Route Origin Authorization

$ rpki-client -vvf 0.sb/repo/sb/39/3130332e3230312e3132382e302f32322d3234203d3e203233393539.roa
File:                     3130332e3230312e3132382e302f32322d3234203d3e203233393539.roa (raw, json)
Hash identifier:          euakz2tH0t+6W2UrkVW4TdO1cFAouzA/wKh47M8X1Ds=
Subject key identifier:   6F:E4:B2:9B:2E:C3:91:15:FC:3B:BE:9B:AA:5C:4A:D7:70:7E:91:C2
Certificate issuer:       /CN=A91FFE3F0000/serialNumber=52840422D0B72BA9927DE0FF73535FDF163521A4
Certificate serial:       66BB758B5FDD1A048C94447E45A99403B31C4F0B
Authority key identifier: 52:84:04:22:D0:B7:2B:A9:92:7D:E0:FF:73:53:5F:DF:16:35:21:A4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UoQEItC3K6mSfeD_c1Nf3xY1IaQ.cer
Subject info access:      rsync://0.sb/repo/sb/39/3130332e3230312e3132382e302f32322d3234203d3e203233393539.roa
Signing time:             Thu 14 Aug 2025 13:52:40 +0000
ROA not before:           Thu 14 Aug 2025 13:47:40 +0000
ROA not after:            Thu 13 Aug 2026 13:52:40 +0000
asID:                     23959
IP address blocks:        103.201.128.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://0.sb/repo/sb/39/52840422D0B72BA9927DE0FF73535FDF163521A4.crl
                          rsync://0.sb/repo/sb/39/52840422D0B72BA9927DE0FF73535FDF163521A4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UoQEItC3K6mSfeD_c1Nf3xY1IaQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 24 Aug 2025 09:11:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:bb:75:8b:5f:dd:1a:04:8c:94:44:7e:45:a9:94:03:b3:1c:4f:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FFE3F0000, serialNumber=52840422D0B72BA9927DE0FF73535FDF163521A4
        Validity
            Not Before: Aug 14 13:47:40 2025 GMT
            Not After : Aug 13 13:52:40 2026 GMT
        Subject: CN=6FE4B29B2EC39115FC3BBE9BAA5C4AD7707E91C2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:ee:60:3f:e1:e8:3f:0d:26:cc:72:28:f9:41:
                    4c:a6:be:95:89:b8:c7:48:4a:87:a2:ce:4d:13:ed:
                    64:a0:9f:f2:e9:bf:f7:93:f8:a6:15:5a:ae:75:e2:
                    76:fc:71:9e:ec:98:44:1e:f0:79:1a:b3:56:d2:33:
                    8e:50:0b:06:55:b4:fc:ce:bf:aa:ed:ed:51:07:ac:
                    1b:ac:87:b7:a2:b2:dc:ba:10:bf:24:d2:04:dd:92:
                    24:f5:68:d4:bc:ac:3a:36:a7:14:58:4a:ca:b3:09:
                    9c:98:c7:e4:9a:91:6d:54:8a:b9:48:bb:0b:9e:c5:
                    0f:e7:a4:0e:bb:6e:8b:c9:f5:3b:5d:52:fe:db:0f:
                    0e:a6:0b:da:2a:bf:be:11:cd:fb:59:2f:2e:c5:32:
                    d6:59:d1:22:69:d0:54:39:ee:5e:d3:73:17:2a:c1:
                    0a:95:bd:ff:69:07:f6:b1:38:d7:11:5c:6c:7c:fa:
                    6d:b2:42:33:75:d5:aa:62:19:87:d3:7a:78:41:da:
                    58:22:8b:0b:72:e1:c1:13:68:ec:d8:8c:ac:53:4a:
                    67:81:e9:57:d5:d9:0c:90:73:fa:19:97:10:a5:1e:
                    f6:a0:20:22:56:d0:38:e1:d6:39:75:9f:7b:ba:42:
                    cb:32:dc:ab:3b:de:8c:37:b6:5b:6e:73:b4:3f:83:
                    50:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:E4:B2:9B:2E:C3:91:15:FC:3B:BE:9B:AA:5C:4A:D7:70:7E:91:C2
