Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/BA140DB6707911F0A8415023C4F9AE02.roa
File:                     BA140DB6707911F0A8415023C4F9AE02.roa (raw, json)
Hash identifier:          LArcIY4xvxdhxFj0TQHUrlRiPJMWgL7lYJGEH8sE7RA=
Subject key identifier:   46:9A:73:33:FA:6D:F8:87:C2:61:FF:42:4C:9B:DE:4E:13:D2:3D:4F
Certificate issuer:       /CN=A91CD4DB/serialNumber=3FB7855EF330BA77D9F3B72DFFDEC20712AC1407
Certificate serial:       17DE
Authority key identifier: 3F:B7:85:5E:F3:30:BA:77:D9:F3:B7:2D:FF:DE:C2:07:12:AC:14:07
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7eFXvMwunfZ87ct_97CBxKsFAc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/BA140DB6707911F0A8415023C4F9AE02.roa
Signing time:             Sun 03 Aug 2025 14:54:16 +0000
ROA not before:           Sun 03 Aug 2025 14:54:16 +0000
ROA not after:            Fri 31 Oct 2025 00:00:00 +0000
asID:                     149765
IP address blocks:        117.103.85.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/P7eFXvMwunfZ87ct_97CBxKsFAc.crl
                          rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/P7eFXvMwunfZ87ct_97CBxKsFAc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7eFXvMwunfZ87ct_97CBxKsFAc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6110 (0x17de)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CD4DB, serialNumber=3FB7855EF330BA77D9F3B72DFFDEC20712AC1407
        Validity
            Not Before: Aug  3 14:54:16 2025 GMT
            Not After : Oct 31 00:00:00 2025 GMT
        Subject: CN=688f7818-3768
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:0a:e2:38:34:06:87:75:05:e5:61:e4:eb:fa:
                    fc:88:ca:36:4b:14:b1:36:ce:0b:40:af:41:8d:17:
                    55:34:ed:c8:47:7a:6c:13:6f:5a:90:85:0f:08:6e:
                    cd:96:38:4d:f2:f4:24:46:83:5a:f3:84:27:36:fc:
                    b1:16:f2:5f:db:aa:64:86:97:0e:4b:d8:74:c3:cc:
                    13:47:e7:76:ff:d8:e0:8a:5e:c1:50:d4:f4:13:e2:
                    a0:ae:54:88:88:99:ed:2c:f0:48:8f:2d:8b:a9:25:
                    64:fa:37:5b:b6:f8:a3:5b:ce:f6:e2:b5:b2:4d:ba:
                    04:58:86:d9:b0:8c:c4:de:64:3f:5f:84:c4:bb:a8:
                    18:8d:eb:db:6e:88:81:44:71:61:cb:b4:0f:df:da:
                    8d:36:8b:24:57:54:75:b0:0c:4b:81:38:4c:93:a3:
                    56:50:d2:6b:45:70:33:26:43:68:85:44:6a:2a:33:
                    64:a2:e8:05:28:40:75:2d:91:48:e4:3b:42:8c:92:
                    e7:8e:50:be:be:3d:3a:9e:fe:17:3f:b3:14:e6:b7:
                    e6:b4:fa:fe:97:3b:1d:63:3d:25:8a:e9:01:70:a8:
                    51:58:10:e1:74:65:3b:ca:98:d7:7d:6a:8a:88:4a:
                    2f:1f:d8:16:5b:d8:6f:69:c7:d4:00:2e:9c:60:b2:
                    7b:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:9A:73:33:FA:6D:F8:87:C2:61:FF:42:4C:9B:DE:4E:13:D2:3D:4F
            X509v3 Authority Key Identifier:
                keyid:3F:B7:85:5E:F3:30:BA:77:D9:F3:B7:2D:FF:DE:C2:07:12:AC:14:07

