Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915FD96/7566F5260DDB11EBAF7B107CC4F9AE02/074C5C04644211EFA6AFE95CC4F9AE02.roa
File:                     074C5C04644211EFA6AFE95CC4F9AE02.roa (raw, json)
Hash identifier:          eWRDLsuHoJc/nz9fA7Tw+nXYU13UB2p69Sw5UsXcXsQ=
Subject key identifier:   F6:6B:BE:51:AE:1A:5F:05:2A:3D:0D:91:82:42:94:16:F8:03:D7:6D
Certificate issuer:       /CN=A915FD96/serialNumber=CD8BBE706CCD9B5532CF3EB1D5FBBD7D3E3EBEA4
Certificate serial:       07B0
Authority key identifier: CD:8B:BE:70:6C:CD:9B:55:32:CF:3E:B1:D5:FB:BD:7D:3E:3E:BE:A4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zYu-cGzNm1Uyzz6x1fu9fT4-vqQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915FD96/7566F5260DDB11EBAF7B107CC4F9AE02/074C5C04644211EFA6AFE95CC4F9AE02.roa
Signing time:             Tue 22 Jul 2025 22:03:28 +0000
ROA not before:           Tue 22 Jul 2025 22:03:28 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     132841
IP address blocks:        2001:df5:af00::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A915FD96/7566F5260DDB11EBAF7B107CC4F9AE02/zYu-cGzNm1Uyzz6x1fu9fT4-vqQ.crl
                          rsync://rpki.apnic.net/member_repository/A915FD96/7566F5260DDB11EBAF7B107CC4F9AE02/zYu-cGzNm1Uyzz6x1fu9fT4-vqQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zYu-cGzNm1Uyzz6x1fu9fT4-vqQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 13 Aug 2025 21:37:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1968 (0x7b0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915FD96, serialNumber=CD8BBE706CCD9B5532CF3EB1D5FBBD7D3E3EBEA4
        Validity
            Not Before: Jul 22 22:03:28 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=68800ab0-6cf2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:88:a7:e2:5e:2d:f0:82:af:a4:da:62:e5:3a:
                    db:49:9d:1f:7e:d6:c5:b0:23:c4:1a:25:74:e0:97:
                    ac:37:a4:04:76:af:c1:80:2d:79:c8:6f:e1:52:ed:
                    4e:ff:dc:00:62:c8:26:7b:7e:a7:e4:a2:a4:8e:3c:
                    b7:ef:4d:9a:38:d7:c8:43:e9:81:6d:81:6f:ce:3f:
                    00:05:9d:0e:11:0c:70:d5:a4:8c:83:c5:46:70:57:
                    75:84:e8:7e:78:dd:af:41:35:0f:e6:9c:66:0e:3d:
                    59:af:b9:4a:9a:d2:4b:00:f8:85:14:06:02:4c:d1:
                    9a:d6:de:8f:fc:be:44:8c:bf:49:24:21:a0:71:c8:
                    68:8f:f7:8e:1f:c4:73:f3:02:bf:1a:8d:cd:f4:4e:
                    d4:82:b9:82:66:f0:bd:23:44:5c:4a:ee:8f:7b:89:
                    ac:d7:bc:85:49:ca:e4:75:17:a9:4a:64:56:d6:f4:
                    84:87:62:33:cd:c8:dc:22:25:7b:cf:c2:36:82:d6:
                    11:69:27:8e:74:4f:a4:08:69:f3:cb:1f:79:aa:e0:
                    91:6c:2c:60:88:51:80:0f:1e:6a:9e:01:2e:3e:77:
                    74:39:de:8a:96:b1:a1:ff:3c:a4:1a:56:ab:c9:12:
                    bc:21:7a:c7:43:3d:93:9b:36:c4:b3:52:d0:aa:f1:
                    0b:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:6B:BE:51:AE:1A:5F:05:2A:3D:0D:91:82:42:94:16:F8:03:D7:6D
            X509v3 Authority Key Identifier:
