Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B88CA/5696E746346511EFAF6DEB4EC4F9AE02/4857445643A911F0AD37044DC4F9AE02.roa
File:                     4857445643A911F0AD37044DC4F9AE02.roa (raw, json)
Hash identifier:          WkSg+sBSiJcoCE4RbowJKmOS2e9RO49Iq4fHf9Kfe8E=
Subject key identifier:   3D:CC:2D:55:A7:16:D7:D6:7D:FA:5D:27:CA:D4:49:F8:D7:83:7C:13
Certificate issuer:       /CN=A91B88CA/serialNumber=F625E6CC039026FF5BC9D6BDC42D8D1C18ABF33B
Certificate serial:       F5
Authority key identifier: F6:25:E6:CC:03:90:26:FF:5B:C9:D6:BD:C4:2D:8D:1C:18:AB:F3:3B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9iXmzAOQJv9byda9xC2NHBir8zs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B88CA/5696E746346511EFAF6DEB4EC4F9AE02/4857445643A911F0AD37044DC4F9AE02.roa
Signing time:             Sat 07 Jun 2025 14:11:59 +0000
ROA not before:           Sat 07 Jun 2025 14:11:59 +0000
ROA not after:            Sat 31 Jan 2026 00:00:00 +0000
asID:                     135883
IP address blocks:        103.67.52.0/23 maxlen: 23
                          103.67.52.0/24 maxlen: 24
                          103.67.53.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B88CA/5696E746346511EFAF6DEB4EC4F9AE02/9iXmzAOQJv9byda9xC2NHBir8zs.crl
                          rsync://rpki.apnic.net/member_repository/A91B88CA/5696E746346511EFAF6DEB4EC4F9AE02/9iXmzAOQJv9byda9xC2NHBir8zs.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9iXmzAOQJv9byda9xC2NHBir8zs.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 16 Jun 2025 04:58:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 245 (0xf5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B88CA, serialNumber=F625E6CC039026FF5BC9D6BDC42D8D1C18ABF33B
        Validity
            Not Before: Jun  7 14:11:59 2025 GMT
            Not After : Jan 31 00:00:00 2026 GMT
        Subject: CN=684448af-44ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:9b:96:ec:9b:54:8b:e7:a1:ff:df:b6:0f:43:
                    82:06:41:72:d0:fc:ed:a9:36:fd:48:c9:29:00:61:
                    37:87:f5:9d:61:bf:ae:8d:4d:63:29:2a:da:0b:5c:
                    60:1e:05:9a:91:68:2b:29:a4:1a:f0:a5:06:02:44:
                    81:f2:18:62:66:34:78:41:1b:ac:7b:31:fa:37:9f:
                    fa:a5:38:01:9c:2d:d2:d1:e0:fb:1a:f5:f7:a7:66:
                    3f:cd:dd:53:17:4e:10:d5:59:e5:1d:3c:6f:a9:78:
                    65:bf:f6:21:d2:cf:b1:30:30:f1:ec:df:ba:d0:9a:
                    e2:84:a1:da:90:39:44:77:6f:a9:46:aa:de:42:dd:
                    9c:15:85:4b:e6:61:a6:85:db:96:9a:51:91:7d:61:
                    84:f6:57:bc:f6:17:e4:3d:d2:33:00:b5:29:73:e9:
                    27:de:1e:8e:e4:cd:29:30:71:aa:8d:31:eb:fe:ef:
                    eb:ec:a9:fc:4a:bb:67:ad:b3:9a:13:bc:d2:f4:97:
                    06:87:dc:3f:c6:ff:a5:a1:08:12:1a:63:e7:7c:fe:
                    e4:c4:a5:bf:2e:e8:69:5b:7e:ef:89:7e:ab:3b:4e:
                    83:a7:66:1a:02:a0:3c:26:1d:76:dd:a5:9e:d1:06:
                    5d:65:52:6c:5b:7c:7d:90:00:1c:82:9b:f8:8e:05:
                    b6:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:CC:2D:55:A7:16:D7:D6:7D:FA:5D:27:CA:D4:49:F8:D7:83:7C:13
