Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A914237B/AA86B11E31B011EE9A50D761C4F9AE02/47620F428FBB11EF8DDB8746C4F9AE02.roa
File:                     47620F428FBB11EF8DDB8746C4F9AE02.roa (raw, json)
Hash identifier:          C7759mBf5StBzuFlYt1INvudD+tE3ojXXFo1YyILhbw=
Subject key identifier:   DB:F8:2B:4B:2E:83:80:6F:3A:0D:77:F7:D9:68:26:8F:01:25:71:27
Certificate issuer:       /CN=A914237B/serialNumber=643A89EA080AAC86F8A68B55108E77B106A141CA
Certificate serial:       0168
Authority key identifier: 64:3A:89:EA:08:0A:AC:86:F8:A6:8B:55:10:8E:77:B1:06:A1:41:CA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZDqJ6ggKrIb4potVEI53sQahQco.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914237B/AA86B11E31B011EE9A50D761C4F9AE02/47620F428FBB11EF8DDB8746C4F9AE02.roa
Signing time:             Mon 19 May 2025 03:13:53 +0000
ROA not before:           Mon 19 May 2025 03:13:53 +0000
ROA not after:            Thu 30 Jul 2026 00:00:00 +0000
asID:                     197537
IP address blocks:        103.69.93.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914237B/AA86B11E31B011EE9A50D761C4F9AE02/ZDqJ6ggKrIb4potVEI53sQahQco.crl
                          rsync://rpki.apnic.net/member_repository/A914237B/AA86B11E31B011EE9A50D761C4F9AE02/ZDqJ6ggKrIb4potVEI53sQahQco.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZDqJ6ggKrIb4potVEI53sQahQco.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 10 Jul 2025 03:15:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 360 (0x168)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914237B, serialNumber=643A89EA080AAC86F8A68B55108E77B106A141CA
        Validity
            Not Before: May 19 03:13:53 2025 GMT
            Not After : Jul 30 00:00:00 2026 GMT
        Subject: CN=682aa1f1-36f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:c1:7e:97:80:95:5c:f6:eb:bb:86:b0:e5:c9:
                    70:2d:97:57:31:52:b2:5c:c3:99:33:0c:1d:91:5c:
                    09:5f:c5:2a:32:82:6b:0e:ec:b0:35:be:7d:8c:16:
                    e1:ba:ca:d9:90:b3:be:87:77:61:a8:24:9c:ae:20:
                    20:90:3d:3f:66:0e:a5:d0:94:30:f9:16:07:7d:5e:
                    38:57:b8:94:06:e5:0c:e6:d3:6e:b9:69:4b:90:74:
                    b0:52:72:6c:1a:d6:a9:1c:b2:6b:ed:1e:3a:de:aa:
                    6c:ec:98:c8:e2:b5:40:ad:d1:5a:e0:77:cb:bb:a1:
                    cf:b6:de:be:60:5a:62:b1:9b:c5:27:8b:05:20:8f:
                    9e:fb:0d:34:46:72:26:be:ff:18:81:2b:96:b3:f2:
                    c1:ca:93:ee:e8:14:57:42:90:c1:1a:14:16:9c:7e:
                    16:54:65:70:99:17:1d:2e:e0:7f:4e:4c:8e:61:49:
                    c5:b2:60:61:47:bd:10:1d:9b:2a:d4:78:34:63:9f:
                    b6:ba:d1:a9:34:ec:72:91:7f:27:5b:af:ad:49:16:
                    b0:6e:68:de:28:b9:06:ce:2a:cc:59:04:62:fa:5a:
                    ee:b2:f6:ac:a4:22:f9:fb:b5:5d:23:68:d2:ca:16:
                    84:bd:07:3a:28:1e:18:6e:e2:48:18:85:48:88:e7:
                    5f:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:F8:2B:4B:2E:83:80:6F:3A:0D:77:F7:D9:68:26:8F:01:25:71:27
            X509v3 Authority Key Identifier:
                keyid:64:3A:89:EA:08:0A:AC:86:F8:A6:8B:55:10:8E:77:B1:06:A1:41:CA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914237B/AA86B11E31B011EE9A50D761C4F9AE02/ZDqJ6ggKrIb4potVEI53sQahQco.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZDqJ6ggKrIb4potVEI53sQahQco.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914237B/AA86B11E31B011EE9A50D761C4F9AE02/47620F428FBB11EF8DDB8746C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.69.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c3:ee:97:92:6a:b3:e9:34:8d:b8:c6:82:ab:69:c0:6f:ea:2b:
         83:1d:f4:f5:7b:11:35:43:bd:8c:7c:08:bd:c5:f0:78:ea:ff:
         cf:7f:a3:5d:0a:60:74:25:ec:cd:9a:08:0b:41:dd:8e:12:77:
         0c:47:0d:0c:da:f3:2d:da:a8:39:12:98:95:4e:b7:88:d1:1a:
         3d:2e:6b:b4:11:8f:98:77:e9:be:58:6f:16:b6:eb:82:cb:05:
         f9:26:41:82:8b:d6:51:1c:49:61:86:e2:c9:9f:5b:68:9e:76:
         34:29:c5:12:8c:23:66:fb:f9:10:9f:be:9d:e2:09:ee:3d:ba:
         5e:05:09:87:c8:82:ac:67:87:0e:50:98:ec:2a:dc:26:83:fe:
         b6:c3:3a:41:3d:2c:c9:a2:c9:f8:85:0e:bd:c7:1b:2c:1a:1c:
         cb:f5:3d:22:ec:92:7c:85:27:32:64:38:69:6b:ff:3e:ba:3d:
         7d:c0:a5:7b:aa:3a:6a:60:d1:60:96:54:c6:8b:60:00:b7:c3:
         c6:9d:51:bf:ec:2f:5c:f6:37:30:5d:24:3b:03:c8:2b:f2:d6:
         34:f7:f6:f4:fa:d3:bf:b0:e7:c9:e9:32:e6:24:a2:36:96:8e:
         d7:20:f1:67:d5:26:8c:5f:7e:9c:0d:e5:48:e2:b9:46:1d:67:
         80:e5:b9:a0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAWgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDIzN0IxMTAvBgNVBAUTKDY0M0E4OUVBMDgwQUFDODZGOEE2OEI1NTEwOEU3N0Ix
MDZBMTQxQ0EwHhcNMjUwNTE5MDMxMzUzWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJhYTFmMS0zNmYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3sF+l4CVXPbru4aw5clwLZdXMVKyXMOZMwwdkVwJX8UqMoJrDuywNb59jBbh
usrZkLO+h3dhqCScriAgkD0/Zg6l0JQw+RYHfV44V7iUBuUM5tNuuWlLkHSwUnJs
GtapHLJr7R463qps7JjI4rVArdFa4HfLu6HPtt6+YFpisZvFJ4sFII+e+w00RnIm
vv8YgSuWs/LBypPu6BRXQpDBGhQWnH4WVGVwmRcdLuB/TkyOYUnFsmBhR70QHZsq
1Hg0Y5+2utGpNOxykX8nW6+tSRawbmjeKLkGzirMWQRi+lrusvaspCL5+7VdI2jS
yhaEvQc6KB4YbuJIGIVIiOdf1QIDAQABo4IClTCCApEwHQYDVR0OBBYEFNv4K0su
g4BvOg1399loJo8BJXEnMB8GA1UdIwQYMBaAFGQ6ieoICqyG+KaLVRCOd7EGoUHK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjM3Qi9BQTg2QjExRTMx
QjAxMUVFOUE1MEQ3NjFDNEY5QUUwMi9aRHFKNmdnS3JJYjRwb3RWRUk1M3NRYWhR
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pEcUo2Z2dLckliNHBvdFZFSTUzc1FhaFFjby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDIzN0IvQUE4NkIxMUUzMUIwMTFFRTlBNTBENzYxQzRGOUFFMDIvNDc2MjBGNDI4
RkJCMTFFRjhEREI4NzQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnRV0wDQYJKoZIhvcNAQELBQADggEBAMPul5Jqs+k0jbjG
gqtpwG/qK4Md9PV7ETVDvYx8CL3F8Hjq/89/o10KYHQl7M2aCAtB3Y4SdwxHDQza
8y3aqDkSmJVOt4jRGj0ua7QRj5h36b5Ybxa264LLBfkmQYKL1lEcSWGG4smfW2ie
djQpxRKMI2b7+RCfvp3iCe49ul4FCYfIgqxnhw5QmOwq3CaD/rbDOkE9LMmiyfiF
Dr3HGywaHMv1PSLsknyFJzJkOGlr/z66PX3ApXuqOmpg0WCWVMaLYAC3w8adUb/s
L1z2NzBdJDsDyCvy1jT39vT607+w58npMuYkojaWjtcg8WfVJoxffpwN5UjiuUYd
Z4DluaA=
-----END CERTIFICATE-----
Generated at Thu Jul 3 14:57:38 2025 by rpki-client