Route Origin Authorization

$ rpki-client -vvf 0.sb/repo/sb/20/3130332e3136392e39322e302f32332d3234203d3e20323130383037.roa
File:                     3130332e3136392e39322e302f32332d3234203d3e20323130383037.roa (raw, json)
Hash identifier:          zgu0faZjEG62EoxKGGNQoytpUX5nk07F56eHcbHjGsU=
Subject key identifier:   72:86:0E:8D:B6:C8:4B:C7:BF:DF:66:F4:67:0A:EE:C8:83:AC:A9:F2
Certificate issuer:       /CN=A91C44A00000/serialNumber=E3098182BCB9AA102ECB2221A767B98E6ECCC310
Certificate serial:       521B12EFB76052A54800A96FF7CA406AA3ED2380
Authority key identifier: E3:09:81:82:BC:B9:AA:10:2E:CB:22:21:A7:67:B9:8E:6E:CC:C3:10
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4wmBgry5qhAuyyIhp2e5jm7MwxA.cer
Subject info access:      rsync://0.sb/repo/sb/20/3130332e3136392e39322e302f32332d3234203d3e20323130383037.roa
Signing time:             Fri 25 Jul 2025 10:52:39 +0000
ROA not before:           Fri 25 Jul 2025 10:47:39 +0000
ROA not after:            Fri 24 Jul 2026 10:52:39 +0000
asID:                     210807
IP address blocks:        103.169.92.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://0.sb/repo/sb/20/E3098182BCB9AA102ECB2221A767B98E6ECCC310.crl
                          rsync://0.sb/repo/sb/20/E3098182BCB9AA102ECB2221A767B98E6ECCC310.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4wmBgry5qhAuyyIhp2e5jm7MwxA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 06 Aug 2025 12:55:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:1b:12:ef:b7:60:52:a5:48:00:a9:6f:f7:ca:40:6a:a3:ed:23:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C44A00000, serialNumber=E3098182BCB9AA102ECB2221A767B98E6ECCC310
        Validity
            Not Before: Jul 25 10:47:39 2025 GMT
            Not After : Jul 24 10:52:39 2026 GMT
        Subject: CN=72860E8DB6C84BC7BFDF66F4670AEEC883ACA9F2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:22:48:cc:10:93:f8:9c:7b:49:27:98:ba:7a:
                    b5:1f:ec:0a:bf:b2:ef:8e:2e:7a:69:c8:40:47:77:
                    2e:1a:cf:5c:f6:6e:b7:bb:f4:07:08:8f:79:10:ab:
                    5d:4c:35:31:f3:99:db:ed:27:19:2b:1e:71:1c:4a:
                    a0:01:0d:37:f6:82:29:c2:8e:cf:38:b1:53:52:10:
                    08:8f:ea:27:eb:3f:36:3e:b0:11:14:1b:41:e1:86:
                    2b:36:f8:f2:cb:69:d6:6a:d2:cc:a5:fd:70:8c:27:
                    41:2b:4e:ff:6c:06:62:12:90:a8:da:c4:c6:8c:57:
                    42:0e:e6:12:f3:b3:77:2b:22:af:57:07:ab:b2:46:
                    ae:d4:bf:40:9c:df:a5:d4:f6:ac:f6:af:5d:a7:0c:
                    f7:f6:4d:db:41:f0:31:8a:4a:c3:f5:f4:99:26:1c:
                    7e:26:42:b1:aa:a1:c4:91:d2:bc:9e:fb:fe:a3:6c:
                    12:c4:0c:93:4b:78:d1:94:f6:40:4a:68:30:1f:02:
                    40:da:91:b6:57:32:60:53:42:30:77:cc:49:93:a6:
                    0c:25:ca:75:f2:7c:3e:dd:76:1a:b2:0a:19:15:55:
                    09:85:de:1b:92:61:21:d7:74:c8:9e:6e:d6:a1:ee:
                    9c:de:4b:dc:b2:a5:ab:37:cb:5c:40:ab:ff:58:88:
                    be:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:86:0E:8D:B6:C8:4B:C7:BF:DF:66:F4:67:0A:EE:C8:83:AC:A9:F2
            X509v3 Authority Key Identifier:
                keyid:E3:09:81:82:BC:B9:AA:10:2E:CB:22:21:A7:67:B9:8E:6E:CC:C3:10

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://0.sb/repo/sb/20/E3098182BCB9AA102ECB2221A767B98E6ECCC310.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4wmBgry5qhAuyyIhp2e5jm7MwxA.cer

