Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917D857/61C5CDB84E2811EE94FDB34CC4F9AE02/BD9131004E2811EEBC65304DC4F9AE02.roa
File:                     BD9131004E2811EEBC65304DC4F9AE02.roa (raw, json)
Hash identifier:          mDyA8en4O2HoFPMoiw1GIv6+nKDmPcew5/y5uXwGm88=
Subject key identifier:   9B:3F:A4:BD:70:7A:8B:81:4F:7A:96:0F:F9:6A:17:79:75:34:C5:56
Certificate issuer:       /CN=A917D857/serialNumber=19A36059E317EF7F67885CE252AEDB91958F5E68
Certificate serial:       0188
Authority key identifier: 19:A3:60:59:E3:17:EF:7F:67:88:5C:E2:52:AE:DB:91:95:8F:5E:68
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GaNgWeMX739niFziUq7bkZWPXmg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917D857/61C5CDB84E2811EE94FDB34CC4F9AE02/BD9131004E2811EEBC65304DC4F9AE02.roa
Signing time:             Tue 07 Oct 2025 04:01:15 +0000
ROA not before:           Tue 07 Oct 2025 04:01:15 +0000
ROA not after:            Tue 01 Dec 2026 00:00:00 +0000
asID:                     63526
IP address blocks:        103.72.60.0/24 maxlen: 24
                          103.72.61.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917D857/61C5CDB84E2811EE94FDB34CC4F9AE02/GaNgWeMX739niFziUq7bkZWPXmg.crl
                          rsync://rpki.apnic.net/member_repository/A917D857/61C5CDB84E2811EE94FDB34CC4F9AE02/GaNgWeMX739niFziUq7bkZWPXmg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GaNgWeMX739niFziUq7bkZWPXmg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 06:05:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 392 (0x188)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917D857, serialNumber=19A36059E317EF7F67885CE252AEDB91958F5E68
        Validity
            Not Before: Oct  7 04:01:15 2025 GMT
            Not After : Dec  1 00:00:00 2026 GMT
        Subject: CN=68e4908a-72d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:57:31:5b:e9:10:02:42:1b:d3:6b:6b:37:38:
                    83:a2:03:6d:07:9a:dc:8d:f5:5f:7c:15:61:76:0b:
                    18:ac:6f:eb:c9:4d:e4:d8:4f:4f:f1:ae:a8:4b:1a:
                    db:db:02:bb:59:05:c8:3e:a2:f1:83:95:3b:c0:09:
                    1f:86:63:d7:b0:24:ce:bd:25:61:3e:58:63:ba:99:
                    18:b5:44:6a:82:40:11:89:58:59:52:cc:ee:96:57:
                    f3:a9:15:c6:ca:15:0f:38:d5:dc:79:a6:63:1a:af:
                    f8:73:4b:f5:4e:35:6d:e5:72:ab:37:b0:f0:99:b7:
                    6a:87:49:c5:6f:1d:fd:3c:87:f6:7c:2a:92:a0:01:
                    25:8d:d3:1f:e8:21:20:a7:18:7c:cc:82:b7:9b:06:
                    f4:39:44:90:d2:b8:9c:76:2c:e8:69:fd:58:33:13:
                    bc:ba:fd:f5:7d:b0:c0:c8:83:dc:60:87:f5:8a:64:
                    9f:86:03:29:63:a4:29:5c:51:4f:ca:75:b8:ea:4a:
                    06:aa:b2:6e:5b:3f:89:df:1f:4c:74:9f:94:07:e8:
                    06:6a:39:de:b5:0a:01:24:93:10:dc:8f:7c:1d:4d:
                    34:f3:91:75:f0:6c:c6:ac:4d:84:ce:16:3a:07:29:
                    32:ac:2d:86:2a:73:99:f9:b7:b1:5a:54:bb:8f:63:
                    bf:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:3F:A4:BD:70:7A:8B:81:4F:7A:96:0F:F9:6A:17:79:75:34:C5:56
            X509v3 Authority Key Identifier:
