Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9146A69/CB1CFE846C4A11F098731D13C4F9AE02/5089C6286C4C11F090164A17C4F9AE02.roa
File:                     5089C6286C4C11F090164A17C4F9AE02.roa (raw, json)
Hash identifier:          J6NfxVye//wKbH6luOaipzXoE8gflP1Zb4ROZKBwOvw=
Subject key identifier:   A9:1F:0B:86:7A:18:7D:D1:4D:F1:D1:07:DA:EF:C7:49:35:A3:8A:BF
Certificate issuer:       /CN=A9146A69/serialNumber=3AA5D74A49FEDE081766CDAC3BF7DDD036BBF901
Certificate serial:       06
Authority key identifier: 3A:A5:D7:4A:49:FE:DE:08:17:66:CD:AC:3B:F7:DD:D0:36:BB:F9:01
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OqXXSkn-3ggXZs2sO_fd0Da7-QE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9146A69/CB1CFE846C4A11F098731D13C4F9AE02/5089C6286C4C11F090164A17C4F9AE02.roa
Signing time:             Tue 29 Jul 2025 07:21:08 +0000
ROA not before:           Tue 29 Jul 2025 07:21:08 +0000
ROA not after:            Thu 30 Jul 2026 00:00:00 +0000
asID:                     197537
IP address blocks:        163.227.202.0/24 maxlen: 24
                          163.227.203.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9146A69/CB1CFE846C4A11F098731D13C4F9AE02/OqXXSkn-3ggXZs2sO_fd0Da7-QE.crl
                          rsync://rpki.apnic.net/member_repository/A9146A69/CB1CFE846C4A11F098731D13C4F9AE02/OqXXSkn-3ggXZs2sO_fd0Da7-QE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OqXXSkn-3ggXZs2sO_fd0Da7-QE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6 (0x6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9146A69, serialNumber=3AA5D74A49FEDE081766CDAC3BF7DDD036BBF901
        Validity
            Not Before: Jul 29 07:21:08 2025 GMT
            Not After : Jul 30 00:00:00 2026 GMT
        Subject: CN=68887664-3370
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:9f:35:c5:f0:4d:8e:53:ca:ed:82:f8:a3:ff:
                    67:76:01:c3:99:53:a0:64:5b:3b:09:5b:e9:9f:25:
                    75:0d:92:38:f2:15:23:d0:67:bb:43:94:79:d3:82:
                    3e:03:2b:81:8a:99:5f:f7:68:f4:60:e6:9c:85:07:
                    6e:ff:7c:27:73:a6:98:57:ea:a5:7a:63:ec:b2:ec:
                    9d:90:f9:f3:b5:71:cd:f9:38:b9:c8:7b:90:79:c8:
                    9e:71:37:16:6c:65:97:7c:bb:7c:d4:92:b3:85:c0:
                    91:27:43:87:5d:c9:75:94:f8:60:31:5c:4a:59:9d:
                    11:a2:e1:0c:40:43:e8:d9:86:5b:47:4d:1f:5e:fd:
                    ce:4d:e6:5f:14:0b:18:d4:99:8c:1d:44:d1:4d:10:
                    cb:57:84:3e:69:42:7e:9e:16:e4:e5:8b:39:55:d0:
                    66:1b:03:91:49:c4:3e:4f:5f:4f:45:e4:f0:7b:45:
                    41:29:53:c2:dc:89:83:a7:09:ed:03:e4:84:f9:fb:
                    87:8f:5d:4f:31:08:ac:2e:0d:7e:5b:99:92:94:28:
                    be:f3:77:d4:20:9f:2a:1d:9d:04:17:6e:56:6f:b3:
                    e1:11:7b:c3:fc:d9:d5:8b:4d:f2:b1:44:ec:3c:24:
                    20:ce:75:e8:e2:72:3b:28:f6:47:a3:57:83:f9:da:
                    f9:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:1F:0B:86:7A:18:7D:D1:4D:F1:D1:07:DA:EF:C7:49:35:A3:8A:BF
            X509v3 Authority Key Identifier:
                keyid:3A:A5:D7:4A:49:FE:DE:08:17:66:CD:AC:3B:F7:DD:D0:36:BB:F9:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9146A69/CB1CFE846C4A11F098731D13C4F9AE02/OqXXSkn-3ggXZs2sO_fd0Da7-QE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OqXXSkn-3ggXZs2sO_fd0Da7-QE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146A69/CB1CFE846C4A11F098731D13C4F9AE02/5089C6286C4C11F090164A17C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.227.202.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6d:63:c4:93:f7:91:b8:3e:2f:76:a8:40:7c:fb:b0:e1:c3:cd:
         88:9f:50:84:0b:64:73:66:93:c9:fb:77:08:16:04:a5:af:f7:
         6f:a3:ca:c2:12:74:00:cf:8b:f6:f9:b5:48:51:a8:4a:cb:b6:
         0a:34:fc:6c:a0:5b:9c:92:03:f2:16:a2:6f:64:ea:55:56:8c:
         6c:00:6c:65:34:54:b3:dd:2a:9e:c4:e7:61:66:6a:ea:81:47:
         e6:a2:22:cc:b3:10:fb:e2:b0:03:93:0e:1a:35:79:29:19:49:
         32:c8:0d:1d:b4:32:bf:8a:23:f2:b5:10:92:fd:d1:fa:98:08:
         94:49:79:b9:64:01:17:03:a1:3c:b8:d1:0e:86:fd:81:db:26:
         7b:a1:27:19:26:56:3d:d5:fd:98:17:c5:cf:3a:41:0e:d7:f0:
         29:a4:d6:61:a4:63:69:3b:f4:4f:ec:71:ed:55:b4:bb:1d:19:
         4e:9c:4b:dc:93:e9:63:0b:3e:68:5e:b4:90:d0:a7:71:fa:6a:
         53:ce:bd:93:f8:89:13:02:1e:e4:eb:50:a4:f4:80:2e:15:44:
         74:3c:8e:30:88:df:2c:ed:26:fc:d9:76:d6:a9:16:c8:e0:f7:
         bf:c6:56:6a:1f:70:80:19:27:c0:a6:4c:9d:ae:43:03:f2:af:
         4f:c7:bd:aa
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
NkE2OTExMC8GA1UEBRMoM0FBNUQ3NEE0OUZFREUwODE3NjZDREFDM0JGN0RERDAz
NkJCRjkwMTAeFw0yNTA3MjkwNzIxMDhaFw0yNjA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4ODg3NjY0LTMzNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5nzXF8E2OU8rtgvij/2d2AcOZU6BkWzsJW+mfJXUNkjjyFSPQZ7tDlHnTgj4D
K4GKmV/3aPRg5pyFB27/fCdzpphX6qV6Y+yy7J2Q+fO1cc35OLnIe5B5yJ5xNxZs
ZZd8u3zUkrOFwJEnQ4ddyXWU+GAxXEpZnRGi4QxAQ+jZhltHTR9e/c5N5l8UCxjU
mYwdRNFNEMtXhD5pQn6eFuTlizlV0GYbA5FJxD5PX09F5PB7RUEpU8LciYOnCe0D
5IT5+4ePXU8xCKwuDX5bmZKUKL7zd9QgnyodnQQXblZvs+ERe8P82dWLTfKxROw8
JCDOdejicjso9kejV4P52vmTAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUqR8LhnoY
fdFN8dEH2u/HSTWjir8wHwYDVR0jBBgwFoAUOqXXSkn+3ggXZs2sO/fd0Da7+QEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ2QTY5L0NCMUNGRTg0NkM0
QTExRjA5ODczMUQxM0M0RjlBRTAyL09xWFhTa24tM2dnWFpzMnNPX2ZkMERhNy1R
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvT3FYWFNrbi0zZ2dYWnMyc09fZmQwRGE3LVFFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
NkE2OS9DQjFDRkU4NDZDNEExMUYwOTg3MzFEMTNDNEY5QUUwMi81MDg5QzYyODZD
NEMxMUYwOTAxNjRBMTdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaPjyjANBgkqhkiG9w0BAQsFAAOCAQEAbWPEk/eRuD4vdqhA
fPuw4cPNiJ9QhAtkc2aTyft3CBYEpa/3b6PKwhJ0AM+L9vm1SFGoSsu2CjT8bKBb
nJID8haib2TqVVaMbABsZTRUs90qnsTnYWZq6oFH5qIizLMQ++KwA5MOGjV5KRlJ
MsgNHbQyv4oj8rUQkv3R+pgIlEl5uWQBFwOhPLjRDob9gdsme6EnGSZWPdX9mBfF
zzpBDtfwKaTWYaRjaTv0T+xx7VW0ux0ZTpxL3JPpYws+aF60kNCncfpqU869k/iJ
EwIe5OtQpPSALhVEdDyOMIjfLO0m/Nl21qkWyOD3v8ZWah9wgBknwKZMna5DA/Kv
T8e9qg==
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:08:20 2025 by rpki-client