Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0432/EC692F04A4CA11ECAC4E5744C4F9AE02/7185135A61AE11EEA6D61C37C4F9AE02.roa
File:                     7185135A61AE11EEA6D61C37C4F9AE02.roa (raw, json)
Hash identifier:          c/Zvm427kENiAideE2yc17TlzEqhW1utfEK6NB9dveM=
Subject key identifier:   01:07:9E:78:A4:F6:30:C6:DA:53:EC:82:47:A9:C5:00:F1:3B:00:05
Certificate issuer:       /CN=A91A0432/serialNumber=EADE86859211704432A819B81899B60C5D3DDE8B
Certificate serial:       038A
Authority key identifier: EA:DE:86:85:92:11:70:44:32:A8:19:B8:18:99:B6:0C:5D:3D:DE:8B
Authority info access:    rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/6t6GhZIRcEQyqBm4GJm2DF093os.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A0432/EC692F04A4CA11ECAC4E5744C4F9AE02/7185135A61AE11EEA6D61C37C4F9AE02.roa
Signing time:             Sat 07 Jun 2025 01:09:15 +0000
ROA not before:           Sat 07 Jun 2025 01:09:15 +0000
ROA not after:            Thu 30 Jul 2026 00:00:00 +0000
asID:                     140599
IP address blocks:        87.121.117.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A0432/EC692F04A4CA11ECAC4E5744C4F9AE02/6t6GhZIRcEQyqBm4GJm2DF093os.crl
                          rsync://rpki.apnic.net/member_repository/A91A0432/EC692F04A4CA11ECAC4E5744C4F9AE02/6t6GhZIRcEQyqBm4GJm2DF093os.mft
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/6t6GhZIRcEQyqBm4GJm2DF093os.cer
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 16 Jun 2025 00:26:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 906 (0x38a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A0432, serialNumber=EADE86859211704432A819B81899B60C5D3DDE8B
        Validity
            Not Before: Jun  7 01:09:15 2025 GMT
            Not After : Jul 30 00:00:00 2026 GMT
        Subject: CN=6843913a-3ae0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:bb:da:95:71:a7:79:57:b8:ce:33:43:4b:23:
                    2a:7a:45:c9:0c:5e:30:14:76:98:6d:4a:00:f5:aa:
                    3f:d0:c0:8b:d2:44:5a:2f:72:2d:f1:82:12:14:40:
                    5d:d4:21:b6:b4:85:fd:17:86:00:a7:22:b8:4f:2c:
                    75:36:d6:9f:6d:d3:86:28:37:03:52:7c:d8:85:74:
                    47:32:ad:a8:4e:f4:b2:d4:06:20:8f:46:9b:69:80:
                    b8:99:89:c8:45:38:86:11:37:29:f5:b0:60:2f:cd:
                    98:ca:9f:1e:0a:8f:84:46:aa:9b:ee:bd:d6:95:26:
                    2b:b2:79:71:e4:ec:9e:ea:12:e7:03:4e:28:98:a4:
                    69:3c:41:be:9a:6c:ce:72:37:b1:8a:1f:e8:f7:56:
                    bc:f1:18:d4:d2:90:b6:80:4b:a1:53:48:ab:80:d2:
                    0b:04:07:5e:f5:9b:81:60:09:b0:5c:30:0c:69:49:
                    81:de:10:13:59:b8:45:13:56:2d:b1:00:db:49:42:
                    7d:9f:a9:1e:5c:6f:87:a8:0b:fc:eb:82:1c:f2:ed:
                    41:71:c5:21:4a:3e:1d:00:d1:0f:98:65:22:74:fe:
                    a3:eb:d8:5d:43:41:1d:ea:65:ff:e4:e9:f1:ec:e1:
                    4d:c2:b3:e4:25:e9:60:dd:e4:40:2b:26:2d:a0:7b:
                    38:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:07:9E:78:A4:F6:30:C6:DA:53:EC:82:47:A9:C5:00:F1:3B:00:05
            X509v3 Authority Key Identifier:
                keyid:EA:DE:86:85:92:11:70:44:32:A8:19:B8:18:99:B6:0C:5D:3D:DE:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A0432/EC692F04A4CA11ECAC4E5744C4F9AE02/6t6GhZIRcEQyqBm4GJm2DF093os.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/6t6GhZIRcEQyqBm4GJm2DF093os.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0432/EC692F04A4CA11ECAC4E5744C4F9AE02/7185135A61AE11EEA6D61C37C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.121.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:9e:1f:5c:8b:e6:f1:0a:2f:05:35:54:55:67:d9:05:69:8f:
         e6:a5:23:17:c2:f8:f4:69:cb:6f:bb:e2:4c:67:5c:be:05:8a:
         83:85:9f:1a:82:90:4b:17:c6:d9:c9:2c:62:b9:4e:28:ae:c5:
         c0:67:73:0c:ce:4e:0c:21:e4:af:57:e5:e3:fd:cb:f2:fb:d7:
         bc:71:f1:e3:02:13:0c:b6:10:d2:39:e9:8a:7e:aa:5d:f9:f6:
         90:9f:5e:4d:92:18:cd:b4:2b:71:d4:66:d8:50:f6:57:b3:9d:
         03:8d:a4:a5:d8:7e:b9:5d:6d:05:09:05:6e:2c:3d:40:97:af:
         fb:e9:10:90:58:d6:cc:57:7a:00:ee:91:eb:1f:c4:2e:15:f7:
         b4:85:9a:71:2c:ae:26:b0:c5:5e:e9:15:ed:5a:4e:7e:90:32:
         26:ee:1c:be:0c:a1:23:6e:3a:24:a1:fd:77:d3:dc:a3:81:75:
         ff:dc:48:ea:39:21:5b:ea:27:16:b6:af:c7:c0:80:94:93:18:
         4d:17:ff:b8:9b:45:d6:10:e0:b3:9c:ce:b0:3c:b6:86:74:90:
         83:17:8c:fc:e8:05:63:e6:9e:b5:91:d0:da:19:53:a3:e8:2a:
         8c:51:88:17:eb:eb:36:fc:81:12:17:68:d1:b7:99:c5:9d:de:
         ce:d4:72:e4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA4owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTA0MzIxMTAvBgNVBAUTKEVBREU4Njg1OTIxMTcwNDQzMkE4MTlCODE4OTlCNjBD
NUQzRERFOEIwHhcNMjUwNjA3MDEwOTE1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODQzOTEzYS0zYWUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnrvalXGneVe4zjNDSyMqekXJDF4wFHaYbUoA9ao/0MCL0kRaL3It8YISFEBd
1CG2tIX9F4YApyK4Tyx1NtafbdOGKDcDUnzYhXRHMq2oTvSy1AYgj0abaYC4mYnI
RTiGETcp9bBgL82Yyp8eCo+ERqqb7r3WlSYrsnlx5Oye6hLnA04omKRpPEG+mmzO
cjexih/o91a88RjU0pC2gEuhU0irgNILBAde9ZuBYAmwXDAMaUmB3hATWbhFE1Yt
sQDbSUJ9n6keXG+HqAv864Ic8u1BccUhSj4dANEPmGUidP6j69hdQ0Ed6mX/5Onx
7OFNwrPkJelg3eRAKyYtoHs4kQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAEHnnik
9jDG2lPsgkepxQDxOwAFMB8GA1UdIwQYMBaAFOrehoWSEXBEMqgZuBiZtgxdPd6L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDQzMi9FQzY5MkYwNEE0
Q0ExMUVDQUM0RTU3NDRDNEY5QUUwMi82dDZHaFpJUmNFUXlxQm00R0ptMkRGMDkz
b3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyLzZ0NkdoWklSY0VReXFCbTRHSm0yREYwOTNvcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTA0MzIvRUM2OTJGMDRBNENBMTFFQ0FDNEU1NzQ0QzRGOUFFMDIvNzE4NTEzNUE2
MUFFMTFFRUE2RDYxQzM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABXeXUwDQYJKoZIhvcNAQELBQADggEBABqeH1yL5vEKLwU1
VFVn2QVpj+alIxfC+PRpy2+74kxnXL4FioOFnxqCkEsXxtnJLGK5TiiuxcBncwzO
Tgwh5K9X5eP9y/L717xx8eMCEwy2ENI56Yp+ql359pCfXk2SGM20K3HUZthQ9lez
nQONpKXYfrldbQUJBW4sPUCXr/vpEJBY1sxXegDukesfxC4V97SFmnEsriawxV7p
Fe1aTn6QMibuHL4MoSNuOiSh/XfT3KOBdf/cSOo5IVvqJxa2r8fAgJSTGE0X/7ib
RdYQ4LOczrA8toZ0kIMXjPzoBWPmnrWR0NoZU6PoKoxRiBfr6zb8gRIXaNG3mcWd
3s7UcuQ=
-----END CERTIFICATE-----
Generated at Wed Jun 11 01:02:59 2025 by rpki-client