            Subject Information Access:
                Signed Object - URI:rsync://0.sb/repo/sb/20/3130332e3136392e39322e302f32332d3234203d3e20323130383037.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.169.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         54:1d:f6:b8:19:9b:47:2e:7b:16:c9:3c:a1:8b:45:98:fc:c7:
         9b:da:26:4c:81:82:e1:6f:fd:0d:59:96:cf:87:dd:4e:62:cb:
         7a:80:4b:ac:26:91:fb:7d:b9:79:f5:e5:4d:5b:cc:7e:5f:36:
         cf:72:69:e1:14:c0:9b:06:23:6e:55:b4:18:aa:39:2e:ae:9c:
         45:32:00:82:9b:3c:c2:96:95:7f:61:84:c7:ad:af:36:aa:5c:
         f0:5e:cf:6e:12:d9:1c:41:7f:bb:eb:fa:73:85:bb:08:5f:d5:
         fd:69:ca:d0:27:98:0f:27:ff:3a:3e:68:90:31:a1:fd:6d:cb:
         26:67:44:84:bd:8c:92:64:8c:48:e9:cc:4d:66:0a:c6:71:2a:
         ae:74:3a:64:3e:ee:b4:9e:ca:b2:b1:e4:76:6d:8f:58:39:08:
         26:34:94:e9:72:b7:ff:02:0d:60:aa:01:e2:90:e8:4f:be:69:
         1c:28:11:3b:f5:d2:29:61:e8:cd:26:05:6d:5c:c4:bb:cf:cb:
         27:85:25:15:d9:64:a9:ed:3e:84:45:1e:8c:6a:4c:05:cd:56:
         50:de:97:86:f2:f7:fa:41:ae:b2:02:5a:d8:cd:a1:e2:ed:8c:
         be:c4:13:26:ce:e0:2f:4e:90:68:e9:a6:e3:fb:d5:49:59:56:
         bb:51:c7:2f
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUUhsS77dgUqVIAKlv98pAaqPtI4AwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQzQ0QTAwMDAwMTEwLwYDVQQFEyhFMzA5ODE4MkJD
QjlBQTEwMkVDQjIyMjFBNzY3Qjk4RTZFQ0NDMzEwMB4XDTI1MDcyNTEwNDczOVoX
DTI2MDcyNDEwNTIzOVowMzExMC8GA1UEAxMoNzI4NjBFOERCNkM4NEJDN0JGREY2
NkY0NjcwQUVFQzg4M0FDQTlGMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQiSMwQk/ice0knmLp6tR/sCr+y744uemnIQEd3LhrPXPZut7v0BwiPeRCr
XUw1MfOZ2+0nGSsecRxKoAENN/aCKcKOzzixU1IQCI/qJ+s/Nj6wERQbQeGGKzb4
8stp1mrSzKX9cIwnQStO/2wGYhKQqNrExoxXQg7mEvOzdysir1cHq7JGrtS/QJzf
pdT2rPavXacM9/ZN20HwMYpKw/X0mSYcfiZCsaqhxJHSvJ77/qNsEsQMk0t40ZT2
QEpoMB8CQNqRtlcyYFNCMHfMSZOmDCXKdfJ8Pt12GrIKGRVVCYXeG5JhIdd0yJ5u
1qHunN5L3LKlqzfLXECr/1iIvjsCAwEAAaOCAdgwggHUMB0GA1UdDgQWBBRyhg6N
tshLx7/fZvRnCu7Ig6yp8jAfBgNVHSMEGDAWgBTjCYGCvLmqEC7LIiGnZ7mObszD
EDAOBgNVHQ8BAf8EBAMCB4AwVQYDVR0fBE4wTDBKoEigRoZEcnN5bmM6Ly8wLnNi
L3JlcG8vc2IvMjAvRTMwOTgxODJCQ0I5QUExMDJFQ0IyMjIxQTc2N0I5OEU2RUND
QzMxMC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvNHdtQmdyeTVxaEF1eXlJaHAyZTVqbTdNd3hBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vMC5zYi9yZXBvL3NiLzIwLzMx
MzAzMzJlMzEzNjM5MmUzOTMyMmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzMTMw
MzgzMDM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQBZ6lcMA0GCSqGSIb3DQEBCwUAA4IBAQBUHfa4GZtH
LnsWyTyhi0WY/Meb2iZMgYLhb/0NWZbPh91OYst6gEusJpH7fbl59eVNW8x+XzbP
cmnhFMCbBiNuVbQYqjkurpxFMgCCmzzClpV/YYTHra82qlzwXs9uEtkcQX+76/pz
hbsIX9X9acrQJ5gPJ/86PmiQMaH9bcsmZ0SEvYySZIxI6cxNZgrGcSqudDpkPu60
nsqyseR2bY9YOQgmNJTpcrf/Ag1gqgHikOhPvmkcKBE79dIpYejNJgVtXMS7z8sn
hSUV2WSp7T6ERR6MakwFzVZQ3peG8vf6Qa6yAlrYzaHi7Yy+xBMmzuAvTpBo6abj
+9VJWVa7Uccv
-----END CERTIFICATE-----