Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7672/43764BECF72411E6ABF02B3CC4F9AE02/004DF1E840F511F08D8C204AC4F9AE02.roa
File:                     004DF1E840F511F08D8C204AC4F9AE02.roa (raw, json)
Hash identifier:          rddsHZsaPwcw+sXciuJEszm6Xus+osPBkEyPEn5BkTg=
Subject key identifier:   83:BA:C9:FB:D3:B4:3F:D8:57:75:89:5A:FF:B2:B5:03:0B:B3:11:10
Certificate issuer:       /CN=A91C7672/serialNumber=6C6D47B1114F2D581A8212805F12C3747F34AF83
Certificate serial:       03
Authority key identifier: 6C:6D:47:B1:11:4F:2D:58:1A:82:12:80:5F:12:C3:74:7F:34:AF:83
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bG1HsRFPLVgaghKAXxLDdH80r4M.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C7672/43764BECF72411E6ABF02B3CC4F9AE02/004DF1E840F511F08D8C204AC4F9AE02.roa
Signing time:             Wed 04 Jun 2025 03:35:47 +0000
ROA not before:           Wed 04 Jun 2025 03:35:46 +0000
ROA not after:            Mon 02 Mar 2026 00:00:00 +0000
asID:                     139029
IP address blocks:        103.78.255.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C7672/43764BECF72411E6ABF02B3CC4F9AE02/bG1HsRFPLVgaghKAXxLDdH80r4M.crl
                          rsync://rpki.apnic.net/member_repository/A91C7672/43764BECF72411E6ABF02B3CC4F9AE02/bG1HsRFPLVgaghKAXxLDdH80r4M.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bG1HsRFPLVgaghKAXxLDdH80r4M.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 15 Jun 2025 16:09:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3 (0x3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C7672, serialNumber=6C6D47B1114F2D581A8212805F12C3747F34AF83
        Validity
            Not Before: Jun  4 03:35:46 2025 GMT
            Not After : Mar  2 00:00:00 2026 GMT
        Subject: CN=683fbf12-9ccf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:27:7e:2f:3a:bf:46:c7:8b:7f:8c:35:9d:2a:
                    77:89:11:6e:ef:0a:29:e5:18:7c:a1:01:2d:ec:ca:
                    5b:73:9d:e3:b7:99:cc:21:b6:8e:be:d1:73:ab:5c:
                    4f:98:00:bb:e9:8b:0c:7b:f9:8c:8b:77:6c:e3:18:
                    d1:1f:42:b1:80:b3:f3:a4:3e:f5:4f:41:53:f6:91:
                    3b:73:cf:ea:19:2f:77:0f:47:23:9f:b9:92:d1:45:
                    eb:6e:69:79:69:aa:e3:f1:7f:9c:21:9e:9e:24:91:
                    2a:c6:b8:b0:d3:f3:33:82:4b:44:55:4e:d3:fa:41:
                    cd:21:44:2e:6c:aa:ff:ee:1c:f0:9a:40:2a:4f:98:
                    cd:4c:3a:48:1b:c4:1a:79:38:20:17:fd:98:6e:07:
                    3f:da:61:67:4d:fb:e5:8c:0f:43:11:a1:02:56:89:
                    64:4c:9b:18:ef:84:f5:69:0c:1f:90:58:ca:4b:9d:
                    02:60:fc:a8:56:15:3a:06:35:2d:ec:4c:cb:c7:62:
                    6f:12:a0:74:89:27:96:ba:d7:90:09:40:e0:9a:60:
                    73:67:91:29:9f:60:b0:d3:0e:ad:98:07:e3:fe:23:
                    e8:ba:da:a8:34:67:a4:ab:ee:05:12:16:a9:26:ee:
                    ef:af:08:37:42:e1:4e:a9:92:02:f2:68:3a:e2:6e:
                    60:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:BA:C9:FB:D3:B4:3F:D8:57:75:89:5A:FF:B2:B5:03:0B:B3:11:10