                keyid:CD:8B:BE:70:6C:CD:9B:55:32:CF:3E:B1:D5:FB:BD:7D:3E:3E:BE:A4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915FD96/7566F5260DDB11EBAF7B107CC4F9AE02/zYu-cGzNm1Uyzz6x1fu9fT4-vqQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zYu-cGzNm1Uyzz6x1fu9fT4-vqQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915FD96/7566F5260DDB11EBAF7B107CC4F9AE02/074C5C04644211EFA6AFE95CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df5:af00::/48

    Signature Algorithm: sha256WithRSAEncryption
         9d:77:76:98:6f:f3:05:4e:31:e9:fc:f4:2a:ae:97:1d:0f:02:
         1b:5b:34:6f:95:dc:d6:ed:45:7f:ce:49:9c:33:62:fc:23:6d:
         5e:60:65:44:20:a8:5e:12:95:53:04:7a:b6:8e:ef:89:60:80:
         5e:32:be:3d:19:a4:e0:dc:f5:aa:77:04:98:f1:dc:f8:b1:df:
         5f:36:be:bb:37:5d:95:77:6f:5d:c5:35:98:26:bd:6d:bc:b5:
         b1:46:11:8c:37:31:64:be:21:57:6e:74:f2:1b:82:72:85:3d:
         4e:e5:a6:5e:93:60:82:8e:cf:b9:48:1e:42:6c:87:4b:0c:35:
         ab:32:f0:60:bf:59:55:6b:07:55:90:e0:de:9c:92:2c:2a:d1:
         e1:77:14:b2:d0:62:cf:99:4d:ae:3b:20:4d:94:05:8c:36:71:
         8c:96:1f:c5:10:39:47:92:7b:2e:32:13:ec:61:bd:c9:fc:43:
         06:e3:1b:37:df:9b:58:7e:fe:b1:eb:43:bb:9e:ff:7b:dc:8e:
         9f:d3:ee:34:bf:76:19:cf:b8:3a:c4:53:96:3b:d1:4e:8a:17:
         d2:d1:8b:2a:07:37:ce:0d:b3:bc:27:11:7b:90:41:d5:42:c4:
         5a:fa:94:eb:2d:a1:72:94:93:df:b8:2d:3f:63:84:b7:69:78:
         44:79:db:75
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICB7AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUZEOTYxMTAvBgNVBAUTKENEOEJCRTcwNkNDRDlCNTUzMkNGM0VCMUQ1RkJCRDdE
M0UzRUJFQTQwHhcNMjUwNzIyMjIwMzI4WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODgwMGFiMC02Y2YyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoIin4l4t8IKvpNpi5TrbSZ0fftbFsCPEGiV04JesN6QEdq/BgC15yG/hUu1O
/9wAYsgme36n5KKkjjy3702aONfIQ+mBbYFvzj8ABZ0OEQxw1aSMg8VGcFd1hOh+
eN2vQTUP5pxmDj1Zr7lKmtJLAPiFFAYCTNGa1t6P/L5EjL9JJCGgcchoj/eOH8Rz
8wK/Go3N9E7UgrmCZvC9I0RcSu6Pe4ms17yFScrkdRepSmRW1vSEh2IzzcjcIiV7
z8I2gtYRaSeOdE+kCGnzyx95quCRbCxgiFGADx5qngEuPnd0Od6KlrGh/zykGlar
yRK8IXrHQz2TmzbEs1LQqvELWQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFPZrvlGu
Gl8FKj0NkYJClBb4A9dtMB8GA1UdIwQYMBaAFM2LvnBszZtVMs8+sdX7vX0+Pr6k
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RkQ5Ni83NTY2RjUyNjBE
REIxMUVCQUY3QjEwN0NDNEY5QUUwMi96WXUtY0d6Tm0xVXl6ejZ4MWZ1OWZUNC12
cVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pZdS1jR3pObTFVeXp6NngxZnU5ZlQ0LXZxUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUZEOTYvNzU2NkY1MjYwRERCMTFFQkFGN0IxMDdDQzRGOUFFMDIvMDc0QzVDMDQ2
NDQyMTFFRkE2QUZFOTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ31rwAwDQYJKoZIhvcNAQELBQADggEBAJ13dphv8wVO
Men89Cqulx0PAhtbNG+V3NbtRX/OSZwzYvwjbV5gZUQgqF4SlVMEeraO74lggF4y
vj0ZpODc9ap3BJjx3Pix3182vrs3XZV3b13FNZgmvW28tbFGEYw3MWS+IVdudPIb
gnKFPU7lpl6TYIKOz7lIHkJsh0sMNasy8GC/WVVrB1WQ4N6ckiwq0eF3FLLQYs+Z
Ta47IE2UBYw2cYyWH8UQOUeSey4yE+xhvcn8QwbjGzffm1h+/rHrQ7ue/3vcjp/T
7jS/dhnPuDrEU5Y70U6KF9LRiyoHN84Ns7wnEXuQQdVCxFr6lOstoXKUk9+4LT9j
hLdpeER523U=
-----END CERTIFICATE-----
Generated at Thu Aug 7 01:19:06 2025 by rpki-client