            X509v3 Authority Key Identifier:
                keyid:F6:25:E6:CC:03:90:26:FF:5B:C9:D6:BD:C4:2D:8D:1C:18:AB:F3:3B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B88CA/5696E746346511EFAF6DEB4EC4F9AE02/9iXmzAOQJv9byda9xC2NHBir8zs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9iXmzAOQJv9byda9xC2NHBir8zs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B88CA/5696E746346511EFAF6DEB4EC4F9AE02/4857445643A911F0AD37044DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.67.52.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ce:bc:6c:13:9f:f8:40:a5:35:f6:0f:c6:b5:cd:02:d3:1d:5e:
         72:62:20:08:c7:8f:34:b4:ce:f5:9d:2d:32:d0:c6:d1:a9:34:
         37:44:ea:68:bf:b2:d6:4f:f7:3b:8d:1f:1a:f7:87:4f:14:21:
         bc:bd:66:b1:f4:39:ed:17:ff:8e:6f:73:b8:70:73:9d:8f:24:
         64:04:3e:c8:15:61:64:22:78:f9:30:c4:c8:34:21:fb:a1:4d:
         d4:27:c1:be:34:5f:6c:6b:be:c7:57:2b:3b:2a:31:30:b6:20:
         e7:5d:1b:4e:38:09:be:76:7d:34:bf:3a:84:ed:6d:1a:5d:0f:
         1a:71:21:41:3c:4b:22:26:26:c9:05:f5:66:d7:11:5d:4a:83:
         d9:68:87:c5:11:29:89:55:35:62:61:42:0b:23:25:6d:48:fb:
         bd:e3:3e:e5:64:89:95:ca:33:7c:84:e9:96:fe:82:fd:0b:07:
         5e:6e:13:e2:97:f8:52:19:95:e4:0f:13:40:95:03:3a:d3:6e:
         87:04:01:96:35:f3:9c:5e:db:0f:5a:f3:27:85:98:96:47:45:
         a3:2c:aa:38:e2:be:fa:c0:e7:fe:da:11:4e:cd:d2:4c:54:6a:
         74:79:af:b8:6d:05:13:6c:89:d6:b7:6b:57:73:13:b8:3f:1b:
         1c:56:df:aa
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAPUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjg4Q0ExMTAvBgNVBAUTKEY2MjVFNkNDMDM5MDI2RkY1QkM5RDZCREM0MkQ4RDFD
MThBQkYzM0IwHhcNMjUwNjA3MTQxMTU5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODQ0NDhhZi00NGVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx5uW7JtUi+eh/9+2D0OCBkFy0PztqTb9SMkpAGE3h/WdYb+ujU1jKSraC1xg
HgWakWgrKaQa8KUGAkSB8hhiZjR4QRusezH6N5/6pTgBnC3S0eD7GvX3p2Y/zd1T
F04Q1VnlHTxvqXhlv/Yh0s+xMDDx7N+60JrihKHakDlEd2+pRqreQt2cFYVL5mGm
hduWmlGRfWGE9le89hfkPdIzALUpc+kn3h6O5M0pMHGqjTHr/u/r7Kn8SrtnrbOa
E7zS9JcGh9w/xv+loQgSGmPnfP7kxKW/LuhpW37viX6rO06Dp2YaAqA8Jh123aWe
0QZdZVJsW3x9kAAcgpv4jgW28wIDAQABo4IClTCCApEwHQYDVR0OBBYEFD3MLVWn
FtfWffpdJ8rUSfjXg3wTMB8GA1UdIwQYMBaAFPYl5swDkCb/W8nWvcQtjRwYq/M7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODhDQS81Njk2RTc0NjM0
NjUxMUVGQUY2REVCNEVDNEY5QUUwMi85aVhtekFPUUp2OWJ5ZGE5eEMyTkhCaXI4
enMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlpWG16QU9RSnY5YnlkYTl4QzJOSEJpcjh6cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjg4Q0EvNTY5NkU3NDYzNDY1MTFFRkFGNkRFQjRFQzRGOUFFMDIvNDg1NzQ0NTY0
M0E5MTFGMEFEMzcwNDREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnQzQwDQYJKoZIhvcNAQELBQADggEBAM68bBOf+EClNfYP
xrXNAtMdXnJiIAjHjzS0zvWdLTLQxtGpNDdE6mi/stZP9zuNHxr3h08UIby9ZrH0
Oe0X/45vc7hwc52PJGQEPsgVYWQiePkwxMg0IfuhTdQnwb40X2xrvsdXKzsqMTC2
IOddG044Cb52fTS/OoTtbRpdDxpxIUE8SyImJskF9WbXEV1Kg9loh8URKYlVNWJh
QgsjJW1I+73jPuVkiZXKM3yE6Zb+gv0LB15uE+KX+FIZleQPE0CVAzrTbocEAZY1
85xe2w9a8yeFmJZHRaMsqjjivvrA5/7aEU7N0kxUanR5r7htBRNsida3a1dzE7g/
GxxW36o=
-----END CERTIFICATE-----
Generated at Mon Jun 9 21:47:12 2025 by rpki-client