Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916EB94/E3CC25D8811E11EC92025551C4F9AE02/51FE6D48D27011ECB30F1F0DC4F9AE02.roa
File:                     51FE6D48D27011ECB30F1F0DC4F9AE02.roa (raw, json)
Hash identifier:          tt0v+KBQPMpXrI1DE3BSU9iXmppEt61/W7+0e5BehNo=
Subject key identifier:   4C:51:85:F1:E8:96:E4:D1:2B:C3:EB:F1:C9:79:E9:56:F5:E7:EC:86
Certificate issuer:       /CN=A916EB94/serialNumber=C4D4FB0FF027796E9DAA17B75551FD0B77F1982F
Certificate serial:       0422
Authority key identifier: C4:D4:FB:0F:F0:27:79:6E:9D:AA:17:B7:55:51:FD:0B:77:F1:98:2F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xNT7D_AneW6dqhe3VVH9C3fxmC8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916EB94/E3CC25D8811E11EC92025551C4F9AE02/51FE6D48D27011ECB30F1F0DC4F9AE02.roa
Signing time:             Tue 01 Jul 2025 01:06:20 +0000
ROA not before:           Tue 01 Jul 2025 01:06:20 +0000
ROA not after:            Mon 31 Aug 2026 00:00:00 +0000
asID:                     38067
IP address blocks:        43.231.20.0/22 maxlen: 24
                          103.14.128.0/22 maxlen: 23
                          103.14.128.0/24 maxlen: 24
                          103.14.129.0/24 maxlen: 24
                          103.14.130.0/24 maxlen: 24
                          103.14.131.0/24 maxlen: 24
                          103.29.124.0/22 maxlen: 24
                          103.240.44.0/22 maxlen: 24
                          116.12.32.0/21 maxlen: 22
                          116.12.32.0/22 maxlen: 24
                          116.12.36.0/23 maxlen: 24
                          116.12.38.0/24 maxlen: 24
                          116.12.39.0/24 maxlen: 24
                          120.50.176.0/21 maxlen: 24
                          122.102.32.0/21 maxlen: 24
                          210.1.240.0/20 maxlen: 24
                          210.1.255.128/26 maxlen: 26
                          2405:6900::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A916EB94/E3CC25D8811E11EC92025551C4F9AE02/xNT7D_AneW6dqhe3VVH9C3fxmC8.crl
                          rsync://rpki.apnic.net/member_repository/A916EB94/E3CC25D8811E11EC92025551C4F9AE02/xNT7D_AneW6dqhe3VVH9C3fxmC8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xNT7D_AneW6dqhe3VVH9C3fxmC8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 10 Jul 2025 00:51:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1058 (0x422)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916EB94, serialNumber=C4D4FB0FF027796E9DAA17B75551FD0B77F1982F
        Validity
            Not Before: Jul  1 01:06:20 2025 GMT
            Not After : Aug 31 00:00:00 2026 GMT
        Subject: CN=6863348c-f47f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:a9:bc:c8:38:cd:93:26:3f:9a:f3:60:86:48:
                    18:8a:0d:98:5c:99:b2:24:dc:6b:68:3a:2d:28:d4:
                    b9:23:c2:b4:1b:ba:f8:8b:35:12:ec:aa:ec:e2:a0:
                    a6:05:4a:37:b4:1b:56:46:39:b7:ee:08:86:26:d9:
                    8b:23:a2:18:0d:aa:fd:cf:57:6b:c6:cd:35:34:60:
                    b6:a3:54:22:18:c0:8b:1c:aa:ce:46:92:a6:07:16:
                    91:8e:bb:14:38:20:79:29:a3:92:a1:fe:80:e1:e0:
                    27:5a:d6:98:4b:b2:e1:55:8a:91:b0:9c:d7:33:54:
                    20:d0:c9:9d:6e:c5:dd:90:ab:9f:69:07:6b:bc:9c:
                    a2:e3:2b:52:e5:8d:9a:60:1e:4c:c8:4e:85:21:8d:
                    58:5e:78:f0:e6:9e:cd:8a:a0:90:bb:8e:07:2f:dc:
                    06:e4:d6:e6:f1:22:7d:6c:2d:1d:73:e1:57:d4:b9:
                    c6:38:48:c4:1b:ad:a9:bc:fb:c1:43:37:45:d4:bc:
                    e4:42:36:75:9b:a2:95:d5:4b:58:4e:b3:30:cb:a1:
                    c3:c9:25:df:8f:32:aa:f2:65:df:0b:28:c0:6e:86:
                    b7:90:ad:74:aa:39:71:9f:70:c4:1b:c7:25:0c:ba:
                    f6:a2:6a:77:98:0b:6a:38:23:17:90:4a:e3:e7:84:
                    51:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:51:85:F1:E8:96:E4:D1:2B:C3:EB:F1:C9:79:E9:56:F5:E7:EC:86
            X509v3 Authority Key Identifier:
                keyid:C4:D4:FB:0F:F0:27:79:6E:9D:AA:17:B7:55:51:FD:0B:77:F1:98:2F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916EB94/E3CC25D8811E11EC92025551C4F9AE02/xNT7D_AneW6dqhe3VVH9C3fxmC8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xNT7D_AneW6dqhe3VVH9C3fxmC8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916EB94/E3CC25D8811E11EC92025551C4F9AE02/51FE6D48D27011ECB30F1F0DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.231.20.0/22
                  103.14.128.0/22
                  103.29.124.0/22
                  103.240.44.0/22
                  116.12.32.0/21
                  120.50.176.0/21
                  122.102.32.0/21
                  210.1.240.0/20
                IPv6:
                  2405:6900::/36

    Signature Algorithm: sha256WithRSAEncryption
         7b:c4:75:f5:d3:aa:bc:5a:24:17:a1:54:cf:7d:19:3b:8d:78:
         66:9e:e0:5d:f5:d4:28:ee:88:4e:87:f6:fc:ce:8d:33:aa:0f:
         d3:60:7c:dd:6b:17:e4:c9:e1:29:55:4e:58:c3:ef:35:29:e0:
         68:4c:92:61:b9:1d:5f:09:d5:8e:d8:b2:d6:a7:bf:27:ab:5a:
         9e:5c:d5:a9:f3:c7:4f:35:dc:43:af:30:1a:78:6b:70:66:03:
         e2:58:ed:9e:29:9b:dc:52:72:e5:61:d6:23:13:d5:4e:dd:77:
         0d:38:46:aa:38:d2:92:04:c9:7b:f1:73:20:22:78:83:3f:27:
         5b:39:f2:c5:17:68:77:4b:9f:f4:dc:bd:b1:21:a9:77:0c:e7:
         a2:e7:a9:a8:46:9b:a1:c7:0b:93:d8:7f:bb:d2:e7:8d:0d:c7:
         75:e8:bd:51:c2:49:63:71:0c:53:f2:00:d3:e2:da:02:34:c5:
         3f:93:bb:97:eb:eb:c2:cb:7c:98:3a:d2:6c:85:f1:1c:67:db:
         28:b3:e3:ef:62:b4:30:71:87:91:a9:14:4b:0a:53:91:73:b9:
         ae:03:20:25:96:22:24:d9:64:15:81:73:67:cc:38:70:22:19:
         f2:43:2e:d2:5f:bb:05:c0:f4:9f:0e:25:1a:33:29:23:8f:05:
         76:b9:8d:95
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICBCIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkVCOTQxMTAvBgNVBAUTKEM0RDRGQjBGRjAyNzc5NkU5REFBMTdCNzU1NTFGRDBC
NzdGMTk4MkYwHhcNMjUwNzAxMDEwNjIwWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODYzMzQ4Yy1mNDdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9Km8yDjNkyY/mvNghkgYig2YXJmyJNxraDotKNS5I8K0G7r4izUS7Krs4qCm
BUo3tBtWRjm37giGJtmLI6IYDar9z1drxs01NGC2o1QiGMCLHKrORpKmBxaRjrsU
OCB5KaOSof6A4eAnWtaYS7LhVYqRsJzXM1Qg0MmdbsXdkKufaQdrvJyi4ytS5Y2a
YB5MyE6FIY1YXnjw5p7NiqCQu44HL9wG5Nbm8SJ9bC0dc+FX1LnGOEjEG62pvPvB
QzdF1LzkQjZ1m6KV1UtYTrMwy6HDySXfjzKq8mXfCyjAboa3kK10qjlxn3DEG8cl
DLr2omp3mAtqOCMXkErj54RRWwIDAQABo4ICzzCCAsswHQYDVR0OBBYEFExRhfHo
luTRK8Pr8cl56Vb15+yGMB8GA1UdIwQYMBaAFMTU+w/wJ3lunaoXt1VR/Qt38Zgv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RUI5NC9FM0NDMjVEODgx
MUUxMUVDOTIwMjU1NTFDNEY5QUUwMi94TlQ3RF9BbmVXNmRxaGUzVlZIOUMzZnht
QzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hOVDdEX0FuZVc2ZHFoZTNWVkg5QzNmeG1DOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkVCOTQvRTNDQzI1RDg4MTFFMTFFQzkyMDI1NTUxQzRGOUFFMDIvNTFGRTZENDhE
MjcwMTFFQ0IzMEYxRjBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMDYEAgABMDADBAIr5xQDBAJnDoADBAJnHXwDBAJn8CwDBAN0DCADBAN4MrAD
BAN6ZiADBATSAfAwDgQCAAIwCAMGBCQFaQAAMA0GCSqGSIb3DQEBCwUAA4IBAQB7
xHX106q8WiQXoVTPfRk7jXhmnuBd9dQo7ohOh/b8zo0zqg/TYHzdaxfkyeEpVU5Y
w+81KeBoTJJhuR1fCdWO2LLWp78nq1qeXNWp88dPNdxDrzAaeGtwZgPiWO2eKZvc
UnLlYdYjE9VO3XcNOEaqONKSBMl78XMgIniDPydbOfLFF2h3S5/03L2xIal3DOei
56moRpuhxwuT2H+70ueNDcd16L1RwkljcQxT8gDT4toCNMU/k7uX6+vCy3yYOtJs
hfEcZ9sos+PvYrQwcYeRqRRLClORc7muAyAlliIk2WQVgXNnzDhwIhnyQy7SX7sF
wPSfDiUaMykjjwV2uY2V
-----END CERTIFICATE-----
Generated at Thu Jul 3 13:36:00 2025 by rpki-client