Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9191136/03C4287A9AA911F095AA0480C4F9AE02/97B512889AA911F08374FE83C4F9AE02.roa
File:                     97B512889AA911F08374FE83C4F9AE02.roa (raw, json)
Hash identifier:          uH6Z9g6mupXrJXF3TsZUP4n4WGUuKWh4WvUq+eRHejo=
Subject key identifier:   F0:B3:C5:61:F6:D6:79:98:DD:64:4D:E7:46:85:5B:79:3B:60:95:F7
Certificate issuer:       /CN=A9191136/serialNumber=FFB8EBF7517594F41EB636573D96A357069749B9
Certificate serial:       02
Authority key identifier: FF:B8:EB:F7:51:75:94:F4:1E:B6:36:57:3D:96:A3:57:06:97:49:B9
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/_7jr91F1lPQetjZXPZajVwaXSbk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9191136/03C4287A9AA911F095AA0480C4F9AE02/97B512889AA911F08374FE83C4F9AE02.roa
Signing time:             Fri 26 Sep 2025 07:22:43 +0000
ROA not before:           Fri 26 Sep 2025 07:22:43 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     153969
IP address blocks:        165.99.250.0/23 maxlen: 23
                          165.99.250.0/24 maxlen: 24
                          165.99.251.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9191136/03C4287A9AA911F095AA0480C4F9AE02/_7jr91F1lPQetjZXPZajVwaXSbk.crl
                          rsync://rpki.apnic.net/member_repository/A9191136/03C4287A9AA911F095AA0480C4F9AE02/_7jr91F1lPQetjZXPZajVwaXSbk.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/_7jr91F1lPQetjZXPZajVwaXSbk.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Oct 2025 11:51:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9191136, serialNumber=FFB8EBF7517594F41EB636573D96A357069749B9
        Validity
            Not Before: Sep 26 07:22:43 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=68d63f43-e019
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:64:cd:b5:4e:2f:ce:02:51:ee:36:f2:81:ed:
                    68:45:05:e5:b7:2e:98:e2:95:53:1b:8e:5a:cf:41:
                    87:ec:46:83:0a:c1:a0:b6:e7:ed:25:65:01:c8:e3:
                    c6:00:8d:41:d8:c9:ec:c9:94:ef:87:ee:94:81:c4:
                    27:e1:fa:d8:71:5a:f1:c8:40:e8:6b:fb:55:06:8d:
                    b9:05:45:80:25:10:60:04:fe:e2:fa:c8:3e:d0:db:
                    0e:21:56:b0:5c:11:ed:8f:81:ca:0c:9c:30:4d:70:
                    b4:14:c5:a4:bb:94:e1:f5:9a:65:53:dc:61:10:4c:
                    0a:79:1c:b6:52:1c:03:96:e9:82:49:d4:05:7b:51:
                    b4:66:7a:fd:81:67:45:e1:df:03:33:f4:ce:9e:9b:
                    6c:b9:40:91:35:da:aa:2e:17:85:38:89:ec:a5:b3:
                    86:cc:38:cd:fe:40:15:68:c5:74:2c:65:9f:33:a0:
                    eb:87:7b:2c:4c:26:62:0c:f2:a1:14:d7:4a:cc:58:
                    20:3b:c2:02:1d:7d:69:c1:44:95:de:5b:88:54:df:
                    ec:99:cd:60:b8:64:2f:90:0a:06:96:f7:97:93:90:
                    ec:3b:fb:ab:19:04:23:d3:d6:d8:52:a5:f4:64:8b:
                    04:3c:a3:e6:e6:e3:9e:75:59:d1:88:f4:d9:d2:31:
                    ec:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:B3:C5:61:F6:D6:79:98:DD:64:4D:E7:46:85:5B:79:3B:60:95:F7
            X509v3 Authority Key Identifier:
