Route Origin Authorization

$ rpki-client -vvf rpki.sub.apnic.net/repository/A9126DA80000/1/3130332e32352e3132352e302f32342d3234203d3e20313533373731.roa
File:                     3130332e32352e3132352e302f32342d3234203d3e20313533373731.roa (raw, json)
Hash identifier:          0up7BGHNsQY5Y3qmmhSQM74b1EKnO4kqk149WgT3Gyc=
Subject key identifier:   78:70:1B:87:85:BB:39:93:CF:C8:4C:8C:A7:75:12:83:11:22:A4:26
Certificate issuer:       /CN=A9126DA80000/serialNumber=C9F03620A27CCEADA6E7E2CEC6C5AD8CB93FE112
Certificate serial:       39F82FD332395DA377B7F2751A09493211E45AC5
Authority key identifier: C9:F0:36:20:A2:7C:CE:AD:A6:E7:E2:CE:C6:C5:AD:8C:B9:3F:E1:12
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yfA2IKJ8zq2m5-LOxsWtjLk_4RI.cer
Subject info access:      rsync://rpki.sub.apnic.net/repository/A9126DA80000/1/3130332e32352e3132352e302f32342d3234203d3e20313533373731.roa
Signing time:             Mon 28 Jul 2025 11:47:28 +0000
ROA not before:           Mon 28 Jul 2025 11:42:28 +0000
ROA not after:            Mon 27 Jul 2026 11:47:28 +0000
asID:                     153771
IP address blocks:        103.25.125.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.sub.apnic.net/repository/A9126DA80000/1/C9F03620A27CCEADA6E7E2CEC6C5AD8CB93FE112.crl
                          rsync://rpki.sub.apnic.net/repository/A9126DA80000/1/C9F03620A27CCEADA6E7E2CEC6C5AD8CB93FE112.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yfA2IKJ8zq2m5-LOxsWtjLk_4RI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 10 Aug 2025 23:20:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:f8:2f:d3:32:39:5d:a3:77:b7:f2:75:1a:09:49:32:11:e4:5a:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9126DA80000, serialNumber=C9F03620A27CCEADA6E7E2CEC6C5AD8CB93FE112
        Validity
            Not Before: Jul 28 11:42:28 2025 GMT
            Not After : Jul 27 11:47:28 2026 GMT
        Subject: CN=78701B8785BB3993CFC84C8CA77512831122A426
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:ae:86:95:05:5b:e9:ee:38:39:85:2b:09:e5:
                    88:e5:c6:5b:d6:1a:7d:af:fb:83:06:e0:1e:22:03:
                    5d:da:b0:a6:34:da:f0:27:9f:e8:ba:b7:2e:c7:f4:
                    70:95:e2:09:6b:f9:ba:51:89:7b:7b:c3:e5:ea:10:
                    16:1a:f2:1e:80:27:21:92:e2:9a:2e:d6:a9:58:fc:
                    72:c0:14:7f:98:44:95:07:ba:9c:2e:a6:00:21:28:
                    64:8b:4d:3f:ab:54:f3:50:df:11:84:36:ff:be:68:
                    3a:e2:d7:f5:0d:02:34:81:dc:87:aa:39:2b:05:0c:
                    34:29:af:9c:97:4b:ed:46:2e:e2:b0:23:7c:fd:7e:
                    77:73:a8:82:28:8d:b0:e2:74:cf:3f:8c:55:a6:87:
                    ac:b8:ea:2b:72:70:8b:95:8e:f6:f7:be:da:cb:12:
                    12:a4:3f:c8:32:12:c6:dc:82:40:87:2b:b6:e8:a9:
                    92:ec:00:d7:ae:33:63:97:4b:78:06:53:f1:44:2b:
                    6e:18:41:9d:b8:e9:62:de:d8:c1:64:5e:6e:32:93:
                    42:bd:d7:77:61:36:40:a6:3c:a0:b9:99:f1:0a:c7:
                    c7:9b:5c:5f:18:47:07:00:a1:7c:20:87:05:c5:31:
                    84:c1:a0:d6:ec:9c:92:c7:38:ae:da:07:55:7f:f9:
                    6d:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:70:1B:87:85:BB:39:93:CF:C8:4C:8C:A7:75:12:83:11:22:A4:26
