Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/24AAD02CABB011EFA8B1AB11C4F9AE02.roa
File:                     24AAD02CABB011EFA8B1AB11C4F9AE02.roa (raw, json)
Hash identifier:          oMra66N1kt++YbdLUU+exniY+8yKE2worby+Mp1yaGw=
Subject key identifier:   C2:D6:98:F1:AC:E0:DD:AE:F0:AF:45:74:70:58:BF:07:3B:16:66:D7
Certificate issuer:       /CN=A91262CA/serialNumber=77A201C58EB3B4208C91BA7ECED936E595E61A19
Certificate serial:       0658
Authority key identifier: 77:A2:01:C5:8E:B3:B4:20:8C:91:BA:7E:CE:D9:36:E5:95:E6:1A:19
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d6IBxY6ztCCMkbp-ztk25ZXmGhk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/24AAD02CABB011EFA8B1AB11C4F9AE02.roa
Signing time:             Wed 27 Aug 2025 01:05:47 +0000
ROA not before:           Wed 27 Aug 2025 01:05:47 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     153459
IP address blocks:        202.183.131.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/d6IBxY6ztCCMkbp-ztk25ZXmGhk.crl
                          rsync://rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/d6IBxY6ztCCMkbp-ztk25ZXmGhk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d6IBxY6ztCCMkbp-ztk25ZXmGhk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 02:20:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1624 (0x658)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91262CA, serialNumber=77A201C58EB3B4208C91BA7ECED936E595E61A19
        Validity
            Not Before: Aug 27 01:05:47 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=68ae59eb-20d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:39:57:1a:67:d8:ec:02:9b:41:d6:ea:75:b7:
                    47:6f:94:cf:42:0a:97:29:e5:09:8f:0c:d3:74:20:
                    0a:b1:e7:32:f7:84:9e:83:1a:0a:b6:ef:f4:31:20:
                    2a:44:7d:44:7e:38:4e:54:59:08:b4:32:d2:6b:b0:
                    31:f4:29:ea:53:60:b6:40:cf:15:3e:ed:14:2d:75:
                    da:4a:75:13:7d:51:bd:cb:eb:8c:9c:54:87:e1:3a:
                    9b:2a:0f:19:14:20:90:cf:7e:38:cc:e5:62:db:81:
                    96:76:b2:79:b5:f0:fa:3a:76:85:2f:ab:bb:78:b3:
                    74:a4:9c:1d:0d:b4:a2:cb:95:39:98:ee:8e:51:49:
                    8d:62:42:e3:97:94:4d:fb:50:bd:6a:8d:d4:1a:73:
                    11:97:f2:9e:76:60:17:f3:48:95:fd:9b:79:bb:3c:
                    c3:86:48:2f:db:c5:35:cc:fd:6c:2d:f6:98:06:3b:
                    82:a8:02:94:d6:04:e9:60:a9:58:f6:5b:b1:5a:f4:
                    74:3e:78:2a:0e:5b:a4:7e:c1:c9:22:b4:63:c9:53:
                    eb:92:13:55:ba:30:28:c4:52:30:05:4f:37:9e:07:
                    f3:fa:a2:d0:ca:04:3b:ce:c6:84:20:f5:15:4c:90:
                    84:04:f9:cf:95:11:32:3b:0c:9b:47:e0:7f:33:4a:
                    eb:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:D6:98:F1:AC:E0:DD:AE:F0:AF:45:74:70:58:BF:07:3B:16:66:D7
            X509v3 Authority Key Identifier:
                keyid:77:A2:01:C5:8E:B3:B4:20:8C:91:BA:7E:CE:D9:36:E5:95:E6:1A:19

