTuJNyVsbw5IWOqZtRhZiSeAVS+AE3
Z+0mdC7ci+6vVUYPCeRBGp+N/7rptVRdhtW82XP201Wom/FuoMlkyXQw9/XEleG1
wpjngSgKZE24+k9H7EhWamif7244ePvq47iIG/o4+FwHRDJl+hmIhbOWtlfthnxo
tJAVeVib1BH8vGJGGsjckWjMLWlXQipRSezbPsmG
-----END CERTIFICATE-----
Generated at Tue Jun 10 07:38:42 2025 by rpki-client