Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/53CDEE805D4811F0B045442CC4F9AE02.roa
File:                     53CDEE805D4811F0B045442CC4F9AE02.roa (raw, json)
Hash identifier:          07HqaObKVn7vAHGyBG4fqgZ8lv0Swm7cGLXFOBja8Y4=
Subject key identifier:   2A:D2:B0:D6:5C:B6:71:18:E4:B8:BD:B1:0E:65:06:83:7C:B2:A0:7D
Certificate issuer:       /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial:       4BAA
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/53CDEE805D4811F0B045442CC4F9AE02.roa
Signing time:             Thu 10 Jul 2025 04:42:47 +0000
ROA not before:           Thu 10 Jul 2025 04:42:47 +0000
ROA not after:            Fri 31 Oct 2025 00:00:00 +0000
asID:                     154003
IP address blocks:        2001:df5:cbc0::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
                          rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 14:33:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19370 (0x4baa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
        Validity
            Not Before: Jul 10 04:42:47 2025 GMT
            Not After : Oct 31 00:00:00 2025 GMT
        Subject: CN=686f44c7-8a99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:9f:49:12:2c:92:e6:87:63:2a:e8:32:ba:0f:
                    b2:b1:95:fe:2f:0a:bc:50:f8:30:a9:e9:f0:7c:91:
                    be:11:ed:6d:13:9b:21:49:30:95:99:29:8d:b2:d7:
                    48:ba:eb:ed:81:33:1e:f4:a7:19:be:4f:de:3a:8b:
                    d9:96:93:62:15:5c:46:9f:84:a5:79:cc:f1:ab:54:
                    a7:e8:81:29:3e:da:dc:99:13:20:79:89:bb:4b:e8:
                    0b:41:97:d1:cc:ce:a7:0a:62:08:ac:00:c7:de:cd:
                    a7:8b:16:e4:66:87:f8:3d:d8:ab:52:7d:1e:77:c7:
                    6b:60:34:d2:a8:9f:ca:50:8d:b1:fe:7a:a9:b9:33:
                    ea:e4:f0:b7:8c:68:f4:69:53:9e:27:10:48:a3:23:
                    d0:fe:a5:48:a8:73:3f:cb:f3:d0:c0:9b:31:36:94:
                    3c:40:6e:48:9a:60:1e:ec:e4:d1:5c:5a:93:07:6a:
                    e5:04:80:30:e2:83:b7:4d:a6:f6:02:d0:2f:f5:f8:
                    a3:0a:dd:6f:42:6c:a3:b3:54:1f:f7:2a:e1:b7:eb:
                    95:30:1b:3a:8f:a1:8e:08:00:ba:2e:cb:ad:1d:18:
                    fc:86:fe:76:23:ee:7c:e2:5f:b7:95:4b:3f:ea:a3:
                    65:46:d7:88:4c:ad:34:23:55:af:3f:3b:eb:c8:94:
                    fe:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:D2:B0:D6:5C:B6:71:18:E4:B8:BD:B1:0E:65:06:83:7C:B2:A0:7D
            X509v3 Authority Key Identifier:
                keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/53CDEE805D4811F0B045442CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df5:cbc0::/48

    Signature Algorithm: sha256WithRSAEncryption
         24:ae:e9:3e:5b:1e:e6:1c:e7:ba:87:a3:c1:ff:49:85:9b:57:
         7e:18:e7:bb:2e:6d:b1:18:7b:50:7e:21:37:e3:98:80:51:74:
         f5:9c:68:32:0d:67:07:a3:c0:f6:af:4b:97:02:fc:4b:18:70:
         59:07:d6:cc:06:cc:75:49:ec:c7:b0:29:84:ef:3d:2a:24:18:
         1d:c1:47:52:7c:a9:8c:cf:9b:31:ae:23:ea:d3:34:d3:85:43:
         33:ac:66:9a:1c:1b:f8:f6:cd:fd:b0:49:6a:c7:c9:2f:45:68:
         af:45:23:67:75:eb:eb:54:34:37:da:fd:fc:1a:bb:7a:d3:d0:
         13:83:e4:66:c3:51:0d:1f:55:e9:92:eb:79:ae:8a:3c:f7:40:
         be:ae:28:e2:e3:b3:96:fd:8f:5b:2a:77:2c:f9:9c:ec:8a:f3:
         2f:6d:04:ee:0b:e0:1a:d7:e0:22:e8:09:84:79:45:c6:2e:1a:
         32:74:7c:33:59:61:b0:ef:49:fa:f3:2c:db:6c:61:f4:9d:d4:
         22:57:8d:2d:9c:72:07:1b:91:6a:b6:b6:29:ea:f4:7e:03:ca:
         da:21:fe:2d:7f:92:fe:19:dd:1d:b7:70:f7:e0:e4:2d:bd:cc:
         8e:38:5a:22:d6:40:3f:f1:a1:55:8a:83:a8:c7:98:6e:b9:a6:
         79:8d:bb:f7
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICS6owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwNzEwMDQ0MjQ3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODZmNDRjNy04YTk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv59JEiyS5odjKugyug+ysZX+Lwq8UPgwqenwfJG+Ee1tE5shSTCVmSmNstdI
uuvtgTMe9KcZvk/eOovZlpNiFVxGn4Sleczxq1Sn6IEpPtrcmRMgeYm7S+gLQZfR
zM6nCmIIrADH3s2nixbkZof4PdirUn0ed8drYDTSqJ/KUI2x/nqpuTPq5PC3jGj0
aVOeJxBIoyPQ/qVIqHM/y/PQwJsxNpQ8QG5ImmAe7OTRXFqTB2rlBIAw4oO3Tab2
AtAv9fijCt1vQmyjs1Qf9yrht+uVMBs6j6GOCAC6LsutHRj8hv52I+584l+3lUs/
6qNlRteITK00I1WvPzvryJT+ywIDAQABo4ICmDCCApQwHQYDVR0OBBYEFCrSsNZc
tnEY5Li9sQ5lBoN8sqB9MB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNTNDREVFODA1
RDQ4MTFGMEIwNDU0NDJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ31y8AwDQYJKoZIhvcNAQELBQADggEBACSu6T5bHuYc
57qHo8H/SYWbV34Y57subbEYe1B+ITfjmIBRdPWcaDINZwejwPavS5cC/EsYcFkH
1swGzHVJ7MewKYTvPSokGB3BR1J8qYzPmzGuI+rTNNOFQzOsZpocG/j2zf2wSWrH
yS9FaK9FI2d16+tUNDfa/fwau3rT0BOD5GbDUQ0fVemS63muijz3QL6uKOLjs5b9
j1sqdyz5nOyK8y9tBO4L4BrX4CLoCYR5RcYuGjJ0fDNZYbDvSfrzLNtsYfSd1CJX
jS2ccgcbkWq2tinq9H4Dytoh/i1/kv4Z3R23cPfg5C29zI44WiLWQD/xoVWKg6jH
mG65pnmNu/c=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:07:31 2025 by rpki-client