Route Origin Authorization

$ rpki-client -vvf 0.sb/repo/sb/38/3130332e3132312e3230382e302f32322d3234203d3e2034373835.roa
File:                     3130332e3132312e3230382e302f32322d3234203d3e2034373835.roa (raw, json)
Hash identifier:          7uF6pb9yx6cXF+5oK4jEmcHdIO+xln1/dTy3CvmNraI=
Subject key identifier:   E9:A5:F1:85:49:17:6B:2F:90:D7:8B:5F:18:1D:85:28:7E:4A:C3:DE
Certificate issuer:       /CN=A91FD4CC0000/serialNumber=D67C530C8E16B61FF52C085B2786C67ECCD6A909
Certificate serial:       79CCE8BE9B6D9AB4A34DFA1675BC71258A837AE2
Authority key identifier: D6:7C:53:0C:8E:16:B6:1F:F5:2C:08:5B:27:86:C6:7E:CC:D6:A9:09
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1nxTDI4Wth_1LAhbJ4bGfszWqQk.cer
Subject info access:      rsync://0.sb/repo/sb/38/3130332e3132312e3230382e302f32322d3234203d3e2034373835.roa
Signing time:             Thu 14 Aug 2025 13:52:41 +0000
ROA not before:           Thu 14 Aug 2025 13:47:41 +0000
ROA not after:            Thu 13 Aug 2026 13:52:41 +0000
asID:                     4785
IP address blocks:        103.121.208.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://0.sb/repo/sb/38/D67C530C8E16B61FF52C085B2786C67ECCD6A909.crl
                          rsync://0.sb/repo/sb/38/D67C530C8E16B61FF52C085B2786C67ECCD6A909.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1nxTDI4Wth_1LAhbJ4bGfszWqQk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 24 Aug 2025 07:13:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:cc:e8:be:9b:6d:9a:b4:a3:4d:fa:16:75:bc:71:25:8a:83:7a:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FD4CC0000, serialNumber=D67C530C8E16B61FF52C085B2786C67ECCD6A909
        Validity
            Not Before: Aug 14 13:47:41 2025 GMT
            Not After : Aug 13 13:52:41 2026 GMT
        Subject: CN=E9A5F18549176B2F90D78B5F181D85287E4AC3DE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:f2:1a:c4:17:fd:61:fc:01:cf:28:c6:54:dc:
                    26:a3:06:72:1a:db:f6:97:7c:7e:2e:d9:a8:c9:f2:
                    1e:9c:05:87:4e:80:63:52:44:99:33:d7:68:4a:01:
                    bf:50:9e:5a:f8:3c:25:41:bf:58:3a:df:52:f1:9a:
                    39:ad:2f:6e:9d:ec:71:03:ce:cb:dc:fd:b4:0e:1e:
                    5d:da:7b:a9:1c:aa:fc:ea:d3:40:86:1e:aa:e8:e6:
                    c7:9d:8c:a2:43:cd:7d:d8:6d:ee:37:a2:e5:e1:51:
                    3e:ac:48:43:a5:90:e5:2d:84:c8:7a:bd:50:b7:4b:
                    c0:1a:dc:7c:4a:1c:8d:83:91:91:00:32:af:98:43:
                    c7:eb:5b:56:81:2c:64:af:6c:96:a3:2c:92:ef:da:
                    25:7b:92:cb:e0:cc:42:7d:e9:f6:61:72:24:34:12:
                    e2:e3:af:b7:af:40:50:82:eb:f0:f5:a6:40:0b:53:
                    49:6a:f1:6b:e7:d5:58:19:0d:a7:06:5b:11:d2:4e:
                    63:40:db:89:0b:89:fb:01:33:42:d3:a4:a7:68:04:
                    ef:c0:6c:6f:c5:dc:61:c2:01:17:ce:c1:c4:ea:47:
                    55:05:79:29:74:c4:14:0c:48:80:30:e0:c6:63:28:
                    3a:7c:24:97:16:40:26:de:75:f1:a0:48:0e:6d:4e:
                    75:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:A5:F1:85:49:17:6B:2F:90:D7:8B:5F:18:1D:85:28:7E:4A:C3:DE
            X509v3 Authority Key Identifier:
                keyid:D6:7C:53:0C:8E:16:B6:1F:F5:2C:08:5B:27:86:C6:7E:CC:D6:A9:09

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://0.sb/repo/sb/38/D67C530C8E16B61FF52C085B2786C67ECCD6A909.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1nxTDI4Wth_1LAhbJ4bGfszWqQk.cer

