Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A2265/9A66AADE508511EEBA3EFC11C4F9AE02/9F5C80A8F3EB11EFBAF62455C4F9AE02.roa
File:                     9F5C80A8F3EB11EFBAF62455C4F9AE02.roa (raw, json)
Hash identifier:          ocKjYHSoFFeanr7nSrSoG6NZ1NK1GEX/tAPr3f25J2Y=
Subject key identifier:   53:C6:89:84:0E:3C:B0:B0:E1:AF:FA:BC:DE:50:97:0E:D4:B0:DD:81
Certificate issuer:       /CN=A91A2265/serialNumber=BBEC210E7529FD397F1338FFAC1DDD783C0FAA32
Certificate serial:       0168
Authority key identifier: BB:EC:21:0E:75:29:FD:39:7F:13:38:FF:AC:1D:DD:78:3C:0F:AA:32
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-whDnUp_Tl_Ezj_rB3deDwPqjI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A2265/9A66AADE508511EEBA3EFC11C4F9AE02/9F5C80A8F3EB11EFBAF62455C4F9AE02.roa
Signing time:             Thu 31 Jul 2025 04:42:00 +0000
ROA not before:           Thu 31 Jul 2025 04:42:00 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     58604
IP address blocks:        203.167.6.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A2265/9A66AADE508511EEBA3EFC11C4F9AE02/u-whDnUp_Tl_Ezj_rB3deDwPqjI.crl
                          rsync://rpki.apnic.net/member_repository/A91A2265/9A66AADE508511EEBA3EFC11C4F9AE02/u-whDnUp_Tl_Ezj_rB3deDwPqjI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-whDnUp_Tl_Ezj_rB3deDwPqjI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 360 (0x168)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A2265, serialNumber=BBEC210E7529FD397F1338FFAC1DDD783C0FAA32
        Validity
            Not Before: Jul 31 04:42:00 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=688af418-e0a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:80:2b:ee:19:b3:a2:4f:b0:0f:a2:3e:52:d3:
                    c4:8d:3c:d5:cf:c4:68:ff:b8:d4:3f:f6:c8:80:14:
                    b0:0d:a5:42:1d:40:53:ea:81:97:0e:3d:df:2d:45:
                    0c:d8:43:d6:0f:bc:12:f5:dd:f1:61:9b:2d:64:fc:
                    b7:fb:1c:11:3b:83:a5:8f:0f:f5:c2:74:61:01:a7:
                    b6:1a:64:0b:dc:aa:54:1b:61:5a:b3:19:7a:8b:e5:
                    c3:60:7f:71:4c:b2:9b:6a:ef:7f:d3:2d:5d:2c:67:
                    33:75:22:2f:61:f6:6c:32:49:ab:dc:35:0c:04:98:
                    b6:b3:b1:c2:80:c1:14:7d:40:d0:e8:43:bb:7a:83:
                    8f:88:18:ce:a9:b0:f4:b4:bc:a4:47:b5:1d:b3:d6:
                    9b:f1:2c:b8:84:70:57:80:f5:78:18:c7:41:51:fa:
                    96:58:2e:ed:13:ec:73:42:72:15:e6:dd:5a:ff:01:
                    3c:ea:61:02:6e:37:4d:cf:2e:be:1c:8f:7e:8a:7f:
                    3e:64:c9:de:92:31:17:ae:70:fb:e2:57:7d:f7:c5:
                    e8:03:98:b9:cb:04:e4:c5:62:18:7e:18:13:99:a9:
                    06:62:7b:1e:f5:73:a9:12:30:8a:a7:a7:b2:01:24:
                    ae:f9:19:e6:38:25:00:17:ea:27:b5:69:a5:47:8c:
                    e8:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:C6:89:84:0E:3C:B0:B0:E1:AF:FA:BC:DE:50:97:0E:D4:B0:DD:81
            X509v3 Authority Key Identifier:
                keyid:BB:EC:21:0E:75:29:FD:39:7F:13:38:FF:AC:1D:DD:78:3C:0F:AA:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A2265/9A66AADE508511EEBA3EFC11C4F9AE02/u-whDnUp_Tl_Ezj_rB3deDwPqjI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-whDnUp_Tl_Ezj_rB3deDwPqjI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A2265/9A66AADE508511EEBA3EFC11C4F9AE02/9F5C80A8F3EB11EFBAF62455C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.167.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:0a:7c:6b:c4:1e:73:ff:78:a2:42:7f:f7:c0:46:5f:84:67:
         8b:33:4c:66:11:3b:f6:c8:cb:a6:52:63:a2:21:30:6e:ef:93:
         8c:96:1c:ce:15:1b:96:58:2a:5f:b4:0e:81:37:96:8f:9d:a7:
         bf:a9:de:9b:91:50:40:86:6f:66:84:cf:8a:f9:94:35:74:d6:
         a8:c7:aa:5b:bd:56:50:4d:01:b5:88:3b:51:f1:b6:e5:8c:83:
         18:b6:3e:b2:d3:56:3a:b6:55:8a:d6:cd:59:1c:2b:ca:50:2e:
         11:64:5f:5c:f2:12:84:80:ba:65:8f:72:8a:dd:1d:a7:b8:3a:
         89:bb:d6:06:14:e8:97:d3:56:6b:5a:37:66:04:fb:01:77:00:
         09:81:79:39:4e:c2:72:53:b7:84:d9:8b:79:0f:b3:29:dc:51:
         69:3c:cc:2f:e8:d8:31:0f:92:f3:99:a7:8d:23:88:25:a5:cc:
         14:b8:d6:e1:64:0f:39:a7:6a:3d:07:15:02:b5:8b:17:49:da:
         db:76:1f:01:ea:49:1b:d8:5f:85:35:20:5c:a7:a4:aa:24:bf:
         01:2c:82:ba:76:8b:39:33:64:cd:69:da:30:c3:81:98:2a:e7:
         bd:e4:38:ad:56:c0:6c:73:0e:d9:75:8e:6b:bb:a1:45:1c:e9:
         31:12:fa:de
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAWgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTIyNjUxMTAvBgNVBAUTKEJCRUMyMTBFNzUyOUZEMzk3RjEzMzhGRkFDMURERDc4
M0MwRkFBMzIwHhcNMjUwNzMxMDQ0MjAwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhhZjQxOC1lMGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA24Ar7hmzok+wD6I+UtPEjTzVz8Ro/7jUP/bIgBSwDaVCHUBT6oGXDj3fLUUM
2EPWD7wS9d3xYZstZPy3+xwRO4Oljw/1wnRhAae2GmQL3KpUG2Fasxl6i+XDYH9x
TLKbau9/0y1dLGczdSIvYfZsMkmr3DUMBJi2s7HCgMEUfUDQ6EO7eoOPiBjOqbD0
tLykR7Uds9ab8Sy4hHBXgPV4GMdBUfqWWC7tE+xzQnIV5t1a/wE86mECbjdNzy6+
HI9+in8+ZMnekjEXrnD74ld998XoA5i5ywTkxWIYfhgTmakGYnse9XOpEjCKp6ey
ASSu+RnmOCUAF+ontWmlR4zoFwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFPGiYQO
PLCw4a/6vN5Qlw7UsN2BMB8GA1UdIwQYMBaAFLvsIQ51Kf05fxM4/6wd3Xg8D6oy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMjI2NS85QTY2QUFERTUw
ODUxMUVFQkEzRUZDMTFDNEY5QUUwMi91LXdoRG5VcF9UbF9FempfckIzZGVEd1Bx
akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Utd2hEblVwX1RsX0V6al9yQjNkZUR3UHFqSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTIyNjUvOUE2NkFBREU1MDg1MTFFRUJBM0VGQzExQzRGOUFFMDIvOUY1QzgwQThG
M0VCMTFFRkJBRjYyNDU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLpwYwDQYJKoZIhvcNAQELBQADggEBADoKfGvEHnP/eKJC
f/fARl+EZ4szTGYRO/bIy6ZSY6IhMG7vk4yWHM4VG5ZYKl+0DoE3lo+dp7+p3puR
UECGb2aEz4r5lDV01qjHqlu9VlBNAbWIO1HxtuWMgxi2PrLTVjq2VYrWzVkcK8pQ
LhFkX1zyEoSAumWPcordHae4Oom71gYU6JfTVmtaN2YE+wF3AAmBeTlOwnJTt4TZ
i3kPsyncUWk8zC/o2DEPkvOZp40jiCWlzBS41uFkDzmnaj0HFQK1ixdJ2tt2HwHq
SRvYX4U1IFynpKokvwEsgrp2izkzZM1p2jDDgZgq573kOK1WwGxzDtl1jmu7oUUc
6TES+t4=
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:38:07 2025 by rpki-client