Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91BD000/E6602ED20DB411EABA5C1D7FC4F9AE02/A55C1282ACA311EFBA427354C4F9AE02.roa
File:                     A55C1282ACA311EFBA427354C4F9AE02.roa (raw, json)
Hash identifier:          xR90gNQMnqZeX9/Y9edNzOkrUxu48WORxv+O+Po63Y4=
Subject key identifier:   E5:DC:2F:74:51:DE:17:D4:BB:7E:1B:46:A2:B8:B0:11:9C:37:37:B1
Certificate issuer:       /CN=A91BD000/serialNumber=40E96CAEB19D41E0DAD652F435AD08E7AE809EF9
Certificate serial:       0C20
Authority key identifier: 40:E9:6C:AE:B1:9D:41:E0:DA:D6:52:F4:35:AD:08:E7:AE:80:9E:F9
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QOlsrrGdQeDa1lL0Na0I566Anvk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BD000/E6602ED20DB411EABA5C1D7FC4F9AE02/A55C1282ACA311EFBA427354C4F9AE02.roa
Signing time:             Tue 20 May 2025 19:13:49 +0000
ROA not before:           Tue 20 May 2025 19:13:49 +0000
ROA not after:            Thu 30 Jul 2026 00:00:00 +0000
asID:                     58912
IP address blocks:        45.124.12.0/22 maxlen: 24
                          103.25.80.0/22 maxlen: 24
                          2407:9ac0::/32 maxlen: 32
                          2407:9ac0::/36 maxlen: 36
                          2407:9ac0:1000::/36 maxlen: 36
                          2407:9ac0:2000::/36 maxlen: 36
                          2407:9ac0:3000::/36 maxlen: 36
                          2407:9ac0:4000::/36 maxlen: 36
                          2407:9ac0:5000::/36 maxlen: 36
                          2407:9ac0:6000::/36 maxlen: 36
                          2407:9ac0:7000::/36 maxlen: 36
                          2407:9ac0:8000::/36 maxlen: 36
                          2407:9ac0:9000::/36 maxlen: 36
                          2407:9ac0:a000::/36 maxlen: 36
                          2407:9ac0:b000::/36 maxlen: 36
                          2407:9ac0:c000::/36 maxlen: 36
                          2407:9ac0:d000::/36 maxlen: 36
                          2407:9ac0:e000::/36 maxlen: 36
                          2407:9ac0:f000::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91BD000/E6602ED20DB411EABA5C1D7FC4F9AE02/QOlsrrGdQeDa1lL0Na0I566Anvk.crl
                          rsync://rpki.apnic.net/member_repository/A91BD000/E6602ED20DB411EABA5C1D7FC4F9AE02/QOlsrrGdQeDa1lL0Na0I566Anvk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QOlsrrGdQeDa1lL0Na0I566Anvk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 15 Jun 2025 18:26:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3104 (0xc20)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BD000, serialNumber=40E96CAEB19D41E0DAD652F435AD08E7AE809EF9
        Validity
            Not Before: May 20 19:13:49 2025 GMT
            Not After : Jul 30 00:00:00 2026 GMT
        Subject: CN=682cd46d-e608
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:ae:a6:07:78:40:d1:f3:c9:49:59:a1:28:da:
                    04:49:ed:86:a5:f6:06:77:5a:41:e9:1f:da:86:e5:
                    4f:45:75:a1:bf:fe:89:62:9c:64:0e:55:63:45:03:
                    d4:f7:f3:73:40:2a:d4:39:21:c6:ee:71:e2:cf:3f:
                    f4:e2:83:3e:d0:60:63:3d:ab:9e:72:ac:24:49:87:
                    75:8a:ac:17:99:98:e9:51:0b:65:ec:19:ec:90:65:
                    38:07:66:75:75:6b:b2:92:f3:89:14:17:d9:4f:c9:
                    0d:82:aa:91:89:b8:39:cb:05:fa:0b:d1:02:30:31:
                    79:43:7d:ab:eb:e2:ee:c4:42:49:2f:a5:c2:00:22:
                    6d:55:dc:6d:27:ce:85:96:fb:0f:3f:5c:cc:12:d2:
                    00:08:51:a1:57:8f:0b:86:20:90:c9:34:df:aa:aa:
                    d9:fd:e3:91:5d:65:95:61:f7:4f:a4:a3:da:3b:7f:
                    8c:ba:20:c7:64:89:9e:6e:e0:79:e2:0c:a4:96:ff:
                    74:e7:dc:a4:d2:27:23:71:9e:3b:6f:1f:80:d1:4b:
                    12:18:6e:47:21:78:80:38:14:67:c8:3e:20:ff:a6:
                    6a:b8:4b:55:2d:0d:67:9a:76:23:3e:27:51:bd:a9:
                    c1:b1:e5:91:07:cb:cb:fe:4e:85:9f:0e:dc:9d:6a:
                    04:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:DC:2F:74:51:DE:17:D4:BB:7E:1B:46:A2:B8:B0:11:9C:37:37:B1
            X509v3 Authority Key Identifier:
                keyid:40:E9:6C:AE:B1:9D:41:E0:DA:D6:52:F4:35:AD:08:E7:AE:80:9E:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BD000/E6602ED20DB411EABA5C1D7FC4F9AE02/QOlsrrGdQeDa1lL0Na0I566Anvk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QOlsrrGdQeDa1lL0Na0I566Anvk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BD000/E6602ED20DB411EABA5C1D7FC4F9AE02/A55C1282ACA311EFBA427354C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.124.12.0/22
                  103.25.80.0/22
                IPv6:
                  2407:9ac0::/32

    Signature Algorithm: sha256WithRSAEncryption
         35:e6:66:8d:d5:21:c0:cb:e7:09:d2:52:73:1f:bb:ca:54:fa:
         9c:f9:99:74:7f:d6:a0:cf:0f:5e:38:35:9d:31:e9:f4:1b:e2:
         3e:26:88:21:38:bc:cc:2e:d0:7d:df:f9:d2:e1:4c:60:91:11:
         5a:24:d6:d6:cf:2a:81:d1:0f:9c:12:6a:ad:57:c5:ef:b7:6d:
         f8:d7:29:06:4b:d7:23:cc:f5:25:cd:a7:a1:48:c9:fb:6c:8b:
         ff:93:38:8e:09:02:10:51:bb:96:d5:c3:2f:eb:b9:ea:b7:71:
         12:6a:dc:97:37:37:50:7a:13:b3:67:2f:e5:02:26:1b:fc:80:
         39:2e:45:e4:f7:52:cc:3f:81:80:44:b6:42:38:23:84:be:09:
         02:d7:af:e7:d2:f6:bb:a7:ac:41:73:ba:d6:20:99:4a:ec:c4:
         83:de:29:3c:46:54:be:3b:dc:fa:75:a7:19:c0:df:cf:6c:74:
         b1:f5:a0:96:ee:0d:8e:da:aa:df:10:a1:b8:b4:86:7b:da:e2:
         67:27:78:b6:99:87:a6:94:1c:41:58:72:20:14:a6:3a:40:19:
         b6:d1:6d:da:a5:4d:1b:eb:4f:36:5d:13:6a:bd:cf:92:b9:4b:
         49:3a:84:51:91:fb:42:e7:8f:fe:ea:10:5c:b6:81:d8:ac:ea:
         fc:33:56:26
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDCAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkQwMDAxMTAvBgNVBAUTKDQwRTk2Q0FFQjE5RDQxRTBEQUQ2NTJGNDM1QUQwOEU3
QUU4MDlFRjkwHhcNMjUwNTIwMTkxMzQ5WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJjZDQ2ZC1lNjA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1a6mB3hA0fPJSVmhKNoESe2GpfYGd1pB6R/ahuVPRXWhv/6JYpxkDlVjRQPU
9/NzQCrUOSHG7nHizz/04oM+0GBjPauecqwkSYd1iqwXmZjpUQtl7BnskGU4B2Z1
dWuykvOJFBfZT8kNgqqRibg5ywX6C9ECMDF5Q32r6+LuxEJJL6XCACJtVdxtJ86F
lvsPP1zMEtIACFGhV48LhiCQyTTfqqrZ/eORXWWVYfdPpKPaO3+MuiDHZImebuB5
4gyklv9059yk0icjcZ47bx+A0UsSGG5HIXiAOBRnyD4g/6ZquEtVLQ1nmnYjPidR
vanBseWRB8vL/k6Fnw7cnWoEQwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFOXcL3RR
3hfUu34bRqK4sBGcNzexMB8GA1UdIwQYMBaAFEDpbK6xnUHg2tZS9DWtCOeugJ75
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRDAwMC9FNjYwMkVEMjBE
QjQxMUVBQkE1QzFEN0ZDNEY5QUUwMi9RT2xzcnJHZFFlRGExbEwwTmEwSTU2NkFu
dmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FPbHNyckdkUWVEYTFsTDBOYTBJNTY2QW52ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkQwMDAvRTY2MDJFRDIwREI0MTFFQUJBNUMxRDdGQzRGOUFFMDIvQTU1QzEyODJB
Q0EzMTFFRkJBNDI3MzU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAItfAwDBAJnGVAwDQQCAAIwBwMFACQHmsAwDQYJKoZIhvcN
AQELBQADggEBADXmZo3VIcDL5wnSUnMfu8pU+pz5mXR/1qDPD144NZ0x6fQb4j4m
iCE4vMwu0H3f+dLhTGCREVok1tbPKoHRD5wSaq1Xxe+3bfjXKQZL1yPM9SXNp6FI
yftsi/+TOI4JAhBRu5bVwy/rueq3cRJq3Jc3N1B6E7NnL+UCJhv8gDkuReT3Usw/
gYBEtkI4I4S+CQLXr+fS9runrEFzutYgmUrsxIPeKTxGVL473Pp1pxnA389sdLH1
oJbuDY7aqt8Qobi0hnva4mcneLaZh6aUHEFYciAUpjpAGbbRbdqlTRvrTzZdE2q9
z5K5S0k6hFGR+0Lnj/7qEFy2gdis6vwzViY=
-----END CERTIFICATE-----
Generated at Mon Jun 9 21:14:10 2025 by rpki-client