Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916D5A2/C21A538680B811EBBEB19E83C4F9AE02/179D126A80BB11EB8827C40AC4F9AE02.roa
File:                     179D126A80BB11EB8827C40AC4F9AE02.roa (raw, json)
Hash identifier:          PFHRoE4gpt/1Wvai15N8aRrkyA+0he7HHF21tuqRgXE=
Subject key identifier:   18:A2:EC:05:CF:31:B6:8E:5F:DB:9A:CB:08:82:25:39:12:A7:23:75
Certificate issuer:       /CN=A916D5A2/serialNumber=B9FB4223EB03BA0EE6CE07B4660217AFAF716D5D
Certificate serial:       06AA
Authority key identifier: B9:FB:42:23:EB:03:BA:0E:E6:CE:07:B4:66:02:17:AF:AF:71:6D:5D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uftCI-sDug7mzge0ZgIXr69xbV0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916D5A2/C21A538680B811EBBEB19E83C4F9AE02/179D126A80BB11EB8827C40AC4F9AE02.roa
Signing time:             Thu 02 Oct 2025 22:23:37 +0000
ROA not before:           Thu 02 Oct 2025 22:23:37 +0000
ROA not after:            Tue 01 Dec 2026 00:00:00 +0000
asID:                     133206
IP address blocks:        103.155.36.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A916D5A2/C21A538680B811EBBEB19E83C4F9AE02/uftCI-sDug7mzge0ZgIXr69xbV0.crl
                          rsync://rpki.apnic.net/member_repository/A916D5A2/C21A538680B811EBBEB19E83C4F9AE02/uftCI-sDug7mzge0ZgIXr69xbV0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uftCI-sDug7mzge0ZgIXr69xbV0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 23:41:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1706 (0x6aa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916D5A2, serialNumber=B9FB4223EB03BA0EE6CE07B4660217AFAF716D5D
        Validity
            Not Before: Oct  2 22:23:37 2025 GMT
            Not After : Dec  1 00:00:00 2026 GMT
        Subject: CN=68defb69-b333
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:19:67:41:79:05:73:f8:4f:02:1e:01:de:e9:
                    70:33:ff:71:5c:fb:be:72:22:d4:40:4c:f7:11:cc:
                    ec:94:ff:93:e9:3b:42:8d:00:d5:65:74:fc:36:a3:
                    37:fe:58:2a:17:5e:8e:8d:9c:3d:08:42:23:7a:bc:
                    36:1c:2e:c5:df:c0:28:e7:93:2f:9b:e7:ba:e7:32:
                    f7:d4:82:f0:cb:2e:5b:07:98:1f:9f:0f:2d:f7:a9:
                    66:89:e5:a2:2a:57:e3:a3:da:41:0f:a9:d8:32:21:
                    07:5f:f9:2f:5a:e4:04:5c:a8:88:b3:94:08:22:5c:
                    44:1e:ce:ab:91:e9:24:a0:00:8b:df:35:f5:78:80:
                    f1:80:17:c5:72:8d:75:5f:3d:de:fa:1a:f7:11:7c:
                    56:20:06:4a:9d:5f:24:18:85:e1:25:76:64:7f:e8:
                    96:15:aa:6f:31:4d:73:ea:90:f3:aa:af:bd:97:7f:
                    9c:82:51:ec:f2:fa:63:5b:31:ca:f7:4d:e1:81:67:
                    71:50:4c:eb:88:4e:4d:f4:81:cf:2c:91:8e:dd:37:
                    2b:45:d9:eb:d0:fb:47:e0:12:37:3b:85:76:7d:6c:
                    5d:d1:50:f7:24:1b:a7:4c:e1:07:3d:ab:5d:19:22:
                    d8:c6:70:ff:ea:b1:42:80:6c:5f:0c:cb:88:13:2d:
                    c3:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:A2:EC:05:CF:31:B6:8E:5F:DB:9A:CB:08:82:25:39:12:A7:23:75
            X509v3 Authority Key Identifier:
                keyid:B9:FB:42:23:EB:03:BA:0E:E6:CE:07:B4:66:02:17:AF:AF:71:6D:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916D5A2/C21A538680B811EBBEB19E83C4F9AE02/uftCI-sDug7mzge0ZgIXr69xbV0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uftCI-sDug7mzge0ZgIXr69xbV0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D5A2/C21A538680B811EBBEB19E83C4F9AE02/179D126A80BB11EB8827C40AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.155.36.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2c:0e:25:a7:a3:85:8b:fb:a4:fa:95:7b:8b:c1:81:cf:e6:69:
         91:f2:6c:c7:a7:0a:fc:77:0f:b0:1f:0a:43:f0:7c:fd:04:c2:
         8c:1f:22:f3:51:63:81:10:dc:2b:87:23:8f:7b:cf:f6:f3:e6:
         18:97:ae:d1:a2:8e:d8:05:29:b4:13:81:c1:8b:6e:d0:76:22:
         c2:09:bc:e6:f3:30:05:34:7c:76:5f:87:b1:a9:55:d3:5f:12:
         3e:b9:8e:13:22:18:b6:d9:ca:8e:67:2b:f2:d2:a9:61:33:5e:
         b2:5d:6f:e2:38:a9:65:7a:bf:2b:51:2d:3c:5a:ba:1f:36:42:
         9d:45:a0:20:39:55:26:ff:d5:8d:4a:d9:95:99:06:33:8a:53:
         a0:fa:6b:35:f8:35:2a:6b:5e:c7:ff:d2:e0:aa:ba:c5:aa:21:
         71:7e:24:cb:f8:5c:ca:42:57:7c:55:29:13:1a:4b:75:4d:9b:
         a1:fc:65:94:2c:4f:4c:59:27:08:45:46:84:68:44:5a:85:51:
         51:a1:64:45:af:36:3d:b0:7a:05:10:bf:ec:cf:07:6b:cf:ba:
         2d:a6:fa:73:8d:64:4e:7b:80:77:db:9e:59:aa:29:3c:18:2d:
         c9:03:d9:d2:60:1b:3b:96:26:a5:79:cc:69:7a:e7:08:04:55:
         99:b1:f1:bc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBqowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQ1QTIxMTAvBgNVBAUTKEI5RkI0MjIzRUIwM0JBMEVFNkNFMDdCNDY2MDIxN0FG
QUY3MTZENUQwHhcNMjUxMDAyMjIyMzM3WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGRlZmI2OS1iMzMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0BlnQXkFc/hPAh4B3ulwM/9xXPu+ciLUQEz3EczslP+T6TtCjQDVZXT8NqM3
/lgqF16OjZw9CEIjerw2HC7F38Ao55Mvm+e65zL31ILwyy5bB5gfnw8t96lmieWi
Klfjo9pBD6nYMiEHX/kvWuQEXKiIs5QIIlxEHs6rkekkoACL3zX1eIDxgBfFco11
Xz3e+hr3EXxWIAZKnV8kGIXhJXZkf+iWFapvMU1z6pDzqq+9l3+cglHs8vpjWzHK
903hgWdxUEzriE5N9IHPLJGO3TcrRdnr0PtH4BI3O4V2fWxd0VD3JBunTOEHPatd
GSLYxnD/6rFCgGxfDMuIEy3DvwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBii7AXP
MbaOX9uaywiCJTkSpyN1MB8GA1UdIwQYMBaAFLn7QiPrA7oO5s4HtGYCF6+vcW1d
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDVBMi9DMjFBNTM4Njgw
QjgxMUVCQkVCMTlFODNDNEY5QUUwMi91ZnRDSS1zRHVnN216Z2UwWmdJWHI2OXhi
VjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VmdENJLXNEdWc3bXpnZTBaZ0lYcjY5eGJWMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQ1QTIvQzIxQTUzODY4MEI4MTFFQkJFQjE5RTgzQzRGOUFFMDIvMTc5RDEyNkE4
MEJCMTFFQjg4MjdDNDBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmyQwDQYJKoZIhvcNAQELBQADggEBACwOJaejhYv7pPqV
e4vBgc/maZHybMenCvx3D7AfCkPwfP0EwowfIvNRY4EQ3CuHI497z/bz5hiXrtGi
jtgFKbQTgcGLbtB2IsIJvObzMAU0fHZfh7GpVdNfEj65jhMiGLbZyo5nK/LSqWEz
XrJdb+I4qWV6vytRLTxauh82Qp1FoCA5VSb/1Y1K2ZWZBjOKU6D6azX4NSprXsf/
0uCqusWqIXF+JMv4XMpCV3xVKRMaS3VNm6H8ZZQsT0xZJwhFRoRoRFqFUVGhZEWv
Nj2wegUQv+zPB2vPui2m+nONZE57gHfbnlmqKTwYLckD2dJgGzuWJqV5zGl65wgE
VZmx8bw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:11:37 2025 by rpki-client