Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/E9FB74DCE57711ECBC483554C4F9AE02.roa
File:                     E9FB74DCE57711ECBC483554C4F9AE02.roa (raw, json)
Hash identifier:          t68ri8+sG+PCgnACutRhiIQMtoo2iXpsz04+S32xy6c=
Subject key identifier:   F7:05:5A:DC:9B:44:3F:99:97:79:32:37:A3:10:D3:4F:85:4B:00:EF
Certificate issuer:       /CN=A91840A8/serialNumber=D1474C1DA439B34E487C28C24729E687E0947D73
Certificate serial:       0666
Authority key identifier: D1:47:4C:1D:A4:39:B3:4E:48:7C:28:C2:47:29:E6:87:E0:94:7D:73
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0UdMHaQ5s05IfCjCRynmh-CUfXM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/E9FB74DCE57711ECBC483554C4F9AE02.roa
Signing time:             Wed 30 Jul 2025 23:34:50 +0000
ROA not before:           Wed 30 Jul 2025 23:34:49 +0000
ROA not after:            Mon 31 Aug 2026 00:00:00 +0000
asID:                     7588
IP address blocks:        203.185.64.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/0UdMHaQ5s05IfCjCRynmh-CUfXM.crl
                          rsync://rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/0UdMHaQ5s05IfCjCRynmh-CUfXM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0UdMHaQ5s05IfCjCRynmh-CUfXM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1638 (0x666)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91840A8, serialNumber=D1474C1DA439B34E487C28C24729E687E0947D73
        Validity
            Not Before: Jul 30 23:34:49 2025 GMT
            Not After : Aug 31 00:00:00 2026 GMT
        Subject: CN=688aac19-a5d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:40:82:c1:eb:0e:1b:73:58:48:ab:f4:6e:f2:
                    f6:35:b5:5b:62:fd:34:3c:22:ce:5a:0e:c1:42:ea:
                    b2:03:e6:05:76:38:b1:9d:20:cf:77:0b:b3:0e:39:
                    7b:14:81:57:1d:1f:fe:c7:f5:95:b4:a0:dc:8c:30:
                    49:c7:fb:22:5f:a7:11:bd:16:4c:2d:93:34:04:a6:
                    ff:6b:4b:d6:77:af:39:ee:7d:98:20:4f:2b:51:38:
                    77:86:19:ba:7b:bf:1f:f9:a6:1a:e2:6d:67:16:9d:
                    63:1d:b0:48:9f:64:57:25:3a:8d:c9:d2:0a:f8:b3:
                    4d:cb:5a:83:69:18:b5:b1:ff:eb:06:9d:92:f6:0c:
                    4c:fe:4c:94:bf:6d:f8:9a:8e:52:26:6b:0e:7a:b6:
                    32:24:c3:1f:58:cb:6e:a1:b7:61:05:95:48:a2:23:
                    37:e9:da:fc:fe:4e:4d:f3:e1:b1:5c:16:99:e1:db:
                    2f:76:6e:e5:f8:c0:d3:cb:5e:58:64:1b:73:3d:46:
                    76:ac:dd:7a:cb:8f:ef:f7:42:77:db:c5:14:1f:cb:
                    74:54:88:a7:f7:4d:40:2a:27:d8:32:4d:96:56:23:
                    1b:5d:6b:e1:8c:c6:b2:60:6b:ba:58:09:96:79:08:
                    65:72:70:d5:dd:16:f2:64:42:c6:e3:87:ec:16:eb:
                    e0:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:05:5A:DC:9B:44:3F:99:97:79:32:37:A3:10:D3:4F:85:4B:00:EF
            X509v3 Authority Key Identifier:
                keyid:D1:47:4C:1D:A4:39:B3:4E:48:7C:28:C2:47:29:E6:87:E0:94:7D:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/0UdMHaQ5s05IfCjCRynmh-CUfXM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0UdMHaQ5s05IfCjCRynmh-CUfXM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/E9FB74DCE57711ECBC483554C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.185.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         67:33:69:9d:cf:18:53:bc:02:55:d0:25:3d:6c:7c:a8:1f:ef:
         3f:10:42:1a:d4:4f:c6:c2:62:a1:d3:ae:f7:ab:43:96:66:59:
         5d:19:7e:9a:46:c2:03:ad:29:68:96:2b:3f:b7:be:af:af:00:
         48:f9:f4:54:31:90:39:b4:b1:b6:4f:57:c6:4d:34:95:72:63:
         63:c3:ec:07:9a:16:ae:ec:dc:fa:11:84:81:0e:21:f8:d0:a6:
         3b:eb:88:b1:cb:ff:3e:35:5e:bb:7e:90:b5:0d:5c:f2:42:dc:
         fa:12:0e:b0:4f:f5:a5:18:b8:6e:cf:79:8c:98:5a:bc:d4:8e:
         ad:5c:5d:b5:33:f3:5a:6c:40:d3:48:8c:82:cc:05:be:81:03:
         14:70:1f:3c:4e:13:05:14:5a:2d:e2:ff:74:54:ef:a9:c0:a2:
         b3:b1:65:a3:85:91:a7:13:aa:9b:fb:b7:98:08:93:c5:2a:c5:
         1b:5b:79:39:57:41:1b:b9:cb:0c:94:93:eb:f5:4d:a7:65:49:
         da:b9:af:69:34:f4:ec:41:44:0f:31:72:4a:51:8d:ae:ce:38:
         c2:bd:f8:a0:fa:db:47:de:9a:ad:25:ef:2a:11:67:cf:7a:ee:
         2a:4e:db:5c:99:bd:9f:f1:4e:23:da:47:20:0a:23:a2:54:98:
         f0:d1:9d:88
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBmYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQwQTgxMTAvBgNVBAUTKEQxNDc0QzFEQTQzOUIzNEU0ODdDMjhDMjQ3MjlFNjg3
RTA5NDdENzMwHhcNMjUwNzMwMjMzNDQ5WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhhYWMxOS1hNWQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxkCCwesOG3NYSKv0bvL2NbVbYv00PCLOWg7BQuqyA+YFdjixnSDPdwuzDjl7
FIFXHR/+x/WVtKDcjDBJx/siX6cRvRZMLZM0BKb/a0vWd6857n2YIE8rUTh3hhm6
e78f+aYa4m1nFp1jHbBIn2RXJTqNydIK+LNNy1qDaRi1sf/rBp2S9gxM/kyUv234
mo5SJmsOerYyJMMfWMtuobdhBZVIoiM36dr8/k5N8+GxXBaZ4dsvdm7l+MDTy15Y
ZBtzPUZ2rN16y4/v90J328UUH8t0VIin901AKifYMk2WViMbXWvhjMayYGu6WAmW
eQhlcnDV3RbyZELG44fsFuvg9wIDAQABo4IClTCCApEwHQYDVR0OBBYEFPcFWtyb
RD+Zl3kyN6MQ00+FSwDvMB8GA1UdIwQYMBaAFNFHTB2kObNOSHwowkcp5ofglH1z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDBBOC83MEMyRUI3QUEx
OTYxMUVCODIwMENGMDlDNEY5QUUwMi8wVWRNSGFRNXMwNUlmQ2pDUnlubWgtQ1Vm
WE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBVZE1IYVE1czA1SWZDakNSeW5taC1DVWZYTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQwQTgvNzBDMkVCN0FBMTk2MTFFQjgyMDBDRjA5QzRGOUFFMDIvRTlGQjc0RENF
NTc3MTFFQ0JDNDgzNTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAXLuUAwDQYJKoZIhvcNAQELBQADggEBAGczaZ3PGFO8AlXQ
JT1sfKgf7z8QQhrUT8bCYqHTrverQ5ZmWV0ZfppGwgOtKWiWKz+3vq+vAEj59FQx
kDm0sbZPV8ZNNJVyY2PD7AeaFq7s3PoRhIEOIfjQpjvriLHL/z41Xrt+kLUNXPJC
3PoSDrBP9aUYuG7PeYyYWrzUjq1cXbUz81psQNNIjILMBb6BAxRwHzxOEwUUWi3i
/3RU76nAorOxZaOFkacTqpv7t5gIk8UqxRtbeTlXQRu5ywyUk+v1TadlSdq5r2k0
9OxBRA8xckpRja7OOMK9+KD620femq0l7yoRZ8967ipO21yZvZ/xTiPaRyAKI6JU
mPDRnYg=
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:51:46 2025 by rpki-client