            X509v3 Authority Key Identifier:
                keyid:52:84:04:22:D0:B7:2B:A9:92:7D:E0:FF:73:53:5F:DF:16:35:21:A4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://0.sb/repo/sb/39/52840422D0B72BA9927DE0FF73535FDF163521A4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UoQEItC3K6mSfeD_c1Nf3xY1IaQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://0.sb/repo/sb/39/3130332e3230312e3132382e302f32322d3234203d3e203233393539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.201.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9f:cc:ad:57:b4:97:e3:a3:03:1a:30:71:eb:97:ea:0e:ac:8c:
         db:b7:61:ee:4b:51:b7:4d:79:99:92:3c:09:d1:96:98:00:2d:
         2b:02:00:70:b6:83:5c:a5:c8:a2:58:b9:67:94:35:a0:ca:22:
         04:2b:31:b9:8b:02:5d:f9:23:a4:da:3b:89:2e:82:0e:54:6e:
         31:39:94:11:37:23:d0:f7:c7:bf:2e:31:6a:e9:1f:10:17:c6:
         df:83:d5:d6:78:21:ed:8a:84:4b:96:34:e1:2f:67:f4:ed:2f:
         d3:9a:b5:12:b2:fd:ca:5b:35:e5:84:e8:da:eb:e7:fd:ab:bc:
         b1:0c:29:b3:3b:97:a2:f7:a3:e3:5c:d7:3c:54:f0:49:56:b0:
         b8:8e:5d:88:b8:09:f4:25:cc:a4:49:15:12:4f:af:3b:88:de:
         c1:8e:f5:9d:d8:96:b0:cc:d4:fb:02:52:0d:87:b4:f3:fe:01:
         8f:09:a3:83:a9:57:8f:1c:38:6e:b1:18:1b:9f:b2:f0:49:c4:
         cb:f9:00:eb:94:0a:21:ec:11:31:63:e5:19:41:c2:bb:6b:68:
         ec:a8:5e:09:5b:26:5e:4a:25:28:a0:8e:4e:df:32:83:44:fd:
         b5:ab:1b:72:6a:af:88:8b:df:88:7d:12:16:9c:e4:f4:e5:4f:
         53:e8:9e:54
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUZrt1i1/dGgSMlER+RamUA7McTwswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRkZFM0YwMDAwMTEwLwYDVQQFEyg1Mjg0MDQyMkQw
QjcyQkE5OTI3REUwRkY3MzUzNUZERjE2MzUyMUE0MB4XDTI1MDgxNDEzNDc0MFoX
DTI2MDgxMzEzNTI0MFowMzExMC8GA1UEAxMoNkZFNEIyOUIyRUMzOTExNUZDM0JC
RTlCQUE1QzRBRDc3MDdFOTFDMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO3uYD/h6D8NJsxyKPlBTKa+lYm4x0hKh6LOTRPtZKCf8um/95P4phVarnXi
dvxxnuyYRB7weRqzVtIzjlALBlW0/M6/qu3tUQesG6yHt6Ky3LoQvyTSBN2SJPVo
1LysOjanFFhKyrMJnJjH5JqRbVSKuUi7C57FD+ekDrtui8n1O11S/tsPDqYL2iq/
vhHN+1kvLsUy1lnRImnQVDnuXtNzFyrBCpW9/2kH9rE41xFcbHz6bbJCM3XVqmIZ
h9N6eEHaWCKLC3LhwRNo7NiMrFNKZ4HpV9XZDJBz+hmXEKUe9qAgIlbQOOHWOXWf
e7pCyzLcqzvejDe2W25ztD+DUFECAwEAAaOCAdgwggHUMB0GA1UdDgQWBBRv5LKb
LsORFfw7vpuqXErXcH6RwjAfBgNVHSMEGDAWgBRShAQi0LcrqZJ94P9zU1/fFjUh
pDAOBgNVHQ8BAf8EBAMCB4AwVQYDVR0fBE4wTDBKoEigRoZEcnN5bmM6Ly8wLnNi
L3JlcG8vc2IvMzkvNTI4NDA0MjJEMEI3MkJBOTkyN0RFMEZGNzM1MzVGREYxNjM1
MjFBNC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvVW9RRUl0QzNLNm1TZmVEX2MxTmYzeFkxSWFRLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vMC5zYi9yZXBvL3NiLzM5LzMx
MzAzMzJlMzIzMDMxMmUzMTMyMzgyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMz
MzkzNTM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCZ8mAMA0GCSqGSIb3DQEBCwUAA4IBAQCfzK1XtJfj
owMaMHHrl+oOrIzbt2HuS1G3TXmZkjwJ0ZaYAC0rAgBwtoNcpciiWLlnlDWgyiIE
KzG5iwJd+SOk2juJLoIOVG4xOZQRNyPQ98e/LjFq6R8QF8bfg9XWeCHtioRLljTh
L2f07S/TmrUSsv3KWzXlhOja6+f9q7yxDCmzO5ei96PjXNc8VPBJVrC4jl2IuAn0
JcykSRUST687iN7BjvWd2JawzNT7AlINh7Tz/gGPCaODqVePHDhusRgbn7LwScTL
+QDrlAoh7BExY+UZQcK7a2jsqF4JWyZeSiUooI5O3zKDRP21qxtyaq+Ii9+IfRIW
nOT05U9T6J5U
-----END CERTIFICATE-----