            X509v3 Authority Key Identifier:
                keyid:C9:F0:36:20:A2:7C:CE:AD:A6:E7:E2:CE:C6:C5:AD:8C:B9:3F:E1:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.sub.apnic.net/repository/A9126DA80000/1/C9F03620A27CCEADA6E7E2CEC6C5AD8CB93FE112.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yfA2IKJ8zq2m5-LOxsWtjLk_4RI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A9126DA80000/1/3130332e32352e3132352e302f32342d3234203d3e20313533373731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.25.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:e6:1e:7c:ac:56:65:e9:19:48:88:97:96:89:cd:0a:f4:f2:
         97:39:e8:57:38:61:1f:25:90:09:26:70:c1:c7:83:3b:0a:e8:
         d8:2a:da:5c:b6:7c:49:93:65:fa:13:95:8f:c6:b4:38:43:cc:
         38:54:7a:9f:e3:57:ea:c5:2a:dc:18:84:31:59:c8:fe:db:28:
         15:ee:4b:db:c6:30:f4:c9:17:c8:72:10:ed:f5:19:3a:75:d2:
         f9:01:dc:be:8f:59:1d:60:2e:c7:04:d1:20:2c:d2:b9:27:10:
         e6:ed:e1:8d:9a:56:22:11:81:86:74:da:f9:49:45:2f:30:fb:
         47:ce:0c:61:b0:90:57:f4:65:9c:36:57:b3:93:27:d2:5f:d7:
         ba:b0:22:48:74:7c:0b:26:78:b7:23:be:9f:db:ec:49:5e:8e:
         30:9c:0d:77:59:fd:fe:45:82:e0:3c:57:b5:10:37:cc:5f:f5:
         97:89:bb:95:2f:42:34:ad:34:e6:c5:c3:cb:a8:1a:f8:1a:80:
         4a:4c:a4:a5:55:f9:67:97:5f:b7:62:1c:a5:30:00:13:8d:ef:
         c3:95:04:3c:22:93:94:84:28:f3:f6:81:f5:c6:11:59:25:57:
         e9:23:8c:01:2a:79:b1:5f:a1:34:11:4d:ee:cb:2e:be:16:0f:
         95:31:d5:51
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIUOfgv0zI5XaN3t/J1GglJMhHkWsUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMjZEQTgwMDAwMTEwLwYDVQQFEyhDOUYwMzYyMEEy
N0NDRUFEQTZFN0UyQ0VDNkM1QUQ4Q0I5M0ZFMTEyMB4XDTI1MDcyODExNDIyOFoX
DTI2MDcyNzExNDcyOFowMzExMC8GA1UEAxMoNzg3MDFCODc4NUJCMzk5M0NGQzg0
QzhDQTc3NTEyODMxMTIyQTQyNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJOuhpUFW+nuODmFKwnliOXGW9Yafa/7gwbgHiIDXdqwpjTa8Cef6Lq3Lsf0
cJXiCWv5ulGJe3vD5eoQFhryHoAnIZLimi7WqVj8csAUf5hElQe6nC6mACEoZItN
P6tU81DfEYQ2/75oOuLX9Q0CNIHch6o5KwUMNCmvnJdL7UYu4rAjfP1+d3OogiiN
sOJ0zz+MVaaHrLjqK3Jwi5WO9ve+2ssSEqQ/yDISxtyCQIcrtuipkuwA164zY5dL
eAZT8UQrbhhBnbjpYt7YwWRebjKTQr3Xd2E2QKY8oLmZ8QrHx5tcXxhHBwChfCCH
BcUxhMGg1uycksc4rtoHVX/5bUsCAwEAAaOCAhQwggIQMB0GA1UdDgQWBBR4cBuH
hbs5k8/ITIyndRKDESKkJjAfBgNVHSMEGDAWgBTJ8DYgonzOrabn4s7Gxa2MuT/h
EjAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTEyNkRBODAwMDAvMS9DOUYwMzYy
MEEyN0NDRUFEQTZFN0UyQ0VDNkM1QUQ4Q0I5M0ZFMTEyLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi95ZkEySUtKOHpx
Mm01LUxPeHNXdGpMa180UkkuY2VyMIGOBggrBgEFBQcBCwSBgTB/MH0GCCsGAQUF
BzALhnFyc3luYzovL3Jwa2kuc3ViLmFwbmljLm5ldC9yZXBvc2l0b3J5L0E5MTI2
REE4MDAwMC8xLzMxMzAzMzJlMzIzNTJlMzEzMjM1MmUzMDJmMzIzNDJkMzIzNDIw
M2QzZTIwMzEzNTMzMzczNzMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZxl9MA0GCSqGSIb3DQEBCwUA
A4IBAQBF5h58rFZl6RlIiJeWic0K9PKXOehXOGEfJZAJJnDBx4M7CujYKtpctnxJ
k2X6E5WPxrQ4Q8w4VHqf41fqxSrcGIQxWcj+2ygV7kvbxjD0yRfIchDt9Rk6ddL5
Ady+j1kdYC7HBNEgLNK5JxDm7eGNmlYiEYGGdNr5SUUvMPtHzgxhsJBX9GWcNlez
kyfSX9e6sCJIdHwLJni3I76f2+xJXo4wnA13Wf3+RYLgPFe1EDfMX/WXibuVL0I0
rTTmxcPLqBr4GoBKTKSlVflnl1+3YhylMAATje/DlQQ8IpOUhCjz9oH1xhFZJVfp
I4wBKnmxX6E0EU3uyy6+Fg+VMdVR
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:57:06 2025 by rpki-client