Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917E868/746AF0B28D9C11EDB3E3CA1FC4F9AE02/34FF021A8DA111EDBDB7DC23C4F9AE02.roa
File:                     34FF021A8DA111EDBDB7DC23C4F9AE02.roa (raw, json)
Hash identifier:          WcOJKBYoZRMDvg4oIYS4kq5xFx2TDUBl7Gt7RS4Zo3k=
Subject key identifier:   E8:AF:0E:62:34:CD:4C:09:E1:09:BD:F3:92:AE:1B:B7:B8:BF:3D:06
Certificate issuer:       /CN=A917E868/serialNumber=C2643370B7CDB1B6159ABD2D7D6772C6F6D2FB65
Certificate serial:       01A9
Authority key identifier: C2:64:33:70:B7:CD:B1:B6:15:9A:BD:2D:7D:67:72:C6:F6:D2:FB:65
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wmQzcLfNsbYVmr0tfWdyxvbS-2U.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917E868/746AF0B28D9C11EDB3E3CA1FC4F9AE02/34FF021A8DA111EDBDB7DC23C4F9AE02.roa
Signing time:             Thu 03 Apr 2025 02:58:50 +0000
ROA not before:           Thu 03 Apr 2025 02:58:50 +0000
ROA not after:            Fri 01 Aug 2025 00:00:00 +0000
asID:                     140066
IP address blocks:        103.148.4.0/24 maxlen: 24
                          103.148.5.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917E868/746AF0B28D9C11EDB3E3CA1FC4F9AE02/wmQzcLfNsbYVmr0tfWdyxvbS-2U.crl
                          rsync://rpki.apnic.net/member_repository/A917E868/746AF0B28D9C11EDB3E3CA1FC4F9AE02/wmQzcLfNsbYVmr0tfWdyxvbS-2U.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wmQzcLfNsbYVmr0tfWdyxvbS-2U.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 02 May 2025 02:21:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 425 (0x1a9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917E868, serialNumber=C2643370B7CDB1B6159ABD2D7D6772C6F6D2FB65
        Validity
            Not Before: Apr  3 02:58:50 2025 GMT
            Not After : Aug  1 00:00:00 2025 GMT
        Subject: CN=67edf96a-48dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:85:7e:c3:49:57:d7:64:8c:50:46:f7:1b:57:
                    e1:32:18:ed:4f:a2:7c:ba:ff:94:5e:a1:8e:35:dd:
                    56:61:2c:00:af:42:4c:e7:9c:61:5c:8c:ca:56:a5:
                    7a:00:fe:81:b1:80:99:b7:b8:66:20:3c:1d:8a:7c:
                    dd:43:8e:9f:62:77:fc:a9:86:36:9f:58:4b:49:c8:
                    1a:c2:1d:a4:d0:51:5c:2a:8c:3e:6d:55:c3:c4:29:
                    2b:ac:b5:56:5a:bb:67:29:db:ea:6c:53:61:41:de:
                    dc:a8:34:b6:86:7c:91:c0:ff:48:60:d4:56:c8:96:
                    dc:11:2e:28:a8:17:68:55:21:bc:36:cf:63:c8:f6:
                    8f:69:17:77:e4:5c:d4:7d:60:1d:93:72:1d:0e:ff:
                    61:87:80:9c:7a:f0:2f:44:e7:90:78:93:63:f0:96:
                    5c:2b:76:92:ea:6a:d7:2d:e9:a7:43:97:bf:fe:00:
                    ad:dc:e0:ed:8d:7b:95:18:fe:b3:ce:44:0f:6c:a6:
                    60:63:04:52:4a:9b:a3:b9:bc:35:a9:c9:62:15:64:
                    3d:6c:a6:8f:34:ec:e8:da:f4:65:06:5c:3a:91:0b:
                    98:30:e6:19:7c:d8:c0:12:1b:4b:ce:a8:03:a9:bf:
                    28:4d:f5:10:40:d5:8e:69:29:a2:9d:b0:79:a3:f2:
                    1f:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:AF:0E:62:34:CD:4C:09:E1:09:BD:F3:92:AE:1B:B7:B8:BF:3D:06
