Route Origin Authorization

$ rpki-client -vvf 0.sb/repo/sb/38/3130332e3132312e3230382e302f32322d3234203d3e203233393539.roa
File:                     3130332e3132312e3230382e302f32322d3234203d3e203233393539.roa (raw, json)
Hash identifier:          tpj8IN3kMl+8dbcoOwEQnpMBvaMIdpHYI9uxhtsaOek=
Subject key identifier:   56:EE:79:0C:58:A7:FE:73:4A:91:3D:71:EA:6B:5A:93:54:F0:B1:EC
Certificate issuer:       /CN=A91FD4CC0000/serialNumber=D67C530C8E16B61FF52C085B2786C67ECCD6A909
Certificate serial:       13E6731ED0E89D7B3F6E76EA8BD87AC38120EDC7
Authority key identifier: D6:7C:53:0C:8E:16:B6:1F:F5:2C:08:5B:27:86:C6:7E:CC:D6:A9:09
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1nxTDI4Wth_1LAhbJ4bGfszWqQk.cer
Subject info access:      rsync://0.sb/repo/sb/38/3130332e3132312e3230382e302f32322d3234203d3e203233393539.roa
Signing time:             Thu 14 Aug 2025 13:52:41 +0000
ROA not before:           Thu 14 Aug 2025 13:47:41 +0000
ROA not after:            Thu 13 Aug 2026 13:52:41 +0000
asID:                     23959
IP address blocks:        103.121.208.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://0.sb/repo/sb/38/D67C530C8E16B61FF52C085B2786C67ECCD6A909.crl
                          rsync://0.sb/repo/sb/38/D67C530C8E16B61FF52C085B2786C67ECCD6A909.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1nxTDI4Wth_1LAhbJ4bGfszWqQk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 24 Aug 2025 07:13:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:e6:73:1e:d0:e8:9d:7b:3f:6e:76:ea:8b:d8:7a:c3:81:20:ed:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FD4CC0000, serialNumber=D67C530C8E16B61FF52C085B2786C67ECCD6A909
        Validity
            Not Before: Aug 14 13:47:41 2025 GMT
            Not After : Aug 13 13:52:41 2026 GMT
        Subject: CN=56EE790C58A7FE734A913D71EA6B5A9354F0B1EC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:40:12:94:93:9c:d1:0f:19:de:28:6f:1f:5e:
                    61:d8:56:4f:fa:09:1f:3d:af:21:fb:36:89:73:03:
                    fa:b1:aa:aa:2d:18:5c:e1:f8:1f:17:36:30:67:d2:
                    d0:93:4d:c2:af:63:6e:fa:c0:98:15:48:55:c4:fd:
                    54:cb:50:0a:34:69:f5:c4:92:ea:83:aa:fd:28:d4:
                    61:eb:a4:69:f7:28:b4:ae:a3:b5:61:aa:aa:7b:80:
                    6c:28:bf:5a:3b:e4:96:be:00:23:65:de:b1:39:b7:
                    55:7a:03:33:64:47:e6:7b:b4:02:83:e4:a9:b7:df:
                    d7:17:24:67:38:8f:1f:c3:01:77:e5:43:f1:4a:39:
                    85:e0:c0:16:49:88:a7:6c:48:41:d0:08:e4:cf:c1:
                    31:8f:dd:0f:84:22:27:1a:78:cc:d8:4c:4b:e6:b7:
                    be:f8:cf:82:8a:54:e7:94:39:5f:5b:ed:48:4d:f2:
                    bf:32:67:b0:72:a6:ae:a2:56:73:67:81:da:8a:20:
                    39:4c:1d:9a:22:4a:52:1b:52:53:96:13:ec:38:ba:
                    68:ae:d4:00:59:7e:96:dc:ae:a1:1d:0d:de:9e:bb:
                    15:8d:1c:f5:90:93:92:da:d3:23:56:b6:95:44:b5:
                    cb:11:27:9b:a7:a6:b3:07:64:e9:13:61:49:3a:43:
                    99:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:EE:79:0C:58:A7:FE:73:4A:91:3D:71:EA:6B:5A:93:54:F0:B1:EC
            X509v3 Authority Key Identifier:
                keyid:D6:7C:53:0C:8E:16:B6:1F:F5:2C:08:5B:27:86:C6:7E:CC:D6:A9:09

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://0.sb/repo/sb/38/D67C530C8E16B61FF52C085B2786C67ECCD6A909.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1nxTDI4Wth_1LAhbJ4bGfszWqQk.cer

