Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F178954E3A3011F0B58AE637C4F9AE02.roa
File:                     F178954E3A3011F0B58AE637C4F9AE02.roa (raw, json)
Hash identifier:          LB+srUY4DPmgHGu+Tx1bRhhpZcjFD/I77JD6v/totm8=
Subject key identifier:   6F:4E:E4:9C:6A:D2:EF:F7:AD:27:E2:6A:49:25:77:BD:02:75:82:46
Certificate issuer:       /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial:       BBF6
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F178954E3A3011F0B58AE637C4F9AE02.roa
Signing time:             Mon 26 May 2025 12:57:13 +0000
ROA not before:           Mon 26 May 2025 12:57:13 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     147306
IP address blocks:        2001:df5:95c0::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
                          rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 17 Jun 2025 15:22:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 48118 (0xbbf6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
        Validity
            Not Before: May 26 12:57:13 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=68346529-4b9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:c8:98:91:05:a7:d0:3b:30:79:4b:d2:2d:27:
                    09:87:1f:38:4e:ac:ae:4f:b9:dd:fa:f4:30:36:34:
                    c6:c6:b0:a6:fc:ad:3d:9e:71:1c:1d:b7:80:d4:8b:
                    2c:4c:44:04:66:f4:0d:06:d7:62:39:10:7e:9f:07:
                    6c:88:49:9b:df:e5:44:ef:9b:fa:ec:81:e3:0b:47:
                    40:fb:38:c1:46:dd:fe:07:b9:92:c8:b3:cf:1c:3d:
                    9a:a2:8b:00:c2:bf:f2:5e:58:23:e2:9d:13:73:0b:
                    6d:47:bf:c9:77:f1:6b:b2:41:10:70:e2:5d:91:ee:
                    27:21:06:36:aa:c0:36:e4:95:ac:87:f6:67:be:23:
                    eb:53:b3:c8:3d:f7:07:93:12:19:83:f5:59:fe:39:
                    3f:4b:40:64:55:60:d0:51:0e:36:1b:bf:dd:60:a1:
                    b1:dc:df:8d:ca:a3:4a:df:e9:60:63:0f:2d:57:fb:
                    eb:e5:c4:bf:3b:cd:17:06:9f:2a:22:7e:20:08:3e:
                    c7:3b:9a:aa:d8:58:72:04:23:75:64:e7:6d:dc:d6:
                    0b:d5:ae:ac:ae:75:cf:c0:55:44:20:69:e0:39:00:
                    8f:43:f3:4e:49:bd:91:e8:5d:28:d3:8b:75:3f:c8:
                    7f:d0:b2:22:ed:0a:64:d7:55:cc:28:15:9f:df:9c:
                    f1:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:4E:E4:9C:6A:D2:EF:F7:AD:27:E2:6A:49:25:77:BD:02:75:82:46
            X509v3 Authority Key Identifier:
                keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F178954E3A3011F0B58AE637C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df5:95c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         2e:eb:75:b2:fe:ec:c6:5e:92:3b:36:71:53:fe:4d:5a:91:f3:
         ac:6d:26:4e:03:e4:c2:1e:d1:ed:a1:d4:92:e2:b8:29:34:62:
         92:df:60:7c:52:91:51:f7:32:5a:11:59:4a:82:a3:d6:c5:cb:
         8b:69:21:a9:e0:8f:bd:6c:1d:b1:78:e0:41:0d:91:a6:3f:5e:
         af:f8:31:92:ea:e8:29:6b:e9:dd:f4:68:17:a0:19:5b:cb:58:
         67:6b:ab:6a:62:d5:4b:d4:f5:b5:a4:ca:0e:2b:0f:ef:b9:e8:
         66:3e:42:99:cb:ee:47:77:2e:82:1e:23:ec:e1:71:07:e4:51:
         c2:4b:ec:48:f1:0a:c2:34:21:5f:18:3b:2c:b3:51:a8:13:69:
         ac:c2:02:93:24:f8:ad:80:18:6f:8b:8f:bb:7d:8c:7f:fe:69:
         ca:5d:65:29:5a:f0:bc:8a:8e:54:0b:7f:50:fe:15:22:1e:45:
         25:fe:1b:cb:d6:4b:c8:b0:20:09:a4:60:17:19:61:80:81:b1:
         05:fe:03:6d:9f:36:b5:38:8e:ed:12:a5:b2:f1:51:dd:5d:9e:
         59:3d:ec:36:ba:73:e1:b9:52:a4:8a:b0:38:e6:78:4e:d6:cf:
         86:87:b0:ca:99:51:fe:8b:b2:d1:21:8e:0b:19:3a:ac:e3:93:
         bd:a2:69:8d
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIDALv2MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUyNjEyNTcxM1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgzNDY1MjktNGI5ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzImJEFp9A7MHlL0i0nCYcfOE6srk+53fr0MDY0xsawpvytPZ5xHB23gNSL
LExEBGb0DQbXYjkQfp8HbIhJm9/lRO+b+uyB4wtHQPs4wUbd/ge5ksizzxw9mqKL
AMK/8l5YI+KdE3MLbUe/yXfxa7JBEHDiXZHuJyEGNqrANuSVrIf2Z74j61OzyD33
B5MSGYP1Wf45P0tAZFVg0FEONhu/3WChsdzfjcqjSt/pYGMPLVf76+XEvzvNFwaf
KiJ+IAg+xzuaqthYcgQjdWTnbdzWC9WurK51z8BVRCBp4DkAj0PzTkm9kehdKNOL
dT/If9CyIu0KZNdVzCgVn9+c8YECAwEAAaOCApgwggKUMB0GA1UdDgQWBBRvTuSc
atLv960n4mpJJXe9AnWCRjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0YxNzg5NTRF
M0EzMDExRjBCNThBRTYzN0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCIGCCsGAQUFBwEHAQH/
BBMwETAPBAIAAjAJAwcAIAEN9ZXAMA0GCSqGSIb3DQEBCwUAA4IBAQAu63Wy/uzG
XpI7NnFT/k1akfOsbSZOA+TCHtHtodSS4rgpNGKS32B8UpFR9zJaEVlKgqPWxcuL
aSGp4I+9bB2xeOBBDZGmP16v+DGS6ugpa+nd9GgXoBlby1hna6tqYtVL1PW1pMoO
Kw/vuehmPkKZy+5Hdy6CHiPs4XEH5FHCS+xI8QrCNCFfGDsss1GoE2mswgKTJPit
gBhvi4+7fYx//mnKXWUpWvC8io5UC39Q/hUiHkUl/hvL1kvIsCAJpGAXGWGAgbEF
/gNtnza1OI7tEqWy8VHdXZ5ZPew2unPhuVKkirA45nhO1s+Gh7DKmVH+i7LRIY4L
GTqs45O9ommN
-----END CERTIFICATE-----
Generated at Wed Jun 11 00:41:17 2025 by rpki-client