Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E734C/A73235EC73C211EA9D40B885C4F9AE02/A32546F8A3DB11EA98BC5D48C4F9AE02.roa
File:                     A32546F8A3DB11EA98BC5D48C4F9AE02.roa (raw, json)
Hash identifier:          yu7Gzab+ZfqH+4m4+3KIWb8qWAN7g8OtQCUYR4Hw6Qw=
Subject key identifier:   4F:3F:D0:8E:98:91:99:CB:1E:2B:24:61:3E:02:FE:7D:BD:9B:BB:95
Certificate issuer:       /CN=A91E734C/serialNumber=6C680840381C1EF32D3C8DBBF3ACC4082CF6A5B3
Certificate serial:       0A5A
Authority key identifier: 6C:68:08:40:38:1C:1E:F3:2D:3C:8D:BB:F3:AC:C4:08:2C:F6:A5:B3
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bGgIQDgcHvMtPI2786zECCz2pbM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E734C/A73235EC73C211EA9D40B885C4F9AE02/A32546F8A3DB11EA98BC5D48C4F9AE02.roa
Signing time:             Wed 06 Aug 2025 20:31:25 +0000
ROA not before:           Wed 06 Aug 2025 20:31:25 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     14618
IP address blocks:        58.181.95.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E734C/A73235EC73C211EA9D40B885C4F9AE02/bGgIQDgcHvMtPI2786zECCz2pbM.crl
                          rsync://rpki.apnic.net/member_repository/A91E734C/A73235EC73C211EA9D40B885C4F9AE02/bGgIQDgcHvMtPI2786zECCz2pbM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bGgIQDgcHvMtPI2786zECCz2pbM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2650 (0xa5a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E734C, serialNumber=6C680840381C1EF32D3C8DBBF3ACC4082CF6A5B3
        Validity
            Not Before: Aug  6 20:31:25 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=6893bb9d-7d1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:1d:fb:79:7e:c5:de:95:af:11:b8:21:e5:3c:
                    5e:1e:4a:3f:93:3e:6c:7f:2f:ff:6e:99:ba:69:2d:
                    6f:46:51:34:0f:25:e2:67:f7:f9:c4:b2:d0:81:e0:
                    c7:ed:f2:31:99:10:da:8a:47:f4:1f:0f:06:ce:ca:
                    44:f6:f0:ea:cb:b7:b7:a3:79:57:0f:48:23:09:5a:
                    06:ed:84:47:f3:d5:58:5d:4f:b6:b3:7e:88:02:e6:
                    9e:c0:04:63:47:11:82:d3:e9:3a:6d:bb:1e:92:8c:
                    39:dc:88:97:96:78:4b:d1:dd:ef:6b:9f:85:44:52:
                    49:f4:22:07:a5:da:c0:f1:c7:c0:72:79:89:f0:ac:
                    1d:7d:d3:ac:81:3e:4e:af:20:e8:70:61:f3:95:2e:
                    74:0a:4c:c3:de:27:fa:ea:c5:28:c1:a1:ca:4b:36:
                    86:35:e9:f7:df:74:aa:1b:02:ad:2a:92:0c:df:d9:
                    bc:a2:5d:a9:37:70:0e:94:7d:a4:a9:2f:3a:13:1d:
                    f8:98:ff:58:c6:70:20:42:f3:51:d6:98:67:5a:39:
                    cf:2c:ee:ed:2c:de:72:11:93:77:0e:26:d6:21:c2:
                    11:97:d7:66:44:30:45:ce:3b:ac:4c:12:2f:39:8a:
                    c3:e4:4c:5b:ba:1d:c6:1d:4e:73:7e:a5:1a:a5:85:
                    7d:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:3F:D0:8E:98:91:99:CB:1E:2B:24:61:3E:02:FE:7D:BD:9B:BB:95
            X509v3 Authority Key Identifier:
                keyid:6C:68:08:40:38:1C:1E:F3:2D:3C:8D:BB:F3:AC:C4:08:2C:F6:A5:B3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E734C/A73235EC73C211EA9D40B885C4F9AE02/bGgIQDgcHvMtPI2786zECCz2pbM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bGgIQDgcHvMtPI2786zECCz2pbM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E734C/A73235EC73C211EA9D40B885C4F9AE02/A32546F8A3DB11EA98BC5D48C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  58.181.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:ab:9e:7b:53:2f:a5:92:91:e8:1a:eb:4f:04:a1:9a:90:b8:
         9a:ba:b2:3b:c8:8c:8b:ef:8e:9c:58:51:46:cb:d0:d7:d7:e9:
         88:98:12:27:54:55:b8:b1:ab:eb:36:11:c1:1c:7f:99:03:79:
         eb:9b:23:ac:07:b0:eb:47:24:73:96:50:45:d8:33:04:f5:22:
         fd:1f:5a:51:44:3d:6a:d4:f4:ba:36:19:82:5b:eb:c8:38:a9:
         ee:6a:40:b6:96:a5:b9:7f:ee:19:1d:ca:6f:51:e8:95:fa:b4:
         8b:e9:55:b6:2a:51:c8:aa:ab:f0:f2:0d:9a:06:00:eb:9b:f6:
         de:e2:ae:fe:a2:af:3f:bf:b3:82:cd:dc:90:46:7f:d1:14:b4:
         81:1e:72:e7:74:a3:82:98:99:31:b5:42:c9:90:cf:6c:61:1f:
         72:9a:2d:3c:12:cc:25:46:da:39:5d:cd:f8:ae:14:af:5a:34:
         bf:5e:04:c2:06:37:57:f9:75:de:ac:dc:57:47:f1:60:be:30:
         50:ac:09:04:fb:3e:b0:f5:5b:62:6d:10:8b:cc:d3:e6:4b:78:
         d7:cc:db:b8:6d:93:3b:12:ca:4e:ff:5a:bf:77:bf:0c:da:83:
         a4:6f:30:5a:b3:4b:f9:93:4c:2d:76:55:5a:a9:09:e4:6d:02:
         c4:7e:ab:51
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICClowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTczNEMxMTAvBgNVBAUTKDZDNjgwODQwMzgxQzFFRjMyRDNDOERCQkYzQUNDNDA4
MkNGNkE1QjMwHhcNMjUwODA2MjAzMTI1WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODkzYmI5ZC03ZDFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3x37eX7F3pWvEbgh5TxeHko/kz5sfy//bpm6aS1vRlE0DyXiZ/f5xLLQgeDH
7fIxmRDaikf0Hw8GzspE9vDqy7e3o3lXD0gjCVoG7YRH89VYXU+2s36IAuaewARj
RxGC0+k6bbsekow53IiXlnhL0d3va5+FRFJJ9CIHpdrA8cfAcnmJ8KwdfdOsgT5O
ryDocGHzlS50CkzD3if66sUowaHKSzaGNen333SqGwKtKpIM39m8ol2pN3AOlH2k
qS86Ex34mP9YxnAgQvNR1phnWjnPLO7tLN5yEZN3DibWIcIRl9dmRDBFzjusTBIv
OYrD5Exbuh3GHU5zfqUapYV9mwIDAQABo4IClTCCApEwHQYDVR0OBBYEFE8/0I6Y
kZnLHiskYT4C/n29m7uVMB8GA1UdIwQYMBaAFGxoCEA4HB7zLTyNu/OsxAgs9qWz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzM0Qy9BNzMyMzVFQzcz
QzIxMUVBOUQ0MEI4ODVDNEY5QUUwMi9iR2dJUURnY0h2TXRQSTI3ODZ6RUNDejJw
Yk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JHZ0lRRGdjSHZNdFBJMjc4NnpFQ0N6MnBiTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTczNEMvQTczMjM1RUM3M0MyMTFFQTlENDBCODg1QzRGOUFFMDIvQTMyNTQ2RjhB
M0RCMTFFQTk4QkM1RDQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAA6tV8wDQYJKoZIhvcNAQELBQADggEBAJarnntTL6WSkega
608EoZqQuJq6sjvIjIvvjpxYUUbL0NfX6YiYEidUVbixq+s2EcEcf5kDeeubI6wH
sOtHJHOWUEXYMwT1Iv0fWlFEPWrU9Lo2GYJb68g4qe5qQLaWpbl/7hkdym9R6JX6
tIvpVbYqUciqq/DyDZoGAOub9t7irv6irz+/s4LN3JBGf9EUtIEecud0o4KYmTG1
QsmQz2xhH3KaLTwSzCVG2jldzfiuFK9aNL9eBMIGN1f5dd6s3FdH8WC+MFCsCQT7
PrD1W2JtEIvM0+ZLeNfM27htkzsSyk7/Wr93vwzag6RvMFqzS/mTTC12VVqpCeRt
AsR+q1E=
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:57:15 2025 by rpki-client