Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/C808A5E6C4A711E9BE1A815DC4F9AE02.roa
File:                     C808A5E6C4A711E9BE1A815DC4F9AE02.roa (raw, json)
Hash identifier:          xBEJgIzvf6KFBc9UOL09Ck3bsj0FQjBEc09KqqMB4hI=
Subject key identifier:   B6:5E:E6:8E:FB:91:F5:4C:7B:13:ED:58:E2:9E:E3:9E:D6:5D:C7:FC
Certificate issuer:       /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial:       36BB
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/C808A5E6C4A711E9BE1A815DC4F9AE02.roa
Signing time:             Sat 02 Aug 2025 15:53:31 +0000
ROA not before:           Sat 02 Aug 2025 15:53:31 +0000
ROA not after:            Mon 02 Mar 2026 00:00:00 +0000
asID:                     63886
IP address blocks:        103.236.192.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
                          rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 13 Aug 2025 15:38:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14011 (0x36bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9186214, serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
        Validity
            Not Before: Aug  2 15:53:31 2025 GMT
            Not After : Mar  2 00:00:00 2026 GMT
        Subject: CN=688e347b-ab98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:b9:e7:93:89:ea:eb:52:8d:ce:a7:e7:1a:97:
                    58:a9:fb:a1:b2:16:c8:94:fe:3d:88:e5:ea:e6:46:
                    c7:4e:0e:d2:0b:7a:e3:18:19:de:f7:6d:ed:6b:01:
                    f7:72:47:42:5b:9d:43:89:d5:97:3b:18:ad:df:82:
                    76:10:d4:6a:31:05:95:d1:b8:c8:e8:19:69:08:49:
                    6a:55:37:95:01:c8:e3:f9:81:d3:80:22:f8:23:f6:
                    ed:9e:0e:17:c2:3e:9c:1e:0f:29:76:12:d7:43:b5:
                    34:08:51:fb:2f:c1:b0:ee:9e:85:21:7b:fb:7d:63:
                    51:b9:69:16:09:f4:31:fb:7c:18:a9:06:89:b3:dc:
                    13:b9:55:cc:a3:7e:0e:71:23:9b:b1:2e:19:32:c7:
                    91:f2:d9:04:00:b5:09:52:53:1a:d5:7e:54:b3:f2:
                    99:c5:e5:99:f1:d7:c4:e6:d5:7d:df:a0:3a:8a:4b:
                    82:e3:00:b3:49:06:e0:29:4f:92:96:42:a4:4a:58:
                    1c:ce:a6:d9:24:bb:f2:02:6d:23:d1:6b:f8:dd:27:
                    ce:86:66:7b:9c:dc:67:6f:ba:69:d8:8e:25:7e:8d:
                    68:be:70:e3:ee:f2:67:7e:f3:d5:e8:46:11:5d:51:
                    42:e1:2b:53:af:e6:57:51:9b:2a:82:95:0c:b1:47:
                    cd:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:5E:E6:8E:FB:91:F5:4C:7B:13:ED:58:E2:9E:E3:9E:D6:5D:C7:FC
            X509v3 Authority Key Identifier:
                keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/C808A5E6C4A711E9BE1A815DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.236.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:f7:de:15:fc:7c:43:c9:84:4a:ba:ca:03:de:75:6f:d7:4f:
         54:03:dd:e2:15:ad:78:87:ae:3f:4b:0c:82:55:de:d9:3a:c0:
         9f:69:ab:88:55:52:c6:20:c9:ff:e6:e8:38:6a:04:66:26:4b:
         0b:da:e1:62:16:5c:32:f1:21:75:37:9b:d0:86:93:0c:51:5c:
         3c:0e:7b:08:05:3f:ce:bb:8f:4d:61:6d:59:bb:40:ed:49:43:
         f4:5a:f4:3b:98:25:ec:eb:fa:db:5d:ab:20:7a:7c:19:d7:de:
         a1:ac:42:b8:50:f2:87:2d:f8:ca:12:d7:be:cd:33:71:c8:19:
         fb:09:d7:67:4e:70:2d:a8:1e:c1:43:8c:a2:e6:60:a3:fe:45:
         8e:4e:68:d2:00:fd:11:37:d3:22:9b:01:18:24:40:14:bc:a2:
         75:49:85:6a:77:ed:27:54:c4:13:61:dc:28:b0:97:be:13:52:
         57:b6:96:bb:24:db:44:f1:b6:ea:77:a2:e0:40:87:9f:34:e9:
         c4:ec:c3:93:8a:26:84:4d:89:c7:66:47:5e:86:17:3d:5e:d2:
         5e:a4:38:18:f6:56:f1:70:3f:c4:1d:db:52:d2:84:50:a9:9e:
         4e:87:b0:d7:8e:35:a2:8f:44:70:73:24:0d:1b:cb:6e:9c:66:
         1a:69:62:15
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNrswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjUwODAyMTU1MzMxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhlMzQ3Yi1hYjk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy7nnk4nq61KNzqfnGpdYqfuhshbIlP49iOXq5kbHTg7SC3rjGBne923tawH3
ckdCW51DidWXOxit34J2ENRqMQWV0bjI6BlpCElqVTeVAcjj+YHTgCL4I/btng4X
wj6cHg8pdhLXQ7U0CFH7L8Gw7p6FIXv7fWNRuWkWCfQx+3wYqQaJs9wTuVXMo34O
cSObsS4ZMseR8tkEALUJUlMa1X5Us/KZxeWZ8dfE5tV936A6ikuC4wCzSQbgKU+S
lkKkSlgczqbZJLvyAm0j0Wv43SfOhmZ7nNxnb7pp2I4lfo1ovnDj7vJnfvPV6EYR
XVFC4StTr+ZXUZsqgpUMsUfN0wIDAQABo4IClTCCApEwHQYDVR0OBBYEFLZe5o77
kfVMexPtWOKe457WXcf8MB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvQzgwOEE1RTZD
NEE3MTFFOUJFMUE4MTVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn7MAwDQYJKoZIhvcNAQELBQADggEBAEv33hX8fEPJhEq6
ygPedW/XT1QD3eIVrXiHrj9LDIJV3tk6wJ9pq4hVUsYgyf/m6DhqBGYmSwva4WIW
XDLxIXU3m9CGkwxRXDwOewgFP867j01hbVm7QO1JQ/Ra9DuYJezr+ttdqyB6fBnX
3qGsQrhQ8oct+MoS177NM3HIGfsJ12dOcC2oHsFDjKLmYKP+RY5OaNIA/RE30yKb
ARgkQBS8onVJhWp37SdUxBNh3Ciwl74TUle2lrsk20Txtup3ouBAh5806cTsw5OK
JoRNicdmR16GFz1e0l6kOBj2VvFwP8Qd21LShFCpnk6HsNeONaKPRHBzJA0by26c
ZhppYhU=
-----END CERTIFICATE-----
Generated at Thu Aug 7 01:13:38 2025 by rpki-client