Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9163EB9/FCD55C0A549F11EF86AE5922C4F9AE02/710FB354979E11EF99310B40C4F9AE02.roa
File:                     710FB354979E11EF99310B40C4F9AE02.roa (raw, json)
Hash identifier:          1UcWorT+hHuzqY8KzQLhN3a0TdkRPLNkQE9UL68LZgs=
Subject key identifier:   24:1C:82:AA:64:AF:2B:78:4A:2E:B2:D4:5C:BE:CE:A4:15:4D:2C:98
Certificate issuer:       /CN=A9163EB9/serialNumber=BC0BF8F9D73B7E8CFCC8EA5E9F42D7A855233D7C
Certificate serial:       DB
Authority key identifier: BC:0B:F8:F9:D7:3B:7E:8C:FC:C8:EA:5E:9F:42:D7:A8:55:23:3D:7C
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vAv4-dc7foz8yOpen0LXqFUjPXw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9163EB9/FCD55C0A549F11EF86AE5922C4F9AE02/710FB354979E11EF99310B40C4F9AE02.roa
Signing time:             Tue 23 Sep 2025 06:25:36 +0000
ROA not before:           Tue 23 Sep 2025 06:25:36 +0000
ROA not after:            Sat 31 Oct 2026 00:00:00 +0000
asID:                     137425
IP address blocks:        160.30.63.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9163EB9/FCD55C0A549F11EF86AE5922C4F9AE02/vAv4-dc7foz8yOpen0LXqFUjPXw.crl
                          rsync://rpki.apnic.net/member_repository/A9163EB9/FCD55C0A549F11EF86AE5922C4F9AE02/vAv4-dc7foz8yOpen0LXqFUjPXw.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vAv4-dc7foz8yOpen0LXqFUjPXw.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 08:25:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 219 (0xdb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9163EB9, serialNumber=BC0BF8F9D73B7E8CFCC8EA5E9F42D7A855233D7C
        Validity
            Not Before: Sep 23 06:25:36 2025 GMT
            Not After : Oct 31 00:00:00 2026 GMT
        Subject: CN=68d23d60-9f73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:f8:ac:b5:6f:05:91:78:bf:a4:a3:a9:21:9c:
                    93:b0:b0:e2:30:d3:6c:6b:23:6a:d3:ed:81:64:d6:
                    85:30:a9:13:5c:d2:3e:4d:2d:24:04:99:a9:15:22:
                    fe:db:34:32:65:8d:5d:c2:a8:1f:0a:7c:0d:23:b1:
                    1a:fd:49:62:f4:c9:a2:bf:22:c4:7e:96:29:4d:5b:
                    fb:2a:6c:40:d1:ae:00:80:9d:e3:1e:5e:d7:f8:00:
                    77:e0:5d:2c:69:21:b5:78:fa:0b:d6:f3:1b:84:d3:
                    5b:78:b0:61:c3:2b:1a:68:04:1f:d6:80:96:9a:53:
                    28:8a:e6:4f:9c:1f:72:bd:47:cc:de:5a:8e:a5:be:
                    b5:fe:00:a1:00:f8:59:86:e0:af:b6:09:be:0c:9c:
                    f8:74:b5:23:6b:91:a9:0f:0a:18:f3:33:77:5e:a1:
                    95:7a:62:2c:14:82:23:c9:5b:11:45:0b:2b:f7:fe:
                    cb:a9:bd:1a:b4:0b:66:6b:1e:3d:69:63:c0:8c:4a:
                    68:ae:94:b2:9b:4c:e6:89:2c:b4:7a:85:e5:f2:14:
                    a6:f8:de:4d:7b:e4:16:c9:c9:23:fa:75:92:2e:47:
                    db:39:c4:6c:d9:86:7b:11:3d:6f:0a:6f:0c:5b:fd:
                    9c:64:82:10:c1:50:ac:3e:0b:9e:69:78:41:43:59:
                    ea:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:1C:82:AA:64:AF:2B:78:4A:2E:B2:D4:5C:BE:CE:A4:15:4D:2C:98
            X509v3 Authority Key Identifier:
                keyid:BC:0B:F8:F9:D7:3B:7E:8C:FC:C8:EA:5E:9F:42:D7:A8:55:23:3D:7C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9163EB9/FCD55C0A549F11EF86AE5922C4F9AE02/vAv4-dc7foz8yOpen0LXqFUjPXw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vAv4-dc7foz8yOpen0LXqFUjPXw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9163EB9/FCD55C0A549F11EF86AE5922C4F9AE02/710FB354979E11EF99310B40C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.30.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:07:7b:bc:e2:11:ec:40:1e:1f:ed:da:c5:da:8f:29:47:26:
         07:50:a6:e1:96:3c:23:06:12:b1:60:25:40:10:e7:58:64:ec:
         e4:19:12:c8:01:f2:06:68:4c:31:57:5a:75:71:25:5f:db:75:
         6d:62:56:64:a2:4a:72:ec:b0:19:03:62:c6:f6:27:58:65:a8:
         f6:79:64:51:a4:b4:8d:3e:0b:9f:1f:72:e6:d9:ed:8a:ed:61:
         eb:05:94:cb:ec:a7:c0:0b:b0:b1:1a:68:80:ee:16:ed:e9:d5:
         4f:b6:42:3e:e0:57:15:7f:9d:27:b1:cc:4c:b0:2f:ec:85:c3:
         cd:6b:27:6f:ac:fd:f3:67:ca:a1:f2:6d:0a:7f:be:43:61:7d:
         b0:5b:67:8c:d2:82:bd:55:e6:14:ca:36:d0:48:df:5e:bc:4b:
         2f:3c:1c:5b:5b:e8:86:38:a9:e4:57:c3:4a:b7:3e:06:ae:38:
         52:e8:35:23:aa:95:14:c1:53:8c:64:77:dc:ba:a2:a0:03:42:
         a7:4a:2b:b7:1f:d7:8d:69:04:74:73:0b:88:74:95:5b:f8:7d:
         32:2a:42:fe:d9:f9:95:1e:47:80:63:10:ad:9a:cd:1c:b4:30:
         31:b9:5f:d2:8e:8a:d3:78:99:a7:9f:d6:5d:e9:3e:6d:48:3d:
         11:d2:3a:68
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICANswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjNFQjkxMTAvBgNVBAUTKEJDMEJGOEY5RDczQjdFOENGQ0M4RUE1RTlGNDJEN0E4
NTUyMzNEN0MwHhcNMjUwOTIzMDYyNTM2WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGQyM2Q2MC05ZjczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzvistW8FkXi/pKOpIZyTsLDiMNNsayNq0+2BZNaFMKkTXNI+TS0kBJmpFSL+
2zQyZY1dwqgfCnwNI7Ea/Uli9MmivyLEfpYpTVv7KmxA0a4AgJ3jHl7X+AB34F0s
aSG1ePoL1vMbhNNbeLBhwysaaAQf1oCWmlMoiuZPnB9yvUfM3lqOpb61/gChAPhZ
huCvtgm+DJz4dLUja5GpDwoY8zN3XqGVemIsFIIjyVsRRQsr9/7Lqb0atAtmax49
aWPAjEporpSym0zmiSy0eoXl8hSm+N5Ne+QWyckj+nWSLkfbOcRs2YZ7ET1vCm8M
W/2cZIIQwVCsPgueaXhBQ1nq/QIDAQABo4IClTCCApEwHQYDVR0OBBYEFCQcgqpk
ryt4Si6y1Fy+zqQVTSyYMB8GA1UdIwQYMBaAFLwL+PnXO36M/MjqXp9C16hVIz18
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2M0VCOS9GQ0Q1NUMwQTU0
OUYxMUVGODZBRTU5MjJDNEY5QUUwMi92QXY0LWRjN2Zvejh5T3BlbjBMWHFGVWpQ
WHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3ZBdjQtZGM3Zm96OHlPcGVuMExYcUZValBYdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjNFQjkvRkNENTVDMEE1NDlGMTFFRjg2QUU1OTIyQzRGOUFFMDIvNzEwRkIzNTQ5
NzlFMTFFRjk5MzEwQjQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACgHj8wDQYJKoZIhvcNAQELBQADggEBAEYHe7ziEexAHh/t
2sXajylHJgdQpuGWPCMGErFgJUAQ51hk7OQZEsgB8gZoTDFXWnVxJV/bdW1iVmSi
SnLssBkDYsb2J1hlqPZ5ZFGktI0+C58fcubZ7YrtYesFlMvsp8ALsLEaaIDuFu3p
1U+2Qj7gVxV/nSexzEywL+yFw81rJ2+s/fNnyqHybQp/vkNhfbBbZ4zSgr1V5hTK
NtBI3168Sy88HFtb6IY4qeRXw0q3PgauOFLoNSOqlRTBU4xkd9y6oqADQqdKK7cf
141pBHRzC4h0lVv4fTIqQv7Z+ZUeR4BjEK2azRy0MDG5X9KOitN4maef1l3pPm1I
PRHSOmg=
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:39:51 2025 by rpki-client