Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9112A7D/A04A60B4246511EDB8D42021C4F9AE02/6DE1A436246811ED82556323C4F9AE02.roa
File:                     6DE1A436246811ED82556323C4F9AE02.roa (raw, json)
Hash identifier:          wBqvUEdJXS+W4twJcgw0kDbGssoYll+0BYZGvLl67rM=
Subject key identifier:   AE:23:DC:CE:F2:94:89:FC:BA:65:4C:AC:95:31:B5:7F:82:C5:5C:3D
Certificate issuer:       /CN=A9112A7D/serialNumber=9255201FFAA1E6672C06C2DF6E8BE11582CC2FAE
Certificate serial:       027C
Authority key identifier: 92:55:20:1F:FA:A1:E6:67:2C:06:C2:DF:6E:8B:E1:15:82:CC:2F:AE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/klUgH_qh5mcsBsLfbovhFYLML64.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9112A7D/A04A60B4246511EDB8D42021C4F9AE02/6DE1A436246811ED82556323C4F9AE02.roa
Signing time:             Tue 23 Sep 2025 02:20:41 +0000
ROA not before:           Tue 23 Sep 2025 02:20:41 +0000
ROA not after:            Tue 01 Dec 2026 00:00:00 +0000
asID:                     132372
IP address blocks:        103.198.26.0/24 maxlen: 24
                          103.198.27.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9112A7D/A04A60B4246511EDB8D42021C4F9AE02/klUgH_qh5mcsBsLfbovhFYLML64.crl
                          rsync://rpki.apnic.net/member_repository/A9112A7D/A04A60B4246511EDB8D42021C4F9AE02/klUgH_qh5mcsBsLfbovhFYLML64.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/klUgH_qh5mcsBsLfbovhFYLML64.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 03:49:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 636 (0x27c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9112A7D, serialNumber=9255201FFAA1E6672C06C2DF6E8BE11582CC2FAE
        Validity
            Not Before: Sep 23 02:20:41 2025 GMT
            Not After : Dec  1 00:00:00 2026 GMT
        Subject: CN=68d203f9-3835
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:49:bc:a8:14:f1:6c:32:80:16:6e:47:da:ef:
                    c2:a4:0e:f0:ec:46:53:18:54:1b:52:b6:bd:38:2c:
                    f9:7e:84:6f:c0:6b:22:ee:a2:41:f0:6b:bc:1d:1f:
                    88:41:c0:11:8c:74:04:20:94:18:05:25:d8:36:1d:
                    b8:c3:24:e4:46:21:97:59:1a:c4:87:7d:91:8c:76:
                    91:af:8f:e9:b2:51:ad:76:5e:34:0f:8e:69:1f:38:
                    25:93:ef:42:74:f8:77:4e:00:f2:0f:31:0a:6b:b7:
                    d2:17:51:95:d7:25:6d:0c:89:2b:33:4d:a0:c2:fc:
                    dd:11:99:19:e9:e3:8f:fd:89:55:fc:6f:d0:87:f2:
                    65:3f:7b:bd:ef:ad:18:04:4e:8e:e7:ff:52:9e:9e:
                    15:3b:27:e8:87:3c:b3:36:76:6e:33:16:04:36:0d:
                    6f:7f:25:49:7a:81:4c:5d:a9:c7:b8:10:95:26:1c:
                    57:99:a0:7d:76:3c:ee:4c:26:fa:0f:27:78:7e:31:
                    9d:08:30:98:75:a8:20:e9:09:02:df:66:ff:dd:b8:
                    1f:68:75:7e:3f:a7:36:cb:20:b1:14:e6:ed:cc:c0:
                    d1:9a:27:4d:d3:16:27:bf:c5:0b:62:00:1d:4d:00:
                    b9:43:1e:6b:54:00:12:72:00:33:e4:c8:9d:2c:bc:
                    d8:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:23:DC:CE:F2:94:89:FC:BA:65:4C:AC:95:31:B5:7F:82:C5:5C:3D