                keyid:19:A3:60:59:E3:17:EF:7F:67:88:5C:E2:52:AE:DB:91:95:8F:5E:68

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917D857/61C5CDB84E2811EE94FDB34CC4F9AE02/GaNgWeMX739niFziUq7bkZWPXmg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GaNgWeMX739niFziUq7bkZWPXmg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D857/61C5CDB84E2811EE94FDB34CC4F9AE02/BD9131004E2811EEBC65304DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.72.60.0/23

    Signature Algorithm: sha256WithRSAEncryption
         37:45:ce:2e:ef:df:26:59:94:ba:57:33:9d:eb:88:ee:40:ec:
         d0:94:12:25:40:f9:dc:24:6f:af:a4:d3:18:0f:c0:00:37:88:
         5d:04:bc:92:0e:e9:56:95:49:e0:cc:7d:c0:7e:1b:c7:d2:9f:
         44:55:c3:c0:98:90:c6:d4:05:79:3b:db:ba:36:82:9b:fb:e0:
         87:56:e9:20:01:c3:bf:8b:10:26:c2:da:e0:7e:58:61:50:80:
         cd:b8:a0:b0:11:26:3c:20:cc:03:2b:d2:94:ee:04:7d:50:13:
         25:b1:0a:da:41:de:60:b4:61:6e:bf:ce:94:5b:49:df:3c:a1:
         28:20:0c:0b:a0:05:28:00:c4:06:08:8d:57:de:c4:40:b8:48:
         b9:f6:fe:47:15:f6:ad:8c:66:51:16:2e:9e:57:70:4a:cc:f6:
         6b:f3:2a:90:4e:67:c5:7e:cd:4d:b3:b7:bf:58:3a:5c:d9:f9:
         ff:a4:f3:ea:4c:75:65:86:1b:08:fd:43:04:6f:79:f8:7a:af:
         53:e1:64:e9:9e:bd:f4:7c:fd:2a:49:22:cf:45:72:ad:74:56:
         a9:14:d2:14:d1:68:3a:db:db:84:75:70:01:47:b2:64:0d:ed:
         13:6c:81:e5:49:31:12:8d:6b:cf:65:3c:51:01:34:9c:49:05:
         33:9d:01:c6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAYgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0Q4NTcxMTAvBgNVBAUTKDE5QTM2MDU5RTMxN0VGN0Y2Nzg4NUNFMjUyQUVEQjkx
OTU4RjVFNjgwHhcNMjUxMDA3MDQwMTE1WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGU0OTA4YS03MmQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9lcxW+kQAkIb02trNziDogNtB5rcjfVffBVhdgsYrG/ryU3k2E9P8a6oSxrb
2wK7WQXIPqLxg5U7wAkfhmPXsCTOvSVhPlhjupkYtURqgkARiVhZUszullfzqRXG
yhUPONXceaZjGq/4c0v1TjVt5XKrN7Dwmbdqh0nFbx39PIf2fCqSoAEljdMf6CEg
pxh8zIK3mwb0OUSQ0ricdizoaf1YMxO8uv31fbDAyIPcYIf1imSfhgMpY6QpXFFP
ynW46koGqrJuWz+J3x9MdJ+UB+gGajnetQoBJJMQ3I98HU0085F18GzGrE2EzhY6
BykyrC2GKnOZ+bexWlS7j2O/QQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJs/pL1w
eouBT3qWD/lqF3l1NMVWMB8GA1UdIwQYMBaAFBmjYFnjF+9/Z4hc4lKu25GVj15o
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDg1Ny82MUM1Q0RCODRF
MjgxMUVFOTRGREIzNENDNEY5QUUwMi9HYU5nV2VNWDczOW5pRnppVXE3YmtaV1BY
bWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dhTmdXZU1YNzM5bmlGemlVcTdia1pXUFhtZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0Q4NTcvNjFDNUNEQjg0RTI4MTFFRTk0RkRCMzRDQzRGOUFFMDIvQkQ5MTMxMDA0
RTI4MTFFRUJDNjUzMDREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnSDwwDQYJKoZIhvcNAQELBQADggEBADdFzi7v3yZZlLpX
M53riO5A7NCUEiVA+dwkb6+k0xgPwAA3iF0EvJIO6VaVSeDMfcB+G8fSn0RVw8CY
kMbUBXk727o2gpv74IdW6SABw7+LECbC2uB+WGFQgM24oLARJjwgzAMr0pTuBH1Q
EyWxCtpB3mC0YW6/zpRbSd88oSggDAugBSgAxAYIjVfexEC4SLn2/kcV9q2MZlEW
Lp5XcErM9mvzKpBOZ8V+zU2zt79YOlzZ+f+k8+pMdWWGGwj9QwRvefh6r1PhZOme
vfR8/SpJIs9Fcq10VqkU0hTRaDrb24R1cAFHsmQN7RNsgeVJMRKNa89lPFEBNJxJ
BTOdAcY=
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:39:20 2025 by rpki-client