Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9186B80/AE6AA1B4123B11EC8A135F42C4F9AE02/9B741CFE0C3411EDB8619843C4F9AE02.roa
File:                     9B741CFE0C3411EDB8619843C4F9AE02.roa (raw, json)
Hash identifier:          EaQ615UaoSlbYGe5kp9Ft1URPJxHKbUFtgfGcBgBPeU=
Subject key identifier:   8B:A5:81:3F:0E:EF:BC:A5:30:B8:DF:B0:55:66:13:0A:71:90:83:DD
Certificate issuer:       /CN=A9186B80/serialNumber=BD1E7E641FFD96D5746155FC421B17DDC1AA7762
Certificate serial:       054A
Authority key identifier: BD:1E:7E:64:1F:FD:96:D5:74:61:55:FC:42:1B:17:DD:C1:AA:77:62
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vR5-ZB_9ltV0YVX8QhsX3cGqd2I.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9186B80/AE6AA1B4123B11EC8A135F42C4F9AE02/9B741CFE0C3411EDB8619843C4F9AE02.roa
Signing time:             Sat 11 Oct 2025 01:55:22 +0000
ROA not before:           Sat 11 Oct 2025 01:55:22 +0000
ROA not after:            Tue 01 Dec 2026 00:00:00 +0000
asID:                     47856
IP address blocks:        160.32.240.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9186B80/AE6AA1B4123B11EC8A135F42C4F9AE02/vR5-ZB_9ltV0YVX8QhsX3cGqd2I.crl
                          rsync://rpki.apnic.net/member_repository/A9186B80/AE6AA1B4123B11EC8A135F42C4F9AE02/vR5-ZB_9ltV0YVX8QhsX3cGqd2I.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vR5-ZB_9ltV0YVX8QhsX3cGqd2I.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 01:12:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1354 (0x54a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9186B80, serialNumber=BD1E7E641FFD96D5746155FC421B17DDC1AA7762
        Validity
            Not Before: Oct 11 01:55:22 2025 GMT
            Not After : Dec  1 00:00:00 2026 GMT
        Subject: CN=68e9b90a-c546
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:2a:27:b2:64:82:11:71:30:aa:a5:c4:2c:e5:
                    ff:09:fd:53:72:aa:50:2c:64:5c:1e:3a:b1:56:b4:
                    b3:1d:1f:c0:3f:8e:9b:fd:c5:c3:12:d1:68:a6:89:
                    80:e8:1e:9f:09:e5:ed:94:d4:a9:f2:c7:99:d9:94:
                    d7:ae:9f:83:82:5e:4b:5e:39:38:91:7b:bd:4a:59:
                    6b:86:62:1f:9f:68:3a:ac:1e:a4:b1:61:dc:19:09:
                    f1:ff:33:33:cc:96:00:2b:39:31:28:be:88:ba:89:
                    c0:7b:71:a6:4c:a9:74:8b:dc:27:73:8b:6d:6b:1a:
                    ef:23:54:2a:cb:b7:7a:80:a8:d2:33:9f:6f:e7:39:
                    64:2d:f0:7a:23:44:c7:cf:74:a3:cf:ce:9b:fb:df:
                    59:50:dc:23:99:79:4f:c6:89:79:8e:a0:f8:4a:11:
                    30:01:38:b6:60:b5:b7:27:c3:75:4f:8b:79:db:64:
                    ff:26:f2:45:6f:0d:a8:4e:8e:f0:9e:98:84:77:be:
                    1f:48:5e:87:90:a0:c4:e6:0b:4b:2f:0d:61:82:58:
                    3d:28:58:31:e4:aa:e8:fb:96:4d:b8:b4:c6:ba:8b:
                    93:65:eb:85:b4:ca:0b:e3:06:6a:89:41:11:f3:0a:
                    24:74:41:e5:d7:ae:f4:dc:06:fa:3f:86:10:2e:94:
                    ec:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:A5:81:3F:0E:EF:BC:A5:30:B8:DF:B0:55:66:13:0A:71:90:83:DD
            X509v3 Authority Key Identifier:
                keyid:BD:1E:7E:64:1F:FD:96:D5:74:61:55:FC:42:1B:17:DD:C1:AA:77:62

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9186B80/AE6AA1B4123B11EC8A135F42C4F9AE02/vR5-ZB_9ltV0YVX8QhsX3cGqd2I.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vR5-ZB_9ltV0YVX8QhsX3cGqd2I.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186B80/AE6AA1B4123B11EC8A135F42C4F9AE02/9B741CFE0C3411EDB8619843C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.32.240.0/23

    Signature Algorithm: sha256WithRSAEncryption
         41:70:b3:bd:8a:45:84:c8:c2:a9:24:e3:63:55:2b:b4:09:db:
         9c:c2:34:79:ba:5b:cc:13:fa:7b:b1:a0:85:83:31:ed:a4:3c:
         d9:a5:58:d6:a1:f0:59:75:89:55:93:3b:26:6b:4e:27:ba:22:
         ab:80:b9:4a:82:ea:fc:00:32:99:e9:20:cc:f9:09:32:b6:af:
         92:aa:cc:4b:9c:7b:36:cc:73:45:0c:65:a5:24:1c:fb:66:af:
         5d:04:7a:84:c0:36:d4:17:4a:48:ef:c4:2f:ef:bf:15:c9:47:
         e8:40:05:6e:f8:fb:5c:4b:4a:a8:a7:7d:00:d3:92:ef:59:f3:
         40:e1:03:5c:d8:91:e7:20:51:10:82:9f:be:d4:16:5e:eb:04:
         48:eb:a6:6c:ea:46:4f:39:b7:ee:19:8e:10:bb:98:97:60:08:
         1c:67:cd:3e:ad:cd:cf:bb:91:1a:70:d4:89:38:dc:9f:af:e4:
         39:d5:74:40:a5:53:7f:89:b3:71:44:8d:7b:8c:a5:4f:ec:20:
         8c:39:c9:3f:3b:61:97:8a:04:f8:28:3c:c8:b7:74:78:48:92:
         b2:c9:1c:16:4c:b2:7b:03:83:d6:f4:c5:91:b6:a1:35:14:8d:
         a6:68:3d:8f:84:e7:d6:dd:0a:be:80:2d:2a:53:1b:8a:9b:ff:
         75:d5:83:2a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBUowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODZCODAxMTAvBgNVBAUTKEJEMUU3RTY0MUZGRDk2RDU3NDYxNTVGQzQyMUIxN0RE
QzFBQTc3NjIwHhcNMjUxMDExMDE1NTIyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGU5YjkwYS1jNTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvSonsmSCEXEwqqXELOX/Cf1TcqpQLGRcHjqxVrSzHR/AP46b/cXDEtFopomA
6B6fCeXtlNSp8seZ2ZTXrp+Dgl5LXjk4kXu9SllrhmIfn2g6rB6ksWHcGQnx/zMz
zJYAKzkxKL6IuonAe3GmTKl0i9wnc4ttaxrvI1Qqy7d6gKjSM59v5zlkLfB6I0TH
z3Sjz86b+99ZUNwjmXlPxol5jqD4ShEwATi2YLW3J8N1T4t522T/JvJFbw2oTo7w
npiEd74fSF6HkKDE5gtLLw1hglg9KFgx5Kro+5ZNuLTGuouTZeuFtMoL4wZqiUER
8wokdEHl16703Ab6P4YQLpTsNQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIulgT8O
77ylMLjfsFVmEwpxkIPdMB8GA1UdIwQYMBaAFL0efmQf/ZbVdGFV/EIbF93Bqndi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NkI4MC9BRTZBQTFCNDEy
M0IxMUVDOEExMzVGNDJDNEY5QUUwMi92UjUtWkJfOWx0VjBZVlg4UWhzWDNjR3Fk
MkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3ZSNS1aQl85bHRWMFlWWDhRaHNYM2NHcWQySS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODZCODAvQUU2QUExQjQxMjNCMTFFQzhBMTM1RjQyQzRGOUFFMDIvOUI3NDFDRkUw
QzM0MTFFREI4NjE5ODQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGgIPAwDQYJKoZIhvcNAQELBQADggEBAEFws72KRYTIwqkk
42NVK7QJ25zCNHm6W8wT+nuxoIWDMe2kPNmlWNah8Fl1iVWTOyZrTie6IquAuUqC
6vwAMpnpIMz5CTK2r5KqzEucezbMc0UMZaUkHPtmr10EeoTANtQXSkjvxC/vvxXJ
R+hABW74+1xLSqinfQDTku9Z80DhA1zYkecgURCCn77UFl7rBEjrpmzqRk85t+4Z
jhC7mJdgCBxnzT6tzc+7kRpw1Ik43J+v5DnVdEClU3+Js3FEjXuMpU/sIIw5yT87
YZeKBPgoPMi3dHhIkrLJHBZMsnsDg9b0xZG2oTUUjaZoPY+E59bdCr6ALSpTG4qb
/3XVgyo=
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:44:40 2025 by rpki-client