            Subject Information Access:
                Signed Object - URI:rsync://0.sb/repo/sb/38/3130332e3132312e3230382e302f32322d3234203d3e203233393539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.121.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         03:69:69:55:10:9b:ce:d0:33:07:cd:e3:25:55:f0:85:9d:fb:
         1c:32:55:54:5d:fe:bf:62:81:f0:99:3c:b3:c1:fe:57:b8:df:
         3d:1a:85:bb:10:49:8a:0f:d6:ca:4f:54:fb:9f:e4:f2:61:fc:
         3c:81:fb:7e:68:f4:6b:6d:75:7a:01:dd:84:b6:97:36:6f:c6:
         ea:89:32:ef:6a:3f:04:cf:ce:94:7a:ec:cb:6c:ae:c9:53:bb:
         30:44:62:4e:11:93:b5:54:bb:8d:35:dc:4a:e4:aa:39:7c:8f:
         3c:f9:df:61:54:cc:7f:14:b7:5c:0f:bd:59:ed:93:4e:cc:06:
         48:04:eb:bb:01:b8:a1:b6:7f:33:e5:cb:de:50:53:29:55:23:
         04:06:37:c6:b9:93:7c:c7:95:de:be:1e:dc:4d:56:62:2d:71:
         eb:f6:e9:8d:3f:1b:b6:d3:11:1b:77:aa:56:38:6b:83:f0:18:
         6f:bd:55:7c:8f:76:ca:fb:a7:44:7b:63:16:23:6f:a0:ca:c6:
         e0:6d:cb:49:c3:de:d2:f8:00:ad:bf:1c:8b:27:c9:d6:bc:6e:
         59:ba:25:8f:e3:5d:0f:8f:b8:a5:2b:7d:bd:73:66:79:7d:1a:
         ee:50:6e:1b:b4:8a:99:53:f2:ea:3e:4b:86:85:bf:d0:a4:77:
         13:3a:05:3a
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUE+ZzHtDonXs/bnbqi9h6w4Eg7ccwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRkQ0Q0MwMDAwMTEwLwYDVQQFEyhENjdDNTMwQzhF
MTZCNjFGRjUyQzA4NUIyNzg2QzY3RUNDRDZBOTA5MB4XDTI1MDgxNDEzNDc0MVoX
DTI2MDgxMzEzNTI0MVowMzExMC8GA1UEAxMoNTZFRTc5MEM1OEE3RkU3MzRBOTEz
RDcxRUE2QjVBOTM1NEYwQjFFQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN1AEpSTnNEPGd4obx9eYdhWT/oJHz2vIfs2iXMD+rGqqi0YXOH4Hxc2MGfS
0JNNwq9jbvrAmBVIVcT9VMtQCjRp9cSS6oOq/SjUYeukafcotK6jtWGqqnuAbCi/
Wjvklr4AI2XesTm3VXoDM2RH5nu0AoPkqbff1xckZziPH8MBd+VD8Uo5heDAFkmI
p2xIQdAI5M/BMY/dD4QiJxp4zNhMS+a3vvjPgopU55Q5X1vtSE3yvzJnsHKmrqJW
c2eB2oogOUwdmiJKUhtSU5YT7Di6aK7UAFl+ltyuoR0N3p67FY0c9ZCTktrTI1a2
lUS1yxEnm6emswdk6RNhSTpDmUkCAwEAAaOCAdgwggHUMB0GA1UdDgQWBBRW7nkM
WKf+c0qRPXHqa1qTVPCx7DAfBgNVHSMEGDAWgBTWfFMMjha2H/UsCFsnhsZ+zNap
CTAOBgNVHQ8BAf8EBAMCB4AwVQYDVR0fBE4wTDBKoEigRoZEcnN5bmM6Ly8wLnNi
L3JlcG8vc2IvMzgvRDY3QzUzMEM4RTE2QjYxRkY1MkMwODVCMjc4NkM2N0VDQ0Q2
QTkwOS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvMW54VERJNFd0aF8xTEFoYko0Ykdmc3pXcVFrLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vMC5zYi9yZXBvL3NiLzM4LzMx
MzAzMzJlMzEzMjMxMmUzMjMwMzgyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMz
MzkzNTM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCZ3nQMA0GCSqGSIb3DQEBCwUAA4IBAQADaWlVEJvO
0DMHzeMlVfCFnfscMlVUXf6/YoHwmTyzwf5XuN89GoW7EEmKD9bKT1T7n+TyYfw8
gft+aPRrbXV6Ad2Etpc2b8bqiTLvaj8Ez86UeuzLbK7JU7swRGJOEZO1VLuNNdxK
5Ko5fI88+d9hVMx/FLdcD71Z7ZNOzAZIBOu7Abihtn8z5cveUFMpVSMEBjfGuZN8
x5Xevh7cTVZiLXHr9umNPxu20xEbd6pWOGuD8BhvvVV8j3bK+6dEe2MWI2+gysbg
bctJw97S+ACtvxyLJ8nWvG5ZuiWP410Pj7ilK329c2Z5fRruUG4btIqZU/LqPkuG
hb/QpHcTOgU6
-----END CERTIFICATE-----