            X509v3 Authority Key Identifier:
                keyid:C2:64:33:70:B7:CD:B1:B6:15:9A:BD:2D:7D:67:72:C6:F6:D2:FB:65

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917E868/746AF0B28D9C11EDB3E3CA1FC4F9AE02/wmQzcLfNsbYVmr0tfWdyxvbS-2U.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wmQzcLfNsbYVmr0tfWdyxvbS-2U.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E868/746AF0B28D9C11EDB3E3CA1FC4F9AE02/34FF021A8DA111EDBDB7DC23C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.148.4.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5e:42:90:29:f3:57:f2:cd:b8:d6:90:35:f4:ce:a2:49:36:8b:
         a1:aa:89:be:4d:16:3a:0b:d4:c7:c3:3d:d9:bb:2a:77:df:c0:
         4e:34:43:0f:23:e8:46:e2:dd:88:83:4c:f7:ce:cf:a1:77:d0:
         7c:a3:3f:40:fe:fd:89:d2:79:4e:35:25:8e:5e:95:d7:83:7a:
         46:4e:7c:c8:47:1e:8f:8f:a4:b1:d0:7b:28:4f:60:fc:e2:bd:
         40:fd:07:4f:a7:52:df:1c:c6:c6:0a:99:a8:3d:fd:11:b2:c0:
         d8:ea:17:88:9d:40:5c:86:44:ed:8d:6a:d6:00:ad:93:af:02:
         bb:70:ef:e4:b5:a5:34:3e:83:89:a7:f1:da:2f:ce:b5:a8:8b:
         3d:6e:31:d3:06:b7:5c:51:eb:1f:16:da:b3:9d:45:ad:d8:0d:
         b9:6e:ca:c2:79:d4:f0:01:f3:1e:76:57:bd:df:ad:66:be:42:
         28:31:a0:58:2c:7d:c1:f6:7a:e9:d4:b2:a8:e9:03:49:05:81:
         fa:09:50:0e:4b:26:62:33:16:cc:f6:01:a8:62:4f:c5:ae:a9:
         03:6f:b1:69:cf:b4:42:ab:62:3c:ea:9c:6d:08:13:86:9e:b5:
         54:61:69:82:f1:4c:79:82:4a:cc:0f:0c:38:5b:6a:89:77:84:
         74:6d:b9:d1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAakwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U4NjgxMTAvBgNVBAUTKEMyNjQzMzcwQjdDREIxQjYxNTlBQkQyRDdENjc3MkM2
RjZEMkZCNjUwHhcNMjUwNDAzMDI1ODUwWhcNMjUwODAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2VkZjk2YS00OGRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyYV+w0lX12SMUEb3G1fhMhjtT6J8uv+UXqGONd1WYSwAr0JM55xhXIzKVqV6
AP6BsYCZt7hmIDwdinzdQ46fYnf8qYY2n1hLScgawh2k0FFcKow+bVXDxCkrrLVW
WrtnKdvqbFNhQd7cqDS2hnyRwP9IYNRWyJbcES4oqBdoVSG8Ns9jyPaPaRd35FzU
fWAdk3IdDv9hh4CcevAvROeQeJNj8JZcK3aS6mrXLemnQ5e//gCt3ODtjXuVGP6z
zkQPbKZgYwRSSpujubw1qcliFWQ9bKaPNOzo2vRlBlw6kQuYMOYZfNjAEhtLzqgD
qb8oTfUQQNWOaSminbB5o/IfqQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOivDmI0
zUwJ4Qm985KuG7e4vz0GMB8GA1UdIwQYMBaAFMJkM3C3zbG2FZq9LX1ncsb20vtl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTg2OC83NDZBRjBCMjhE
OUMxMUVEQjNFM0NBMUZDNEY5QUUwMi93bVF6Y0xmTnNiWVZtcjB0ZldkeXh2YlMt
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dtUXpjTGZOc2JZVm1yMHRmV2R5eHZiUy0yVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0U4NjgvNzQ2QUYwQjI4RDlDMTFFREIzRTNDQTFGQzRGOUFFMDIvMzRGRjAyMUE4
REExMTFFREJEQjdEQzIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnlAQwDQYJKoZIhvcNAQELBQADggEBAF5CkCnzV/LNuNaQ
NfTOokk2i6Gqib5NFjoL1MfDPdm7KnffwE40Qw8j6Ebi3YiDTPfOz6F30HyjP0D+
/YnSeU41JY5eldeDekZOfMhHHo+PpLHQeyhPYPzivUD9B0+nUt8cxsYKmag9/RGy
wNjqF4idQFyGRO2NatYArZOvArtw7+S1pTQ+g4mn8dovzrWoiz1uMdMGt1xR6x8W
2rOdRa3YDbluysJ51PAB8x52V73frWa+QigxoFgsfcH2eunUsqjpA0kFgfoJUA5L
JmIzFsz2AahiT8WuqQNvsWnPtEKrYjzqnG0IE4aetVRhaYLxTHmCSswPDDhbaol3
hHRtudE=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:33:17 2025 by rpki-client