Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9186B80/B869805E123B11EC8A135F42C4F9AE02/9C09360E0C3411EDB8619843C4F9AE02.roa
File:                     9C09360E0C3411EDB8619843C4F9AE02.roa (raw, json)
Hash identifier:          ECAgPm0goNWrUskhVC01nozAKTVudWlI1/zrxTY4T0A=
Subject key identifier:   67:35:0F:47:9F:7A:5F:09:72:2B:2D:33:BF:20:63:E9:A3:8B:25:3E
Certificate issuer:       /CN=A9186B80/serialNumber=A8FC259A101EAB826EE8CBEA2A0BDA5CDECFDAF2
Certificate serial:       054B
Authority key identifier: A8:FC:25:9A:10:1E:AB:82:6E:E8:CB:EA:2A:0B:DA:5C:DE:CF:DA:F2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qPwlmhAeq4Ju6MvqKgvaXN7P2vI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9186B80/B869805E123B11EC8A135F42C4F9AE02/9C09360E0C3411EDB8619843C4F9AE02.roa
Signing time:             Sat 11 Oct 2025 01:55:25 +0000
ROA not before:           Sat 11 Oct 2025 01:55:25 +0000
ROA not after:            Tue 01 Dec 2026 00:00:00 +0000
asID:                     47856
IP address blocks:        103.81.129.0/24 maxlen: 24
                          124.109.7.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9186B80/B869805E123B11EC8A135F42C4F9AE02/qPwlmhAeq4Ju6MvqKgvaXN7P2vI.crl
                          rsync://rpki.apnic.net/member_repository/A9186B80/B869805E123B11EC8A135F42C4F9AE02/qPwlmhAeq4Ju6MvqKgvaXN7P2vI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qPwlmhAeq4Ju6MvqKgvaXN7P2vI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 01:12:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1355 (0x54b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9186B80, serialNumber=A8FC259A101EAB826EE8CBEA2A0BDA5CDECFDAF2
        Validity
            Not Before: Oct 11 01:55:25 2025 GMT
            Not After : Dec  1 00:00:00 2026 GMT
        Subject: CN=68e9b90c-fa15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:14:a7:75:ab:1b:f5:5f:3e:63:f4:49:64:29:
                    4c:e0:9e:55:d8:88:06:da:1b:29:7a:b6:b9:f4:4b:
                    c8:8d:c5:2f:a8:80:53:9a:a9:a0:55:cf:34:23:b7:
                    1b:4c:ba:37:74:ad:61:55:a7:6d:49:89:83:22:6d:
                    36:fd:ec:af:6e:77:2b:fe:46:7f:95:d8:74:5a:94:
                    db:b0:50:f1:01:49:d9:2d:fb:d0:9e:1d:45:93:14:
                    5a:56:b1:dd:81:eb:6a:75:2b:20:c8:c9:29:72:cd:
                    73:08:a3:0c:b6:cc:58:2b:3e:85:69:2e:5d:77:cd:
                    dd:7b:d3:59:12:a4:a0:7b:dc:f8:f5:85:34:59:3a:
                    b8:a6:e1:e8:9b:2e:c7:36:f8:48:2d:b3:e1:70:6b:
                    a5:4e:b2:96:23:a7:ba:53:77:9b:bf:b4:14:c4:4a:
                    f5:7e:9f:52:f2:64:6a:8b:cd:26:d3:5b:ea:02:7e:
                    c3:12:f7:51:78:ae:73:b6:0a:30:61:70:39:a8:a8:
                    21:a8:06:0d:38:6f:66:4b:c5:66:9a:6e:78:8b:fa:
                    90:ab:eb:17:b0:7c:ad:62:d1:2d:6b:55:d0:f5:38:
                    48:e4:76:c4:5e:27:04:c4:e7:16:e1:1c:1e:03:42:
                    73:f0:6e:68:81:d5:49:6e:39:e3:b7:cb:8d:76:68:
                    c5:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:35:0F:47:9F:7A:5F:09:72:2B:2D:33:BF:20:63:E9:A3:8B:25:3E
            X509v3 Authority Key Identifier:
                keyid:A8:FC:25:9A:10:1E:AB:82:6E:E8:CB:EA:2A:0B:DA:5C:DE:CF:DA:F2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9186B80/B869805E123B11EC8A135F42C4F9AE02/qPwlmhAeq4Ju6MvqKgvaXN7P2vI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qPwlmhAeq4Ju6MvqKgvaXN7P2vI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186B80/B869805E123B11EC8A135F42C4F9AE02/9C09360E0C3411EDB8619843C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.81.129.0/24
                  124.109.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:b0:93:98:4c:aa:fe:86:f3:86:d6:19:36:a6:46:d6:24:61:
         ba:c0:a4:16:56:3e:c0:05:9b:e1:b3:62:0a:6c:9e:21:4c:44:
         4e:0c:2a:ad:03:db:60:65:72:9d:cf:6f:d1:24:b1:67:93:30:
         32:d3:13:9d:17:91:7b:1a:8d:0e:22:af:42:7c:a2:fe:2f:bd:
         3d:3e:d8:da:6c:d8:9d:b1:86:e1:2a:bd:06:f6:79:1e:9b:5c:
         5b:46:76:f0:42:c7:94:b6:0f:e1:af:b1:54:68:14:03:04:57:
         79:4b:c7:15:bf:6f:8e:dd:73:5d:69:85:e8:35:0d:1f:49:d5:
         be:72:d9:07:01:86:02:90:82:df:b3:ab:07:f2:97:cf:36:d1:
         31:78:bd:8f:f2:bb:fb:96:68:4f:4d:81:a0:bd:14:27:d7:f9:
         c8:1e:89:6c:aa:55:4a:5c:6b:2d:58:60:0c:41:f4:ff:a8:b2:
         d8:b9:66:5b:48:14:a1:98:db:b1:33:06:ae:1c:50:a1:65:76:
         3e:db:79:2e:52:a0:86:57:c8:da:eb:b2:8d:3e:1e:05:fb:7c:
         0f:77:20:b5:bc:7c:29:77:2a:04:1e:2d:bb:e9:30:39:a5:10:
         9c:79:d1:31:71:06:f0:34:ef:70:1b:2d:b9:4d:b7:87:39:e4:
         37:26:99:92
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBUswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODZCODAxMTAvBgNVBAUTKEE4RkMyNTlBMTAxRUFCODI2RUU4Q0JFQTJBMEJEQTVD
REVDRkRBRjIwHhcNMjUxMDExMDE1NTI1WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGU5YjkwYy1mYTE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuhSndasb9V8+Y/RJZClM4J5V2IgG2hspera59EvIjcUvqIBTmqmgVc80I7cb
TLo3dK1hVadtSYmDIm02/eyvbncr/kZ/ldh0WpTbsFDxAUnZLfvQnh1FkxRaVrHd
getqdSsgyMkpcs1zCKMMtsxYKz6FaS5dd83de9NZEqSge9z49YU0WTq4puHomy7H
NvhILbPhcGulTrKWI6e6U3ebv7QUxEr1fp9S8mRqi80m01vqAn7DEvdReK5ztgow
YXA5qKghqAYNOG9mS8Vmmm54i/qQq+sXsHytYtEta1XQ9ThI5HbEXicExOcW4Rwe
A0Jz8G5ogdVJbjnjt8uNdmjFzQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGc1D0ef
el8JcistM78gY+mjiyU+MB8GA1UdIwQYMBaAFKj8JZoQHquCbujL6ioL2lzez9ry
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NkI4MC9CODY5ODA1RTEy
M0IxMUVDOEExMzVGNDJDNEY5QUUwMi9xUHdsbWhBZXE0SnU2TXZxS2d2YVhON1Ay
dkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FQd2xtaEFlcTRKdTZNdnFLZ3ZhWE43UDJ2SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODZCODAvQjg2OTgwNUUxMjNCMTFFQzhBMTM1RjQyQzRGOUFFMDIvOUMwOTM2MEUw
QzM0MTFFREI4NjE5ODQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnUYEDBAB8bQcwDQYJKoZIhvcNAQELBQADggEBAEWwk5hM
qv6G84bWGTamRtYkYbrApBZWPsAFm+GzYgpsniFMRE4MKq0D22Blcp3Pb9EksWeT
MDLTE50XkXsajQ4ir0J8ov4vvT0+2Nps2J2xhuEqvQb2eR6bXFtGdvBCx5S2D+Gv
sVRoFAMEV3lLxxW/b47dc11pheg1DR9J1b5y2QcBhgKQgt+zqwfyl8820TF4vY/y
u/uWaE9NgaC9FCfX+cgeiWyqVUpcay1YYAxB9P+osti5ZltIFKGY27EzBq4cUKFl
dj7beS5SoIZXyNrrso0+HgX7fA93ILW8fCl3KgQeLbvpMDmlEJx50TFxBvA073Ab
LblNt4c55DcmmZI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:44:52 2025 by rpki-client