Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/E0CC264A41C511E8BEC06D36C4F9AE02.roa
File:                     E0CC264A41C511E8BEC06D36C4F9AE02.roa (raw, json)
Hash identifier:          S2wRNHs16NkpQF0OE9CM/o0odvQGGIVO/+whEFrHXvs=
Subject key identifier:   F0:24:D6:08:B7:BB:9B:88:DC:B3:D6:21:04:18:A6:E7:94:B4:65:0D
Certificate issuer:       /CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Certificate serial:       2868
Authority key identifier: 99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/E0CC264A41C511E8BEC06D36C4F9AE02.roa
Signing time:             Sat 26 Jul 2025 15:53:37 +0000
ROA not before:           Sat 26 Jul 2025 15:53:37 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     135646
IP address blocks:        2402:e380:15::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl
                          rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10344 (0x2868)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911C28D, serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
        Validity
            Not Before: Jul 26 15:53:37 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=6884fa00-cd13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:bf:35:16:54:a5:72:d3:c0:db:2c:b3:62:c4:
                    a6:df:b7:2f:95:98:d0:be:c6:8e:e0:f2:67:c3:95:
                    b7:0e:cd:8d:b5:6d:86:3e:16:28:a7:0b:62:f6:21:
                    77:59:2d:ec:47:aa:ce:a8:5d:b4:5c:53:33:2e:dc:
                    36:6b:aa:b9:fa:d8:36:aa:c9:97:79:04:e3:aa:fa:
                    c9:c5:1d:83:40:4f:a9:79:e0:3a:11:97:2f:f3:9b:
                    0e:33:88:b3:81:8e:b4:4b:e6:c3:70:49:75:a1:45:
                    41:db:f9:89:9f:92:1b:ef:94:1e:ff:07:b5:5c:ed:
                    89:de:e4:a6:d0:41:3d:b9:56:04:89:30:47:ee:6f:
                    f2:25:3d:89:e4:c4:4d:c3:c7:fd:bf:70:0f:96:1d:
                    0a:98:bb:b1:af:3a:95:f8:1f:ea:9a:8f:ca:ae:f5:
                    0f:31:79:e7:31:46:0e:02:29:81:f1:db:d4:14:50:
                    61:1b:0d:48:27:08:dd:30:77:93:ae:9a:8a:04:43:
                    77:75:ab:bc:1e:29:3c:a7:ed:27:61:32:b6:70:22:
                    c0:24:6e:23:af:7c:56:64:fe:8d:0f:53:36:f4:8b:
                    4e:f3:13:c9:ee:9f:c3:a6:a2:b1:03:da:0f:52:2d:
                    a5:b4:06:f6:b0:da:20:27:cb:63:3e:71:a8:7c:44:
                    93:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:24:D6:08:B7:BB:9B:88:DC:B3:D6:21:04:18:A6:E7:94:B4:65:0D
            X509v3 Authority Key Identifier:
                keyid:99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/E0CC264A41C511E8BEC06D36C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2402:e380:15::/48

    Signature Algorithm: sha256WithRSAEncryption
         40:b3:55:6a:60:fc:71:01:dc:fa:a4:f2:56:8d:23:27:3c:b1:
         e1:07:4a:ed:c4:c6:8b:e1:96:1e:7a:2a:ee:4f:78:8f:ff:f5:
         27:25:01:4a:4a:be:49:f6:8c:03:86:92:84:8a:94:9c:db:67:
         83:7b:f2:79:1f:6c:9f:a1:dc:33:60:aa:f7:64:dc:0d:c7:7b:
         ad:3e:8e:d3:cc:0c:dd:45:37:da:4b:cf:67:c5:b9:c7:d5:d3:
         69:e5:c2:36:24:82:fa:4b:52:c2:23:10:f4:fe:42:a2:35:cc:
         33:16:6a:a4:14:8c:48:ee:08:f6:7f:15:1f:9a:fe:9c:7f:43:
         56:56:cb:9d:5a:90:60:7b:98:92:5a:8a:5e:82:c3:02:ef:c0:
         aa:d9:a7:5f:16:49:b1:d6:64:49:ca:e9:51:65:04:0d:46:0c:
         13:e6:18:71:4a:7f:3c:ec:e6:03:db:41:14:5d:2c:5d:70:b0:
         f0:bf:77:50:99:ed:39:c1:af:6c:d6:83:b0:e5:ae:70:65:80:
         39:65:82:10:7c:71:3d:4e:9e:03:c6:26:09:f9:85:de:14:2f:
         60:6c:53:59:80:f0:b5:07:dc:a1:35:e7:e8:6f:d2:f3:ab:96:
         51:1a:7f:8a:72:0b:08:63:d8:b3:42:6d:b6:56:75:fe:16:dd:
         cc:35:a0:84
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICKGgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMyOEQxMTAvBgNVBAUTKDk5REZCNkJGNzk1MEU2QjQwMTk1QTU5MDI0RjRCNzUw
ODYzRDNEOTMwHhcNMjUwNzI2MTU1MzM3WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODg0ZmEwMC1jZDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu781FlSlctPA2yyzYsSm37cvlZjQvsaO4PJnw5W3Ds2NtW2GPhYopwti9iF3
WS3sR6rOqF20XFMzLtw2a6q5+tg2qsmXeQTjqvrJxR2DQE+peeA6EZcv85sOM4iz
gY60S+bDcEl1oUVB2/mJn5Ib75Qe/we1XO2J3uSm0EE9uVYEiTBH7m/yJT2J5MRN
w8f9v3APlh0KmLuxrzqV+B/qmo/KrvUPMXnnMUYOAimB8dvUFFBhGw1IJwjdMHeT
rpqKBEN3dau8Hik8p+0nYTK2cCLAJG4jr3xWZP6ND1M29ItO8xPJ7p/DpqKxA9oP
Ui2ltAb2sNogJ8tjPnGofESTNwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFPAk1gi3
u5uI3LPWIQQYpueUtGUNMB8GA1UdIwQYMBaAFJnftr95UOa0AZWlkCT0t1CGPT2T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4RC9CREFCNjdGNjNB
ODAxMUU1QUUzOTAxNTVDNEY5QUUwMi9tZC0ydjNsUTVyUUJsYVdRSlBTM1VJWTlQ
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21kLTJ2M2xRNXJRQmxhV1FKUFMzVUlZOVBaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMyOEQvQkRBQjY3RjYzQTgwMTFFNUFFMzkwMTU1QzRGOUFFMDIvRTBDQzI2NEE0
MUM1MTFFOEJFQzA2RDM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkAuOAABUwDQYJKoZIhvcNAQELBQADggEBAECzVWpg/HEB
3Pqk8laNIyc8seEHSu3Exovhlh56Ku5PeI//9SclAUpKvkn2jAOGkoSKlJzbZ4N7
8nkfbJ+h3DNgqvdk3A3He60+jtPMDN1FN9pLz2fFucfV02nlwjYkgvpLUsIjEPT+
QqI1zDMWaqQUjEjuCPZ/FR+a/px/Q1ZWy51akGB7mJJail6CwwLvwKrZp18WSbHW
ZEnK6VFlBA1GDBPmGHFKfzzs5gPbQRRdLF1wsPC/d1CZ7TnBr2zWg7DlrnBlgDll
ghB8cT1OngPGJgn5hd4UL2BsU1mA8LUH3KE15+hv0vOrllEaf4pyCwhj2LNCbbZW
df4W3cw1oIQ=
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:47:31 2025 by rpki-client