Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/15F254A8090211EEA1C06509C4F9AE02.roa
File:                     15F254A8090211EEA1C06509C4F9AE02.roa (raw, json)
Hash identifier:          l/lqNDUiyb5NZKhLLNIq7WZOuz2szj0dEY8tsSYQa68=
Subject key identifier:   28:F6:E3:30:40:7C:73:BF:CC:DF:EE:AE:8B:67:7B:04:16:F4:54:03
Certificate issuer:       /CN=A91EDB37/serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Certificate serial:       0742
Authority key identifier: 95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/15F254A8090211EEA1C06509C4F9AE02.roa
Signing time:             Thu 24 Jul 2025 22:34:41 +0000
ROA not before:           Thu 24 Jul 2025 22:34:41 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     4755
IP address blocks:        129.227.222.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
                          rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 31 Jul 2025 22:34:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1858 (0x742)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EDB37, serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
        Validity
            Not Before: Jul 24 22:34:41 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=6882b500-e37f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:71:52:ae:4d:e0:ef:9f:f6:8f:95:e1:13:50:
                    f8:28:18:bd:80:2a:59:f6:db:f5:8f:64:2f:71:58:
                    fb:12:42:88:c4:92:65:cf:84:96:ed:90:34:4b:41:
                    af:63:59:6f:52:45:54:8b:87:58:ed:be:25:0f:43:
                    f2:5b:15:d9:f1:fb:eb:86:dd:2c:af:13:09:16:4c:
                    a8:c9:62:19:7c:46:da:93:5f:58:20:98:89:18:b4:
                    b2:29:e0:da:06:05:bd:10:7c:05:a6:f6:48:8b:9a:
                    31:17:c1:34:47:10:f8:ce:3f:e8:83:c5:9f:7f:1a:
                    c6:72:fe:f3:d7:3a:2a:43:09:d3:df:9e:da:e3:9b:
                    59:0a:dd:15:d3:61:b2:0d:07:88:c3:a0:15:ca:be:
                    31:68:85:0b:78:b0:e2:b8:ad:8f:c8:f4:41:a5:3a:
                    97:04:71:85:b1:4a:44:c8:8f:fe:a1:bc:36:9a:d8:
                    33:da:2a:b3:15:1f:a3:b2:5e:92:73:9d:b2:a8:a9:
                    24:3e:14:f8:ea:a0:52:93:b8:0a:94:9e:cb:7c:4d:
                    66:6a:47:30:93:e6:92:8f:98:e2:21:e4:02:4d:24:
                    ce:e9:1b:05:60:72:af:48:8d:f0:13:4e:47:48:a4:
                    82:43:4d:ef:ef:52:96:2f:78:23:d6:e0:57:33:78:
                    3a:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:F6:E3:30:40:7C:73:BF:CC:DF:EE:AE:8B:67:7B:04:16:F4:54:03
            X509v3 Authority Key Identifier:
                keyid:95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/15F254A8090211EEA1C06509C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  129.227.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:62:f2:a4:c1:25:a5:eb:61:81:e6:b9:4c:61:df:4f:94:31:
         a3:0d:e7:49:26:a6:b4:7a:8d:89:6a:b1:0f:e3:a0:99:1d:ff:
         46:15:03:e9:1e:66:66:c6:af:6e:99:98:d6:e5:a0:ea:2d:af:
         8f:a2:0e:ce:0e:73:2d:51:44:57:4e:36:ed:72:1d:78:5f:12:
         09:de:16:7e:6c:a1:37:db:22:c3:82:98:a8:8b:71:41:d1:c4:
         c8:1f:da:e9:a5:2c:7c:02:3b:58:d4:74:90:58:21:0f:2c:fa:
         d0:f5:27:a4:f6:f9:4d:3d:ef:b5:20:a9:0a:bd:28:09:8c:72:
         ce:b8:ff:1b:29:a6:8d:da:3a:cf:9a:74:74:ef:b7:87:25:d9:
         7a:9a:ce:d9:87:c5:38:ab:e6:cf:c8:8d:b4:ac:0d:91:ff:ee:
         a5:13:94:6c:7d:d9:70:79:03:4f:45:27:b5:a7:b3:7d:3e:cc:
         25:79:bd:9b:84:fb:96:91:9d:5b:78:fe:06:72:4b:a7:14:b5:
         60:c7:e2:e5:8e:f2:ad:bc:f8:61:61:4f:80:0b:c9:26:aa:2e:
         74:bf:60:e9:d7:49:8f:f0:9c:0d:4c:18:07:5a:59:d4:c5:39:
         f0:19:21:03:37:ee:60:8a:61:4f:f3:c1:c4:a3:62:06:7a:fc:
         60:09:40:3c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB0IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RURCMzcxMTAvBgNVBAUTKDk1RkVCRTkzQTMzQTMzOTRCRDFGNjBEQ0JCRERCOUZE
RTA3MkI3RjMwHhcNMjUwNzI0MjIzNDQxWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODgyYjUwMC1lMzdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1HFSrk3g75/2j5XhE1D4KBi9gCpZ9tv1j2QvcVj7EkKIxJJlz4SW7ZA0S0Gv
Y1lvUkVUi4dY7b4lD0PyWxXZ8fvrht0srxMJFkyoyWIZfEbak19YIJiJGLSyKeDa
BgW9EHwFpvZIi5oxF8E0RxD4zj/og8WffxrGcv7z1zoqQwnT357a45tZCt0V02Gy
DQeIw6AVyr4xaIULeLDiuK2PyPRBpTqXBHGFsUpEyI/+obw2mtgz2iqzFR+jsl6S
c52yqKkkPhT46qBSk7gKlJ7LfE1makcwk+aSj5jiIeQCTSTO6RsFYHKvSI3wE05H
SKSCQ03v71KWL3gj1uBXM3g64wIDAQABo4IClTCCApEwHQYDVR0OBBYEFCj24zBA
fHO/zN/urotnewQW9FQDMB8GA1UdIwQYMBaAFJX+vpOjOjOUvR9g3Lvduf3gcrfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREIzNy80REU2MzVFMDc4
QTAxMUVCOTUwRDMxNzVDNEY5QUUwMi9sZjYtazZNNk01UzlIMkRjdTkyNV9lQnl0
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2xmNi1rNk02TTVTOUgyRGN1OTI1X2VCeXRfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RURCMzcvNERFNjM1RTA3OEEwMTFFQjk1MEQzMTc1QzRGOUFFMDIvMTVGMjU0QTgw
OTAyMTFFRUExQzA2NTA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACB494wDQYJKoZIhvcNAQELBQADggEBAERi8qTBJaXrYYHm
uUxh30+UMaMN50kmprR6jYlqsQ/joJkd/0YVA+keZmbGr26ZmNbloOotr4+iDs4O
cy1RRFdONu1yHXhfEgneFn5soTfbIsOCmKiLcUHRxMgf2umlLHwCO1jUdJBYIQ8s
+tD1J6T2+U0977UgqQq9KAmMcs64/xsppo3aOs+adHTvt4cl2XqaztmHxTir5s/I
jbSsDZH/7qUTlGx92XB5A09FJ7Wns30+zCV5vZuE+5aRnVt4/gZyS6cUtWDH4uWO
8q28+GFhT4ALySaqLnS/YOnXSY/wnA1MGAdaWdTFOfAZIQM37mCKYU/zwcSjYgZ6
/GAJQDw=
-----END CERTIFICATE-----
Generated at Fri Jul 25 05:29:23 2025 by rpki-client