            X509v3 Authority Key Identifier:
                keyid:92:55:20:1F:FA:A1:E6:67:2C:06:C2:DF:6E:8B:E1:15:82:CC:2F:AE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9112A7D/A04A60B4246511EDB8D42021C4F9AE02/klUgH_qh5mcsBsLfbovhFYLML64.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/klUgH_qh5mcsBsLfbovhFYLML64.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9112A7D/A04A60B4246511EDB8D42021C4F9AE02/6DE1A436246811ED82556323C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.198.26.0/23

    Signature Algorithm: sha256WithRSAEncryption
         13:7f:f2:1d:72:80:69:56:22:c1:77:31:c3:82:40:c0:3c:d8:
         64:7a:dc:05:27:f7:59:ed:d0:ae:f8:f5:d6:74:7a:00:7b:5f:
         8b:ac:16:22:c2:75:b6:08:eb:40:42:e0:95:56:35:1b:42:36:
         a4:9a:74:18:bc:cf:b4:c1:ed:0b:31:e4:a3:36:49:ca:5d:82:
         2c:79:f1:ea:8f:69:d4:d6:7c:7f:bf:d8:77:1c:ef:0e:32:c7:
         59:1b:d7:43:87:48:77:aa:51:9c:2a:45:16:48:02:58:31:8c:
         d0:60:c5:62:bb:17:ad:5b:a2:05:cf:8e:b5:4c:2f:aa:5f:53:
         9a:55:5b:fd:23:f4:af:c9:9d:61:c4:38:b5:73:70:73:58:4e:
         fb:b3:d4:bf:e8:81:72:32:14:ad:92:73:66:6e:cf:bb:19:0f:
         bf:59:9d:5e:5e:cd:90:c1:89:8e:bf:a3:92:5e:4f:2e:a1:3f:
         ad:e6:4e:3c:6a:ea:c0:b6:af:81:66:dd:b4:82:df:88:db:c2:
         36:b5:56:c8:ca:6c:6a:7c:46:0e:45:5f:c9:49:07:79:32:6c:
         de:6d:ab:f5:1b:68:7c:6f:1c:e3:99:5a:00:bf:51:49:42:c8:
         d4:36:e1:74:b8:30:c3:15:9c:d3:18:98:51:94:c3:27:84:51:
         7c:5d:e6:6b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAnwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTJBN0QxMTAvBgNVBAUTKDkyNTUyMDFGRkFBMUU2NjcyQzA2QzJERjZFOEJFMTE1
ODJDQzJGQUUwHhcNMjUwOTIzMDIyMDQxWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGQyMDNmOS0zODM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw0m8qBTxbDKAFm5H2u/CpA7w7EZTGFQbUra9OCz5foRvwGsi7qJB8Gu8HR+I
QcARjHQEIJQYBSXYNh24wyTkRiGXWRrEh32RjHaRr4/pslGtdl40D45pHzglk+9C
dPh3TgDyDzEKa7fSF1GV1yVtDIkrM02gwvzdEZkZ6eOP/YlV/G/Qh/JlP3u9760Y
BE6O5/9Snp4VOyfohzyzNnZuMxYENg1vfyVJeoFMXanHuBCVJhxXmaB9djzuTCb6
Dyd4fjGdCDCYdagg6QkC32b/3bgfaHV+P6c2yyCxFObtzMDRmidN0xYnv8ULYgAd
TQC5Qx5rVAAScgAz5MidLLzYAQIDAQABo4IClTCCApEwHQYDVR0OBBYEFK4j3M7y
lIn8umVMrJUxtX+CxVw9MB8GA1UdIwQYMBaAFJJVIB/6oeZnLAbC326L4RWCzC+u
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMkE3RC9BMDRBNjBCNDI0
NjUxMUVEQjhENDIwMjFDNEY5QUUwMi9rbFVnSF9xaDVtY3NCc0xmYm92aEZZTE1M
NjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tsVWdIX3FoNW1jc0JzTGZib3ZoRllMTUw2NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTJBN0QvQTA0QTYwQjQyNDY1MTFFREI4RDQyMDIxQzRGOUFFMDIvNkRFMUE0MzYy
NDY4MTFFRDgyNTU2MzIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnxhowDQYJKoZIhvcNAQELBQADggEBABN/8h1ygGlWIsF3
McOCQMA82GR63AUn91nt0K749dZ0egB7X4usFiLCdbYI60BC4JVWNRtCNqSadBi8
z7TB7Qsx5KM2Scpdgix58eqPadTWfH+/2Hcc7w4yx1kb10OHSHeqUZwqRRZIAlgx
jNBgxWK7F61bogXPjrVML6pfU5pVW/0j9K/JnWHEOLVzcHNYTvuz1L/ogXIyFK2S
c2Zuz7sZD79ZnV5ezZDBiY6/o5JeTy6hP63mTjxq6sC2r4Fm3bSC34jbwja1VsjK
bGp8Rg5FX8lJB3kybN5tq/UbaHxvHOOZWgC/UUlCyNQ24XS4MMMVnNMYmFGUwyeE
UXxd5ms=
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:25:29 2025 by rpki-client