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/d6IBxY6ztCCMkbp-ztk25ZXmGhk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d6IBxY6ztCCMkbp-ztk25ZXmGhk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/24AAD02CABB011EFA8B1AB11C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.183.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:4c:fc:d2:8c:25:43:a8:a8:0c:fa:cc:4b:5b:92:ff:92:c9:
         90:60:55:37:db:68:fd:b6:58:7b:8a:ec:e4:47:65:c6:1a:4f:
         63:0a:c3:3a:9e:be:28:ca:4d:a3:73:dc:b0:70:b6:60:70:fc:
         29:47:61:92:2f:d4:8a:11:8c:e4:e5:b5:bc:1a:bb:01:50:70:
         cb:78:fa:54:f9:24:07:3d:70:4c:3b:f2:0e:97:bf:33:47:4e:
         a9:de:24:0c:de:df:6a:59:18:aa:82:5c:a2:0d:2b:d4:a1:8d:
         1d:94:c8:b7:2f:53:c4:5a:ef:b9:33:c4:a4:fd:71:a2:6b:dd:
         28:46:f0:be:83:6d:75:c5:65:94:74:da:d9:9d:e2:e3:13:51:
         9e:b8:dc:df:a9:da:7c:d9:10:41:16:7b:c0:1a:95:de:c2:f3:
         78:fc:98:56:1a:6a:dc:45:77:f5:1c:b2:f3:61:38:69:97:1a:
         f2:bb:8d:4c:11:43:de:0e:4b:0a:25:fe:71:cd:e0:ee:4c:64:
         38:0a:80:f2:f1:63:ec:4f:e3:e8:5a:4a:ff:70:3f:a6:65:1e:
         78:52:1d:74:92:b4:83:b2:73:4d:fc:24:74:d2:6c:4b:07:ed:
         a9:0d:47:3c:28:6e:70:b2:94:7b:d4:95:3b:69:56:af:05:af:
         5a:a5:24:16
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBlgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjYyQ0ExMTAvBgNVBAUTKDc3QTIwMUM1OEVCM0I0MjA4QzkxQkE3RUNFRDkzNkU1
OTVFNjFBMTkwHhcNMjUwODI3MDEwNTQ3WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGFlNTllYi0yMGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvzlXGmfY7AKbQdbqdbdHb5TPQgqXKeUJjwzTdCAKsecy94SegxoKtu/0MSAq
RH1EfjhOVFkItDLSa7Ax9CnqU2C2QM8VPu0ULXXaSnUTfVG9y+uMnFSH4TqbKg8Z
FCCQz344zOVi24GWdrJ5tfD6OnaFL6u7eLN0pJwdDbSiy5U5mO6OUUmNYkLjl5RN
+1C9ao3UGnMRl/KedmAX80iV/Zt5uzzDhkgv28U1zP1sLfaYBjuCqAKU1gTpYKlY
9luxWvR0PngqDlukfsHJIrRjyVPrkhNVujAoxFIwBU83ngfz+qLQygQ7zsaEIPUV
TJCEBPnPlREyOwybR+B/M0rr7QIDAQABo4IClTCCApEwHQYDVR0OBBYEFMLWmPGs
4N2u8K9FdHBYvwc7FmbXMB8GA1UdIwQYMBaAFHeiAcWOs7QgjJG6fs7ZNuWV5hoZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNjJDQS9GNUVEQzdGQzhB
NTcxMUVDOTZFQkMwMTRDNEY5QUUwMi9kNklCeFk2enRDQ01rYnAtenRrMjVaWG1H
aGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Q2SUJ4WTZ6dENDTWticC16dGsyNVpYbUdoay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjYyQ0EvRjVFREM3RkM4QTU3MTFFQzk2RUJDMDE0QzRGOUFFMDIvMjRBQUQwMkNB
QkIwMTFFRkE4QjFBQjExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKt4MwDQYJKoZIhvcNAQELBQADggEBAFRM/NKMJUOoqAz6
zEtbkv+SyZBgVTfbaP22WHuK7ORHZcYaT2MKwzqevijKTaNz3LBwtmBw/ClHYZIv
1IoRjOTltbwauwFQcMt4+lT5JAc9cEw78g6XvzNHTqneJAze32pZGKqCXKINK9Sh
jR2UyLcvU8Ra77kzxKT9caJr3ShG8L6DbXXFZZR02tmd4uMTUZ643N+p2nzZEEEW
e8Aald7C83j8mFYaatxFd/UcsvNhOGmXGvK7jUwRQ94OSwol/nHN4O5MZDgKgPLx
Y+xP4+haSv9wP6ZlHnhSHXSStIOyc038JHTSbEsH7akNRzwobnCylHvUlTtpVq8F
r1qlJBY=
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:44:16 2025 by rpki-client