Route Origin Authorization

$ rpki-client -vvf 0.sb/repo/sb/20/323430373a396534303a3a2f33322d3438203d3e2038383838.roa
File:                     323430373a396534303a3a2f33322d3438203d3e2038383838.roa (raw, json)
Hash identifier:          J55qf9DaGDhPfbY7U82LSg19lsmtcWMLypB7Z+C9/9g=
Subject key identifier:   A7:E9:EA:1A:A8:7F:6C:8E:1B:0C:0E:54:72:5E:E6:58:50:30:7B:D0
Certificate issuer:       /CN=A91C44A00000/serialNumber=E3098182BCB9AA102ECB2221A767B98E6ECCC310
Certificate serial:       1BEDF0414B392305043F2081572A83063D429776
Authority key identifier: E3:09:81:82:BC:B9:AA:10:2E:CB:22:21:A7:67:B9:8E:6E:CC:C3:10
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4wmBgry5qhAuyyIhp2e5jm7MwxA.cer
Subject info access:      rsync://0.sb/repo/sb/20/323430373a396534303a3a2f33322d3438203d3e2038383838.roa
Signing time:             Fri 25 Jul 2025 10:52:39 +0000
ROA not before:           Fri 25 Jul 2025 10:47:39 +0000
ROA not after:            Fri 24 Jul 2026 10:52:39 +0000
asID:                     8888
IP address blocks:        2407:9e40::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://0.sb/repo/sb/20/E3098182BCB9AA102ECB2221A767B98E6ECCC310.crl
                          rsync://0.sb/repo/sb/20/E3098182BCB9AA102ECB2221A767B98E6ECCC310.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4wmBgry5qhAuyyIhp2e5jm7MwxA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 07 Aug 2025 07:26:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:ed:f0:41:4b:39:23:05:04:3f:20:81:57:2a:83:06:3d:42:97:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C44A00000, serialNumber=E3098182BCB9AA102ECB2221A767B98E6ECCC310
        Validity
            Not Before: Jul 25 10:47:39 2025 GMT
            Not After : Jul 24 10:52:39 2026 GMT
        Subject: CN=A7E9EA1AA87F6C8E1B0C0E54725EE65850307BD0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:78:62:18:64:78:92:90:aa:ed:cd:f6:8a:da:
                    7e:c5:0c:a1:67:99:16:e0:9a:64:a1:8c:d3:13:b2:
                    56:12:b6:5f:53:ea:96:b7:e5:2c:61:06:cf:5c:09:
                    45:4c:df:2f:07:00:67:e0:91:6c:37:2d:ef:df:a3:
                    65:5d:2c:ae:48:c9:40:b4:3e:f5:c8:d9:a8:88:c0:
                    e4:fe:6e:a8:6f:5d:f8:62:50:c2:80:67:1a:6c:ca:
                    64:e9:3c:7b:7b:22:36:9b:bb:dc:02:8b:01:72:0b:
                    67:cf:36:45:3f:c0:3c:a7:4d:68:ec:9f:c5:c1:0d:
                    c9:4a:6a:5e:0a:2b:36:fc:27:01:92:04:36:c2:00:
                    68:d0:aa:ad:44:f3:cb:03:7d:d9:64:0c:7b:57:3e:
                    1a:b7:16:65:a3:5b:35:46:a1:b2:2a:de:86:94:59:
                    51:b9:13:97:83:30:50:80:b9:ed:d8:1f:ba:cf:15:
                    b2:ca:b6:a3:d0:07:b4:e7:ca:2a:67:34:1a:b1:16:
                    90:25:6d:c5:3c:10:91:e4:a5:9d:30:6a:46:9b:fa:
                    61:46:f0:65:61:ff:1c:a4:9a:02:fd:36:9a:5f:e5:
                    d9:05:68:af:0e:8d:af:b4:68:ea:5f:96:b6:a1:c0:
                    95:33:ce:71:37:d3:9a:d3:2e:42:70:c7:b1:d8:be:
                    cc:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:E9:EA:1A:A8:7F:6C:8E:1B:0C:0E:54:72:5E:E6:58:50:30:7B:D0
            X509v3 Authority Key Identifier:
                keyid:E3:09:81:82:BC:B9:AA:10:2E:CB:22:21:A7:67:B9:8E:6E:CC:C3:10

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://0.sb/repo/sb/20/E3098182BCB9AA102ECB2221A767B98E6ECCC310.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4wmBgry5qhAuyyIhp2e5jm7MwxA.cer

            Subject Information Access:
                Signed Object - URI:rsync://0.sb/repo/sb/20/323430373a396534303a3a2f33322d3438203d3e2038383838.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2407:9e40::/32

