Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/DD7CA58EA23F11EDBCDB6D73C4F9AE02.roa
File:                     DD7CA58EA23F11EDBCDB6D73C4F9AE02.roa (raw, json)
Hash identifier:          5xwHH4/f23qWAT+TboZC+tRvenA32AbWJXTfPPug25w=
Subject key identifier:   48:A6:E0:1E:E3:4D:96:7B:21:27:02:C0:B5:E0:A0:16:A0:6D:3C:54
Certificate issuer:       /CN=A91840A8/serialNumber=D1474C1DA439B34E487C28C24729E687E0947D73
Certificate serial:       0664
Authority key identifier: D1:47:4C:1D:A4:39:B3:4E:48:7C:28:C2:47:29:E6:87:E0:94:7D:73
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0UdMHaQ5s05IfCjCRynmh-CUfXM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/DD7CA58EA23F11EDBCDB6D73C4F9AE02.roa
Signing time:             Wed 30 Jul 2025 23:34:48 +0000
ROA not before:           Wed 30 Jul 2025 23:34:48 +0000
ROA not after:            Mon 31 Aug 2026 00:00:00 +0000
asID:                     38296
IP address blocks:        203.185.129.0/24 maxlen: 24
                          203.185.130.0/23 maxlen: 23
                          203.185.130.0/24 maxlen: 24
                          203.185.131.0/24 maxlen: 24
                          203.185.132.0/22 maxlen: 22
                          203.185.132.0/23 maxlen: 23
                          203.185.132.0/24 maxlen: 24
                          203.185.133.0/24 maxlen: 24
                          203.185.134.0/23 maxlen: 23
                          203.185.134.0/24 maxlen: 24
                          203.185.135.0/24 maxlen: 24
                          203.185.136.0/24 maxlen: 24
                          203.185.137.0/24 maxlen: 24
                          203.185.138.0/24 maxlen: 24
                          203.185.139.0/24 maxlen: 24
                          203.185.140.0/24 maxlen: 24
                          203.185.141.0/24 maxlen: 24
                          203.185.142.0/24 maxlen: 24
                          203.185.143.0/24 maxlen: 24
                          203.185.144.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/0UdMHaQ5s05IfCjCRynmh-CUfXM.crl
                          rsync://rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/0UdMHaQ5s05IfCjCRynmh-CUfXM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0UdMHaQ5s05IfCjCRynmh-CUfXM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1636 (0x664)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91840A8, serialNumber=D1474C1DA439B34E487C28C24729E687E0947D73
        Validity
            Not Before: Jul 30 23:34:48 2025 GMT
            Not After : Aug 31 00:00:00 2026 GMT
        Subject: CN=688aac17-ac49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:04:1e:69:b7:7e:ff:14:14:c5:8c:94:9e:75:
                    41:38:6d:a8:2a:d6:f4:6e:80:e9:df:8e:ba:c9:48:
                    d6:11:ab:82:a9:2d:2a:c0:98:d5:36:a2:99:3b:75:
                    0a:50:93:d5:43:f6:3d:28:80:ab:17:40:38:18:da:
                    29:3b:f6:04:c2:e3:28:06:ca:4b:e4:5c:99:a0:cf:
                    3f:c2:50:8e:9c:22:e9:b0:59:d4:9b:8b:bb:3e:bc:
                    9b:a3:0d:82:f1:08:82:1f:2d:6f:b9:d7:c9:27:02:
                    bf:6d:4e:ab:f7:1e:d9:d5:56:57:ee:7c:a3:cb:62:
                    d6:4d:1d:f8:94:ec:bd:1e:8f:48:df:62:ae:87:a6:
                    a9:dd:fa:2e:9b:35:20:b4:da:cb:90:9e:a2:83:4e:
                    e0:9b:d9:1f:c3:22:75:06:0b:00:f4:5f:d5:3a:52:
                    d5:54:a2:53:7e:f6:04:68:33:99:40:ad:8c:b8:51:
                    59:09:6f:44:51:45:2d:8a:a7:bc:ff:9b:5e:cc:bd:
                    ed:f0:b0:2a:21:89:12:52:eb:ca:7f:19:b2:71:25:
                    cd:a1:ad:98:b5:32:be:b2:7f:1a:be:f4:b4:ae:b6:
                    49:8b:68:14:2e:45:ea:1d:9d:1f:eb:85:a9:e1:b5:
                    e7:a7:3a:64:47:ff:80:c4:83:a9:c2:33:d1:44:18:
                    0c:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:A6:E0:1E:E3:4D:96:7B:21:27:02:C0:B5:E0:A0:16:A0:6D:3C:54
            X509v3 Authority Key Identifier:
                keyid:D1:47:4C:1D:A4:39:B3:4E:48:7C:28:C2:47:29:E6:87:E0:94:7D:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/0UdMHaQ5s05IfCjCRynmh-CUfXM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0UdMHaQ5s05IfCjCRynmh-CUfXM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/DD7CA58EA23F11EDBCDB6D73C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.185.129.0-203.185.145.255

    Signature Algorithm: sha256WithRSAEncryption
         7e:2f:7a:ab:ae:34:24:bf:40:c3:8b:09:99:3e:27:70:14:2c:
         9a:ea:dd:a8:3f:e4:c6:a3:3d:c5:59:16:f0:eb:13:8f:f8:11:
         d6:93:42:1f:b8:fe:6a:d5:50:b8:cc:97:0d:2c:b7:da:31:79:
         42:39:22:dd:ef:7f:b3:62:31:4f:f3:41:ed:83:53:56:a2:d9:
         0a:0c:e9:74:99:5e:e8:89:ce:ed:cb:1c:f6:6d:5f:2a:3d:e1:
         11:eb:71:89:fa:c9:b6:15:6a:ec:21:f5:b7:72:98:ba:39:34:
         b9:ef:fd:46:17:fe:ed:c3:e5:c6:f9:1a:72:fb:1e:5e:55:66:
         d6:a3:20:7a:eb:71:fa:2d:5e:b5:86:12:1c:38:ce:fa:9c:a0:
         da:2f:d7:2c:65:4f:c4:5f:60:a4:01:f2:89:3e:72:ed:22:09:
         5b:d0:d6:f5:09:38:21:fa:b7:a0:f7:ed:b4:52:95:2a:73:7f:
         e4:bf:15:81:31:7b:b0:64:9a:7a:79:42:7c:25:eb:fa:0d:67:
         af:2f:db:89:bc:d9:65:3a:36:c3:63:34:04:8e:2f:86:3b:69:
         8c:bd:68:42:a9:52:c9:b5:12:88:15:78:4c:ef:6e:08:f3:53:
         43:58:08:29:3d:e0:7b:45:94:d9:41:45:73:73:3a:12:08:92:
         58:e9:b2:d1
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICBmQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQwQTgxMTAvBgNVBAUTKEQxNDc0QzFEQTQzOUIzNEU0ODdDMjhDMjQ3MjlFNjg3
RTA5NDdENzMwHhcNMjUwNzMwMjMzNDQ4WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhhYWMxNy1hYzQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwAQeabd+/xQUxYyUnnVBOG2oKtb0boDp3466yUjWEauCqS0qwJjVNqKZO3UK
UJPVQ/Y9KICrF0A4GNopO/YEwuMoBspL5FyZoM8/wlCOnCLpsFnUm4u7Prybow2C
8QiCHy1vudfJJwK/bU6r9x7Z1VZX7nyjy2LWTR34lOy9Ho9I32Kuh6ap3foumzUg
tNrLkJ6ig07gm9kfwyJ1BgsA9F/VOlLVVKJTfvYEaDOZQK2MuFFZCW9EUUUtiqe8
/5tezL3t8LAqIYkSUuvKfxmycSXNoa2YtTK+sn8avvS0rrZJi2gULkXqHZ0f64Wp
4bXnpzpkR/+AxIOpwjPRRBgMpQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFEim4B7j
TZZ7IScCwLXgoBagbTxUMB8GA1UdIwQYMBaAFNFHTB2kObNOSHwowkcp5ofglH1z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDBBOC83MEMyRUI3QUEx
OTYxMUVCODIwMENGMDlDNEY5QUUwMi8wVWRNSGFRNXMwNUlmQ2pDUnlubWgtQ1Vm
WE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBVZE1IYVE1czA1SWZDakNSeW5taC1DVWZYTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQwQTgvNzBDMkVCN0FBMTk2MTFFQjgyMDBDRjA5QzRGOUFFMDIvREQ3Q0E1OEVB
MjNGMTFFREJDREI2RDczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAMu5gQMEAcu5kDANBgkqhkiG9w0BAQsFAAOCAQEAfi96
q640JL9Aw4sJmT4ncBQsmurdqD/kxqM9xVkW8OsTj/gR1pNCH7j+atVQuMyXDSy3
2jF5Qjki3e9/s2IxT/NB7YNTVqLZCgzpdJle6InO7csc9m1fKj3hEetxifrJthVq
7CH1t3KYujk0ue/9Rhf+7cPlxvkacvseXlVm1qMgeutx+i1etYYSHDjO+pyg2i/X
LGVPxF9gpAHyiT5y7SIJW9DW9Qk4Ifq3oPfttFKVKnN/5L8VgTF7sGSaenlCfCXr
+g1nry/bibzZZTo2w2M0BI4vhjtpjL1oQqlSybUSiBV4TO9uCPNTQ1gIKT3ge0WU
2UFFc3M6EgiSWOmy0Q==
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:52:01 2025 by rpki-client