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/P7eFXvMwunfZ87ct_97CBxKsFAc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7eFXvMwunfZ87ct_97CBxKsFAc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/BA140DB6707911F0A8415023C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  117.103.85.0/24

    Signature Algorithm: sha256WithRSAEncryption
         e0:56:1f:f5:21:6f:51:33:d7:2a:de:e3:33:3c:b4:f6:de:25:
         14:d8:ca:53:5c:29:4a:17:9b:51:22:34:18:73:bd:33:51:ae:
         94:d7:6f:28:db:67:1c:9b:a8:da:3a:cf:21:69:d1:fe:8b:21:
         fb:7d:37:07:b8:86:a6:19:02:9e:ea:56:1f:f4:d7:78:eb:1e:
         7e:9f:47:37:d9:8d:6c:45:a4:5c:79:98:74:e2:27:ca:df:28:
         8e:51:f3:9c:f6:ce:64:1d:e4:96:3f:7f:87:f7:aa:9b:51:97:
         46:c0:b6:3c:f7:9e:35:34:28:64:56:a6:8b:a3:28:16:6b:99:
         22:cb:76:b0:c3:4f:84:15:d9:0a:d0:d8:8e:16:3c:ce:71:37:
         01:c7:7b:c2:c3:20:84:39:50:4a:66:04:5b:61:37:77:29:02:
         71:25:eb:99:a4:f2:34:61:8a:97:2e:6d:34:3c:37:c4:67:11:
         fb:d9:4c:40:f8:4d:24:57:53:15:1f:51:02:9f:cd:0c:27:0e:
         17:95:40:24:ca:69:47:1a:3d:98:e9:7b:9e:df:d1:2f:cf:46:
         61:4f:05:ea:ca:a6:63:22:2f:5f:f0:f6:d9:9e:c9:2f:8c:05:
         e7:1d:74:9a:3f:31:93:83:2a:f2:c2:44:43:a1:51:90:4a:4c:
         c8:d0:15:9c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICF94wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0Q0REIxMTAvBgNVBAUTKDNGQjc4NTVFRjMzMEJBNzdEOUYzQjcyREZGREVDMjA3
MTJBQzE0MDcwHhcNMjUwODAzMTQ1NDE2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhmNzgxOC0zNzY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1QriODQGh3UF5WHk6/r8iMo2SxSxNs4LQK9BjRdVNO3IR3psE29akIUPCG7N
ljhN8vQkRoNa84QnNvyxFvJf26pkhpcOS9h0w8wTR+d2/9jgil7BUNT0E+KgrlSI
iJntLPBIjy2LqSVk+jdbtvijW8724rWyTboEWIbZsIzE3mQ/X4TEu6gYjevbboiB
RHFhy7QP39qNNoskV1R1sAxLgThMk6NWUNJrRXAzJkNohURqKjNkougFKEB1LZFI
5DtCjJLnjlC+vj06nv4XP7MU5rfmtPr+lzsdYz0liukBcKhRWBDhdGU7ypjXfWqK
iEovH9gWW9hvacfUAC6cYLJ7IwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEaaczP6
bfiHwmH/Qkyb3k4T0j1PMB8GA1UdIwQYMBaAFD+3hV7zMLp32fO3Lf/ewgcSrBQH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDREQi8zQTMxNURDRUNE
MDIxMUU3QjA0NDJEMjhDNEY5QUUwMi9QN2VGWHZNd3VuZlo4N2N0Xzk3Q0J4S3NG
QWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1A3ZUZYdk13dW5mWjg3Y3RfOTdDQnhLc0ZBYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0Q0REIvM0EzMTVEQ0VDRDAyMTFFN0IwNDQyRDI4QzRGOUFFMDIvQkExNDBEQjY3
MDc5MTFGMEE4NDE1MDIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB1Z1UwDQYJKoZIhvcNAQELBQADggEBAOBWH/Uhb1Ez1yre
4zM8tPbeJRTYylNcKUoXm1EiNBhzvTNRrpTXbyjbZxybqNo6zyFp0f6LIft9Nwe4
hqYZAp7qVh/013jrHn6fRzfZjWxFpFx5mHTiJ8rfKI5R85z2zmQd5JY/f4f3qptR
l0bAtjz3njU0KGRWpoujKBZrmSLLdrDDT4QV2QrQ2I4WPM5xNwHHe8LDIIQ5UEpm
BFthN3cpAnEl65mk8jRhipcubTQ8N8RnEfvZTED4TSRXUxUfUQKfzQwnDheVQCTK
aUcaPZjpe57f0S/PRmFPBerKpmMiL1/w9tmeyS+MBecddJo/MZODKvLCREOhUZBK
TMjQFZw=
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:53:01 2025 by rpki-client