Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91177A8/BA526138F11611EBB0E3C74DC4F9AE02/E11FA920F11A11EB9F005358C4F9AE02.roa
File:                     E11FA920F11A11EB9F005358C4F9AE02.roa (raw, json)
Hash identifier:          CdrfPMZy52he8bpwd/sQIj17yAvkU7L0EqcCRVjCrHA=
Subject key identifier:   4D:9E:A0:87:31:6A:E9:D7:64:A2:CA:E1:7B:D7:7C:97:DC:B5:0F:A7
Certificate issuer:       /CN=A91177A8/serialNumber=9E35E53EEA6B7BC3EC29AF3B3620E9A654C0B6AC
Certificate serial:       056B
Authority key identifier: 9E:35:E5:3E:EA:6B:7B:C3:EC:29:AF:3B:36:20:E9:A6:54:C0:B6:AC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/njXlPupre8PsKa87NiDpplTAtqw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91177A8/BA526138F11611EBB0E3C74DC4F9AE02/E11FA920F11A11EB9F005358C4F9AE02.roa
Signing time:             Thu 31 Jul 2025 00:04:47 +0000
ROA not before:           Thu 31 Jul 2025 00:04:47 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     137398
IP address blocks:        103.167.80.0/24 maxlen: 24
                          103.169.208.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91177A8/BA526138F11611EBB0E3C74DC4F9AE02/njXlPupre8PsKa87NiDpplTAtqw.crl
                          rsync://rpki.apnic.net/member_repository/A91177A8/BA526138F11611EBB0E3C74DC4F9AE02/njXlPupre8PsKa87NiDpplTAtqw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/njXlPupre8PsKa87NiDpplTAtqw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1387 (0x56b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91177A8, serialNumber=9E35E53EEA6B7BC3EC29AF3B3620E9A654C0B6AC
        Validity
            Not Before: Jul 31 00:04:47 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=688ab31f-638c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:c0:24:d2:44:69:83:2b:af:92:b9:a3:2b:78:
                    0f:8d:b3:bc:19:8d:94:c5:04:66:2e:c6:12:03:51:
                    e3:22:bc:47:a1:41:09:46:c4:1a:60:c8:84:69:dd:
                    81:88:75:71:af:6a:53:cc:b6:7e:73:de:93:d6:4b:
                    6a:11:3f:49:99:03:83:f3:11:11:1d:f4:db:3f:13:
                    76:0c:e1:74:48:eb:f8:c5:ed:fb:76:d9:1d:26:f0:
                    5e:e2:d8:72:31:98:06:12:90:b5:c6:05:01:46:fb:
                    93:90:24:36:df:1f:e8:6e:4d:b3:f7:2a:8a:83:d8:
                    c6:72:8f:b0:4c:85:00:28:89:54:57:13:9d:9a:87:
                    9d:78:ac:5b:ee:fb:d9:fa:63:dd:08:5c:99:41:c5:
                    29:db:19:70:2a:b6:21:d7:88:25:eb:f8:08:43:1e:
                    ec:70:30:ec:c8:4b:e9:bb:b5:95:cf:96:4c:e9:51:
                    36:96:ae:64:8f:5c:a1:de:f8:3c:1f:88:45:2a:e3:
                    30:43:79:4c:84:92:ec:9f:22:59:0c:b6:ee:83:9d:
                    2b:fc:b3:1a:1c:6a:3f:13:07:c8:38:de:b4:a7:47:
                    27:3b:0e:b3:3a:0f:68:a6:52:5a:5a:fc:12:52:1a:
                    96:e3:2f:a9:6e:e9:88:a8:f2:73:2c:dd:87:6f:5f:
                    2a:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:9E:A0:87:31:6A:E9:D7:64:A2:CA:E1:7B:D7:7C:97:DC:B5:0F:A7
            X509v3 Authority Key Identifier:
                keyid:9E:35:E5:3E:EA:6B:7B:C3:EC:29:AF:3B:36:20:E9:A6:54:C0:B6:AC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91177A8/BA526138F11611EBB0E3C74DC4F9AE02/njXlPupre8PsKa87NiDpplTAtqw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/njXlPupre8PsKa87NiDpplTAtqw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91177A8/BA526138F11611EBB0E3C74DC4F9AE02/E11FA920F11A11EB9F005358C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.167.80.0/24
                  103.169.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:21:36:22:6e:3c:91:96:5b:80:bb:7c:80:df:fb:7e:99:a9:
         c4:da:0c:8b:0e:f9:23:bd:7e:0b:75:2e:16:9d:eb:7c:36:54:
         69:16:fe:90:17:5a:76:a5:60:bb:81:cf:f4:bf:42:82:fb:78:
         7f:b7:5a:f6:31:34:a2:1f:de:34:27:00:1b:08:3b:e6:b7:12:
         24:fe:4c:cd:25:01:6d:b7:9b:ee:7c:c8:af:91:73:a7:f2:25:
         2d:3c:c6:63:b0:33:28:24:b4:1c:aa:b9:a9:73:ca:d5:33:be:
         b9:2d:75:36:74:9e:f1:b3:c6:9e:16:77:48:9f:f6:b4:90:b2:
         4f:86:10:d5:c9:6b:ff:a2:9f:31:88:15:03:2c:f5:5d:53:bc:
         86:31:79:06:88:8c:9f:f1:bd:66:ef:f1:5b:83:07:83:66:67:
         69:c9:13:6c:17:d0:db:a7:fc:c6:12:bd:7a:dd:13:9c:f1:e9:
         42:f2:6d:f3:65:db:c2:d2:c5:0b:4f:90:0d:58:8e:07:fb:b3:
         a6:61:6d:29:78:9d:b3:78:45:28:4a:83:56:1e:54:c3:a2:c9:
         37:16:85:8c:58:25:6c:8d:70:f9:73:ce:1f:8f:72:18:5c:55:
         67:d9:74:3b:81:b4:36:5e:dc:a8:f9:0e:40:cd:07:6e:02:40:
         1e:27:22:2b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBWswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTc3QTgxMTAvBgNVBAUTKDlFMzVFNTNFRUE2QjdCQzNFQzI5QUYzQjM2MjBFOUE2
NTRDMEI2QUMwHhcNMjUwNzMxMDAwNDQ3WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhhYjMxZi02MzhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0sAk0kRpgyuvkrmjK3gPjbO8GY2UxQRmLsYSA1HjIrxHoUEJRsQaYMiEad2B
iHVxr2pTzLZ+c96T1ktqET9JmQOD8xERHfTbPxN2DOF0SOv4xe37dtkdJvBe4thy
MZgGEpC1xgUBRvuTkCQ23x/obk2z9yqKg9jGco+wTIUAKIlUVxOdmoedeKxb7vvZ
+mPdCFyZQcUp2xlwKrYh14gl6/gIQx7scDDsyEvpu7WVz5ZM6VE2lq5kj1yh3vg8
H4hFKuMwQ3lMhJLsnyJZDLbug50r/LMaHGo/EwfION60p0cnOw6zOg9oplJaWvwS
UhqW4y+pbumIqPJzLN2Hb18qLQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFE2eoIcx
aunXZKLK4XvXfJfctQ+nMB8GA1UdIwQYMBaAFJ415T7qa3vD7CmvOzYg6aZUwLas
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzdBOC9CQTUyNjEzOEYx
MTYxMUVCQjBFM0M3NERDNEY5QUUwMi9ualhsUHVwcmU4UHNLYTg3TmlEcHBsVEF0
cXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25qWGxQdXByZThQc0thODdOaURwcGxUQXRxdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTc3QTgvQkE1MjYxMzhGMTE2MTFFQkIwRTNDNzREQzRGOUFFMDIvRTExRkE5MjBG
MTFBMTFFQjlGMDA1MzU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnp1ADBABnqdAwDQYJKoZIhvcNAQELBQADggEBAK0hNiJu
PJGWW4C7fIDf+36ZqcTaDIsO+SO9fgt1Lhad63w2VGkW/pAXWnalYLuBz/S/QoL7
eH+3WvYxNKIf3jQnABsIO+a3EiT+TM0lAW23m+58yK+Rc6fyJS08xmOwMygktByq
ualzytUzvrktdTZ0nvGzxp4Wd0if9rSQsk+GENXJa/+inzGIFQMs9V1TvIYxeQaI
jJ/xvWbv8VuDB4NmZ2nJE2wX0Nun/MYSvXrdE5zx6ULybfNl28LSxQtPkA1Yjgf7
s6ZhbSl4nbN4RShKg1YeVMOiyTcWhYxYJWyNcPlzzh+PchhcVWfZdDuBtDZe3Kj5
DkDNB24CQB4nIis=
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:53:23 2025 by rpki-client