    Signature Algorithm: sha256WithRSAEncryption
         08:bf:53:f0:27:b4:cc:03:d3:2f:ce:28:7e:8b:5e:6a:fb:c7:
         44:49:3d:3b:bb:ac:49:24:e9:71:ae:69:04:c7:32:cb:72:24:
         77:2c:11:83:6b:70:bf:f2:e3:f2:5b:34:d6:f3:50:fe:88:e9:
         10:5d:4c:a2:98:a0:8d:a8:2d:59:c2:ed:35:85:e6:5e:90:aa:
         f7:71:8b:db:4a:9e:64:a8:5f:fe:22:e3:25:4d:cf:51:40:c6:
         ca:eb:ef:71:1c:10:2b:90:ef:28:a5:9d:b9:55:d3:35:90:b6:
         30:5f:2b:ba:41:21:e0:38:ef:0b:d6:3e:c7:f4:53:3b:2b:b3:
         90:f2:d1:c3:f4:7c:20:5d:7d:90:75:59:c2:eb:1e:f3:0b:57:
         ee:8c:0f:9c:11:24:20:f3:b3:a6:ae:12:52:b7:6a:70:14:19:
         24:94:c9:44:e8:b6:29:32:99:ec:76:08:a9:65:9d:30:a0:84:
         73:77:9c:8e:3f:8f:45:0f:8f:20:d0:54:5b:29:68:f2:8e:bb:
         b6:cb:9a:fe:96:64:3e:25:5c:21:b9:4c:70:7a:cb:99:e8:29:
         6c:87:85:0d:e6:f0:63:8e:70:19:6b:68:75:a9:f5:28:f7:51:
         4d:79:f5:07:da:a7:f4:11:cb:fb:9b:49:8b:e1:bc:d4:7b:8f:
         50:9a:9e:7d
-----BEGIN CERTIFICATE-----
MIIE4DCCA8igAwIBAgIUG+3wQUs5IwUEPyCBVyqDBj1Cl3YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQzQ0QTAwMDAwMTEwLwYDVQQFEyhFMzA5ODE4MkJD
QjlBQTEwMkVDQjIyMjFBNzY3Qjk4RTZFQ0NDMzEwMB4XDTI1MDcyNTEwNDczOVoX
DTI2MDcyNDEwNTIzOVowMzExMC8GA1UEAxMoQTdFOUVBMUFBODdGNkM4RTFCMEMw
RTU0NzI1RUU2NTg1MDMwN0JEMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMt4YhhkeJKQqu3N9orafsUMoWeZFuCaZKGM0xOyVhK2X1PqlrflLGEGz1wJ
RUzfLwcAZ+CRbDct79+jZV0srkjJQLQ+9cjZqIjA5P5uqG9d+GJQwoBnGmzKZOk8
e3siNpu73AKLAXILZ882RT/APKdNaOyfxcENyUpqXgorNvwnAZIENsIAaNCqrUTz
ywN92WQMe1c+GrcWZaNbNUahsirehpRZUbkTl4MwUIC57dgfus8Vssq2o9AHtOfK
Kmc0GrEWkCVtxTwQkeSlnTBqRpv6YUbwZWH/HKSaAv02ml/l2QVorw6Nr7Ro6l+W
tqHAlTPOcTfTmtMuQnDHsdi+zAMCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSn6eoa
qH9sjhsMDlRyXuZYUDB70DAfBgNVHSMEGDAWgBTjCYGCvLmqEC7LIiGnZ7mObszD
EDAOBgNVHQ8BAf8EBAMCB4AwVQYDVR0fBE4wTDBKoEigRoZEcnN5bmM6Ly8wLnNi
L3JlcG8vc2IvMjAvRTMwOTgxODJCQ0I5QUExMDJFQ0IyMjIxQTc2N0I5OEU2RUND
QzMxMC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvNHdtQmdyeTVxaEF1eXlJaHAyZTVqbTdNd3hBLmNlcjBqBggrBgEF
BQcBCwReMFwwWgYIKwYBBQUHMAuGTnJzeW5jOi8vMC5zYi9yZXBvL3NiLzIwLzMy
MzQzMDM3M2EzOTY1MzQzMDNhM2EyZjMzMzIyZDM0MzgyMDNkM2UyMDM4MzgzODM4
LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEw
DzANBAIAAjAHAwUAJAeeQDANBgkqhkiG9w0BAQsFAAOCAQEACL9T8Ce0zAPTL84o
foteavvHREk9O7usSSTpca5pBMcyy3IkdywRg2twv/Lj8ls01vNQ/ojpEF1Mopig
jagtWcLtNYXmXpCq93GL20qeZKhf/iLjJU3PUUDGyuvvcRwQK5DvKKWduVXTNZC2
MF8rukEh4DjvC9Y+x/RTOyuzkPLRw/R8IF19kHVZwuse8wtX7owPnBEkIPOzpq4S
UrdqcBQZJJTJROi2KTKZ7HYIqWWdMKCEc3ecjj+PRQ+PINBUWylo8o67tsua/pZk
PiVcIblMcHrLmegpbIeFDebwY45wGWtodan1KPdRTXn1B9qn9BHL+5tJi+G81HuP
UJqefQ==
-----END CERTIFICATE-----