            X509v3 Authority Key Identifier:
                keyid:6C:6D:47:B1:11:4F:2D:58:1A:82:12:80:5F:12:C3:74:7F:34:AF:83

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C7672/43764BECF72411E6ABF02B3CC4F9AE02/bG1HsRFPLVgaghKAXxLDdH80r4M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bG1HsRFPLVgaghKAXxLDdH80r4M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7672/43764BECF72411E6ABF02B3CC4F9AE02/004DF1E840F511F08D8C204AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.78.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:4f:57:42:f9:48:18:2e:b3:41:d3:81:42:10:6e:ea:3b:ed:
         da:16:db:31:db:17:e9:d9:fc:47:f0:cd:91:ea:72:4a:87:10:
         02:0b:04:14:25:54:b6:b7:5a:95:fa:a0:01:e5:6c:3b:14:32:
         c2:60:42:80:e4:f9:0f:8c:e1:c6:a5:10:36:f3:86:c2:2f:41:
         3b:ef:6e:d5:0a:b6:1e:59:38:56:63:8f:fc:ff:2d:17:54:c1:
         d0:dd:ec:af:3e:da:6a:29:0a:aa:69:b7:98:1f:83:d5:82:1c:
         7a:13:fc:3a:09:41:9e:6d:67:ec:e8:04:9a:f2:d9:51:14:53:
         13:7d:3f:eb:3e:68:71:91:ec:29:ad:46:b4:1c:2f:33:08:75:
         2f:91:48:be:6d:c9:d0:b2:1c:03:37:7b:b7:8a:6a:fe:c5:28:
         21:7e:eb:5a:50:72:e1:e8:bc:11:81:44:8f:d5:19:c0:d4:a7:
         d6:9f:3d:24:98:8e:46:76:ce:e5:bc:85:07:69:d6:f4:de:f4:
         a5:9a:7c:a5:58:84:d6:d1:1e:1e:0f:3a:0e:a0:81:a4:de:02:
         3c:52:a8:f1:fc:1d:85:89:88:81:ee:f3:1d:15:20:a7:53:36:
         8f:96:1e:ef:fc:b5:fd:62:4c:cb:dc:59:4a:f9:d5:22:f2:48:
         32:7f:1b:6f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
NzY3MjExMC8GA1UEBRMoNkM2RDQ3QjExMTRGMkQ1ODFBODIxMjgwNUYxMkMzNzQ3
RjM0QUY4MzAeFw0yNTA2MDQwMzM1NDZaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4M2ZiZjEyLTljY2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDVJ34vOr9Gx4t/jDWdKneJEW7vCinlGHyhAS3syltzneO3mcwhto6+0XOrXE+Y
ALvpiwx7+YyLd2zjGNEfQrGAs/OkPvVPQVP2kTtzz+oZL3cPRyOfuZLRRetuaXlp
quPxf5whnp4kkSrGuLDT8zOCS0RVTtP6Qc0hRC5sqv/uHPCaQCpPmM1MOkgbxBp5
OCAX/ZhuBz/aYWdN++WMD0MRoQJWiWRMmxjvhPVpDB+QWMpLnQJg/KhWFToGNS3s
TMvHYm8SoHSJJ5a615AJQOCaYHNnkSmfYLDTDq2YB+P+I+i62qg0Z6Sr7gUSFqkm
7u+vCDdC4U6pkgLyaDribmD/AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUg7rJ+9O0
P9hXdYla/7K1AwuzERAwHwYDVR0jBBgwFoAUbG1HsRFPLVgaghKAXxLDdH80r4Mw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3NjcyLzQzNzY0QkVDRjcy
NDExRTZBQkYwMkIzQ0M0RjlBRTAyL2JHMUhzUkZQTFZnYWdoS0FYeExEZEg4MHI0
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYkcxSHNSRlBMVmdhZ2hLQVh4TERkSDgwcjRNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NzY3Mi80Mzc2NEJFQ0Y3MjQxMUU2QUJGMDJCM0NDNEY5QUUwMi8wMDRERjFFODQw
RjUxMUYwOEQ4QzIwNEFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdO/zANBgkqhkiG9w0BAQsFAAOCAQEAl09XQvlIGC6zQdOB
QhBu6jvt2hbbMdsX6dn8R/DNkepySocQAgsEFCVUtrdalfqgAeVsOxQywmBCgOT5
D4zhxqUQNvOGwi9BO+9u1Qq2Hlk4VmOP/P8tF1TB0N3srz7aaikKqmm3mB+D1YIc
ehP8OglBnm1n7OgEmvLZURRTE30/6z5ocZHsKa1GtBwvMwh1L5FIvm3J0LIcAzd7
t4pq/sUoIX7rWlBy4ei8EYFEj9UZwNSn1p89JJiORnbO5byFB2nW9N70pZp8pViE
1tEeHg86DqCBpN4CPFKo8fwdhYmIge7zHRUgp1M2j5Ye7/y1/WJMy9xZSvnVIvJI
Mn8bbw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:29:03 2025 by rpki-client