Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A914DC5D/39E7146C2A3311EB929DC07CC4F9AE02/55493366013C11ED9864F33CC4F9AE02.roa
File:                     55493366013C11ED9864F33CC4F9AE02.roa (raw, json)
Hash identifier:          H6bRaIcldAr/YEpe8EVNY6L5xO479Q/3kWTocHCRGwM=
Subject key identifier:   EA:0B:98:0E:83:A2:0D:DB:FF:25:01:63:C9:1C:5F:62:38:71:A7:C4
Certificate issuer:       /CN=A914DC5D/serialNumber=20F2531A7BA8212D2BB0900D576372D33F846928
Certificate serial:       0900
Authority key identifier: 20:F2:53:1A:7B:A8:21:2D:2B:B0:90:0D:57:63:72:D3:3F:84:69:28
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IPJTGnuoIS0rsJANV2Ny0z-EaSg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914DC5D/39E7146C2A3311EB929DC07CC4F9AE02/55493366013C11ED9864F33CC4F9AE02.roa
Signing time:             Tue 30 Sep 2025 08:48:10 +0000
ROA not before:           Tue 30 Sep 2025 08:48:10 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     135381
IP address blocks:        202.44.217.0/24 maxlen: 24
                          202.44.218.0/24 maxlen: 24
                          202.44.229.0/24 maxlen: 24
                          202.44.230.0/24 maxlen: 24
                          202.44.231.0/24 maxlen: 24
                          202.44.232.0/24 maxlen: 24
                          202.44.233.0/24 maxlen: 24
                          202.44.252.0/24 maxlen: 24
                          202.44.255.0/24 maxlen: 24
                          203.150.118.0/24 maxlen: 24
                          203.150.121.0/24 maxlen: 24
                          203.150.122.0/24 maxlen: 24
                          203.150.175.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914DC5D/39E7146C2A3311EB929DC07CC4F9AE02/IPJTGnuoIS0rsJANV2Ny0z-EaSg.crl
                          rsync://rpki.apnic.net/member_repository/A914DC5D/39E7146C2A3311EB929DC07CC4F9AE02/IPJTGnuoIS0rsJANV2Ny0z-EaSg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IPJTGnuoIS0rsJANV2Ny0z-EaSg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2304 (0x900)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914DC5D, serialNumber=20F2531A7BA8212D2BB0900D576372D33F846928
        Validity
            Not Before: Sep 30 08:48:10 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=68db9949-820c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:19:d8:fe:f0:73:78:0d:34:6a:b9:cf:91:82:
                    18:19:b5:ba:4f:cb:66:05:b5:77:11:92:9b:dc:dd:
                    aa:ee:84:4c:fb:2d:f8:36:62:74:a0:30:92:1d:5e:
                    80:d5:4e:13:5b:bd:c2:87:a7:d4:17:ab:f6:1f:c3:
                    7d:03:50:f2:05:06:f6:f6:e9:f0:bb:3c:5a:09:86:
                    b8:9b:cc:6c:ea:af:61:25:99:d8:6f:a7:13:de:74:
                    d7:6a:2f:f6:44:3b:b3:ad:38:bf:bd:3f:f1:5c:e0:
                    d6:98:96:26:9c:59:66:83:77:fe:2b:c3:94:5e:66:
                    6e:b4:47:2a:6d:d0:2d:da:b0:2a:75:d3:47:2b:18:
                    d6:fe:11:fc:b0:87:5d:ef:bd:30:89:2d:2d:83:28:
                    a5:8e:d5:d2:7c:d1:d8:be:60:0d:46:d4:99:b3:c6:
                    4e:76:36:05:a6:70:cf:8d:23:71:48:24:53:6a:6d:
                    10:ff:b8:41:81:a0:f0:00:26:70:a5:be:d5:d9:00:
                    c8:f4:02:4b:92:dd:69:8a:31:66:35:f1:fb:c9:f6:
                    9a:9f:ba:d1:4c:fe:73:59:32:62:1c:94:7b:63:51:
                    35:b7:ee:bf:93:ad:7a:ff:66:88:af:4c:30:88:0e:
                    86:23:cc:da:2e:0f:cc:b3:0c:d4:2b:10:8c:8a:c6:
                    7a:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:0B:98:0E:83:A2:0D:DB:FF:25:01:63:C9:1C:5F:62:38:71:A7:C4
