Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/94472FA8459511EDA982510FC4F9AE02.roa
File:                     94472FA8459511EDA982510FC4F9AE02.roa (raw, json)
Hash identifier:          j5aPkG3TQp4ZSYb19wsJ+yVYm/19Q8kwsGAns91fwMA=
Subject key identifier:   B7:9C:E6:E5:11:42:2D:82:C3:C6:BC:67:80:F3:B3:E7:87:0B:F9:B6
Certificate issuer:       /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial:       36B0
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/94472FA8459511EDA982510FC4F9AE02.roa
Signing time:             Wed 08 Oct 2025 14:40:34 +0000
ROA not before:           Wed 08 Oct 2025 14:40:34 +0000
ROA not after:            Wed 30 Dec 2026 00:00:00 +0000
asID:                     133847
IP address blocks:        175.29.96.0/21 maxlen: 24
                          175.29.208.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
                          rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 07:15:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14000 (0x36b0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91510AD, serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
        Validity
            Not Before: Oct  8 14:40:34 2025 GMT
            Not After : Dec 30 00:00:00 2026 GMT
        Subject: CN=68e677e2-8fc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:b0:4d:ef:f6:4d:22:20:80:24:e0:1c:9f:9c:
                    54:2d:53:f3:a0:e2:7d:57:b9:af:36:66:3d:5e:97:
                    85:16:8c:c8:da:21:1e:25:19:4a:1a:e1:8d:7c:ad:
                    de:71:21:00:ed:96:aa:a3:3d:f1:31:a9:77:72:61:
                    31:0f:e3:d8:39:db:16:51:42:d5:45:e7:f7:fc:4d:
                    db:ac:c8:50:29:20:4b:6d:0d:88:a1:40:6a:68:05:
                    8c:0a:11:ea:7e:d1:c8:37:6b:6e:c6:01:79:ec:fa:
                    86:3a:4f:e0:2e:54:4c:f1:1a:c4:d5:49:ed:01:f3:
                    22:c8:77:d6:84:a4:8d:58:48:6e:51:3f:64:66:1f:
                    91:29:1e:ef:10:de:ee:8a:00:8e:d9:93:d5:dd:58:
                    14:23:fb:22:9c:08:74:94:01:96:c0:8e:0e:cb:75:
                    89:33:fd:08:a8:1f:09:59:7e:c5:75:8d:0e:58:72:
                    9e:73:3e:6b:6f:1a:c8:35:c7:8a:97:36:4b:c6:07:
                    7a:ae:15:f7:20:27:07:c1:ed:63:d6:cc:0b:bf:8a:
                    da:0f:fb:49:e6:4b:61:8d:88:4d:b6:a0:a1:23:3f:
                    b7:47:e9:5e:ea:73:f2:ec:fd:d9:35:c5:e6:d0:0c:
                    58:a7:9b:11:0a:d5:17:5e:7a:cc:d0:9e:ac:e1:18:
                    ee:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:9C:E6:E5:11:42:2D:82:C3:C6:BC:67:80:F3:B3:E7:87:0B:F9:B6
            X509v3 Authority Key Identifier:
                keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/94472FA8459511EDA982510FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  175.29.96.0/21
                  175.29.208.0/20

    Signature Algorithm: sha256WithRSAEncryption
         b7:56:72:b8:ec:d5:c4:be:f9:0f:da:ac:13:f2:4d:8f:ea:69:
         c2:4f:0c:06:df:67:7d:58:9d:51:ae:45:f4:ff:4c:55:c1:17:
         67:ed:08:6a:cf:ee:34:54:6b:16:df:86:c3:21:95:3a:87:9b:
         48:a8:a5:a2:76:54:b0:40:8f:cc:00:bd:71:c2:ce:30:66:c8:
         22:52:e7:22:27:53:bf:32:f1:1c:8c:31:0a:c3:6f:ee:64:e8:
         7b:e2:a8:c3:27:43:1f:9b:e7:26:6a:ce:5f:bd:19:38:95:db:
         b8:3a:91:17:e2:b6:00:37:0a:b4:76:b7:76:a6:a5:fd:a9:68:
         37:be:5a:b4:df:3b:96:94:ad:5f:3d:bd:e3:51:29:d0:33:c6:
         2f:6f:06:57:92:0b:06:38:ce:c7:1a:34:1a:a6:f2:c6:8a:c6:
         0a:63:79:84:88:e4:f9:d5:8d:4c:59:4b:58:28:ad:f0:29:86:
         b3:85:7e:56:95:65:f2:1f:8c:f8:81:fe:db:88:07:30:10:75:
         57:93:dd:e8:46:0d:aa:0d:00:bd:31:05:91:b7:4e:4f:b4:c7:
         1c:28:0f:db:74:ed:89:f6:36:aa:f1:94:8b:f2:45:78:cb:43:
         b4:10:06:3e:2d:f6:05:6a:bd:a8:03:4a:6b:04:ab:3e:2d:f3:
         0e:28:3c:ba
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNrAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjUxMDA4MTQ0MDM0WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGU2NzdlMi04ZmM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu7BN7/ZNIiCAJOAcn5xULVPzoOJ9V7mvNmY9XpeFFozI2iEeJRlKGuGNfK3e
cSEA7Zaqoz3xMal3cmExD+PYOdsWUULVRef3/E3brMhQKSBLbQ2IoUBqaAWMChHq
ftHIN2tuxgF57PqGOk/gLlRM8RrE1UntAfMiyHfWhKSNWEhuUT9kZh+RKR7vEN7u
igCO2ZPV3VgUI/sinAh0lAGWwI4Oy3WJM/0IqB8JWX7FdY0OWHKecz5rbxrINceK
lzZLxgd6rhX3ICcHwe1j1swLv4raD/tJ5kthjYhNtqChIz+3R+le6nPy7P3ZNcXm
0AxYp5sRCtUXXnrM0J6s4RjuIwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLec5uUR
Qi2Cw8a8Z4Dzs+eHC/m2MB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvOTQ0NzJGQTg0
NTk1MTFFREE5ODI1MTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAOvHWADBASvHdAwDQYJKoZIhvcNAQELBQADggEBALdWcrjs
1cS++Q/arBPyTY/qacJPDAbfZ31YnVGuRfT/TFXBF2ftCGrP7jRUaxbfhsMhlTqH
m0iopaJ2VLBAj8wAvXHCzjBmyCJS5yInU78y8RyMMQrDb+5k6HviqMMnQx+b5yZq
zl+9GTiV27g6kRfitgA3CrR2t3ampf2paDe+WrTfO5aUrV89veNRKdAzxi9vBleS
CwY4zscaNBqm8saKxgpjeYSI5PnVjUxZS1gorfAphrOFflaVZfIfjPiB/tuIBzAQ
dVeT3ehGDaoNAL0xBZG3Tk+0xxwoD9t07Yn2NqrxlIvyRXjLQ7QQBj4t9gVqvagD
SmsEqz4t8w4oPLo=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:39:29 2025 by rpki-client