Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9172D65/4F421F523B0B11ECAA25E33AC4F9AE02/56530120D47E11EFB2639C53C4F9AE02.roa
File:                     56530120D47E11EFB2639C53C4F9AE02.roa (raw, json)
Hash identifier:          P53OZfOgjzKWRl/N07BBbaXeKGlafyTyi7q63CLwsiA=
Subject key identifier:   7F:5D:8B:19:93:2A:F4:FC:C2:D3:4D:C4:72:55:37:45:E1:32:EF:D4
Certificate issuer:       /CN=A9172D65/serialNumber=D71518FC6E56C7C4ECA9EA18B1B541D8B0C2CA22
Certificate serial:       04D9
Authority key identifier: D7:15:18:FC:6E:56:C7:C4:EC:A9:EA:18:B1:B5:41:D8:B0:C2:CA:22
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1xUY_G5Wx8TsqeoYsbVB2LDCyiI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9172D65/4F421F523B0B11ECAA25E33AC4F9AE02/56530120D47E11EFB2639C53C4F9AE02.roa
Signing time:             Wed 01 Oct 2025 00:27:07 +0000
ROA not before:           Wed 01 Oct 2025 00:27:07 +0000
ROA not after:            Tue 01 Dec 2026 00:00:00 +0000
asID:                     147013
IP address blocks:        103.172.137.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9172D65/4F421F523B0B11ECAA25E33AC4F9AE02/1xUY_G5Wx8TsqeoYsbVB2LDCyiI.crl
                          rsync://rpki.apnic.net/member_repository/A9172D65/4F421F523B0B11ECAA25E33AC4F9AE02/1xUY_G5Wx8TsqeoYsbVB2LDCyiI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1xUY_G5Wx8TsqeoYsbVB2LDCyiI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 01:35:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1241 (0x4d9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9172D65, serialNumber=D71518FC6E56C7C4ECA9EA18B1B541D8B0C2CA22
        Validity
            Not Before: Oct  1 00:27:07 2025 GMT
            Not After : Dec  1 00:00:00 2026 GMT
        Subject: CN=68dc755b-1b82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:c7:52:c1:f4:7d:78:a8:3f:52:20:c4:82:4e:
                    2e:5b:9e:23:19:a4:53:6f:88:04:10:9d:f5:17:b0:
                    6e:c3:ba:16:ea:fb:3b:1d:4e:b6:85:ba:8f:d5:01:
                    58:d9:d2:44:29:80:cf:07:63:c0:e4:17:ee:b6:21:
                    e1:09:48:00:9a:a5:63:dd:7e:a6:b3:00:c6:9e:51:
                    66:93:ee:94:c1:2a:9d:d4:cf:84:3d:7b:7b:4c:62:
                    a3:c4:fc:74:9d:7e:c0:ad:56:b9:ed:70:66:b7:f0:
                    cd:30:7a:aa:02:12:81:8d:8f:78:38:b5:a7:ae:5e:
                    5a:a5:2a:46:f9:a9:2f:6c:59:26:86:3e:6f:55:6f:
                    21:2d:21:02:27:9a:7f:00:6d:3c:3a:2b:a2:d3:56:
                    9f:c8:cb:40:b4:d5:e4:6c:22:23:de:02:99:80:df:
                    4d:4b:48:a0:f5:2f:bd:42:c3:d7:be:dd:73:26:17:
                    d4:72:62:38:ed:e0:82:02:8e:2a:3a:61:24:48:b5:
                    fe:a3:58:00:80:a5:27:c5:e5:8f:3a:88:d2:0f:86:
                    c8:60:16:93:51:3f:74:f5:08:64:31:fd:38:6d:cc:
                    67:1f:a4:5e:9b:13:66:8c:87:9c:76:6b:52:99:dd:
                    0c:fc:36:62:66:4e:24:c6:7e:87:90:12:c0:75:e0:
                    1c:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:5D:8B:19:93:2A:F4:FC:C2:D3:4D:C4:72:55:37:45:E1:32:EF:D4
            X509v3 Authority Key Identifier:
                keyid:D7:15:18:FC:6E:56:C7:C4:EC:A9:EA:18:B1:B5:41:D8:B0:C2:CA:22

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9172D65/4F421F523B0B11ECAA25E33AC4F9AE02/1xUY_G5Wx8TsqeoYsbVB2LDCyiI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1xUY_G5Wx8TsqeoYsbVB2LDCyiI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172D65/4F421F523B0B11ECAA25E33AC4F9AE02/56530120D47E11EFB2639C53C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.172.137.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:2f:7d:d0:bc:c8:c6:bd:ac:38:fe:93:c9:8f:c3:2e:dc:08:
         cc:4b:01:3d:c9:25:b5:8d:bd:d4:c5:3f:ec:68:96:d5:87:d4:
         b6:be:e4:b5:62:03:17:54:28:a6:d9:db:0b:2b:8b:b9:ff:61:
         d8:cd:ef:df:86:11:61:7f:7b:b0:9b:10:f6:7e:fd:a9:2e:f2:
         b4:a9:ce:e3:0e:17:10:a3:71:6e:f7:67:15:84:2e:55:dd:fc:
         b1:f0:63:ef:b3:b2:f0:d4:85:53:cc:80:90:7d:29:4c:5f:70:
         03:ab:6d:e3:bc:c8:69:27:96:5f:33:ec:aa:33:c7:66:c0:77:
         19:97:15:e2:2f:3e:9c:97:64:b3:c5:d3:15:10:e2:5d:36:4c:
         db:c9:b7:35:d8:09:c9:f2:3f:ae:0b:7c:f8:3d:19:0d:92:81:
         46:cf:00:2f:3d:93:41:dd:f5:a8:37:76:e8:99:7b:b7:7d:02:
         25:dd:c2:ec:80:3c:44:3f:4b:ac:49:7e:f0:45:f2:27:6e:90:
         85:8d:a7:b1:f4:da:48:c5:2b:f2:24:34:19:76:04:8b:0a:83:
         39:aa:b3:d8:aa:be:d0:b8:61:74:d6:ba:9d:36:f3:2c:a7:35:
         9c:3b:b0:32:11:d3:27:bd:fb:a5:bb:53:ad:34:34:f5:d4:de:
         5f:41:56:54
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBNkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzJENjUxMTAvBgNVBAUTKEQ3MTUxOEZDNkU1NkM3QzRFQ0E5RUExOEIxQjU0MUQ4
QjBDMkNBMjIwHhcNMjUxMDAxMDAyNzA3WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGRjNzU1Yi0xYjgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz8dSwfR9eKg/UiDEgk4uW54jGaRTb4gEEJ31F7Buw7oW6vs7HU62hbqP1QFY
2dJEKYDPB2PA5BfutiHhCUgAmqVj3X6mswDGnlFmk+6UwSqd1M+EPXt7TGKjxPx0
nX7ArVa57XBmt/DNMHqqAhKBjY94OLWnrl5apSpG+akvbFkmhj5vVW8hLSECJ5p/
AG08Oiui01afyMtAtNXkbCIj3gKZgN9NS0ig9S+9QsPXvt1zJhfUcmI47eCCAo4q
OmEkSLX+o1gAgKUnxeWPOojSD4bIYBaTUT909QhkMf04bcxnH6RemxNmjIecdmtS
md0M/DZiZk4kxn6HkBLAdeAccwIDAQABo4IClTCCApEwHQYDVR0OBBYEFH9dixmT
KvT8wtNNxHJVN0XhMu/UMB8GA1UdIwQYMBaAFNcVGPxuVsfE7KnqGLG1Qdiwwsoi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MkQ2NS80RjQyMUY1MjNC
MEIxMUVDQUEyNUUzM0FDNEY5QUUwMi8xeFVZX0c1V3g4VHNxZW9Zc2JWQjJMREN5
aUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzF4VVlfRzVXeDhUc3Flb1lzYlZCMkxEQ3lpSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzJENjUvNEY0MjFGNTIzQjBCMTFFQ0FBMjVFMzNBQzRGOUFFMDIvNTY1MzAxMjBE
NDdFMTFFRkIyNjM5QzUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnrIkwDQYJKoZIhvcNAQELBQADggEBAIEvfdC8yMa9rDj+
k8mPwy7cCMxLAT3JJbWNvdTFP+xoltWH1La+5LViAxdUKKbZ2wsri7n/YdjN79+G
EWF/e7CbEPZ+/aku8rSpzuMOFxCjcW73ZxWELlXd/LHwY++zsvDUhVPMgJB9KUxf
cAOrbeO8yGknll8z7Kozx2bAdxmXFeIvPpyXZLPF0xUQ4l02TNvJtzXYCcnyP64L
fPg9GQ2SgUbPAC89k0Hd9ag3duiZe7d9AiXdwuyAPEQ/S6xJfvBF8idukIWNp7H0
2kjFK/IkNBl2BIsKgzmqs9iqvtC4YXTWup028yynNZw7sDIR0ye9+6W7U600NPXU
3l9BVlQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:42:27 2025 by rpki-client