Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913FD96/A624FC44519811EA97225983C4F9AE02/FC3B44CE519A11EAB1229A87C4F9AE02.roa
File:                     FC3B44CE519A11EAB1229A87C4F9AE02.roa (raw, json)
Hash identifier:          PexI7Ux7URSg3e/gBgi7b1d+EMkFgIyBhb6944l9JRA=
Subject key identifier:   52:DA:17:1F:F3:83:BA:89:99:87:13:EB:48:FD:63:F4:20:84:20:49
Certificate issuer:       /CN=A913FD96/serialNumber=34041FE399C0765961B79FE124694172872073BB
Certificate serial:       0ADA
Authority key identifier: 34:04:1F:E3:99:C0:76:59:61:B7:9F:E1:24:69:41:72:87:20:73:BB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAQf45nAdllht5_hJGlBcocgc7s.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913FD96/A624FC44519811EA97225983C4F9AE02/FC3B44CE519A11EAB1229A87C4F9AE02.roa
Signing time:             Thu 24 Jul 2025 19:59:54 +0000
ROA not before:           Thu 24 Jul 2025 19:59:54 +0000
ROA not after:            Sat 31 Oct 2026 00:00:00 +0000
asID:                     134515
IP address blocks:        103.236.119.0/24 maxlen: 24
                          2001:df5:8400::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A913FD96/A624FC44519811EA97225983C4F9AE02/NAQf45nAdllht5_hJGlBcocgc7s.crl
                          rsync://rpki.apnic.net/member_repository/A913FD96/A624FC44519811EA97225983C4F9AE02/NAQf45nAdllht5_hJGlBcocgc7s.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAQf45nAdllht5_hJGlBcocgc7s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2778 (0xada)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913FD96, serialNumber=34041FE399C0765961B79FE124694172872073BB
        Validity
            Not Before: Jul 24 19:59:54 2025 GMT
            Not After : Oct 31 00:00:00 2026 GMT
        Subject: CN=688290ba-fe01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:8c:19:60:9f:c8:eb:22:f4:59:d6:f4:7c:b6:
                    ba:95:89:4d:bd:b0:b6:47:5a:40:04:3d:e7:62:46:
                    ee:4a:14:a8:d6:90:41:06:fc:ea:43:3b:f6:22:dc:
                    7d:6c:56:13:97:56:a7:c1:52:e0:36:68:0b:c9:73:
                    43:27:5b:aa:85:c8:14:32:69:82:e6:4e:48:c7:45:
                    45:18:c8:97:f3:06:91:84:8b:52:79:44:fc:db:f9:
                    97:2d:97:27:2a:70:e6:11:f7:6e:01:2a:92:11:b9:
                    a0:90:1e:42:02:e6:2c:8c:33:a8:09:f4:ac:f0:fc:
                    b6:c1:6d:60:54:e8:c7:34:ea:6b:ca:00:3a:0e:76:
                    b1:75:11:9f:49:b8:7d:bc:c1:7d:70:66:76:7d:08:
                    72:05:28:8c:5a:bb:0c:ad:73:54:eb:3f:70:ce:ac:
                    f9:01:6f:a1:48:a4:11:ae:bb:d6:27:5b:2e:c0:cc:
                    ec:1b:e6:d7:6e:f3:03:31:0c:03:7b:9b:58:ac:8f:
                    a9:a6:51:9d:23:c1:16:20:84:ba:0c:69:f5:f2:a8:
                    7d:69:05:f8:25:75:7a:d4:ac:0c:a7:b0:9b:6e:de:
                    46:59:2c:73:db:c4:17:69:3a:4c:9c:6f:f6:82:1c:
                    7e:93:34:f4:f9:4d:3b:39:dc:18:4d:7c:ab:54:f2:
                    19:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:DA:17:1F:F3:83:BA:89:99:87:13:EB:48:FD:63:F4:20:84:20:49
            X509v3 Authority Key Identifier:
                keyid:34:04:1F:E3:99:C0:76:59:61:B7:9F:E1:24:69:41:72:87:20:73:BB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913FD96/A624FC44519811EA97225983C4F9AE02/NAQf45nAdllht5_hJGlBcocgc7s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAQf45nAdllht5_hJGlBcocgc7s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913FD96/A624FC44519811EA97225983C4F9AE02/FC3B44CE519A11EAB1229A87C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.236.119.0/24
                IPv6:
                  2001:df5:8400::/48

    Signature Algorithm: sha256WithRSAEncryption
         95:82:9f:67:51:df:f0:37:04:e0:20:a0:30:aa:5e:98:01:f9:
         23:7b:f5:bd:07:fe:a6:5e:44:53:29:7f:5c:a7:3c:60:27:b8:
         b4:df:54:f4:77:62:f3:39:54:78:a4:68:ad:07:fa:86:e5:49:
         dd:88:30:ce:f3:21:a0:c2:01:41:b5:35:fa:6f:50:5d:ec:28:
         e6:5b:21:c8:ef:9f:bc:4e:84:37:3b:94:78:40:50:43:97:6e:
         7e:86:2c:92:9c:f2:ee:77:09:3d:5a:71:39:0d:6a:09:51:40:
         17:eb:ba:26:d8:cb:6a:25:e5:07:fa:1d:a3:9f:50:6a:11:a8:
         56:29:80:37:ea:be:4c:50:af:8f:18:41:46:f4:32:4e:4e:6e:
         e7:f7:f1:d5:a6:99:f4:61:73:03:b8:18:b6:c0:1e:a7:d3:8c:
         85:e8:a1:72:dd:fe:17:55:f5:53:4e:02:bf:9f:43:3e:13:27:
         92:61:e5:10:f5:4b:1f:47:67:81:4e:f6:65:0b:18:9d:a8:ce:
         c7:4d:f4:ff:3a:9f:c3:ca:cd:da:e0:4c:5b:60:63:ed:de:0a:
         a9:5e:c4:5b:93:ef:b0:5f:6e:ea:39:e9:48:5b:23:72:e3:77:
         ff:45:4a:e8:26:b0:5a:ae:27:df:c4:41:73:85:3a:9c:66:67:
         a3:ba:e2:71
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICCtowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0ZEOTYxMTAvBgNVBAUTKDM0MDQxRkUzOTlDMDc2NTk2MUI3OUZFMTI0Njk0MTcy
ODcyMDczQkIwHhcNMjUwNzI0MTk1OTU0WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODgyOTBiYS1mZTAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz4wZYJ/I6yL0Wdb0fLa6lYlNvbC2R1pABD3nYkbuShSo1pBBBvzqQzv2Itx9
bFYTl1anwVLgNmgLyXNDJ1uqhcgUMmmC5k5Ix0VFGMiX8waRhItSeUT82/mXLZcn
KnDmEfduASqSEbmgkB5CAuYsjDOoCfSs8Py2wW1gVOjHNOprygA6DnaxdRGfSbh9
vMF9cGZ2fQhyBSiMWrsMrXNU6z9wzqz5AW+hSKQRrrvWJ1suwMzsG+bXbvMDMQwD
e5tYrI+pplGdI8EWIIS6DGn18qh9aQX4JXV61KwMp7Cbbt5GWSxz28QXaTpMnG/2
ghx+kzT0+U07OdwYTXyrVPIZ/wIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFFLaFx/z
g7qJmYcT60j9Y/QghCBJMB8GA1UdIwQYMBaAFDQEH+OZwHZZYbef4SRpQXKHIHO7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRkQ5Ni9BNjI0RkM0NDUx
OTgxMUVBOTcyMjU5ODNDNEY5QUUwMi9OQVFmNDVuQWRsbGh0NV9oSkdsQmNvY2dj
N3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05BUWY0NW5BZGxsaHQ1X2hKR2xCY29jZ2M3cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0ZEOTYvQTYyNEZDNDQ1MTk4MTFFQTk3MjI1OTgzQzRGOUFFMDIvRkMzQjQ0Q0U1
MTlBMTFFQUIxMjI5QTg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABn7HcwDwQCAAIwCQMHACABDfWEADANBgkqhkiG9w0BAQsF
AAOCAQEAlYKfZ1Hf8DcE4CCgMKpemAH5I3v1vQf+pl5EUyl/XKc8YCe4tN9U9Hdi
8zlUeKRorQf6huVJ3YgwzvMhoMIBQbU1+m9QXewo5lshyO+fvE6ENzuUeEBQQ5du
foYskpzy7ncJPVpxOQ1qCVFAF+u6JtjLaiXlB/odo59QahGoVimAN+q+TFCvjxhB
RvQyTk5u5/fx1aaZ9GFzA7gYtsAep9OMheihct3+F1X1U04Cv59DPhMnkmHlEPVL
H0dngU72ZQsYnajOx030/zqfw8rN2uBMW2Bj7d4KqV7EW5PvsF9u6jnpSFsjcuN3
/0VK6CawWq4n38RBc4U6nGZno7ricQ==
-----END CERTIFICATE-----
Generated at Sun Aug 10 04:23:54 2025 by rpki-client