Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912E64A/CCCA5F5EBAB711EBA302942DC4F9AE02/55056D1CBABA11EB8A51C234C4F9AE02.roa
File:                     55056D1CBABA11EB8A51C234C4F9AE02.roa (raw, json)
Hash identifier:          0B8CEdwj7To0b9OkFucnpnuOoYqshX93UqB7JYje0u8=
Subject key identifier:   57:10:26:B7:2D:47:31:F5:CA:EC:E7:2B:2D:4E:14:76:9D:E2:0F:83
Certificate issuer:       /CN=A912E64A/serialNumber=07BBECD0EA089FC64EE140DDC8DDBA52E7D910D0
Certificate serial:       0618
Authority key identifier: 07:BB:EC:D0:EA:08:9F:C6:4E:E1:40:DD:C8:DD:BA:52:E7:D9:10:D0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B7vs0OoIn8ZO4UDdyN26UufZENA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912E64A/CCCA5F5EBAB711EBA302942DC4F9AE02/55056D1CBABA11EB8A51C234C4F9AE02.roa
Signing time:             Wed 10 Sep 2025 23:06:09 +0000
ROA not before:           Wed 10 Sep 2025 23:06:09 +0000
ROA not after:            Tue 01 Dec 2026 00:00:00 +0000
asID:                     24112
IP address blocks:        202.45.14.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A912E64A/CCCA5F5EBAB711EBA302942DC4F9AE02/B7vs0OoIn8ZO4UDdyN26UufZENA.crl
                          rsync://rpki.apnic.net/member_repository/A912E64A/CCCA5F5EBAB711EBA302942DC4F9AE02/B7vs0OoIn8ZO4UDdyN26UufZENA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B7vs0OoIn8ZO4UDdyN26UufZENA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 00:23:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1560 (0x618)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912E64A, serialNumber=07BBECD0EA089FC64EE140DDC8DDBA52E7D910D0
        Validity
            Not Before: Sep 10 23:06:09 2025 GMT
            Not After : Dec  1 00:00:00 2026 GMT
        Subject: CN=68c20460-510e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:f2:ff:99:d0:03:47:41:a1:31:55:da:bf:11:
                    74:83:af:87:90:ee:e7:b8:64:a8:21:1b:a6:6d:33:
                    1d:5a:a9:04:82:e9:56:6b:4c:bc:f5:79:27:5f:04:
                    9a:56:67:c9:6c:7e:03:f0:8c:4a:c5:dc:da:60:18:
                    8a:d5:ec:6c:0f:cf:8c:68:d1:2e:d4:9b:2d:40:cb:
                    5f:5b:ad:8d:98:7b:a9:4e:c5:54:86:d9:6c:fb:6d:
                    8b:0c:7a:bb:ce:7c:f0:67:4e:0e:17:eb:4c:1a:65:
                    80:79:5c:ab:d0:1f:9a:08:d2:66:b3:75:48:fc:00:
                    08:17:60:2b:b7:88:c5:af:63:41:2f:b4:ee:8b:7a:
                    e6:70:73:62:e1:cd:c8:0d:ef:3e:46:57:24:e9:0e:
                    bf:62:25:70:81:af:fc:f6:49:a9:79:3c:42:96:89:
                    47:c2:a2:ef:86:da:8d:90:69:c0:dd:21:ed:97:48:
                    b0:cd:24:36:1c:5e:36:ab:64:56:03:52:e1:cb:a9:
                    5f:64:c7:a5:0c:25:5e:c1:04:e8:58:2e:34:a3:7c:
                    be:59:00:0a:41:05:d8:75:ff:41:94:83:2b:07:6f:
                    63:c0:e0:a2:b1:7e:f9:7d:81:09:22:05:08:7b:83:
                    3f:29:27:a3:56:2c:7a:80:8c:75:8c:9b:36:ea:97:
                    76:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:10:26:B7:2D:47:31:F5:CA:EC:E7:2B:2D:4E:14:76:9D:E2:0F:83
            X509v3 Authority Key Identifier:
                keyid:07:BB:EC:D0:EA:08:9F:C6:4E:E1:40:DD:C8:DD:BA:52:E7:D9:10:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912E64A/CCCA5F5EBAB711EBA302942DC4F9AE02/B7vs0OoIn8ZO4UDdyN26UufZENA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B7vs0OoIn8ZO4UDdyN26UufZENA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E64A/CCCA5F5EBAB711EBA302942DC4F9AE02/55056D1CBABA11EB8A51C234C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.45.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:93:80:f9:6b:28:54:27:ba:0a:85:20:e9:75:23:e7:58:c3:
         07:2d:1e:1d:93:2a:29:bc:d7:d4:9c:16:d5:73:00:1b:0e:53:
         df:e1:34:5e:a8:10:57:95:6e:39:d9:fd:a0:70:30:b3:b3:83:
         1e:32:0e:33:8a:b7:3a:fb:f2:62:cf:19:6f:ee:fd:67:e2:87:
         1d:97:48:e7:8c:00:6c:f3:7c:e3:2d:a4:3f:78:ff:42:a4:b2:
         b6:78:3d:59:07:fe:87:54:e0:72:86:e4:2a:41:13:51:77:e8:
         2b:10:33:83:c7:af:12:53:ae:55:b4:2f:ca:37:4d:ae:1f:b7:
         2e:4b:35:51:37:e3:46:53:dc:45:06:86:67:14:35:ab:e4:36:
         d6:98:24:6d:86:10:1d:0a:43:6c:e5:c3:4c:a4:16:79:71:2b:
         42:40:c7:50:92:5e:99:49:5b:fc:36:e6:4d:8c:97:38:42:c1:
         63:3b:ec:c8:d2:9c:e3:ea:ad:4e:3f:19:1e:8f:98:f5:78:9d:
         da:97:85:fd:0f:e4:8b:ba:97:05:06:2e:85:ed:0d:83:0a:af:
         e6:9a:af:e5:39:4b:7f:0f:fb:78:3c:34:88:e7:4e:24:07:da:
         7c:e7:86:d1:2e:1f:64:10:a1:44:8b:be:90:b7:35:0a:79:4c:
         da:92:3f:93
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBhgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkU2NEExMTAvBgNVBAUTKDA3QkJFQ0QwRUEwODlGQzY0RUUxNDBEREM4RERCQTUy
RTdEOTEwRDAwHhcNMjUwOTEwMjMwNjA5WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGMyMDQ2MC01MTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1vL/mdADR0GhMVXavxF0g6+HkO7nuGSoIRumbTMdWqkEgulWa0y89XknXwSa
VmfJbH4D8IxKxdzaYBiK1exsD8+MaNEu1JstQMtfW62NmHupTsVUhtls+22LDHq7
znzwZ04OF+tMGmWAeVyr0B+aCNJms3VI/AAIF2Art4jFr2NBL7Tui3rmcHNi4c3I
De8+Rlck6Q6/YiVwga/89kmpeTxClolHwqLvhtqNkGnA3SHtl0iwzSQ2HF42q2RW
A1Lhy6lfZMelDCVewQToWC40o3y+WQAKQQXYdf9BlIMrB29jwOCisX75fYEJIgUI
e4M/KSejVix6gIx1jJs26pd2/QIDAQABo4IClTCCApEwHQYDVR0OBBYEFFcQJrct
RzH1yuznKy1OFHad4g+DMB8GA1UdIwQYMBaAFAe77NDqCJ/GTuFA3cjdulLn2RDQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRTY0QS9DQ0NBNUY1RUJB
QjcxMUVCQTMwMjk0MkRDNEY5QUUwMi9CN3ZzME9vSW44Wk80VURkeU4yNlV1ZlpF
TkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0I3dnMwT29JbjhaTzRVRGR5TjI2VXVmWkVOQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkU2NEEvQ0NDQTVGNUVCQUI3MTFFQkEzMDI5NDJEQzRGOUFFMDIvNTUwNTZEMUNC
QUJBMTFFQjhBNTFDMjM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKLQ4wDQYJKoZIhvcNAQELBQADggEBAG2TgPlrKFQnugqF
IOl1I+dYwwctHh2TKim819ScFtVzABsOU9/hNF6oEFeVbjnZ/aBwMLOzgx4yDjOK
tzr78mLPGW/u/Wfihx2XSOeMAGzzfOMtpD94/0KksrZ4PVkH/odU4HKG5CpBE1F3
6CsQM4PHrxJTrlW0L8o3Ta4fty5LNVE340ZT3EUGhmcUNavkNtaYJG2GEB0KQ2zl
w0ykFnlxK0JAx1CSXplJW/w25k2MlzhCwWM77MjSnOPqrU4/GR6PmPV4ndqXhf0P
5Iu6lwUGLoXtDYMKr+aar+U5S38P+3g8NIjnTiQH2nznhtEuH2QQoUSLvpC3NQp5
TNqSP5M=
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:49:23 2025 by rpki-client