Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916ED3C/306EE2600A7111EC9A163C1FC4F9AE02/FC48A6E45FA711EF81D7F60DC4F9AE02.roa
File:                     FC48A6E45FA711EF81D7F60DC4F9AE02.roa (raw, json)
Hash identifier:          CF/ycti5B8sO9TQT4NkKOcvGvBc1ti1JSzdWtmNe964=
Subject key identifier:   F2:AE:24:48:0D:A9:B6:EE:D4:6B:91:F8:77:4F:A7:A4:3D:B4:6C:A4
Certificate issuer:       /CN=A916ED3C/serialNumber=B5F87AC892C5E7E924EA1850ADCE4FF01D0DBA2A
Certificate serial:       0560
Authority key identifier: B5:F8:7A:C8:92:C5:E7:E9:24:EA:18:50:AD:CE:4F:F0:1D:0D:BA:2A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tfh6yJLF5-kk6hhQrc5P8B0Nuio.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916ED3C/306EE2600A7111EC9A163C1FC4F9AE02/FC48A6E45FA711EF81D7F60DC4F9AE02.roa
Signing time:             Sat 04 Oct 2025 23:55:09 +0000
ROA not before:           Sat 04 Oct 2025 23:55:09 +0000
ROA not after:            Tue 01 Dec 2026 00:00:00 +0000
asID:                     136435
IP address blocks:        103.172.115.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A916ED3C/306EE2600A7111EC9A163C1FC4F9AE02/tfh6yJLF5-kk6hhQrc5P8B0Nuio.crl
                          rsync://rpki.apnic.net/member_repository/A916ED3C/306EE2600A7111EC9A163C1FC4F9AE02/tfh6yJLF5-kk6hhQrc5P8B0Nuio.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tfh6yJLF5-kk6hhQrc5P8B0Nuio.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 01:08:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1376 (0x560)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916ED3C, serialNumber=B5F87AC892C5E7E924EA1850ADCE4FF01D0DBA2A
        Validity
            Not Before: Oct  4 23:55:09 2025 GMT
            Not After : Dec  1 00:00:00 2026 GMT
        Subject: CN=68e1b3dd-f156
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:53:33:c7:5d:22:09:15:78:cf:8d:7e:43:6c:
                    db:47:eb:90:5c:af:ea:1c:4f:fa:3b:21:9f:0a:c4:
                    89:36:6a:4c:da:66:5e:66:91:df:1a:91:70:8c:42:
                    c1:8e:0f:af:cf:4a:31:2a:c9:0b:bd:27:a0:3e:44:
                    52:94:4a:c8:b7:8b:05:89:79:04:4b:ba:e1:83:85:
                    b3:cf:32:51:ec:da:60:6c:55:ad:9e:5f:93:04:ad:
                    c0:2f:d1:b5:c5:52:8e:67:32:32:19:94:a2:ae:5c:
                    d3:68:d1:23:5c:bb:01:bc:73:ef:64:e9:35:82:98:
                    44:fc:63:f0:6f:7a:94:df:86:2b:a7:c4:f4:a5:82:
                    74:30:10:0f:57:ed:99:a8:01:09:3d:f9:81:92:9a:
                    34:a9:2b:83:83:f2:49:c7:c7:18:4a:a9:b5:ca:31:
                    f5:f6:64:e2:57:49:68:db:93:cf:82:10:05:f2:20:
                    30:39:78:46:9a:94:45:3e:cb:c0:85:59:1a:3f:af:
                    9a:29:d7:38:6a:a2:ab:bf:83:42:af:a1:cb:16:bd:
                    9d:2d:e1:c7:65:9b:4b:e2:42:d9:a5:5b:93:e2:64:
                    90:eb:90:18:45:93:ce:09:e7:18:a8:52:01:51:5d:
                    5f:f5:39:15:55:01:5e:eb:57:0f:ae:a3:9c:ee:f5:
                    2b:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:AE:24:48:0D:A9:B6:EE:D4:6B:91:F8:77:4F:A7:A4:3D:B4:6C:A4
            X509v3 Authority Key Identifier:
                keyid:B5:F8:7A:C8:92:C5:E7:E9:24:EA:18:50:AD:CE:4F:F0:1D:0D:BA:2A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916ED3C/306EE2600A7111EC9A163C1FC4F9AE02/tfh6yJLF5-kk6hhQrc5P8B0Nuio.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tfh6yJLF5-kk6hhQrc5P8B0Nuio.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916ED3C/306EE2600A7111EC9A163C1FC4F9AE02/FC48A6E45FA711EF81D7F60DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.172.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:34:11:c4:7a:53:23:1d:00:72:ac:19:ae:00:32:2a:3e:e2:
         e6:a2:11:86:32:75:df:1e:77:b7:95:5f:12:6f:ae:e8:85:1a:
         94:8d:ef:dd:a3:a8:f1:0c:2e:7f:66:6f:bc:c9:62:0c:c7:cb:
         af:a1:04:f8:28:46:d8:e2:69:38:b4:d7:e0:c2:57:bd:fd:65:
         1c:20:32:76:43:f9:55:3b:ff:22:4e:35:e4:f4:fa:0b:f5:b4:
         dd:5c:29:84:d4:39:24:90:cb:a9:12:cd:6f:47:22:12:1f:c5:
         d2:0b:5d:a3:09:08:3e:17:32:21:0b:5d:4f:92:a8:dc:f4:a0:
         96:80:6f:10:91:5b:39:ad:95:2e:d4:be:69:c2:37:95:7e:17:
         58:ea:b6:0e:e8:a6:85:eb:b6:30:bf:e8:8f:8c:28:2e:bd:d3:
         58:43:a6:ec:5c:b5:bd:96:b6:7b:df:73:35:76:63:9f:86:35:
         5e:2f:39:76:f7:d5:90:96:67:30:e0:36:f9:1f:f2:ce:91:38:
         73:f4:02:36:38:4e:de:4d:27:84:6a:a5:fa:06:fa:48:95:30:
         a5:2e:28:99:70:db:3d:75:c6:5a:5b:94:37:08:67:30:b1:79:
         4d:c0:61:b4:01:85:64:59:48:ed:fe:a8:dd:76:21:fe:fe:25:
         29:db:87:3a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBWAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkVEM0MxMTAvBgNVBAUTKEI1Rjg3QUM4OTJDNUU3RTkyNEVBMTg1MEFEQ0U0RkYw
MUQwREJBMkEwHhcNMjUxMDA0MjM1NTA5WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGUxYjNkZC1mMTU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0FMzx10iCRV4z41+Q2zbR+uQXK/qHE/6OyGfCsSJNmpM2mZeZpHfGpFwjELB
jg+vz0oxKskLvSegPkRSlErIt4sFiXkES7rhg4WzzzJR7NpgbFWtnl+TBK3AL9G1
xVKOZzIyGZSirlzTaNEjXLsBvHPvZOk1gphE/GPwb3qU34Yrp8T0pYJ0MBAPV+2Z
qAEJPfmBkpo0qSuDg/JJx8cYSqm1yjH19mTiV0lo25PPghAF8iAwOXhGmpRFPsvA
hVkaP6+aKdc4aqKrv4NCr6HLFr2dLeHHZZtL4kLZpVuT4mSQ65AYRZPOCecYqFIB
UV1f9TkVVQFe61cPrqOc7vUrvQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPKuJEgN
qbbu1GuR+HdPp6Q9tGykMB8GA1UdIwQYMBaAFLX4esiSxefpJOoYUK3OT/AdDboq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RUQzQy8zMDZFRTI2MDBB
NzExMUVDOUExNjNDMUZDNEY5QUUwMi90Zmg2eUpMRjUta2s2aGhRcmM1UDhCME51
aW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RmaDZ5SkxGNS1razZoaFFyYzVQOEIwTnVpby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkVEM0MvMzA2RUUyNjAwQTcxMTFFQzlBMTYzQzFGQzRGOUFFMDIvRkM0OEE2RTQ1
RkE3MTFFRjgxRDdGNjBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnrHMwDQYJKoZIhvcNAQELBQADggEBAFk0EcR6UyMdAHKs
Ga4AMio+4uaiEYYydd8ed7eVXxJvruiFGpSN792jqPEMLn9mb7zJYgzHy6+hBPgo
RtjiaTi01+DCV739ZRwgMnZD+VU7/yJONeT0+gv1tN1cKYTUOSSQy6kSzW9HIhIf
xdILXaMJCD4XMiELXU+SqNz0oJaAbxCRWzmtlS7UvmnCN5V+F1jqtg7opoXrtjC/
6I+MKC6901hDpuxctb2WtnvfczV2Y5+GNV4vOXb31ZCWZzDgNvkf8s6ROHP0AjY4
Tt5NJ4RqpfoG+kiVMKUuKJlw2z11xlpblDcIZzCxeU3AYbQBhWRZSO3+qN12If7+
JSnbhzo=
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:49:22 2025 by rpki-client