                keyid:FF:B8:EB:F7:51:75:94:F4:1E:B6:36:57:3D:96:A3:57:06:97:49:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9191136/03C4287A9AA911F095AA0480C4F9AE02/_7jr91F1lPQetjZXPZajVwaXSbk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/_7jr91F1lPQetjZXPZajVwaXSbk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191136/03C4287A9AA911F095AA0480C4F9AE02/97B512889AA911F08374FE83C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.99.250.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c3:14:15:f5:bf:8a:98:90:e2:cb:39:ac:b3:6a:00:31:27:19:
         4a:f7:5d:e5:e5:e4:92:44:0d:9d:49:60:ae:28:fe:e4:9a:d1:
         ff:e5:29:f2:41:cf:ba:d7:89:5c:0a:61:8b:b4:f1:74:8e:ca:
         8b:71:c6:9b:2f:03:62:11:9e:a4:3f:91:81:0e:9f:2b:6b:90:
         ff:15:3c:71:e7:91:33:c8:98:d2:a1:aa:c5:5e:f3:6e:70:31:
         eb:30:24:5c:80:b7:28:04:16:68:3f:f0:e3:bc:fc:e2:84:f1:
         3b:91:f6:3b:82:5d:6b:d8:7e:da:ac:15:af:48:3f:f7:d3:a9:
         3d:ec:51:a8:87:44:80:a2:81:57:ee:70:75:0c:87:0e:4e:bc:
         0c:60:3a:3f:e4:c8:1d:ca:37:03:df:cb:bc:4f:4f:62:b8:49:
         ce:53:39:e0:4a:21:e9:74:41:40:6f:e2:b0:89:3d:0d:17:4e:
         bd:9c:7c:a6:b4:71:9c:be:15:6f:2a:30:eb:3b:2f:94:33:14:
         6f:86:93:5e:d6:b8:23:17:0c:6f:d8:e9:7d:4f:83:fb:85:56:
         97:c0:f1:37:f9:e5:72:fa:ba:2b:58:1a:2d:05:06:75:57:7b:
         d7:f0:f2:a5:05:77:83:e2:00:25:27:70:f3:f9:c8:7d:5c:f1:
         2c:c4:84:c8
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
MTEzNjExMC8GA1UEBRMoRkZCOEVCRjc1MTc1OTRGNDFFQjYzNjU3M0Q5NkEzNTcw
Njk3NDlCOTAeFw0yNTA5MjYwNzIyNDNaFw0yNjA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4ZDYzZjQzLWUwMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2ZM21Ti/OAlHuNvKB7WhFBeW3LpjilVMbjlrPQYfsRoMKwaC25+0lZQHI48YA
jUHYyezJlO+H7pSBxCfh+thxWvHIQOhr+1UGjbkFRYAlEGAE/uL6yD7Q2w4hVrBc
Ee2PgcoMnDBNcLQUxaS7lOH1mmVT3GEQTAp5HLZSHAOW6YJJ1AV7UbRmev2BZ0Xh
3wMz9M6em2y5QJE12qouF4U4ieyls4bMOM3+QBVoxXQsZZ8zoOuHeyxMJmIM8qEU
10rMWCA7wgIdfWnBRJXeW4hU3+yZzWC4ZC+QCgaW95eTkOw7+6sZBCPT1thSpfRk
iwQ8o+bm4551WdGI9NnSMeyfAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU8LPFYfbW
eZjdZE3nRoVbeTtglfcwHwYDVR0jBBgwFoAU/7jr91F1lPQetjZXPZajVwaXSbkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTkxMTM2LzAzQzQyODdBOUFB
OTExRjA5NUFBMDQ4MEM0RjlBRTAyL183anI5MUYxbFBRZXRqWlhQWmFqVndhWFNi
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvXzdqcjkxRjFsUFFldGpaWFBaYWpWd2FYU2JrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
MTEzNi8wM0M0Mjg3QTlBQTkxMUYwOTVBQTA0ODBDNEY5QUUwMi85N0I1MTI4ODlB
QTkxMUYwODM3NEZFODNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaVj+jANBgkqhkiG9w0BAQsFAAOCAQEAwxQV9b+KmJDiyzms
s2oAMScZSvdd5eXkkkQNnUlgrij+5JrR/+Up8kHPuteJXAphi7TxdI7Ki3HGmy8D
YhGepD+RgQ6fK2uQ/xU8ceeRM8iY0qGqxV7zbnAx6zAkXIC3KAQWaD/w47z84oTx
O5H2O4Jda9h+2qwVr0g/99OpPexRqIdEgKKBV+5wdQyHDk68DGA6P+TIHco3A9/L
vE9PYrhJzlM54Eoh6XRBQG/isIk9DRdOvZx8prRxnL4Vbyow6zsvlDMUb4aTXta4
IxcMb9jpfU+D+4VWl8DxN/nlcvq6K1gaLQUGdVd71/DypQV3g+IAJSdw8/nIfVzx
LMSEyA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 07:09:19 2025 by rpki-client