Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91697FA/1978044A1D8311E2932921D808B02CD2/D5C188B88DBD11E9877F5B11C4F9AE02.roa
File:                     D5C188B88DBD11E9877F5B11C4F9AE02.roa (raw, json)
Hash identifier:          eIHncqSLzAK4hT66bMDG+FBpRTxCSLp9MqrqHufX4PA=
Subject key identifier:   56:95:F1:37:8D:20:FF:E4:DA:33:1D:D2:F7:CA:47:53:85:EF:4A:6F
Certificate issuer:       /CN=A91697FA/serialNumber=27580FE0AF7EF52C638B69632C22C976A1862D67
Certificate serial:       34B8
Authority key identifier: 27:58:0F:E0:AF:7E:F5:2C:63:8B:69:63:2C:22:C9:76:A1:86:2D:67
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/J1gP4K9-9Sxji2ljLCLJdqGGLWc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91697FA/1978044A1D8311E2932921D808B02CD2/D5C188B88DBD11E9877F5B11C4F9AE02.roa
Signing time:             Thu 24 Jul 2025 14:50:18 +0000
ROA not before:           Thu 24 Jul 2025 14:50:18 +0000
ROA not after:            Sat 31 Oct 2026 00:00:00 +0000
asID:                     7693
IP address blocks:        140.149.0.0/16 maxlen: 16
                          140.149.0.0/17 maxlen: 17
                          140.149.128.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91697FA/1978044A1D8311E2932921D808B02CD2/J1gP4K9-9Sxji2ljLCLJdqGGLWc.crl
                          rsync://rpki.apnic.net/member_repository/A91697FA/1978044A1D8311E2932921D808B02CD2/J1gP4K9-9Sxji2ljLCLJdqGGLWc.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/J1gP4K9-9Sxji2ljLCLJdqGGLWc.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13496 (0x34b8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91697FA, serialNumber=27580FE0AF7EF52C638B69632C22C976A1862D67
        Validity
            Not Before: Jul 24 14:50:18 2025 GMT
            Not After : Oct 31 00:00:00 2026 GMT
        Subject: CN=6882482a-e022
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:5c:40:ea:b8:75:cf:a2:45:12:cd:d3:06:3f:
                    f8:63:c8:11:5f:07:fa:ab:b7:7f:32:9a:8b:13:f8:
                    6b:a1:dd:29:ef:23:15:a1:8f:f4:46:45:70:25:72:
                    71:7a:21:b8:c7:ca:07:63:5e:a9:7a:02:22:eb:05:
                    46:2a:26:99:16:5a:80:d6:04:12:da:10:ca:6b:32:
                    77:29:30:b1:61:0e:4f:ee:32:71:18:b1:ee:31:1b:
                    55:ad:ff:e7:b1:c3:3b:29:04:3c:4b:25:e7:64:2b:
                    cb:96:09:f3:bc:be:01:7f:ca:9f:ef:b3:4d:eb:87:
                    96:aa:71:37:24:da:1d:cd:87:72:98:61:21:82:99:
                    a1:ae:b1:bb:34:9e:63:e0:bc:42:3b:60:07:f9:db:
                    7f:7b:34:1a:02:99:1c:80:d9:52:fa:9b:35:de:42:
                    49:ff:62:53:0f:e8:3f:fa:80:72:1e:cf:df:50:4e:
                    dd:c8:40:97:78:5d:72:d3:f4:9c:34:29:ff:3e:9b:
                    3b:6d:99:b9:11:1a:62:cb:e0:7c:cc:47:ab:58:6a:
                    c4:8e:e5:49:15:2f:a7:43:d5:b7:04:d6:c1:14:42:
                    81:cb:1e:5e:ff:46:99:2e:7d:db:52:be:a3:ee:e3:
                    57:a3:dc:3a:96:de:79:2a:0e:8c:fb:d1:9c:8d:99:
                    d6:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:95:F1:37:8D:20:FF:E4:DA:33:1D:D2:F7:CA:47:53:85:EF:4A:6F
            X509v3 Authority Key Identifier:
                keyid:27:58:0F:E0:AF:7E:F5:2C:63:8B:69:63:2C:22:C9:76:A1:86:2D:67

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91697FA/1978044A1D8311E2932921D808B02CD2/J1gP4K9-9Sxji2ljLCLJdqGGLWc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/J1gP4K9-9Sxji2ljLCLJdqGGLWc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91697FA/1978044A1D8311E2932921D808B02CD2/D5C188B88DBD11E9877F5B11C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.149.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         04:13:23:67:46:5c:7e:e5:07:f3:f3:72:f1:a9:21:9c:c1:c1:
         76:09:18:88:81:ca:a6:be:d2:82:6d:88:23:00:66:df:86:03:
         94:3f:2f:fd:50:4e:9c:9c:74:ae:b9:45:63:1b:3c:79:16:19:
         46:70:6a:14:5a:4d:17:6a:61:7e:38:87:f0:e1:59:e3:ba:16:
         82:34:f8:98:ee:d0:f5:d1:e0:01:09:88:5e:50:ab:f6:95:46:
         31:77:75:34:9e:19:77:5c:73:07:1a:9e:57:2c:65:6d:be:fd:
         55:5a:84:29:c4:8d:15:3b:f6:77:06:7d:13:58:98:2e:bd:04:
         91:17:4e:bb:c0:e0:61:d0:3d:0f:90:44:b2:fb:ce:82:20:23:
         64:78:92:5f:fe:34:31:99:99:60:f1:73:4b:d8:b8:b8:d1:f5:
         d5:63:5b:95:6a:db:08:ca:40:6c:3a:38:74:10:7f:9b:58:c2:
         42:bc:6d:f7:42:bb:7b:dc:47:68:53:64:64:2d:51:1f:83:41:
         20:45:9f:3a:0b:c7:09:8d:46:5c:3d:4d:7d:18:b5:3c:8a:4c:
         63:cb:f9:20:57:a3:c8:76:ee:0b:2f:5d:b6:0c:cd:bf:4c:9e:
         4d:1f:aa:f4:fa:e3:6d:32:0e:9c:51:42:a3:34:64:df:8e:e9:
         96:6b:67:f6
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICNLgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njk3RkExMTAvBgNVBAUTKDI3NTgwRkUwQUY3RUY1MkM2MzhCNjk2MzJDMjJDOTc2
QTE4NjJENjcwHhcNMjUwNzI0MTQ1MDE4WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODgyNDgyYS1lMDIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtlxA6rh1z6JFEs3TBj/4Y8gRXwf6q7d/MpqLE/hrod0p7yMVoY/0RkVwJXJx
eiG4x8oHY16pegIi6wVGKiaZFlqA1gQS2hDKazJ3KTCxYQ5P7jJxGLHuMRtVrf/n
scM7KQQ8SyXnZCvLlgnzvL4Bf8qf77NN64eWqnE3JNodzYdymGEhgpmhrrG7NJ5j
4LxCO2AH+dt/ezQaApkcgNlS+ps13kJJ/2JTD+g/+oByHs/fUE7dyECXeF1y0/Sc
NCn/Pps7bZm5ERpiy+B8zEerWGrEjuVJFS+nQ9W3BNbBFEKByx5e/0aZLn3bUr6j
7uNXo9w6lt55Kg6M+9GcjZnWUwIDAQABo4IClDCCApAwHQYDVR0OBBYEFFaV8TeN
IP/k2jMd0vfKR1OF70pvMB8GA1UdIwQYMBaAFCdYD+CvfvUsY4tpYywiyXahhi1n
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTdGQS8xOTc4MDQ0QTFE
ODMxMUUyOTMyOTIxRDgwOEIwMkNEMi9KMWdQNEs5LTlTeGppMmxqTENMSmRxR0dM
V2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0oxZ1A0SzktOVN4amkybGpMQ0xKZHFHR0xXYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njk3RkEvMTk3ODA0NEExRDgzMTFFMjkzMjkyMUQ4MDhCMDJDRDIvRDVDMTg4Qjg4
REJEMTFFOTg3N0Y1QjExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwCMlTANBgkqhkiG9w0BAQsFAAOCAQEABBMjZ0ZcfuUH8/Ny
8akhnMHBdgkYiIHKpr7Sgm2IIwBm34YDlD8v/VBOnJx0rrlFYxs8eRYZRnBqFFpN
F2phfjiH8OFZ47oWgjT4mO7Q9dHgAQmIXlCr9pVGMXd1NJ4Zd1xzBxqeVyxlbb79
VVqEKcSNFTv2dwZ9E1iYLr0EkRdOu8DgYdA9D5BEsvvOgiAjZHiSX/40MZmZYPFz
S9i4uNH11WNblWrbCMpAbDo4dBB/m1jCQrxt90K7e9xHaFNkZC1RH4NBIEWfOgvH
CY1GXD1NfRi1PIpMY8v5IFejyHbuCy9dtgzNv0yeTR+q9PrjbTIOnFFCozRk347p
lmtn9g==
-----END CERTIFICATE-----
Generated at Mon Aug 11 06:02:55 2025 by rpki-client