Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9158840/6177332A0B8211EA8041154BC4F9AE02/513421B0E3AB11EF9C68465CC4F9AE02.roa
File:                     513421B0E3AB11EF9C68465CC4F9AE02.roa (raw, json)
Hash identifier:          mlVkB+7ujlhO8btL2ps7uhMDXe5XJv8Dd1h2jm6wy4g=
Subject key identifier:   5E:A1:26:7A:B8:0D:9A:74:5A:7C:38:91:94:1E:E8:22:F6:1F:CB:02
Certificate issuer:       /CN=A9158840/serialNumber=FAE6201C666392340BEE138ED41799BA86DAA688
Certificate serial:       0C79
Authority key identifier: FA:E6:20:1C:66:63:92:34:0B:EE:13:8E:D4:17:99:BA:86:DA:A6:88
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-uYgHGZjkjQL7hOO1BeZuobapog.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9158840/6177332A0B8211EA8041154BC4F9AE02/513421B0E3AB11EF9C68465CC4F9AE02.roa
Signing time:             Wed 24 Sep 2025 19:08:08 +0000
ROA not before:           Wed 24 Sep 2025 19:08:08 +0000
ROA not after:            Tue 01 Dec 2026 00:00:00 +0000
asID:                     138146
IP address blocks:        103.121.60.0/24 maxlen: 24
                          103.121.61.0/24 maxlen: 24
                          103.121.62.0/24 maxlen: 24
                          103.121.63.0/24 maxlen: 24
                          2403:6840::/32 maxlen: 40
                          2403:6840::/48 maxlen: 48
                          2403:6840:1::/48 maxlen: 48
                          2403:6840:2::/48 maxlen: 48
                          2403:6840:3::/48 maxlen: 48
                          2403:6840:4::/48 maxlen: 48
                          2403:6840:5::/48 maxlen: 48
                          2403:6840:6::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9158840/6177332A0B8211EA8041154BC4F9AE02/-uYgHGZjkjQL7hOO1BeZuobapog.crl
                          rsync://rpki.apnic.net/member_repository/A9158840/6177332A0B8211EA8041154BC4F9AE02/-uYgHGZjkjQL7hOO1BeZuobapog.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-uYgHGZjkjQL7hOO1BeZuobapog.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 19:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3193 (0xc79)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9158840, serialNumber=FAE6201C666392340BEE138ED41799BA86DAA688
        Validity
            Not Before: Sep 24 19:08:08 2025 GMT
            Not After : Dec  1 00:00:00 2026 GMT
        Subject: CN=68d44198-8614
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:cd:9c:0e:ab:b6:a2:8f:58:ec:ea:53:40:1d:
                    0d:0b:f7:2a:5e:d1:8a:43:a5:66:b4:90:bf:bc:b0:
                    d9:40:61:25:c0:f8:6b:a4:7e:cf:ce:10:5a:23:24:
                    ad:71:d4:65:e8:37:ab:0f:67:95:2e:72:f1:c2:78:
                    7b:86:14:3b:19:38:f3:4b:47:22:92:24:38:78:e8:
                    0a:f1:12:bc:db:83:13:58:43:e3:31:57:03:91:95:
                    32:ff:8d:19:81:5e:1f:6d:66:37:82:94:27:8c:30:
                    9f:87:a2:85:aa:25:9a:46:29:5b:ec:61:64:36:16:
                    be:ed:27:b4:fc:55:80:b8:84:24:13:2a:a6:2e:63:
                    21:c3:1b:70:9d:18:8c:c5:f1:ea:0c:e3:78:87:b9:
                    d6:0b:16:ea:de:01:a3:f0:da:a7:6a:3b:2b:93:21:
                    c0:70:94:75:18:14:35:cc:f7:99:1d:bb:f6:33:43:
                    40:d7:a1:f5:e2:a2:e4:54:1b:ee:4c:1e:1e:88:78:
                    2c:3d:f8:1f:42:b1:4e:a3:55:d2:2c:50:d4:a6:99:
                    17:40:b1:18:51:6d:b9:f8:b6:97:db:fe:9c:8f:08:
                    6f:04:c8:22:b7:8d:19:7e:7d:fc:e0:6c:40:a1:7f:
                    00:0c:3d:1b:2c:40:4c:ef:1e:63:d5:b1:03:a7:9b:
                    09:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:A1:26:7A:B8:0D:9A:74:5A:7C:38:91:94:1E:E8:22:F6:1F:CB:02
            X509v3 Authority Key Identifier:
                keyid:FA:E6:20:1C:66:63:92:34:0B:EE:13:8E:D4:17:99:BA:86:DA:A6:88

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9158840/6177332A0B8211EA8041154BC4F9AE02/-uYgHGZjkjQL7hOO1BeZuobapog.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-uYgHGZjkjQL7hOO1BeZuobapog.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158840/6177332A0B8211EA8041154BC4F9AE02/513421B0E3AB11EF9C68465CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.121.60.0/22
                IPv6:
                  2403:6840::/32

    Signature Algorithm: sha256WithRSAEncryption
         98:b9:83:39:c0:16:3e:48:ad:eb:50:52:ae:93:64:ad:70:91:
         8d:a1:56:73:58:41:ce:9d:36:0d:f9:fd:2e:d3:47:25:f6:91:
         5d:81:7c:03:bb:ab:07:09:f6:9d:50:34:60:3b:0a:f2:d3:61:
         e4:b8:29:31:4a:7d:ff:9c:49:d7:62:eb:f7:69:62:0a:bb:3e:
         f3:f5:fc:62:c8:fe:55:5e:b7:41:26:26:f4:2e:7e:9b:9d:b9:
         e1:75:87:ec:82:75:70:c8:2c:d3:4b:12:c4:f6:06:1f:bd:e0:
         ae:b2:e9:50:8d:5d:cc:30:c2:5a:e8:14:a8:7c:87:09:0a:ac:
         49:45:e6:25:69:18:4d:b0:a9:6d:d6:95:64:46:59:86:0b:12:
         86:aa:36:44:35:53:b4:dd:ef:18:da:4a:4b:98:53:3e:fd:cc:
         6a:b2:b0:4f:18:88:df:cd:1f:9b:ca:8f:b7:09:1c:45:4c:d6:
         b1:73:7a:8f:e5:af:8e:5d:3b:29:2c:79:84:af:f1:bd:0d:3c:
         7a:64:12:71:07:73:4f:df:ac:78:08:de:bb:48:0f:0b:66:51:
         18:e1:d4:dc:b7:83:11:6a:c5:41:03:c7:a9:78:23:0f:ad:17:
         18:e0:4b:89:3d:12:61:07:7d:51:33:13:69:82:fc:98:d3:61:
         ab:b4:db:69
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDHkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTg4NDAxMTAvBgNVBAUTKEZBRTYyMDFDNjY2MzkyMzQwQkVFMTM4RUQ0MTc5OUJB
ODZEQUE2ODgwHhcNMjUwOTI0MTkwODA4WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGQ0NDE5OC04NjE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwc2cDqu2oo9Y7OpTQB0NC/cqXtGKQ6VmtJC/vLDZQGElwPhrpH7PzhBaIySt
cdRl6DerD2eVLnLxwnh7hhQ7GTjzS0cikiQ4eOgK8RK824MTWEPjMVcDkZUy/40Z
gV4fbWY3gpQnjDCfh6KFqiWaRilb7GFkNha+7Se0/FWAuIQkEyqmLmMhwxtwnRiM
xfHqDON4h7nWCxbq3gGj8NqnajsrkyHAcJR1GBQ1zPeZHbv2M0NA16H14qLkVBvu
TB4eiHgsPfgfQrFOo1XSLFDUppkXQLEYUW25+LaX2/6cjwhvBMgit40Zfn384GxA
oX8ADD0bLEBM7x5j1bEDp5sJKQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFF6hJnq4
DZp0Wnw4kZQe6CL2H8sCMB8GA1UdIwQYMBaAFPrmIBxmY5I0C+4TjtQXmbqG2qaI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODg0MC82MTc3MzMyQTBC
ODIxMUVBODA0MTE1NEJDNEY5QUUwMi8tdVlnSEdaamtqUUw3aE9PMUJlWnVvYmFw
b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy11WWdIR1pqa2pRTDdoT08xQmVadW9iYXBvZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTg4NDAvNjE3NzMzMkEwQjgyMTFFQTgwNDExNTRCQzRGOUFFMDIvNTEzNDIxQjBF
M0FCMTFFRjlDNjg0NjVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJneTwwDQQCAAIwBwMFACQDaEAwDQYJKoZIhvcNAQELBQAD
ggEBAJi5gznAFj5IretQUq6TZK1wkY2hVnNYQc6dNg35/S7TRyX2kV2BfAO7qwcJ
9p1QNGA7CvLTYeS4KTFKff+cSddi6/dpYgq7PvP1/GLI/lVet0EmJvQufpudueF1
h+yCdXDILNNLEsT2Bh+94K6y6VCNXcwwwlroFKh8hwkKrElF5iVpGE2wqW3WlWRG
WYYLEoaqNkQ1U7Td7xjaSkuYUz79zGqysE8YiN/NH5vKj7cJHEVM1rFzeo/lr45d
OykseYSv8b0NPHpkEnEHc0/frHgI3rtIDwtmURjh1Ny3gxFqxUEDx6l4Iw+tFxjg
S4k9EmEHfVEzE2mC/JjTYau022k=
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:44:49 2025 by rpki-client