Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91AFBDA/6AD374AAE65D11EEB6123E41C4F9AE02/62246EC4E67E11EEAD030482C4F9AE02.roa
File:                     62246EC4E67E11EEAD030482C4F9AE02.roa (raw, json)
Hash identifier:          J5vtQMTwpL/xmHDO4Uy4YqCD/INA3rpqnN+ZrH/2hAs=
Subject key identifier:   DC:28:89:BB:ED:64:D3:92:5C:39:17:8F:EF:E7:71:F5:D4:D2:25:63
Certificate issuer:       /CN=A91AFBDA/serialNumber=107A39C1CC04F27CC72663DBF7BAE6D92A950380
Certificate serial:       F6
Authority key identifier: 10:7A:39:C1:CC:04:F2:7C:C7:26:63:DB:F7:BA:E6:D9:2A:95:03:80
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EHo5wcwE8nzHJmPb97rm2SqVA4A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91AFBDA/6AD374AAE65D11EEB6123E41C4F9AE02/62246EC4E67E11EEAD030482C4F9AE02.roa
Signing time:             Tue 01 Jul 2025 06:11:42 +0000
ROA not before:           Tue 01 Jul 2025 06:11:42 +0000
ROA not after:            Mon 31 Aug 2026 00:00:00 +0000
asID:                     151213
IP address blocks:        103.226.219.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91AFBDA/6AD374AAE65D11EEB6123E41C4F9AE02/EHo5wcwE8nzHJmPb97rm2SqVA4A.crl
                          rsync://rpki.apnic.net/member_repository/A91AFBDA/6AD374AAE65D11EEB6123E41C4F9AE02/EHo5wcwE8nzHJmPb97rm2SqVA4A.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EHo5wcwE8nzHJmPb97rm2SqVA4A.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 246 (0xf6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91AFBDA, serialNumber=107A39C1CC04F27CC72663DBF7BAE6D92A950380
        Validity
            Not Before: Jul  1 06:11:42 2025 GMT
            Not After : Aug 31 00:00:00 2026 GMT
        Subject: CN=68637c1d-4804
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ad:e8:10:96:c7:a5:13:9b:14:65:bc:63:6a:
                    56:35:9c:87:0b:db:9d:ab:53:c8:85:16:d8:c6:17:
                    e4:e5:d9:43:7f:80:17:1b:0b:c6:32:a5:c2:6e:0c:
                    ce:36:e3:25:64:ca:d0:9c:a1:fc:73:72:fb:3d:72:
                    ce:9c:f2:5e:e6:ae:ca:02:40:eb:7b:43:f0:40:2d:
                    1a:8e:d1:f8:33:ab:00:4b:27:93:39:97:aa:c8:dd:
                    ce:c7:71:79:60:29:0c:b7:8f:a0:e4:e3:6f:34:d8:
                    6a:e0:8a:3f:5a:e4:ae:af:77:6d:6b:21:fa:98:14:
                    04:04:bd:2b:3e:50:7f:cf:e9:f0:41:a7:a0:de:a5:
                    ab:64:50:0b:72:bb:ea:c7:1b:e9:0a:b9:c3:99:05:
                    e1:ce:47:f5:c2:8d:09:50:60:d5:5d:8f:cc:dd:29:
                    6a:20:70:11:68:e8:a3:3c:d2:ed:55:fd:17:cf:9f:
                    cf:2f:d4:74:14:ad:5b:14:d5:fc:4f:01:55:4f:1c:
                    9a:03:b9:59:ce:20:c5:88:88:65:fb:a7:64:5f:54:
                    32:87:d7:2a:d9:ad:03:bf:bd:99:1c:87:c2:3b:3c:
                    c1:3b:a0:cb:28:85:3b:ca:ca:10:04:c8:27:f8:8a:
                    6a:0f:c1:1d:1b:26:b0:d9:5f:77:15:cf:aa:e8:8c:
                    d1:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:28:89:BB:ED:64:D3:92:5C:39:17:8F:EF:E7:71:F5:D4:D2:25:63
            X509v3 Authority Key Identifier:
                keyid:10:7A:39:C1:CC:04:F2:7C:C7:26:63:DB:F7:BA:E6:D9:2A:95:03:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91AFBDA/6AD374AAE65D11EEB6123E41C4F9AE02/EHo5wcwE8nzHJmPb97rm2SqVA4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EHo5wcwE8nzHJmPb97rm2SqVA4A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AFBDA/6AD374AAE65D11EEB6123E41C4F9AE02/62246EC4E67E11EEAD030482C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.226.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:72:5a:77:40:a3:55:7d:69:42:46:05:82:39:c1:94:4c:95:
         ba:1f:c7:aa:aa:68:31:97:3b:b9:97:13:dc:e7:30:0a:09:a5:
         d0:08:ba:fd:f6:87:58:0b:74:95:af:27:27:93:2c:61:a1:a2:
         60:32:6d:fa:88:4a:30:b2:cd:a3:25:74:47:a0:55:15:b0:57:
         31:f2:94:4d:af:58:c5:d2:ef:30:13:e8:9f:ac:93:34:56:b2:
         17:92:b9:9c:c6:9c:5c:9c:81:58:8d:f3:fe:9f:7e:64:b1:22:
         b2:92:9e:88:e8:81:5c:98:6c:cc:9f:2b:d3:95:a0:e8:50:86:
         f2:ec:7e:2d:0f:c6:63:24:01:8a:ea:97:fb:f7:cf:fa:06:14:
         31:c4:1d:c5:2a:a9:ba:57:93:da:67:29:67:d8:d0:59:13:90:
         be:d0:13:47:38:bc:19:31:49:90:26:7d:64:de:81:7c:ab:6d:
         f8:f2:fb:4e:81:f9:61:9a:fd:8c:75:73:21:d9:8c:ad:e0:bd:
         f9:bd:78:fa:85:e5:8e:cc:1b:4b:9a:f9:9e:6a:a7:39:8d:73:
         ee:ac:22:e3:f3:ea:57:db:e3:e2:bf:cd:72:c6:1a:59:be:6a:
         56:be:b2:df:9e:09:b5:31:35:46:4e:f5:fe:78:bf:e6:a3:d6:
         87:d5:83:fb
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAPYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUZCREExMTAvBgNVBAUTKDEwN0EzOUMxQ0MwNEYyN0NDNzI2NjNEQkY3QkFFNkQ5
MkE5NTAzODAwHhcNMjUwNzAxMDYxMTQyWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODYzN2MxZC00ODA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuq3oEJbHpRObFGW8Y2pWNZyHC9udq1PIhRbYxhfk5dlDf4AXGwvGMqXCbgzO
NuMlZMrQnKH8c3L7PXLOnPJe5q7KAkDre0PwQC0ajtH4M6sASyeTOZeqyN3Ox3F5
YCkMt4+g5ONvNNhq4Io/WuSur3dtayH6mBQEBL0rPlB/z+nwQaeg3qWrZFALcrvq
xxvpCrnDmQXhzkf1wo0JUGDVXY/M3SlqIHARaOijPNLtVf0Xz5/PL9R0FK1bFNX8
TwFVTxyaA7lZziDFiIhl+6dkX1Qyh9cq2a0Dv72ZHIfCOzzBO6DLKIU7ysoQBMgn
+IpqD8EdGyaw2V93Fc+q6IzRlwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNwoibvt
ZNOSXDkXj+/ncfXU0iVjMB8GA1UdIwQYMBaAFBB6OcHMBPJ8xyZj2/e65tkqlQOA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRkJEQS82QUQzNzRBQUU2
NUQxMUVFQjYxMjNFNDFDNEY5QUUwMi9FSG81d2N3RThuekhKbVBiOTdybTJTcVZB
NEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VIbzV3Y3dFOG56SEptUGI5N3JtMlNxVkE0QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUZCREEvNkFEMzc0QUFFNjVEMTFFRUI2MTIzRTQxQzRGOUFFMDIvNjIyNDZFQzRF
NjdFMTFFRUFEMDMwNDgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn4tswDQYJKoZIhvcNAQELBQADggEBAGhyWndAo1V9aUJG
BYI5wZRMlbofx6qqaDGXO7mXE9znMAoJpdAIuv32h1gLdJWvJyeTLGGhomAybfqI
SjCyzaMldEegVRWwVzHylE2vWMXS7zAT6J+skzRWsheSuZzGnFycgViN8/6ffmSx
IrKSnojogVyYbMyfK9OVoOhQhvLsfi0PxmMkAYrql/v3z/oGFDHEHcUqqbpXk9pn
KWfY0FkTkL7QE0c4vBkxSZAmfWTegXyrbfjy+06B+WGa/Yx1cyHZjK3gvfm9ePqF
5Y7MG0ua+Z5qpzmNc+6sIuPz6lfb4+K/zXLGGlm+ala+st+eCbUxNUZO9f54v+aj
1ofVg/s=
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:48:10 2025 by rpki-client