Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9113BE5/611C512CF0F311EC84B29C80C4F9AE02/627A6758DF2A11EEBC440C5EC4F9AE02.roa
File:                     627A6758DF2A11EEBC440C5EC4F9AE02.roa (raw, json)
Hash identifier:          q/TcJaaAitP3rzneDoOcxqjjnobWifgs1ChVJEG3jdI=
Subject key identifier:   A8:3D:01:BD:EE:F6:2B:22:52:B6:9E:24:2C:44:A0:48:5F:00:0E:50
Certificate issuer:       /CN=A9113BE5/serialNumber=3646EB1F370B7E63D1F36DEB36C2476C96E6BAE8
Certificate serial:       02F2
Authority key identifier: 36:46:EB:1F:37:0B:7E:63:D1:F3:6D:EB:36:C2:47:6C:96:E6:BA:E8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NkbrHzcLfmPR823rNsJHbJbmuug.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9113BE5/611C512CF0F311EC84B29C80C4F9AE02/627A6758DF2A11EEBC440C5EC4F9AE02.roa
Signing time:             Fri 01 Aug 2025 02:38:38 +0000
ROA not before:           Fri 01 Aug 2025 02:38:38 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     138622
IP address blocks:        103.189.236.0/23 maxlen: 23
                          103.189.236.0/24 maxlen: 24
                          103.189.237.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9113BE5/611C512CF0F311EC84B29C80C4F9AE02/NkbrHzcLfmPR823rNsJHbJbmuug.crl
                          rsync://rpki.apnic.net/member_repository/A9113BE5/611C512CF0F311EC84B29C80C4F9AE02/NkbrHzcLfmPR823rNsJHbJbmuug.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NkbrHzcLfmPR823rNsJHbJbmuug.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 754 (0x2f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9113BE5, serialNumber=3646EB1F370B7E63D1F36DEB36C2476C96E6BAE8
        Validity
            Not Before: Aug  1 02:38:38 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=688c28ad-3104
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:b0:ca:07:e3:41:a2:44:48:ba:d9:cb:ab:3f:
                    2f:df:df:0f:ca:f6:be:d3:a9:ee:50:5b:4d:07:5a:
                    65:72:bf:96:42:40:f4:bd:ed:b2:64:fd:5c:35:51:
                    a0:65:77:bf:55:a3:fc:f6:d9:00:03:6b:86:ab:85:
                    02:c4:8e:ac:94:55:1f:61:e6:cf:98:8d:d2:ff:a5:
                    de:cc:bc:d4:97:b2:20:7e:bc:1d:12:b4:fe:f5:24:
                    71:cd:f0:4c:77:93:67:c8:ba:4a:80:10:a3:ee:ab:
                    8e:ec:44:ae:3d:36:64:d4:1c:c6:41:01:b2:5f:ed:
                    f5:c1:88:8c:68:90:c0:75:b7:3a:e7:82:21:8e:0b:
                    6f:a9:10:26:e7:61:8d:12:5e:c8:44:0c:93:b7:55:
                    a6:12:6c:90:e4:77:bf:ab:37:ce:21:58:4f:e1:78:
                    80:15:ca:2d:2d:44:0d:50:7f:6e:02:ca:5a:b2:7b:
                    93:cd:14:db:44:94:65:77:54:65:f2:cc:1c:2f:a2:
                    70:45:89:f0:fe:44:d1:d0:5b:0e:3f:72:a2:00:e1:
                    64:c2:95:5e:b8:4b:90:9e:3a:a8:e1:d5:d9:0e:26:
                    cc:d2:75:c0:2e:b1:06:d9:be:3f:f1:0d:f0:b3:fa:
                    89:a8:fc:95:c2:b3:bf:65:ce:74:ab:24:5f:43:fd:
                    62:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:3D:01:BD:EE:F6:2B:22:52:B6:9E:24:2C:44:A0:48:5F:00:0E:50
            X509v3 Authority Key Identifier:
                keyid:36:46:EB:1F:37:0B:7E:63:D1:F3:6D:EB:36:C2:47:6C:96:E6:BA:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9113BE5/611C512CF0F311EC84B29C80C4F9AE02/NkbrHzcLfmPR823rNsJHbJbmuug.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NkbrHzcLfmPR823rNsJHbJbmuug.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9113BE5/611C512CF0F311EC84B29C80C4F9AE02/627A6758DF2A11EEBC440C5EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.189.236.0/23

    Signature Algorithm: sha256WithRSAEncryption
         bb:eb:5e:96:19:e7:ad:cf:ce:03:4d:16:0c:98:4d:53:b1:6d:
         bc:75:8f:3c:21:f1:ef:32:3b:70:33:f2:7e:c5:d9:a1:f1:a7:
         79:84:49:2c:b8:8b:54:14:aa:25:ab:ca:0b:32:60:42:e3:e0:
         32:77:d1:a6:37:03:01:66:78:f9:42:45:2f:c9:7f:1c:80:3c:
         1a:aa:f0:e8:c2:6a:a0:46:36:e0:5d:d2:d2:e9:6d:7b:f2:40:
         a2:09:30:3c:12:af:ca:df:62:b3:c4:fb:36:34:b5:87:df:0a:
         17:be:6e:c6:d1:42:b9:e7:8f:af:07:10:da:15:24:e3:a3:03:
         de:84:94:9c:a4:0b:24:86:41:b4:1d:8e:1a:ad:ca:dd:14:c3:
         79:b0:b8:cd:ef:76:03:4a:d7:05:b5:73:c3:54:16:e5:90:9b:
         d7:40:fb:47:e1:d7:61:b0:b0:e5:3e:bc:cd:b7:6e:43:9b:22:
         6a:ce:75:32:4b:48:93:74:7d:d6:9d:81:d4:06:48:53:bd:79:
         5a:5a:37:ad:67:53:71:f9:ac:10:66:60:8c:4e:05:fe:bd:a1:
         26:58:e2:a7:be:ca:2e:22:9b:9e:d8:19:ee:8a:09:ad:90:85:
         8b:90:8b:fc:98:92:0c:8d:bc:73:f2:56:d4:87:32:8e:4d:82:
         2d:f9:7b:5b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAvIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTNCRTUxMTAvBgNVBAUTKDM2NDZFQjFGMzcwQjdFNjNEMUYzNkRFQjM2QzI0NzZD
OTZFNkJBRTgwHhcNMjUwODAxMDIzODM4WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhjMjhhZC0zMTA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxLDKB+NBokRIutnLqz8v398Pyva+06nuUFtNB1plcr+WQkD0ve2yZP1cNVGg
ZXe/VaP89tkAA2uGq4UCxI6slFUfYebPmI3S/6XezLzUl7IgfrwdErT+9SRxzfBM
d5NnyLpKgBCj7quO7ESuPTZk1BzGQQGyX+31wYiMaJDAdbc654IhjgtvqRAm52GN
El7IRAyTt1WmEmyQ5He/qzfOIVhP4XiAFcotLUQNUH9uAspasnuTzRTbRJRld1Rl
8swcL6JwRYnw/kTR0FsOP3KiAOFkwpVeuEuQnjqo4dXZDibM0nXALrEG2b4/8Q3w
s/qJqPyVwrO/Zc50qyRfQ/1iiQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKg9Ab3u
9isiUraeJCxEoEhfAA5QMB8GA1UdIwQYMBaAFDZG6x83C35j0fNt6zbCR2yW5rro
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExM0JFNS82MTFDNTEyQ0Yw
RjMxMUVDODRCMjlDODBDNEY5QUUwMi9Oa2JySHpjTGZtUFI4MjNyTnNKSGJKYm11
dWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05rYnJIemNMZm1QUjgyM3JOc0pIYkpibXV1Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTNCRTUvNjExQzUxMkNGMEYzMTFFQzg0QjI5QzgwQzRGOUFFMDIvNjI3QTY3NThE
RjJBMTFFRUJDNDQwQzVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnvewwDQYJKoZIhvcNAQELBQADggEBALvrXpYZ563PzgNN
FgyYTVOxbbx1jzwh8e8yO3Az8n7F2aHxp3mESSy4i1QUqiWrygsyYELj4DJ30aY3
AwFmePlCRS/JfxyAPBqq8OjCaqBGNuBd0tLpbXvyQKIJMDwSr8rfYrPE+zY0tYff
Che+bsbRQrnnj68HENoVJOOjA96ElJykCySGQbQdjhqtyt0Uw3mwuM3vdgNK1wW1
c8NUFuWQm9dA+0fh12GwsOU+vM23bkObImrOdTJLSJN0fdadgdQGSFO9eVpaN61n
U3H5rBBmYIxOBf69oSZY4qe+yi4im57YGe6KCa2QhYuQi/yYkgyNvHPyVtSHMo5N
gi35e1s=
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:05:27 2025 by rpki-client