Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
File:                     8F6D3D583AEA11EC84E6634EC4F9AE02.roa (raw, json)
Hash identifier:          hKWe/eIi1S/b0sftmS4vbxX+CeHNz0WaxfQQONNUalk=
Subject key identifier:   13:B3:AD:40:5A:02:21:F3:6D:DA:09:BA:1F:D0:40:E5:A0:C5:70:CF
Certificate issuer:       /CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Certificate serial:       0D37
Authority key identifier: 53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
Signing time:             Fri 16 May 2025 15:40:14 +0000
ROA not before:           Fri 16 May 2025 15:40:14 +0000
ROA not after:            Mon 01 Dec 2025 00:00:00 +0000
asID:                     63916
IP address blocks:        27.122.56.0/24 maxlen: 24
                          27.122.57.0/24 maxlen: 24
                          27.122.58.0/24 maxlen: 24
                          27.122.59.0/24 maxlen: 24
                          43.239.156.0/22 maxlen: 22
                          43.239.156.0/23 maxlen: 23
                          43.239.156.0/24 maxlen: 24
                          43.239.157.0/24 maxlen: 24
                          43.239.158.0/23 maxlen: 23
                          43.239.158.0/24 maxlen: 24
                          43.239.159.0/24 maxlen: 24
                          43.245.196.0/23 maxlen: 23
                          43.245.196.0/24 maxlen: 24
                          43.245.197.0/24 maxlen: 24
                          43.245.198.0/24 maxlen: 24
                          43.245.199.0/24 maxlen: 24
                          43.251.157.0/24 maxlen: 24
                          43.251.158.0/24 maxlen: 24
                          43.251.159.0/24 maxlen: 24
                          103.1.152.0/24 maxlen: 24
                          103.1.153.0/24 maxlen: 24
                          103.1.154.0/24 maxlen: 24
                          103.1.155.0/24 maxlen: 24
                          103.10.196.0/24 maxlen: 24
                          103.10.198.0/24 maxlen: 24
                          103.35.72.0/22 maxlen: 22
                          103.35.72.0/24 maxlen: 24
                          103.35.73.0/24 maxlen: 24
                          103.35.74.0/24 maxlen: 24
                          103.35.75.0/24 maxlen: 24
                          103.68.223.0/24 maxlen: 24
                          103.71.254.0/24 maxlen: 24
                          103.72.4.0/23 maxlen: 24
                          182.161.32.0/22 maxlen: 22
                          182.161.32.0/24 maxlen: 24
                          182.161.33.0/24 maxlen: 24
                          182.161.34.0/24 maxlen: 24
                          182.161.35.0/24 maxlen: 24
                          202.144.192.0/22 maxlen: 22
                          202.144.192.0/24 maxlen: 24
                          202.144.193.0/24 maxlen: 24
                          202.144.194.0/24 maxlen: 24
                          202.144.195.0/24 maxlen: 24
                          2402:c480::/32 maxlen: 32
                          2402:c480:3000::/48 maxlen: 48
                          2402:c480:3001::/48 maxlen: 48
                          2402:c480:3002::/48 maxlen: 48
                          2402:c480:3003::/48 maxlen: 48
                          2402:c480:3004::/48 maxlen: 48
                          2402:c480:5000::/48 maxlen: 48
                          2402:c480:6000::/48 maxlen: 48
                          2402:c480:6001::/48 maxlen: 48
                          2402:c480:6002::/48 maxlen: 48
                          2402:c480:7000::/48 maxlen: 48
                          2402:c480:7001::/48 maxlen: 48
                          2402:c480:8000::/48 maxlen: 48
                          2402:c480:8001::/48 maxlen: 48
                          2402:c480:8003::/48 maxlen: 48
                          2402:c480:9000::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
                          rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 15 Jun 2025 17:59:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3383 (0xd37)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B885C, serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
        Validity
            Not Before: May 16 15:40:14 2025 GMT
            Not After : Dec  1 00:00:00 2025 GMT
        Subject: CN=68275c5e-5e0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:6d:31:6a:56:93:1e:e2:07:bc:aa:e9:79:c3:
                    c2:f2:70:6f:e1:c8:da:7c:2a:fa:dc:89:1b:a4:38:
                    5b:37:db:72:a6:fd:6f:90:09:b5:0b:71:47:97:b6:
                    40:68:87:83:45:a7:34:0a:64:21:f6:0f:e9:69:16:
                    f8:00:4e:3b:2e:17:f5:e6:65:a6:10:94:18:83:0b:
                    a1:2b:67:cf:bd:fc:dd:44:26:e9:b5:8c:49:69:fd:
                    82:83:64:6a:f4:cf:6a:a0:21:22:ca:75:10:e7:6f:
                    9e:23:e6:33:9f:25:ee:da:96:08:27:d5:0c:c3:12:
                    00:56:cf:1d:cd:fc:91:f8:13:8b:d7:12:f7:ec:69:
                    a8:12:66:6e:33:d5:a7:3b:de:e3:55:6c:5b:62:c3:
                    cf:41:52:77:95:c9:34:f1:cc:53:b1:44:86:29:1b:
                    9b:f9:0b:a5:0d:e2:c5:47:77:84:c6:67:3c:84:00:
                    9e:53:cc:ae:a3:58:e0:a3:9d:d0:35:e7:84:0e:7c:
                    72:43:03:77:e3:f4:4a:8d:50:21:66:eb:5d:ab:97:
                    06:f1:fe:78:f4:ea:6d:88:17:e4:ac:77:98:e5:c8:
                    80:e7:08:1b:79:b5:79:7f:75:1f:bc:11:cb:37:2a:
                    a8:63:a6:07:a4:65:13:60:bc:24:e4:22:7e:b8:04:
                    23:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:B3:AD:40:5A:02:21:F3:6D:DA:09:BA:1F:D0:40:E5:A0:C5:70:CF
            X509v3 Authority Key Identifier:
                keyid:53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.122.56.0/22
                  43.239.156.0/22
                  43.245.196.0/22
                  43.251.157.0-43.251.159.255
                  103.1.152.0/22
                  103.10.196.0/24
                  103.10.198.0/24
                  103.35.72.0/22
                  103.68.223.0/24
                  103.71.254.0/24
                  103.72.4.0/23
                  182.161.32.0/22
                  202.144.192.0/22
                IPv6:
                  2402:c480::/32

    Signature Algorithm: sha256WithRSAEncryption
         a4:8f:85:62:75:e9:fc:f8:b2:1e:73:c0:40:6d:f3:40:aa:78:
         e5:31:4e:36:6b:5f:58:97:89:21:87:38:b0:c6:82:9f:9c:90:
         59:94:85:b9:09:62:76:e2:ac:27:16:18:f5:67:02:73:dd:38:
         b3:cf:3a:a1:9d:b1:17:42:31:00:4d:ed:5c:05:cb:c3:1a:97:
         81:47:4b:73:8c:13:e1:f6:a9:c9:66:79:09:ab:27:e0:44:85:
         f8:b3:c9:7c:16:ce:87:fe:70:83:2e:fc:a1:18:ed:24:7d:ba:
         eb:df:6a:e4:b2:01:d0:3e:fe:8a:2e:2e:d2:bc:dc:0e:cb:be:
         cd:9a:80:bf:54:7c:e3:85:ef:cb:95:21:74:60:1a:cf:f2:ca:
         f9:4e:cd:96:4a:d6:1f:0f:30:ab:3f:7e:23:c8:6b:b0:a6:cb:
         2e:2f:be:58:e6:21:40:a1:98:c8:2e:37:ff:d0:d3:83:98:41:
         e5:80:58:ad:56:90:28:a1:6d:ea:8e:3c:f6:2e:f6:8f:42:ea:
         69:06:c5:43:1a:bf:28:5b:1f:48:dd:4e:61:65:ec:92:93:f5:
         43:29:29:f0:15:8c:9f:15:ce:36:4f:74:85:e6:14:00:49:09:
         ca:10:b1:d7:d5:bc:18:a7:f3:22:be:44:9b:2c:e2:c0:66:5b:
         9c:8c:54:59
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgICDTcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjg4NUMxMTAvBgNVBAUTKDUzNzRDNkU3NUYxODYwNTI0NTVBMkQ4REE1MjkyRkVG
MDA5Q0M5QUYwHhcNMjUwNTE2MTU0MDE0WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODI3NWM1ZS01ZTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvW0xalaTHuIHvKrpecPC8nBv4cjafCr63IkbpDhbN9typv1vkAm1C3FHl7ZA
aIeDRac0CmQh9g/paRb4AE47Lhf15mWmEJQYgwuhK2fPvfzdRCbptYxJaf2Cg2Rq
9M9qoCEiynUQ52+eI+YznyXu2pYIJ9UMwxIAVs8dzfyR+BOL1xL37GmoEmZuM9Wn
O97jVWxbYsPPQVJ3lck08cxTsUSGKRub+QulDeLFR3eExmc8hACeU8yuo1jgo53Q
NeeEDnxyQwN34/RKjVAhZutdq5cG8f549OptiBfkrHeY5ciA5wgbebV5f3UfvBHL
NyqoY6YHpGUTYLwk5CJ+uAQjSwIDAQABo4IC9DCCAvAwHQYDVR0OBBYEFBOzrUBa
AiHzbdoJuh/QQOWgxXDPMB8GA1UdIwQYMBaAFFN0xudfGGBSRVotjaUpL+8AnMmv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODg1Qy81QzE5Rjg0MkYy
NjcxMUU5ODdDNzEzMUZDNEY5QUUwMi9VM1RHNTE4WVlGSkZXaTJOcFNrdjd3Q2N5
YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1UzVEc1MThZWUZKRldpMk5wU2t2N3dDY3lhOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjg4NUMvNUMxOUY4NDJGMjY3MTFFOTg3QzcxMzFGQzRGOUFFMDIvOEY2RDNENTgz
QUVBMTFFQzg0RTY2MzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfgYIKwYBBQUHAQcBAf8E
bzBtMFwEAgABMFYDBAIbejgDBAIr75wDBAIr9cQwDAMEACv7nQMEBSv7gAMEAmcB
mAMEAGcKxAMEAGcKxgMEAmcjSAMEAGdE3wMEAGdH/gMEAWdIBAMEArahIAMEAsqQ
wDANBAIAAjAHAwUAJALEgDANBgkqhkiG9w0BAQsFAAOCAQEApI+FYnXp/PiyHnPA
QG3zQKp45TFONmtfWJeJIYc4sMaCn5yQWZSFuQliduKsJxYY9WcCc904s886oZ2x
F0IxAE3tXAXLwxqXgUdLc4wT4fapyWZ5Casn4ESF+LPJfBbOh/5wgy78oRjtJH26
699q5LIB0D7+ii4u0rzcDsu+zZqAv1R844Xvy5UhdGAaz/LK+U7NlkrWHw8wqz9+
I8hrsKbLLi++WOYhQKGYyC43/9DTg5hB5YBYrVaQKKFt6o489i72j0LqaQbFQxq/
KFsfSN1OYWXskpP1Qykp8BWMnxXONk90heYUAEkJyhCx19W8GKfzIr5EmyziwGZb
nIxUWQ==
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:19:19 2025 by rpki-client