Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/5F3C0F26EAEF11EE8CCDB375C4F9AE02.roa
File:                     5F3C0F26EAEF11EE8CCDB375C4F9AE02.roa (raw, json)
Hash identifier:          EkDqCio2js1GCiZ5bOCIRIXUo4hOnfBygQfaHup9LhM=
Subject key identifier:   F2:D9:83:64:3B:39:E4:A5:AE:69:B1:89:92:03:66:A3:FB:93:FD:CB
Certificate issuer:       /CN=A91EE8AC/serialNumber=BEF321B03D8245DE77EC80DD0331BFBA8D0859D8
Certificate serial:       0104
Authority key identifier: BE:F3:21:B0:3D:82:45:DE:77:EC:80:DD:03:31:BF:BA:8D:08:59:D8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vvMhsD2CRd537IDdAzG_uo0IWdg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/5F3C0F26EAEF11EE8CCDB375C4F9AE02.roa
Signing time:             Fri 01 Aug 2025 04:10:09 +0000
ROA not before:           Fri 01 Aug 2025 04:10:09 +0000
ROA not after:            Mon 01 Dec 2025 00:00:00 +0000
asID:                     140607
IP address blocks:        103.189.194.0/24 maxlen: 24
                          103.189.195.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/vvMhsD2CRd537IDdAzG_uo0IWdg.crl
                          rsync://rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/vvMhsD2CRd537IDdAzG_uo0IWdg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vvMhsD2CRd537IDdAzG_uo0IWdg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 02:59:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 260 (0x104)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EE8AC, serialNumber=BEF321B03D8245DE77EC80DD0331BFBA8D0859D8
        Validity
            Not Before: Aug  1 04:10:09 2025 GMT
            Not After : Dec  1 00:00:00 2025 GMT
        Subject: CN=688c3e20-7469
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:23:9a:f1:b3:a5:72:99:a6:79:6e:16:13:42:
                    e7:e8:5f:03:8b:dc:62:f8:28:fc:4d:64:25:98:6e:
                    6b:3e:7d:e3:0e:70:d9:a1:9b:de:a7:85:f4:6f:9b:
                    40:81:6b:51:a8:f9:9b:e3:97:3d:eb:06:48:d8:cd:
                    6c:92:1b:7f:21:d8:ea:4a:13:b5:f7:84:54:5f:b1:
                    e5:b7:72:61:55:de:e6:b8:1d:ac:76:a3:dc:b9:58:
                    a6:6a:34:8b:41:67:5a:db:b5:a8:ab:fd:a7:ec:97:
                    6b:b5:18:ee:ee:42:1b:cb:7a:a4:79:35:e1:04:fa:
                    71:34:5c:0d:8b:8c:c3:be:e5:fe:ca:6a:f0:ae:c0:
                    e7:c8:7c:4f:30:5d:63:69:43:cd:1e:62:16:57:50:
                    be:4f:7f:c1:47:63:96:cd:71:ef:ee:8e:44:05:f1:
                    61:e0:7e:a7:e4:b3:40:0a:a9:7b:20:46:09:cc:e2:
                    05:6a:0b:a5:d8:6b:85:6c:a4:75:7f:15:0d:49:f0:
                    a5:d2:73:ef:48:3f:7e:70:03:10:48:40:ad:1e:04:
                    98:79:2d:c8:c2:be:f3:53:7f:44:d3:9f:2c:83:46:
                    43:3a:11:6c:fc:bf:c7:6a:0f:72:7a:be:86:b3:55:
                    f9:1e:96:6c:0d:31:29:38:ff:88:34:e0:a3:ef:df:
                    04:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:D9:83:64:3B:39:E4:A5:AE:69:B1:89:92:03:66:A3:FB:93:FD:CB
            X509v3 Authority Key Identifier:
                keyid:BE:F3:21:B0:3D:82:45:DE:77:EC:80:DD:03:31:BF:BA:8D:08:59:D8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/vvMhsD2CRd537IDdAzG_uo0IWdg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vvMhsD2CRd537IDdAzG_uo0IWdg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/5F3C0F26EAEF11EE8CCDB375C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.189.194.0/23

    Signature Algorithm: sha256WithRSAEncryption
         e0:8b:2d:f3:82:61:66:77:b0:ca:0a:3e:73:72:9e:8d:6d:0c:
         61:80:30:d8:e4:3c:93:64:e2:b9:79:79:45:bf:6b:44:db:02:
         bc:e1:61:5d:61:c6:63:ee:c0:a6:77:a5:de:d6:46:fe:1a:2c:
         45:56:fc:26:5d:19:b3:f6:2d:2e:b6:f2:94:45:1c:15:cc:48:
         c9:22:62:85:da:ba:07:ed:9d:e6:3e:c0:7d:99:0e:0c:d1:38:
         93:9d:66:eb:6f:15:46:c0:41:62:b3:2f:93:09:f5:4d:6c:90:
         4c:3b:d6:e6:59:a4:c5:62:f4:31:f1:3c:cd:8e:00:98:ae:71:
         d5:8b:7a:3d:28:cf:95:d7:0f:f8:7d:37:8c:2b:dc:30:f6:23:
         29:2c:2e:55:10:55:60:34:f7:48:cd:4c:5b:e3:5e:6a:1e:30:
         54:42:7a:bf:47:38:9a:9a:31:05:2a:99:83:91:bb:5e:40:26:
         4c:ce:49:9d:cc:36:74:f1:2b:df:8f:07:df:5d:4c:23:db:2b:
         4b:90:d2:15:33:e2:49:eb:33:8c:f2:3d:a7:b7:c4:35:48:20:
         3a:f1:01:f6:63:f8:56:b1:f4:4a:a1:b5:91:d2:ae:82:03:2a:
         d7:08:29:aa:44:da:07:c8:07:4f:77:0b:30:58:d4:cd:5b:9c:
         fd:fc:02:bc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAQQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUU4QUMxMTAvBgNVBAUTKEJFRjMyMUIwM0Q4MjQ1REU3N0VDODBERDAzMzFCRkJB
OEQwODU5RDgwHhcNMjUwODAxMDQxMDA5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhjM2UyMC03NDY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuiOa8bOlcpmmeW4WE0Ln6F8Di9xi+Cj8TWQlmG5rPn3jDnDZoZvep4X0b5tA
gWtRqPmb45c96wZI2M1skht/IdjqShO194RUX7Hlt3JhVd7muB2sdqPcuVimajSL
QWda27Woq/2n7JdrtRju7kIby3qkeTXhBPpxNFwNi4zDvuX+ymrwrsDnyHxPMF1j
aUPNHmIWV1C+T3/BR2OWzXHv7o5EBfFh4H6n5LNACql7IEYJzOIFagul2GuFbKR1
fxUNSfCl0nPvSD9+cAMQSECtHgSYeS3Iwr7zU39E058sg0ZDOhFs/L/Hag9yer6G
s1X5HpZsDTEpOP+INOCj798EmwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPLZg2Q7
OeSlrmmxiZIDZqP7k/3LMB8GA1UdIwQYMBaAFL7zIbA9gkXed+yA3QMxv7qNCFnY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRThBQy81MDM4RUM4QzdE
RUIxMUVEQTdDQTRBN0VDNEY5QUUwMi92dk1oc0QyQ1JkNTM3SURkQXpHX3VvMElX
ZGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Z2TWhzRDJDUmQ1MzdJRGRBekdfdW8wSVdkZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUU4QUMvNTAzOEVDOEM3REVCMTFFREE3Q0E0QTdFQzRGOUFFMDIvNUYzQzBGMjZF
QUVGMTFFRThDQ0RCMzc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnvcIwDQYJKoZIhvcNAQELBQADggEBAOCLLfOCYWZ3sMoK
PnNyno1tDGGAMNjkPJNk4rl5eUW/a0TbArzhYV1hxmPuwKZ3pd7WRv4aLEVW/CZd
GbP2LS628pRFHBXMSMkiYoXaugftneY+wH2ZDgzROJOdZutvFUbAQWKzL5MJ9U1s
kEw71uZZpMVi9DHxPM2OAJiucdWLej0oz5XXD/h9N4wr3DD2IyksLlUQVWA090jN
TFvjXmoeMFRCer9HOJqaMQUqmYORu15AJkzOSZ3MNnTxK9+PB99dTCPbK0uQ0hUz
4knrM4zyPae3xDVIIDrxAfZj+Fax9EqhtZHSroIDKtcIKapE2gfIB093CzBY1M1b
nP38Arw=
-----END CERTIFICATE-----
Generated at Fri Aug 8 12:53:25 2025 by rpki-client