            X509v3 Authority Key Identifier:
                keyid:20:F2:53:1A:7B:A8:21:2D:2B:B0:90:0D:57:63:72:D3:3F:84:69:28

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914DC5D/39E7146C2A3311EB929DC07CC4F9AE02/IPJTGnuoIS0rsJANV2Ny0z-EaSg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IPJTGnuoIS0rsJANV2Ny0z-EaSg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914DC5D/39E7146C2A3311EB929DC07CC4F9AE02/55493366013C11ED9864F33CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.44.217.0-202.44.218.255
                  202.44.229.0-202.44.233.255
                  202.44.252.0/24
                  202.44.255.0/24
                  203.150.118.0/24
                  203.150.121.0-203.150.122.255
                  203.150.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:c7:2f:50:37:83:c8:52:56:84:3f:36:25:af:ad:03:01:ba:
         e6:44:9b:e7:e7:0a:52:2a:24:0c:99:5a:b7:d2:76:a0:46:9b:
         97:5b:97:66:71:2f:2a:a7:c0:8d:2b:3c:0b:f2:89:84:85:84:
         e1:a6:63:11:8c:b5:99:03:0c:55:a8:c3:bf:41:9d:76:e8:f7:
         54:5c:c8:66:4d:bc:2d:99:55:22:4b:50:40:66:a6:a3:9c:d8:
         93:5f:cd:ee:8e:40:ad:01:3a:1f:d4:71:aa:35:6f:df:bd:60:
         8b:43:e0:dd:e2:57:80:16:9f:dc:ef:60:a4:ae:d7:d7:c9:a8:
         d6:ad:14:67:7a:b3:bc:e0:e0:5e:c5:4c:92:95:72:ee:33:50:
         8b:7b:69:e3:49:4f:e4:fa:23:b4:89:42:df:57:cc:00:7f:52:
         e2:db:74:dc:67:aa:3c:46:8e:ad:36:06:79:2c:45:f6:e7:93:
         ff:65:fb:10:13:de:3a:4c:e3:b2:60:5c:3a:48:87:2f:ec:08:
         77:db:5c:b3:70:b1:10:7b:ae:c0:9e:6e:b6:28:f4:73:da:73:
         32:e3:a0:1f:fc:1e:4a:e6:cd:53:07:fd:85:52:4c:40:5e:36:
         6b:ef:d8:ac:3b:b1:d1:fb:d2:33:d4:ff:f5:f0:cc:58:50:63:
         c0:83:1a:bc
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgICCQAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NERDNUQxMTAvBgNVBAUTKDIwRjI1MzFBN0JBODIxMkQyQkIwOTAwRDU3NjM3MkQz
M0Y4NDY5MjgwHhcNMjUwOTMwMDg0ODEwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGRiOTk0OS04MjBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5RnY/vBzeA00arnPkYIYGbW6T8tmBbV3EZKb3N2q7oRM+y34NmJ0oDCSHV6A
1U4TW73Ch6fUF6v2H8N9A1DyBQb29unwuzxaCYa4m8xs6q9hJZnYb6cT3nTXai/2
RDuzrTi/vT/xXODWmJYmnFlmg3f+K8OUXmZutEcqbdAt2rAqddNHKxjW/hH8sIdd
770wiS0tgyiljtXSfNHYvmANRtSZs8ZOdjYFpnDPjSNxSCRTam0Q/7hBgaDwACZw
pb7V2QDI9AJLkt1pijFmNfH7yfaan7rRTP5zWTJiHJR7Y1E1t+6/k616/2aIr0ww
iA6GI8zaLg/MswzUKxCMisZ6XwIDAQABo4IC0TCCAs0wHQYDVR0OBBYEFOoLmA6D
og3b/yUBY8kcX2I4cafEMB8GA1UdIwQYMBaAFCDyUxp7qCEtK7CQDVdjctM/hGko
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0REM1RC8zOUU3MTQ2QzJB
MzMxMUVCOTI5REMwN0NDNEY5QUUwMi9JUEpUR251b0lTMHJzSkFOVjJOeTB6LUVh
U2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lQSlRHbnVvSVMwcnNKQU5WMk55MHotRWFTZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NERDNUQvMzlFNzE0NkMyQTMzMTFFQjkyOURDMDdDQzRGOUFFMDIvNTU0OTMzNjYw
MTNDMTFFRDk4NjRGMzNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWwYIKwYBBQUHAQcBAf8E
TDBKMEgEAgABMEIwDAMEAMos2QMEAMos2jAMAwQAyizlAwQByizoAwQAyiz8AwQA
yiz/AwQAy5Z2MAwDBADLlnkDBADLlnoDBADLlq8wDQYJKoZIhvcNAQELBQADggEB
ADrHL1A3g8hSVoQ/NiWvrQMBuuZEm+fnClIqJAyZWrfSdqBGm5dbl2ZxLyqnwI0r
PAvyiYSFhOGmYxGMtZkDDFWow79BnXbo91RcyGZNvC2ZVSJLUEBmpqOc2JNfze6O
QK0BOh/Ucao1b9+9YItD4N3iV4AWn9zvYKSu19fJqNatFGd6s7zg4F7FTJKVcu4z
UIt7aeNJT+T6I7SJQt9XzAB/UuLbdNxnqjxGjq02BnksRfbnk/9l+xAT3jpM47Jg
XDpIhy/sCHfbXLNwsRB7rsCebrYo9HPaczLjoB/8HkrmzVMH/YVSTEBeNmvv2Kw7
sdH70jPU//XwzFhQY8CDGrw=
-----END CERTIFICATE-----
Generated at Tue Oct 21 00:03:38 2025 by rpki-client