Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DAC8B8425A2011EF957B0E79C4F9AE02.roa
File:                     DAC8B8425A2011EF957B0E79C4F9AE02.roa (raw, json)
Hash identifier:          fHNBiJhRV/XrlC+CygYxusNDKcR4rw3gt3OZQy2zfXg=
Subject key identifier:   2B:DA:61:86:69:B6:16:F6:B8:0F:48:CF:2D:18:1A:16:2B:E1:D3:C0
Certificate issuer:       /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial:       B422
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DAC8B8425A2011EF957B0E79C4F9AE02.roa
Signing time:             Thu 08 May 2025 16:07:52 +0000
ROA not before:           Thu 08 May 2025 16:07:52 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     136675
IP address blocks:        103.103.172.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
                          rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 17 Jun 2025 15:22:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 46114 (0xb422)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
        Validity
            Not Before: May  8 16:07:52 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=681cd6d8-8782
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:f0:2c:75:7d:fb:3c:c8:5c:51:b7:c1:d0:c1:
                    3e:48:73:d7:a2:1e:f1:b0:3b:1e:1f:ca:ef:d9:fc:
                    a3:cd:e5:8c:4b:05:b1:62:06:2f:a7:a0:2c:df:63:
                    6f:3d:a6:b8:39:97:10:99:ca:bf:0e:84:66:f4:91:
                    04:da:b2:7a:77:14:87:f2:06:e0:7c:68:4e:ce:84:
                    fb:08:a9:44:ed:fc:a5:18:53:3d:2d:d8:7b:75:e0:
                    83:6b:7a:14:8d:33:77:d8:b4:22:7b:45:f4:aa:16:
                    90:70:cf:67:b6:ca:0a:5f:c7:3b:80:fa:41:dc:f9:
                    85:59:d9:e7:26:eb:63:47:b5:51:58:c8:8a:d1:72:
                    63:a7:9d:d4:52:48:b8:0e:ef:74:f5:90:73:0d:fd:
                    37:d5:69:a3:4e:d3:9b:32:59:d9:c9:62:fb:a5:db:
                    c3:1c:70:b9:44:a6:94:d8:6d:55:2a:59:0a:78:d6:
                    e4:8f:20:23:93:63:46:88:1c:23:7a:fc:da:ad:10:
                    e6:9e:d3:f4:15:00:04:10:27:86:2b:eb:fd:55:9a:
                    e9:81:ac:a2:c0:01:c3:15:89:12:d0:cb:6b:a9:85:
                    59:11:3c:f1:de:7b:01:26:bb:7e:59:6b:6d:77:f7:
                    68:d4:5e:3f:37:1f:13:c5:8b:6a:8e:b6:03:ac:35:
                    6a:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:DA:61:86:69:B6:16:F6:B8:0F:48:CF:2D:18:1A:16:2B:E1:D3:C0
            X509v3 Authority Key Identifier:
                keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DAC8B8425A2011EF957B0E79C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.103.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:ff:bb:9b:5f:f4:5a:4e:dd:ec:56:f3:74:2d:4d:34:4f:94:
         99:f8:0e:f0:39:fd:ec:22:90:f0:5b:a0:49:20:7a:cf:5e:9c:
         48:b6:cb:1f:39:9e:87:ef:3a:53:16:56:6d:87:9b:4b:2c:7a:
         31:ce:44:20:fb:9c:ee:df:81:4c:47:ab:49:55:2d:ac:af:9f:
         3f:2c:b9:63:f8:9e:06:89:39:dd:da:d8:e0:1e:ef:bc:02:eb:
         2c:c2:e9:cc:88:8a:58:4a:2b:23:74:bc:ad:db:83:b1:6a:af:
         97:83:5a:d3:74:0d:4e:96:6b:ba:0b:9d:2a:34:b7:60:3c:35:
         f1:39:51:1f:27:8b:2c:46:92:a1:17:11:33:95:e2:d5:9c:aa:
         cb:24:d1:49:b3:9e:82:f8:de:13:b4:5e:bf:df:2e:0a:16:64:
         8f:ed:05:c7:3f:f4:45:9b:05:80:a2:66:0d:0d:52:b0:c7:a1:
         b3:20:cd:f9:ef:41:c2:cc:2f:fa:79:0d:28:a5:c4:f5:04:e1:
         c9:7c:7f:1d:c7:00:5c:16:79:d9:df:92:81:5b:49:3c:94:f2:
         f4:dc:b4:9c:8e:64:ff:6d:1c:56:bf:45:c7:ce:63:51:07:00:
         9f:3c:84:f0:ca:15:63:89:7c:3d:94:d6:e9:1b:73:05:3b:2d:
         c0:93:3d:cf
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDALQiMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE2MDc1MloXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2Q2ZDgtODc4MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANrwLHV9+zzIXFG3wdDBPkhz16Ie8bA7Hh/K79n8o83ljEsFsWIGL6egLN9j
bz2muDmXEJnKvw6EZvSRBNqyencUh/IG4HxoTs6E+wipRO38pRhTPS3Ye3Xgg2t6
FI0zd9i0IntF9KoWkHDPZ7bKCl/HO4D6Qdz5hVnZ5ybrY0e1UVjIitFyY6ed1FJI
uA7vdPWQcw39N9Vpo07TmzJZ2cli+6XbwxxwuUSmlNhtVSpZCnjW5I8gI5NjRogc
I3r82q0Q5p7T9BUABBAnhivr/VWa6YGsosABwxWJEtDLa6mFWRE88d57ASa7fllr
bXf3aNRePzcfE8WLao62A6w1amkCAwEAAaOCApUwggKRMB0GA1UdDgQWBBQr2mGG
abYW9rgPSM8tGBoWK+HTwDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0RBQzhCODQy
NUEyMDExRUY5NTdCMEU3OUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQAZ2esMA0GCSqGSIb3DQEBCwUAA4IBAQBW/7ubX/RaTt3s
VvN0LU00T5SZ+A7wOf3sIpDwW6BJIHrPXpxItssfOZ6H7zpTFlZth5tLLHoxzkQg
+5zu34FMR6tJVS2sr58/LLlj+J4GiTnd2tjgHu+8AusswunMiIpYSisjdLyt24Ox
aq+Xg1rTdA1Olmu6C50qNLdgPDXxOVEfJ4ssRpKhFxEzleLVnKrLJNFJs56C+N4T
tF6/3y4KFmSP7QXHP/RFmwWAomYNDVKwx6GzIM3570HCzC/6eQ0opcT1BOHJfH8d
xwBcFnnZ35KBW0k8lPL03LScjmT/bRxWv0XHzmNRBwCfPITwyhVjiXw9lNbpG3MF
Oy3Akz3P
-----END CERTIFICATE-----
Generated at Wed Jun 11 07:06:34 2025 by rpki-client