Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/6142006627A511F0BD64AC72C4F9AE02.roa
File:                     6142006627A511F0BD64AC72C4F9AE02.roa (raw, json)
Hash identifier:          52QGIx7DKfWFLnQnU81KsiLZuXLmlaouzSp6IdCtp6s=
Subject key identifier:   87:F1:2D:DD:CF:81:CD:70:A5:CB:BF:FF:2A:47:42:32:43:AE:D2:60
Certificate issuer:       /CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Certificate serial:       3603
Authority key identifier: 58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/6142006627A511F0BD64AC72C4F9AE02.roa
Signing time:             Thu 31 Jul 2025 00:06:33 +0000
ROA not before:           Thu 31 Jul 2025 00:06:33 +0000
ROA not after:            Mon 01 Dec 2025 00:00:00 +0000
asID:                     834
IP address blocks:        103.230.69.0/24 maxlen: 24
                          182.54.239.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl
                          rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13827 (0x3603)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E8C90, serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
        Validity
            Not Before: Jul 31 00:06:33 2025 GMT
            Not After : Dec  1 00:00:00 2025 GMT
        Subject: CN=688ab389-49bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:28:13:02:35:29:9b:2b:0e:af:66:e2:96:5d:
                    4c:bc:f7:1b:50:c8:09:bb:d1:c5:c7:d1:0f:9a:27:
                    1a:ce:e3:d9:86:6e:c3:4e:41:67:53:7b:61:cc:11:
                    04:c1:89:8e:86:85:ed:b6:f5:24:aa:b7:11:71:99:
                    60:0e:5f:78:46:4d:28:44:ad:ed:15:de:37:4a:36:
                    c8:ef:f4:db:e3:a0:59:db:27:b5:80:c6:bf:f8:07:
                    90:b1:5e:bc:a0:62:72:73:ba:ed:7f:58:f1:b1:f0:
                    d1:12:76:d0:7a:b9:f9:8c:1d:4b:1c:cb:d5:cc:d0:
                    0f:9e:83:3b:dd:cd:d4:e4:79:89:f5:d3:08:56:4e:
                    6a:45:c6:db:13:ed:5b:d9:87:eb:de:9a:58:27:b5:
                    b4:80:90:6d:36:47:01:ac:88:6f:89:aa:1e:cd:0a:
                    88:53:cf:36:82:fa:00:99:f9:d7:90:d9:45:6b:73:
                    41:2b:1d:19:6c:39:0f:5f:00:85:17:a7:d3:00:9e:
                    22:33:40:2c:c0:f6:00:81:f5:4a:60:ac:53:4c:67:
                    74:00:36:32:2f:48:d0:a2:9d:55:a8:0a:15:e4:e5:
                    e9:3a:f5:37:b1:b7:55:cb:f7:2e:ac:ba:45:65:74:
                    f5:69:c5:18:03:27:a2:07:92:2f:d2:da:45:8f:28:
                    0d:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:F1:2D:DD:CF:81:CD:70:A5:CB:BF:FF:2A:47:42:32:43:AE:D2:60
            X509v3 Authority Key Identifier:
                keyid:58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/6142006627A511F0BD64AC72C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.230.69.0/24
                  182.54.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:51:92:21:7f:2e:9e:6a:37:f6:7c:5e:b8:3a:3c:a2:2e:8c:
         46:d1:4c:f6:8e:cc:2e:2b:39:88:63:4f:a3:ef:0c:45:5b:a0:
         1a:16:e3:18:89:ba:32:42:f6:09:ec:f5:64:e3:bc:95:85:09:
         68:5d:2b:63:94:1c:02:39:89:43:4f:80:d1:33:38:37:30:54:
         98:14:a9:c9:65:a4:06:08:be:2d:50:3e:54:c8:9a:9c:c0:58:
         45:5f:ca:75:c8:84:6a:d8:df:5a:f4:85:0a:03:53:d0:c8:3d:
         20:3e:52:db:86:26:01:97:3a:e6:f8:58:df:5f:91:7b:7e:b0:
         cf:fc:e4:ec:3e:a0:c9:5d:ae:9f:d0:67:aa:12:6c:f1:bc:65:
         1a:be:47:da:f4:85:8d:6b:52:23:d4:2e:30:98:3d:15:72:55:
         e0:fb:86:5f:5a:5b:ca:9a:bf:b9:81:6a:1b:12:ff:91:5f:bd:
         b5:a3:f3:2e:1c:e6:19:ac:65:93:7b:c9:f0:c2:dd:71:28:76:
         df:f1:61:54:63:88:af:15:57:8d:aa:86:2b:bf:0f:0c:9d:34:
         eb:da:82:70:26:cc:fb:3f:ae:42:df:af:b9:19:c3:ba:02:de:
         42:70:8c:c1:e1:f9:af:1a:2a:3e:41:25:d5:e7:36:ab:3c:b9:
         65:dd:78:b3
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNgMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThDOTAxMTAvBgNVBAUTKDU4QTE5NkE3QkYwNkYyRTE2RTkwOUQyNzcxNDFCQTQ0
OTExRjFGNEYwHhcNMjUwNzMxMDAwNjMzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhhYjM4OS00OWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArigTAjUpmysOr2bill1MvPcbUMgJu9HFx9EPmicazuPZhm7DTkFnU3thzBEE
wYmOhoXttvUkqrcRcZlgDl94Rk0oRK3tFd43SjbI7/Tb46BZ2ye1gMa/+AeQsV68
oGJyc7rtf1jxsfDREnbQern5jB1LHMvVzNAPnoM73c3U5HmJ9dMIVk5qRcbbE+1b
2Yfr3ppYJ7W0gJBtNkcBrIhviaoezQqIU882gvoAmfnXkNlFa3NBKx0ZbDkPXwCF
F6fTAJ4iM0AswPYAgfVKYKxTTGd0ADYyL0jQop1VqAoV5OXpOvU3sbdVy/curLpF
ZXT1acUYAyeiB5Iv0tpFjygNewIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIfxLd3P
gc1wpcu//ypHQjJDrtJgMB8GA1UdIwQYMBaAFFihlqe/BvLhbpCdJ3FBukSRHx9P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEM5MC8yRDFCRUJFNDFE
OTUxMUUyODhFNkIzRkEwOEIwMkNEMi9XS0dXcDc4Rzh1RnVrSjBuY1VHNlJKRWZI
MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dLR1dwNzhHOHVGdWtKMG5jVUc2UkpFZkgwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThDOTAvMkQxQkVCRTQxRDk1MTFFMjg4RTZCM0ZBMDhCMDJDRDIvNjE0MjAwNjYy
N0E1MTFGMEJENjRBQzcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABn5kUDBAC2Nu8wDQYJKoZIhvcNAQELBQADggEBAFhRkiF/
Lp5qN/Z8Xrg6PKIujEbRTPaOzC4rOYhjT6PvDEVboBoW4xiJujJC9gns9WTjvJWF
CWhdK2OUHAI5iUNPgNEzODcwVJgUqcllpAYIvi1QPlTImpzAWEVfynXIhGrY31r0
hQoDU9DIPSA+UtuGJgGXOub4WN9fkXt+sM/85Ow+oMldrp/QZ6oSbPG8ZRq+R9r0
hY1rUiPULjCYPRVyVeD7hl9aW8qav7mBahsS/5FfvbWj8y4c5hmsZZN7yfDC3XEo
dt/xYVRjiK8VV42qhiu/DwydNOvagnAmzPs/rkLfr7kZw7oC3kJwjMHh+a8aKj5B
JdXnNqs8uWXdeLM=
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:08:03 2025 by rpki-client