Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/6E30D6B6BE7A11E99ADDFD75C4F9AE02.roa
File:                     6E30D6B6BE7A11E99ADDFD75C4F9AE02.roa (raw, json)
Hash identifier:          8pQ8VYEbDJpZuMYGDb3PEBwXGKgeFk31hw+3mhsjOMw=
Subject key identifier:   71:78:A6:5E:38:FA:4F:0F:86:89:48:B9:B3:21:82:CD:51:86:77:E1
Certificate issuer:       /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial:       36B4
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/6E30D6B6BE7A11E99ADDFD75C4F9AE02.roa
Signing time:             Sat 02 Aug 2025 15:53:25 +0000
ROA not before:           Sat 02 Aug 2025 15:53:25 +0000
ROA not after:            Mon 02 Mar 2026 00:00:00 +0000
asID:                     55684
IP address blocks:        103.23.224.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
                          rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 13 Aug 2025 15:38:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14004 (0x36b4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9186214, serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
        Validity
            Not Before: Aug  2 15:53:25 2025 GMT
            Not After : Mar  2 00:00:00 2026 GMT
        Subject: CN=688e3474-fac9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:7e:ef:e4:52:ef:dd:93:af:05:88:7d:0a:3d:
                    02:01:30:d6:26:af:91:d8:84:9f:8a:87:db:16:30:
                    ad:b1:eb:c1:dd:11:d1:70:ce:7b:e5:ce:f4:f7:4f:
                    83:fb:53:ee:55:53:f4:41:30:f6:db:6c:a3:bd:b8:
                    b9:e9:eb:9a:4b:31:91:01:4f:68:e4:14:79:49:d0:
                    a1:c2:44:cc:04:46:28:a6:7b:65:08:a9:d0:af:5f:
                    04:9c:ad:ed:4d:0f:dd:64:b5:60:89:ac:c9:ce:f5:
                    df:10:c9:2d:4d:63:19:8c:93:67:76:34:83:b6:9d:
                    9b:09:72:5c:3a:ea:92:48:91:54:ea:a7:42:0e:11:
                    b5:c8:aa:9b:04:05:ce:a9:fd:46:3d:cb:3e:4d:17:
                    7f:25:5d:20:68:ea:29:aa:5e:9b:f3:15:d2:a1:66:
                    c7:b9:8d:38:2e:da:6b:ca:e5:b3:00:4e:3d:f6:1c:
                    72:7f:6a:2b:77:78:46:66:1a:5d:b2:a5:3f:0c:55:
                    aa:3b:cf:87:f4:18:85:42:88:b6:d6:b7:cf:dd:0d:
                    81:33:bf:ed:83:32:2d:d2:27:1f:59:3d:dd:e6:b0:
                    df:52:70:ab:48:57:2f:e3:7c:f5:7c:53:c7:cc:c9:
                    98:ae:78:ac:ce:0c:26:16:ed:27:e1:1e:72:ca:f6:
                    99:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:78:A6:5E:38:FA:4F:0F:86:89:48:B9:B3:21:82:CD:51:86:77:E1
            X509v3 Authority Key Identifier:
                keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/6E30D6B6BE7A11E99ADDFD75C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.23.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4f:e1:87:20:fc:fd:d8:30:b3:e2:77:67:13:bf:65:a4:9e:86:
         4b:ba:89:78:4e:95:16:84:4f:8f:79:b6:9b:5a:46:2e:0d:b9:
         64:62:6b:1b:98:58:a6:0d:d2:18:91:f3:6e:b1:0a:62:e1:94:
         42:cf:50:c6:bb:5e:e7:67:b6:2f:78:39:4d:39:e9:78:af:64:
         52:bb:20:10:2d:4c:91:0e:89:02:ff:e2:0b:e7:72:f9:79:38:
         fb:9e:18:12:e1:e0:ea:21:72:fe:2b:e1:9f:26:a1:3e:d6:5f:
         a6:fc:98:e4:2c:bc:27:82:ba:1b:f6:ae:8b:66:d6:5a:ca:e0:
         b5:28:6d:a3:f0:73:a2:c9:13:d4:9f:60:e4:8f:cf:1f:27:56:
         ef:79:75:89:c4:b1:08:d6:a9:76:91:a1:da:6b:53:f1:e7:e8:
         0d:39:07:ea:93:62:26:d2:4d:02:06:ec:ad:1e:a9:17:88:c1:
         ae:29:75:c7:8a:ea:cd:4f:55:0a:38:5f:6b:51:1a:0c:fe:1a:
         f4:77:68:e4:1e:cd:68:f8:40:cc:9f:cb:48:a2:d9:15:fc:e8:
         9c:74:6b:9f:6a:0b:54:19:ca:9d:6f:b4:4a:16:e7:f4:03:92:
         05:f3:6b:fb:04:ef:69:fa:90:8b:1e:7d:9f:bb:24:b4:04:08:
         07:ab:14:11
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNrQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjUwODAyMTU1MzI1WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhlMzQ3NC1mYWM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw37v5FLv3ZOvBYh9Cj0CATDWJq+R2ISfiofbFjCtsevB3RHRcM575c7090+D
+1PuVVP0QTD222yjvbi56euaSzGRAU9o5BR5SdChwkTMBEYopntlCKnQr18EnK3t
TQ/dZLVgiazJzvXfEMktTWMZjJNndjSDtp2bCXJcOuqSSJFU6qdCDhG1yKqbBAXO
qf1GPcs+TRd/JV0gaOopql6b8xXSoWbHuY04LtpryuWzAE499hxyf2ord3hGZhpd
sqU/DFWqO8+H9BiFQoi21rfP3Q2BM7/tgzIt0icfWT3d5rDfUnCrSFcv43z1fFPH
zMmYrniszgwmFu0n4R5yyvaZ1QIDAQABo4IClTCCApEwHQYDVR0OBBYEFHF4pl44
+k8PholIubMhgs1RhnfhMB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvNkUzMEQ2QjZC
RTdBMTFFOTlBRERGRDc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnF+AwDQYJKoZIhvcNAQELBQADggEBAE/hhyD8/dgws+J3
ZxO/ZaSehku6iXhOlRaET495tptaRi4NuWRiaxuYWKYN0hiR826xCmLhlELPUMa7
Xudnti94OU056XivZFK7IBAtTJEOiQL/4gvncvl5OPueGBLh4Oohcv4r4Z8moT7W
X6b8mOQsvCeCuhv2rotm1lrK4LUobaPwc6LJE9SfYOSPzx8nVu95dYnEsQjWqXaR
odprU/Hn6A05B+qTYibSTQIG7K0eqReIwa4pdceK6s1PVQo4X2tRGgz+GvR3aOQe
zWj4QMyfy0ii2RX86Jx0a59qC1QZyp1vtEoW5/QDkgXza/sE72n6kIsefZ+7JLQE
CAerFBE=
-----END CERTIFICATE-----
Generated at Thu Aug 7 01:13:02 2025 by rpki-client