Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915A549/4D25BCAAD24411EF9E654B14C4F9AE02/E9B51C0AD24411EFBD747915C4F9AE02.roa
File:                     E9B51C0AD24411EFBD747915C4F9AE02.roa (raw, json)
Hash identifier:          h7LkbeKD0rtGSmQTm/4/z1tqrdfuxl9pJq7z33t/Gys=
Subject key identifier:   C7:12:70:3A:8D:04:B8:FB:3E:C6:1A:6D:1F:6D:1F:6D:FF:E1:BA:31
Certificate issuer:       /CN=A915A549/serialNumber=1C80150AC9630984D38CC6F59C3ECC751B25F3E7
Certificate serial:       6E
Authority key identifier: 1C:80:15:0A:C9:63:09:84:D3:8C:C6:F5:9C:3E:CC:75:1B:25:F3:E7
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HIAVCsljCYTTjMb1nD7MdRsl8-c.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915A549/4D25BCAAD24411EF9E654B14C4F9AE02/E9B51C0AD24411EFBD747915C4F9AE02.roa
Signing time:             Sat 09 Aug 2025 07:43:48 +0000
ROA not before:           Sat 09 Aug 2025 07:43:48 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     55571
IP address blocks:        202.52.61.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A915A549/4D25BCAAD24411EF9E654B14C4F9AE02/HIAVCsljCYTTjMb1nD7MdRsl8-c.crl
                          rsync://rpki.apnic.net/member_repository/A915A549/4D25BCAAD24411EF9E654B14C4F9AE02/HIAVCsljCYTTjMb1nD7MdRsl8-c.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HIAVCsljCYTTjMb1nD7MdRsl8-c.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 18 Aug 2025 07:11:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 110 (0x6e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915A549, serialNumber=1C80150AC9630984D38CC6F59C3ECC751B25F3E7
        Validity
            Not Before: Aug  9 07:43:48 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=6896fc34-07dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ad:0a:5e:67:44:40:a7:f9:d9:bb:c8:6b:56:
                    ce:61:20:8f:6c:f8:1e:24:4b:d3:5f:90:ec:92:5b:
                    d5:df:6e:e5:7e:0a:c5:dd:fa:3f:24:ed:2c:fb:70:
                    8d:05:f5:f1:b5:30:4f:98:f6:7d:2f:29:17:7a:68:
                    c6:0a:26:1a:33:dc:50:2a:7b:92:67:a6:2a:23:b7:
                    27:94:39:4f:7d:f8:d3:a3:c8:21:3f:f4:80:8b:49:
                    2c:e1:6f:49:22:68:c5:bb:a9:bd:54:5e:0d:7f:b7:
                    e7:bd:f2:bc:4a:7c:a4:81:ed:a8:9a:c8:33:d1:0f:
                    d5:5d:56:a7:13:d8:4c:6c:23:1b:39:c5:e4:88:3c:
                    ab:5f:2e:70:ae:2d:8f:50:72:d9:54:7c:5d:ea:46:
                    00:45:be:0f:f9:9f:20:d5:67:65:d3:3a:84:70:ad:
                    b8:3c:4d:cc:84:87:5d:b2:ad:a9:18:c6:ec:66:08:
                    6c:ca:98:60:68:d5:e4:1d:60:61:58:d1:34:7b:ce:
                    26:7a:20:5d:d6:37:0a:17:42:20:e6:e1:2b:b0:26:
                    48:88:30:9a:c6:74:5a:2b:f2:61:95:5a:0b:2b:90:
                    8a:02:66:b1:a2:f7:1f:29:71:7e:8b:c5:c9:7d:fd:
                    e5:1a:5e:60:99:50:86:a5:50:1a:d6:d9:20:8a:dd:
                    3c:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:12:70:3A:8D:04:B8:FB:3E:C6:1A:6D:1F:6D:1F:6D:FF:E1:BA:31
            X509v3 Authority Key Identifier:
                keyid:1C:80:15:0A:C9:63:09:84:D3:8C:C6:F5:9C:3E:CC:75:1B:25:F3:E7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915A549/4D25BCAAD24411EF9E654B14C4F9AE02/HIAVCsljCYTTjMb1nD7MdRsl8-c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HIAVCsljCYTTjMb1nD7MdRsl8-c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A549/4D25BCAAD24411EF9E654B14C4F9AE02/E9B51C0AD24411EFBD747915C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.52.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:dd:70:07:ae:87:d0:b0:7e:75:92:24:da:66:9f:6d:ef:7e:
         ca:9c:c5:f8:1e:5f:2a:37:12:08:23:04:cf:2d:1a:25:e8:bc:
         8e:f6:e9:ba:c6:1b:f9:cc:d0:e2:4e:ea:5b:01:87:3d:4f:44:
         73:43:51:2f:04:e2:24:17:f4:bb:29:3e:68:9c:a6:9a:93:c6:
         d3:17:e2:45:16:37:89:4a:e9:56:df:e6:94:ac:59:10:77:b9:
         48:13:e3:de:d6:a7:30:3b:31:b3:cd:3d:9f:20:7a:5c:39:de:
         d0:ef:fb:9d:9a:fc:7f:7d:48:4c:d9:ba:c1:44:37:77:34:e5:
         ce:df:23:e4:98:43:bf:af:22:ff:3b:f9:e8:5a:10:aa:30:d7:
         39:f9:32:65:b6:99:d5:f1:e5:af:ad:31:c5:7a:42:39:b4:a2:
         6b:84:ce:1d:65:6a:fc:a0:b3:90:26:a0:fd:fe:16:f5:76:94:
         91:dd:9a:7b:ad:aa:93:2a:3a:2a:d8:9f:92:e8:89:0c:8d:6f:
         e9:fe:ba:69:84:ea:9f:62:29:b5:02:86:5b:cd:ac:f4:78:88:
         60:c6:1f:85:73:72:6e:34:a3:fb:97:20:6c:19:3c:cb:a9:4d:
         7e:3b:e7:33:87:e0:ad:f3:52:e7:56:05:1e:67:dc:91:94:8b:
         71:ee:87:ac
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBbjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
QTU0OTExMC8GA1UEBRMoMUM4MDE1MEFDOTYzMDk4NEQzOENDNkY1OUMzRUNDNzUx
QjI1RjNFNzAeFw0yNTA4MDkwNzQzNDhaFw0yNjA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4OTZmYzM0LTA3ZGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6rQpeZ0RAp/nZu8hrVs5hII9s+B4kS9NfkOySW9XfbuV+CsXd+j8k7Sz7cI0F
9fG1ME+Y9n0vKRd6aMYKJhoz3FAqe5JnpiojtyeUOU99+NOjyCE/9ICLSSzhb0ki
aMW7qb1UXg1/t+e98rxKfKSB7aiayDPRD9VdVqcT2ExsIxs5xeSIPKtfLnCuLY9Q
ctlUfF3qRgBFvg/5nyDVZ2XTOoRwrbg8TcyEh12yrakYxuxmCGzKmGBo1eQdYGFY
0TR7ziZ6IF3WNwoXQiDm4SuwJkiIMJrGdFor8mGVWgsrkIoCZrGi9x8pcX6Lxcl9
/eUaXmCZUIalUBrW2SCK3TyNAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUxxJwOo0E
uPs+xhptH20fbf/hujEwHwYDVR0jBBgwFoAUHIAVCsljCYTTjMb1nD7MdRsl8+cw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVBNTQ5LzREMjVCQ0FBRDI0
NDExRUY5RTY1NEIxNEM0RjlBRTAyL0hJQVZDc2xqQ1lUVGpNYjFuRDdNZFJzbDgt
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSElBVkNzbGpDWVRUak1iMW5EN01kUnNsOC1jLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
QTU0OS80RDI1QkNBQUQyNDQxMUVGOUU2NTRCMTRDNEY5QUUwMi9FOUI1MUMwQUQy
NDQxMUVGQkQ3NDc5MTVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMo0PTANBgkqhkiG9w0BAQsFAAOCAQEASt1wB66H0LB+dZIk
2mafbe9+ypzF+B5fKjcSCCMEzy0aJei8jvbpusYb+czQ4k7qWwGHPU9Ec0NRLwTi
JBf0uyk+aJymmpPG0xfiRRY3iUrpVt/mlKxZEHe5SBPj3tanMDsxs809nyB6XDne
0O/7nZr8f31ITNm6wUQ3dzTlzt8j5JhDv68i/zv56FoQqjDXOfkyZbaZ1fHlr60x
xXpCObSia4TOHWVq/KCzkCag/f4W9XaUkd2ae62qkyo6KtifkuiJDI1v6f66aYTq
n2IptQKGW82s9HiIYMYfhXNybjSj+5cgbBk8y6lNfjvnM4fgrfNS51YFHmfckZSL
ce6HrA==
-----END CERTIFICATE-----
Generated at Wed Aug 13 02:50:29 2025 by rpki-client