Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9665/6D0D12B84BF511EBBD83B87BC4F9AE02/446CB34270E711F083707432C4F9AE02.roa
File:                     446CB34270E711F083707432C4F9AE02.roa (raw, json)
Hash identifier:          uFL5RjAw4kEYDcTfQf/ACzUtZlfbZY0gAVLRJAbolRI=
Subject key identifier:   C1:39:DE:9A:C3:EE:65:6B:2B:BC:3B:23:2D:30:13:59:4C:04:F4:A7
Certificate issuer:       /CN=A91F9665/serialNumber=3058A469B67D03072C2D8A385E9F2AABBA134E2B
Certificate serial:       074C
Authority key identifier: 30:58:A4:69:B6:7D:03:07:2C:2D:8A:38:5E:9F:2A:AB:BA:13:4E:2B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MFikabZ9AwcsLYo4Xp8qq7oTTis.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F9665/6D0D12B84BF511EBBD83B87BC4F9AE02/446CB34270E711F083707432C4F9AE02.roa
Signing time:             Mon 04 Aug 2025 03:58:24 +0000
ROA not before:           Mon 04 Aug 2025 03:58:24 +0000
ROA not after:            Thu 28 May 2026 00:00:00 +0000
asID:                     138968
IP address blocks:        2400:be80::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91F9665/6D0D12B84BF511EBBD83B87BC4F9AE02/MFikabZ9AwcsLYo4Xp8qq7oTTis.crl
                          rsync://rpki.apnic.net/member_repository/A91F9665/6D0D12B84BF511EBBD83B87BC4F9AE02/MFikabZ9AwcsLYo4Xp8qq7oTTis.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MFikabZ9AwcsLYo4Xp8qq7oTTis.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1868 (0x74c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F9665, serialNumber=3058A469B67D03072C2D8A385E9F2AABBA134E2B
        Validity
            Not Before: Aug  4 03:58:24 2025 GMT
            Not After : May 28 00:00:00 2026 GMT
        Subject: CN=68902fdf-7d65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ff:37:a9:31:f2:88:6d:36:5f:a2:07:dc:7b:
                    d3:40:71:d0:8b:03:c5:ff:f3:f1:cc:37:37:aa:5c:
                    3d:9f:fd:b7:1c:ab:52:a8:f2:eb:3a:75:f6:8c:22:
                    77:58:f8:bb:72:e4:68:2b:bc:f9:3a:36:b0:2b:b8:
                    f4:95:21:d9:ec:2e:64:c2:07:d6:2f:76:4e:5e:d6:
                    ef:a1:3d:af:7b:11:e8:a0:1f:bf:82:0e:40:13:0a:
                    32:02:49:c3:d8:95:cc:fd:a8:bb:6c:4a:cc:e1:be:
                    4c:d5:22:d4:b9:c6:b9:3b:d3:4a:aa:09:2d:c5:56:
                    ba:fc:9b:23:1d:8d:7f:de:61:bc:be:93:18:4c:9f:
                    a2:a7:40:7f:8f:51:a8:b6:9e:55:4d:c4:51:08:ff:
                    5d:c0:e9:de:24:01:fa:c6:59:91:18:06:67:ba:d4:
                    3b:cf:ae:10:d4:e8:cd:a6:03:4b:4a:69:44:86:ba:
                    a8:69:aa:c2:1d:01:15:10:45:a3:de:b5:cc:bb:fb:
                    f4:8e:6a:44:21:ad:8d:f2:03:34:ef:40:7c:35:44:
                    82:ee:2e:a7:c3:59:9f:54:30:a2:b5:12:f7:4b:89:
                    fc:54:ce:dd:f6:84:e0:06:06:2c:c9:a9:3a:f0:3b:
                    bb:04:c3:62:3a:40:59:6a:37:be:55:f6:6f:95:d4:
                    00:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:39:DE:9A:C3:EE:65:6B:2B:BC:3B:23:2D:30:13:59:4C:04:F4:A7
            X509v3 Authority Key Identifier:
                keyid:30:58:A4:69:B6:7D:03:07:2C:2D:8A:38:5E:9F:2A:AB:BA:13:4E:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F9665/6D0D12B84BF511EBBD83B87BC4F9AE02/MFikabZ9AwcsLYo4Xp8qq7oTTis.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MFikabZ9AwcsLYo4Xp8qq7oTTis.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9665/6D0D12B84BF511EBBD83B87BC4F9AE02/446CB34270E711F083707432C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:be80::/32

    Signature Algorithm: sha256WithRSAEncryption
         27:6f:2e:da:d8:fc:cf:b2:c5:83:70:0b:9f:4b:2e:a6:51:e5:
         3e:7f:a7:11:78:b6:c6:5b:2c:de:85:64:f8:9e:bd:2d:63:75:
         77:22:ad:85:ef:6f:f3:e5:a3:ce:b2:d3:8f:8c:13:54:38:5e:
         8c:6b:25:23:85:7d:fb:02:be:51:48:7b:6b:8e:00:b2:c6:7f:
         b6:b3:89:c6:0b:b5:ec:8f:c1:e3:46:0d:b8:18:5c:5f:14:80:
         44:a3:29:0e:8d:76:5b:3c:10:83:87:7e:53:e8:2e:71:47:be:
         a8:32:8e:64:39:f7:15:ac:fc:d6:7a:80:d2:c5:07:b5:23:75:
         2b:ee:77:51:d7:88:78:54:13:69:61:98:e3:f9:0c:54:b2:7b:
         bd:16:9e:ef:79:ac:13:31:4c:86:b8:68:a9:4b:7a:b0:cc:56:
         02:3d:ad:b7:fb:ab:cd:e1:f1:4c:5f:7e:8b:49:0e:16:18:e4:
         a9:d5:c5:c7:c4:67:bb:88:69:8b:b4:94:32:85:00:41:3f:85:
         b9:f4:ce:d0:34:ae:7a:a9:e3:ba:27:bc:63:ac:b1:18:84:38:
         e7:6c:80:ab:a9:74:ef:5a:87:fe:25:ba:be:b3:cf:9a:2a:73:
         dc:27:f7:b0:19:54:11:ae:52:ee:4d:0d:f9:3a:bb:c7:ce:d6:
         a7:7f:d8:03
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICB0wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjk2NjUxMTAvBgNVBAUTKDMwNThBNDY5QjY3RDAzMDcyQzJEOEEzODVFOUYyQUFC
QkExMzRFMkIwHhcNMjUwODA0MDM1ODI0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02ODkwMmZkZi03ZDY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtP83qTHyiG02X6IH3HvTQHHQiwPF//PxzDc3qlw9n/23HKtSqPLrOnX2jCJ3
WPi7cuRoK7z5OjawK7j0lSHZ7C5kwgfWL3ZOXtbvoT2vexHooB+/gg5AEwoyAknD
2JXM/ai7bErM4b5M1SLUuca5O9NKqgktxVa6/JsjHY1/3mG8vpMYTJ+ip0B/j1Go
tp5VTcRRCP9dwOneJAH6xlmRGAZnutQ7z64Q1OjNpgNLSmlEhrqoaarCHQEVEEWj
3rXMu/v0jmpEIa2N8gM070B8NUSC7i6nw1mfVDCitRL3S4n8VM7d9oTgBgYsyak6
8Du7BMNiOkBZaje+VfZvldQAUwIDAQABo4ICljCCApIwHQYDVR0OBBYEFME53prD
7mVrK7w7Iy0wE1lMBPSnMB8GA1UdIwQYMBaAFDBYpGm2fQMHLC2KOF6fKqu6E04r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTY2NS82RDBEMTJCODRC
RjUxMUVCQkQ4M0I4N0JDNEY5QUUwMi9NRmlrYWJaOUF3Y3NMWW80WHA4cXE3b1RU
aXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01GaWthYlo5QXdjc0xZbzRYcDhxcTdvVFRpcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Rjk2NjUvNkQwRDEyQjg0QkY1MTFFQkJEODNCODdCQzRGOUFFMDIvNDQ2Q0IzNDI3
MEU3MTFGMDgzNzA3NDMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAL6AMA0GCSqGSIb3DQEBCwUAA4IBAQAnby7a2PzPssWD
cAufSy6mUeU+f6cReLbGWyzehWT4nr0tY3V3Iq2F72/z5aPOstOPjBNUOF6MayUj
hX37Ar5RSHtrjgCyxn+2s4nGC7Xsj8HjRg24GFxfFIBEoykOjXZbPBCDh35T6C5x
R76oMo5kOfcVrPzWeoDSxQe1I3Ur7ndR14h4VBNpYZjj+QxUsnu9Fp7veawTMUyG
uGipS3qwzFYCPa23+6vN4fFMX36LSQ4WGOSp1cXHxGe7iGmLtJQyhQBBP4W59M7Q
NK56qeO6J7xjrLEYhDjnbICrqXTvWof+Jbq+s8+aKnPcJ/ewGVQRrlLuTQ35OrvH
ztanf9gD
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:57:15 2025 by rpki-client