Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/248A6CEA4A8611F0A25A1157C4F9AE02.roa
File:                     248A6CEA4A8611F0A25A1157C4F9AE02.roa (raw, json)
Hash identifier:          1cmDcY6sz+LunwCiA396UQFs5SUmwLc8yoDOnxtHNM8=
Subject key identifier:   40:C1:51:32:01:A2:02:7D:75:EA:77:6A:B7:30:0D:36:2D:2E:3C:E8
Certificate issuer:       /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial:       084F
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/248A6CEA4A8611F0A25A1157C4F9AE02.roa
Signing time:             Wed 08 Oct 2025 22:54:15 +0000
ROA not before:           Wed 08 Oct 2025 22:54:15 +0000
ROA not after:            Wed 30 Dec 2026 00:00:00 +0000
asID:                     202736
IP address blocks:        150.107.1.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
                          rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 00:38:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2127 (0x84f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911B412, serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
        Validity
            Not Before: Oct  8 22:54:15 2025 GMT
            Not After : Dec 30 00:00:00 2026 GMT
        Subject: CN=68e6eb96-197c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:0e:a7:6b:4c:7e:e2:e5:d8:df:cc:db:24:bf:
                    f4:4e:68:f6:5f:f6:b7:a4:f0:65:5f:4d:3c:74:d7:
                    aa:0d:41:b6:65:9a:00:47:eb:fe:9a:9e:bb:0f:3e:
                    df:44:c2:bc:75:6d:5b:31:a8:b4:4a:b7:54:75:5c:
                    39:b1:21:56:f3:c6:35:09:50:35:54:10:0c:80:cd:
                    f9:36:34:9b:7e:91:3c:dd:da:d7:c5:74:28:4e:d0:
                    7f:76:22:c3:a9:c8:51:b5:94:08:08:47:9c:2e:eb:
                    c3:a7:a6:4f:78:42:91:ad:66:30:d6:79:03:9a:d7:
                    86:94:20:86:3d:04:22:35:f4:28:7e:23:02:ea:d2:
                    0d:25:76:30:b0:5e:d2:a3:7e:45:cf:95:a3:01:c1:
                    f7:57:6c:76:6f:19:d3:cd:cd:ce:09:ab:56:91:a1:
                    db:2f:fe:e6:90:85:7a:35:10:c4:cd:d8:3e:8f:15:
                    d1:4a:97:3f:8d:78:63:6e:ae:44:65:ec:21:cd:31:
                    87:68:db:b0:d5:46:91:32:ab:65:fd:a2:2f:fa:60:
                    43:b4:30:e3:55:fc:7f:77:0c:32:03:6c:51:d9:34:
                    5e:8e:1a:65:8e:b8:a2:86:62:6f:82:4c:e6:b5:8d:
                    b5:eb:20:39:f0:19:6e:86:7c:99:ed:72:79:03:fc:
                    6d:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:C1:51:32:01:A2:02:7D:75:EA:77:6A:B7:30:0D:36:2D:2E:3C:E8
            X509v3 Authority Key Identifier:
                keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/248A6CEA4A8611F0A25A1157C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.107.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:1b:a4:03:f6:2c:c7:1a:ef:ac:c9:53:ac:7d:77:ba:ec:6b:
         b7:73:46:5c:90:b9:ea:6e:66:1b:5f:d3:51:e0:f8:77:35:24:
         15:69:f7:a4:cb:16:98:b8:43:f4:93:68:ae:91:6e:30:df:35:
         a1:1e:86:e0:b6:fb:7b:ce:4b:a4:24:c0:c9:5a:47:75:e9:df:
         0d:96:22:ff:a9:32:c2:7a:27:f0:cd:0f:fe:51:35:a0:f8:49:
         71:10:9a:9e:2a:9d:17:04:7a:b3:33:c2:b3:4f:ca:df:c1:3d:
         45:e4:df:2e:49:e9:e8:b6:02:cf:c2:4e:0e:ed:70:d7:e5:0e:
         a1:87:3e:56:13:a5:0b:e3:5a:d8:4b:10:6a:ac:ea:d9:f7:21:
         17:25:35:d3:04:75:7c:34:c9:a4:32:8b:d2:a7:0c:76:48:01:
         fe:17:b7:1f:a5:2c:1a:df:38:a1:f1:bf:5b:7d:f8:fe:82:7f:
         2d:4d:ea:0c:ac:f6:a2:af:5a:2d:a3:37:df:f7:bb:4c:a3:31:
         1a:70:c3:a5:04:6a:17:83:db:f9:5d:f6:da:b4:08:8a:81:d3:
         e4:d3:54:11:cc:74:1e:26:c7:4d:92:d2:ce:ad:c4:3c:bc:a2:
         8f:d1:e8:45:ae:f8:4e:fe:16:c1:b7:d9:65:85:45:4e:a5:d2:
         a6:33:e7:2f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCE8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjUxMDA4MjI1NDE1WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGU2ZWI5Ni0xOTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4Q6na0x+4uXY38zbJL/0Tmj2X/a3pPBlX008dNeqDUG2ZZoAR+v+mp67Dz7f
RMK8dW1bMai0SrdUdVw5sSFW88Y1CVA1VBAMgM35NjSbfpE83drXxXQoTtB/diLD
qchRtZQICEecLuvDp6ZPeEKRrWYw1nkDmteGlCCGPQQiNfQofiMC6tINJXYwsF7S
o35Fz5WjAcH3V2x2bxnTzc3OCatWkaHbL/7mkIV6NRDEzdg+jxXRSpc/jXhjbq5E
ZewhzTGHaNuw1UaRMqtl/aIv+mBDtDDjVfx/dwwyA2xR2TRejhpljriihmJvgkzm
tY216yA58BluhnyZ7XJ5A/xtIQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEDBUTIB
ogJ9dep3arcwDTYtLjzoMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvMjQ4QTZDRUE0
QTg2MTFGMEEyNUExMTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACWawEwDQYJKoZIhvcNAQELBQADggEBAIEbpAP2LMca76zJ
U6x9d7rsa7dzRlyQuepuZhtf01Hg+Hc1JBVp96TLFpi4Q/STaK6RbjDfNaEehuC2
+3vOS6QkwMlaR3Xp3w2WIv+pMsJ6J/DND/5RNaD4SXEQmp4qnRcEerMzwrNPyt/B
PUXk3y5J6ei2As/CTg7tcNflDqGHPlYTpQvjWthLEGqs6tn3IRclNdMEdXw0yaQy
i9KnDHZIAf4Xtx+lLBrfOKHxv1t9+P6Cfy1N6gys9qKvWi2jN9/3u0yjMRpww6UE
aheD2/ld9tq0CIqB0+TTVBHMdB4mx02S0s6txDy8oo/R6EWu+E7+FsG32WWFRU6l
0qYz5y8=
-----END CERTIFICATE-----
Generated at Tue Oct 21 05:01:31 2025 by rpki-client