            Subject Information Access:
                Signed Object - URI:rsync://0.sb/repo/sb/38/3130332e3132312e3230382e302f32322d3234203d3e2034373835.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.121.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1c:93:19:97:5c:e1:05:30:92:d9:00:37:6e:90:f8:14:46:0d:
         c5:44:0c:90:e4:29:47:6d:c0:fb:53:cc:4d:24:03:80:c1:a4:
         82:37:b4:53:2a:67:6d:5d:32:91:8e:18:c5:ff:22:61:55:00:
         27:ae:30:d7:b6:c9:7f:d5:65:3c:a4:98:d1:95:db:cb:a1:c6:
         4d:80:98:34:92:7a:ec:bf:c9:aa:f5:75:6f:b5:e3:66:e7:ca:
         81:de:58:f2:46:78:da:5e:12:2f:a5:d2:2b:c5:e0:af:a4:80:
         4b:5f:28:62:ac:c0:2a:c3:24:c7:cf:60:cb:da:79:08:0d:58:
         12:91:50:3e:e9:f3:48:1d:35:60:84:ae:3b:5f:ae:16:6e:9a:
         4e:1d:96:af:31:64:8b:87:15:d8:42:d9:f4:99:2e:10:81:46:
         aa:6d:9f:04:52:8b:7a:bb:71:0f:28:36:7e:a3:b9:76:9d:30:
         f1:80:9a:f1:ae:c5:7a:e5:16:a8:d6:4a:4f:70:68:9c:d2:ba:
         1c:72:3f:b0:77:56:c1:9a:6b:68:b5:5c:ca:d6:03:9d:6a:09:
         da:9f:bf:52:ff:c0:f8:c3:eb:6b:03:50:64:e7:62:73:5a:8e:
         3b:e0:fb:9a:5d:ca:fa:0e:94:9f:12:83:ac:1f:a8:3a:42:00:
         b3:22:eb:7f
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgIUeczovpttmrSjTfoWdbxxJYqDeuIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRkQ0Q0MwMDAwMTEwLwYDVQQFEyhENjdDNTMwQzhF
MTZCNjFGRjUyQzA4NUIyNzg2QzY3RUNDRDZBOTA5MB4XDTI1MDgxNDEzNDc0MVoX
DTI2MDgxMzEzNTI0MVowMzExMC8GA1UEAxMoRTlBNUYxODU0OTE3NkIyRjkwRDc4
QjVGMTgxRDg1Mjg3RTRBQzNERTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPyGsQX/WH8Ac8oxlTcJqMGchrb9pd8fi7ZqMnyHpwFh06AY1JEmTPXaEoB
v1CeWvg8JUG/WDrfUvGaOa0vbp3scQPOy9z9tA4eXdp7qRyq/OrTQIYequjmx52M
okPNfdht7jei5eFRPqxIQ6WQ5S2EyHq9ULdLwBrcfEocjYORkQAyr5hDx+tbVoEs
ZK9slqMsku/aJXuSy+DMQn3p9mFyJDQS4uOvt69AUILr8PWmQAtTSWrxa+fVWBkN
pwZbEdJOY0DbiQuJ+wEzQtOkp2gE78Bsb8XcYcIBF87BxOpHVQV5KXTEFAxIgDDg
xmMoOnwklxZAJt518aBIDm1Odf0CAwEAAaOCAdYwggHSMB0GA1UdDgQWBBTppfGF
SRdrL5DXi18YHYUofkrD3jAfBgNVHSMEGDAWgBTWfFMMjha2H/UsCFsnhsZ+zNap
CTAOBgNVHQ8BAf8EBAMCB4AwVQYDVR0fBE4wTDBKoEigRoZEcnN5bmM6Ly8wLnNi
L3JlcG8vc2IvMzgvRDY3QzUzMEM4RTE2QjYxRkY1MkMwODVCMjc4NkM2N0VDQ0Q2
QTkwOS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvMW54VERJNFd0aF8xTEFoYko0Ykdmc3pXcVFrLmNlcjBuBggrBgEF
BQcBCwRiMGAwXgYIKwYBBQUHMAuGUnJzeW5jOi8vMC5zYi9yZXBvL3NiLzM4LzMx
MzAzMzJlMzEzMjMxMmUzMjMwMzgyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDM3
MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB
/wQQMA4wDAQCAAEwBgMEAmd50DANBgkqhkiG9w0BAQsFAAOCAQEAHJMZl1zhBTCS
2QA3bpD4FEYNxUQMkOQpR23A+1PMTSQDgMGkgje0UypnbV0ykY4Yxf8iYVUAJ64w
17bJf9VlPKSY0ZXby6HGTYCYNJJ67L/JqvV1b7XjZufKgd5Y8kZ42l4SL6XSK8Xg
r6SAS18oYqzAKsMkx89gy9p5CA1YEpFQPunzSB01YISuO1+uFm6aTh2WrzFki4cV
2ELZ9JkuEIFGqm2fBFKLertxDyg2fqO5dp0w8YCa8a7FeuUWqNZKT3BonNK6HHI/
sHdWwZpraLVcytYDnWoJ2p+/Uv/A+MPrawNQZOdic1qOO+D7ml3K+g6UnxKDrB+o
OkIAsyLrfw==
-----END CERTIFICATE-----