Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/168FD534090211EEA1C06509C4F9AE02.roa
File:                     168FD534090211EEA1C06509C4F9AE02.roa (raw, json)
Hash identifier:          56ghv9vhYovbphtcZh0pFu9WFqM/EpFjTMqOzB0oI+U=
Subject key identifier:   34:45:D8:2A:05:0D:FB:8D:A3:58:8E:AF:1E:3D:89:D1:C5:89:96:29
Certificate issuer:       /CN=A91EDB37/serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Certificate serial:       0745
Authority key identifier: 95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/168FD534090211EEA1C06509C4F9AE02.roa
Signing time:             Thu 24 Jul 2025 22:34:44 +0000
ROA not before:           Thu 24 Jul 2025 22:34:44 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     6453
IP address blocks:        129.227.222.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
                          rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 31 Jul 2025 22:34:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1861 (0x745)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EDB37, serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
        Validity
            Not Before: Jul 24 22:34:44 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=6882b503-8e23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ed:6b:fb:3e:00:df:e9:71:68:f0:09:b8:b9:
                    a9:70:6f:6e:90:7c:28:68:e3:89:b7:65:d9:bd:ec:
                    f4:78:79:ea:a9:a0:a0:e4:68:25:25:55:1f:c1:d9:
                    63:63:a9:d2:4d:a3:39:19:0e:ed:54:93:96:7a:55:
                    dd:2d:54:fe:c5:ce:2c:e7:fe:70:e9:d3:0c:1a:6f:
                    e2:e9:c7:87:74:9f:f9:13:e3:cf:ff:54:65:05:52:
                    2a:d1:dc:79:02:66:64:5e:cf:f5:ef:97:aa:ca:94:
                    e2:5e:0e:c9:56:43:4d:22:64:e2:e4:c9:da:02:20:
                    00:4c:26:62:0f:11:f8:1e:0c:0c:f4:58:ab:56:d7:
                    dd:1a:57:c0:00:98:ee:a8:df:dc:97:a0:b8:e4:7b:
                    b1:d5:0d:da:cd:b5:ae:fc:d6:57:b7:5b:0a:eb:64:
                    84:0e:c1:13:05:c7:e8:02:e7:5e:d0:1e:67:26:88:
                    91:a8:90:66:ee:f9:7a:18:84:5a:d6:a9:d6:e5:a0:
                    71:52:1c:3c:84:79:24:29:a7:17:6f:81:0f:62:3f:
                    21:17:99:93:12:e4:27:a8:a9:cb:53:00:a3:35:ed:
                    fb:de:7c:85:b8:0f:ec:0e:9e:ad:30:7b:6a:43:5e:
                    91:0f:cb:79:38:94:cf:4f:49:55:4c:ae:13:5a:0e:
                    72:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:45:D8:2A:05:0D:FB:8D:A3:58:8E:AF:1E:3D:89:D1:C5:89:96:29
            X509v3 Authority Key Identifier:
                keyid:95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/168FD534090211EEA1C06509C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  129.227.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:54:cd:27:b2:a3:1a:95:e2:54:77:4b:ce:34:f9:a9:1f:bb:
         5b:f8:ea:d5:1f:0f:d6:e9:0b:0a:f0:c5:1c:3f:83:79:ec:2e:
         ad:8e:c6:7c:ad:43:16:29:79:b4:43:6f:2f:f2:95:4d:e9:67:
         c6:6c:e1:b0:74:c6:cb:2f:15:d0:69:50:f2:b7:16:7b:72:90:
         d3:c7:a0:28:d1:54:24:36:3b:2b:b5:18:0a:5d:6b:6a:6f:83:
         47:20:d2:c8:76:12:17:28:12:0f:b6:29:31:fc:d4:7a:99:0e:
         07:bf:11:bb:1c:66:4e:e2:85:48:04:a2:e1:9f:76:45:fc:e9:
         4e:d6:fb:a2:e9:98:40:0d:55:58:39:70:5e:4a:7b:4c:cf:32:
         a5:48:2b:53:4f:e6:36:eb:5d:3f:c8:23:a7:64:92:80:10:e5:
         19:1a:35:a8:05:50:50:67:26:16:d5:f1:3c:91:d5:1f:24:26:
         a8:17:df:cb:1d:0e:e3:cd:39:3c:22:51:be:f7:aa:8b:69:23:
         fd:c6:19:43:d9:d8:8c:17:c4:b4:7a:f7:30:dd:5e:ea:cf:9e:
         4f:9c:50:2f:1d:55:b1:d0:83:20:5f:b0:6c:5c:d4:64:c7:f8:
         57:a1:10:0e:bb:97:d2:d7:b0:e1:60:0e:9e:b0:52:e7:59:ef:
         98:ad:d3:6d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB0UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RURCMzcxMTAvBgNVBAUTKDk1RkVCRTkzQTMzQTMzOTRCRDFGNjBEQ0JCRERCOUZE
RTA3MkI3RjMwHhcNMjUwNzI0MjIzNDQ0WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODgyYjUwMy04ZTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtu1r+z4A3+lxaPAJuLmpcG9ukHwoaOOJt2XZvez0eHnqqaCg5GglJVUfwdlj
Y6nSTaM5GQ7tVJOWelXdLVT+xc4s5/5w6dMMGm/i6ceHdJ/5E+PP/1RlBVIq0dx5
AmZkXs/175eqypTiXg7JVkNNImTi5MnaAiAATCZiDxH4HgwM9FirVtfdGlfAAJju
qN/cl6C45Hux1Q3azbWu/NZXt1sK62SEDsETBcfoAude0B5nJoiRqJBm7vl6GIRa
1qnW5aBxUhw8hHkkKacXb4EPYj8hF5mTEuQnqKnLUwCjNe373nyFuA/sDp6tMHtq
Q16RD8t5OJTPT0lVTK4TWg5yhQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDRF2CoF
DfuNo1iOrx49idHFiZYpMB8GA1UdIwQYMBaAFJX+vpOjOjOUvR9g3Lvduf3gcrfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREIzNy80REU2MzVFMDc4
QTAxMUVCOTUwRDMxNzVDNEY5QUUwMi9sZjYtazZNNk01UzlIMkRjdTkyNV9lQnl0
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2xmNi1rNk02TTVTOUgyRGN1OTI1X2VCeXRfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RURCMzcvNERFNjM1RTA3OEEwMTFFQjk1MEQzMTc1QzRGOUFFMDIvMTY4RkQ1MzQw
OTAyMTFFRUExQzA2NTA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACB494wDQYJKoZIhvcNAQELBQADggEBAANUzSeyoxqV4lR3
S840+akfu1v46tUfD9bpCwrwxRw/g3nsLq2OxnytQxYpebRDby/ylU3pZ8Zs4bB0
xssvFdBpUPK3FntykNPHoCjRVCQ2Oyu1GApda2pvg0cg0sh2EhcoEg+2KTH81HqZ
Dge/EbscZk7ihUgEouGfdkX86U7W+6LpmEANVVg5cF5Ke0zPMqVIK1NP5jbrXT/I
I6dkkoAQ5RkaNagFUFBnJhbV8TyR1R8kJqgX38sdDuPNOTwiUb73qotpI/3GGUPZ
2IwXxLR69zDdXurPnk+cUC8dVbHQgyBfsGxc1GTH+FehEA67l9LXsOFgDp6wUudZ
75it020=
-----END CERTIFICATE-----
Generated at Sat Jul 26 02:04:14 2025 by rpki-client