Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/D0248BD854F611F09C7C2D78C4F9AE02.roa
File:                     D0248BD854F611F09C7C2D78C4F9AE02.roa (raw, json)
Hash identifier:          23ZzkX5nhi6F6eiSmBd42L5Ci9esFBYs6DyUXmjc7dU=
Subject key identifier:   9C:8F:36:D6:5A:3F:11:11:DB:EC:12:03:C2:67:FD:97:EF:7D:E8:1E
Certificate issuer:       /CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Certificate serial:       03A7
Authority key identifier: F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/D0248BD854F611F09C7C2D78C4F9AE02.roa
Signing time:             Sun 29 Jun 2025 14:39:08 +0000
ROA not before:           Sun 29 Jun 2025 14:39:08 +0000
ROA not after:            Mon 01 Dec 2025 00:00:00 +0000
asID:                     151592
IP address blocks:        202.155.143.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.crl
                          rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 06 Jul 2025 14:39:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 935 (0x3a7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9192C18, serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
        Validity
            Not Before: Jun 29 14:39:08 2025 GMT
            Not After : Dec  1 00:00:00 2025 GMT
        Subject: CN=6861500c-37bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:85:b6:2c:f1:19:a6:18:e1:df:8e:1e:b7:5c:
                    8d:3c:f3:c3:00:c5:e8:1c:82:22:cb:c4:b0:0e:42:
                    e5:91:cc:e9:cd:f4:5c:25:60:59:11:e2:e6:52:2b:
                    4c:bb:d1:93:09:33:4f:ad:8c:6d:b2:bf:ad:ba:5e:
                    f4:ca:7a:ea:c5:8e:81:17:1e:57:b2:01:87:6e:b9:
                    51:55:95:57:93:b7:a6:99:3c:3e:14:08:ff:d6:bb:
                    80:70:b7:94:24:50:c1:b0:b6:b1:2c:05:5f:b6:9b:
                    63:87:93:e5:55:b5:d3:30:af:d7:fe:77:0a:43:4b:
                    48:97:fe:f2:9f:99:8e:71:d8:f9:bb:cd:48:ec:04:
                    33:11:39:f4:c2:2a:ee:33:71:90:ca:4a:74:4e:1f:
                    55:3e:f6:bd:a5:fa:fe:98:cf:51:fb:91:cb:66:f5:
                    45:4f:b1:b2:1b:2c:3e:d3:51:e7:7e:65:92:cb:a4:
                    2e:ba:72:e5:79:33:b0:59:2c:2e:17:39:5a:27:c8:
                    cc:13:e8:af:7b:50:8a:37:0b:aa:4f:5e:6c:98:b7:
                    39:3b:85:14:a6:9f:0b:c5:31:44:fb:51:bd:b6:9c:
                    cc:c7:ef:46:60:a3:44:66:84:89:a3:7b:b4:cc:a8:
                    3e:b4:95:de:8a:35:a7:db:e1:ca:d2:b1:b3:2c:fd:
                    e3:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:8F:36:D6:5A:3F:11:11:DB:EC:12:03:C2:67:FD:97:EF:7D:E8:1E
            X509v3 Authority Key Identifier:
                keyid:F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/D0248BD854F611F09C7C2D78C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.155.143.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:cd:02:50:f8:34:ae:11:1f:fa:79:84:5b:48:04:41:7c:1c:
         82:62:3a:5f:f0:e3:5d:64:d5:8f:27:e7:88:c7:ca:8d:f4:4d:
         02:a4:ab:25:d5:bf:23:45:ad:0f:e8:68:7d:e9:ff:eb:02:23:
         2c:15:67:d3:e4:fe:36:30:bd:fc:ad:e6:23:30:c1:00:21:29:
         11:1c:ae:cb:c5:8d:78:75:54:88:35:d4:e5:9b:18:54:96:a1:
         21:20:ab:8d:58:41:4b:e3:82:e8:16:84:e4:fc:ee:38:ec:8e:
         5c:62:e0:98:9d:d0:8a:92:7e:d5:54:cc:18:c1:01:fa:49:73:
         ab:18:91:22:71:7c:67:ba:a5:9c:4e:49:7c:b2:8d:83:cb:71:
         e9:e1:63:a3:06:97:1d:95:ea:19:34:be:61:b1:76:6d:8a:4c:
         4d:56:53:25:c2:50:3b:19:c6:c9:b7:07:33:60:24:65:42:52:
         59:71:2a:d7:95:d4:8c:ff:75:97:ba:2a:2e:5b:b7:af:af:58:
         ea:70:21:48:56:65:9b:da:99:ea:ae:b8:6f:6a:d2:10:16:f8:
         35:13:c8:52:ef:fd:21:ad:e6:e4:d8:74:ae:a7:ac:15:13:44:
         13:e3:69:64:5d:c6:3c:ba:f1:63:a5:38:c6:cd:0a:da:48:b9:
         86:4f:73:c6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA6cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTJDMTgxMTAvBgNVBAUTKEYxRkUwQzMyN0U3OUU1QUY0M0UxNUIwRTZGOENENjZD
MDMyOUQxMzgwHhcNMjUwNjI5MTQzOTA4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODYxNTAwYy0zN2JkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7IW2LPEZphjh344et1yNPPPDAMXoHIIiy8SwDkLlkczpzfRcJWBZEeLmUitM
u9GTCTNPrYxtsr+tul70ynrqxY6BFx5XsgGHbrlRVZVXk7emmTw+FAj/1ruAcLeU
JFDBsLaxLAVftptjh5PlVbXTMK/X/ncKQ0tIl/7yn5mOcdj5u81I7AQzETn0wiru
M3GQykp0Th9VPva9pfr+mM9R+5HLZvVFT7GyGyw+01HnfmWSy6QuunLleTOwWSwu
FzlaJ8jME+ive1CKNwuqT15smLc5O4UUpp8LxTFE+1G9tpzMx+9GYKNEZoSJo3u0
zKg+tJXeijWn2+HK0rGzLP3jJwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJyPNtZa
PxER2+wSA8Jn/ZfvfegeMB8GA1UdIwQYMBaAFPH+DDJ+eeWvQ+FbDm+M1mwDKdE4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MkMxOC85QTVFRUE4QzNE
RjQxMUVEODA0MUY5MzBDNEY5QUUwMi84ZjRNTW41NTVhOUQ0VnNPYjR6V2JBTXAw
VGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhmNE1NbjU1NWE5RDRWc09iNHpXYkFNcDBUZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTJDMTgvOUE1RUVBOEMzREY0MTFFRDgwNDFGOTMwQzRGOUFFMDIvRDAyNDhCRDg1
NEY2MTFGMDlDN0MyRDc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKm48wDQYJKoZIhvcNAQELBQADggEBAJTNAlD4NK4RH/p5
hFtIBEF8HIJiOl/w411k1Y8n54jHyo30TQKkqyXVvyNFrQ/oaH3p/+sCIywVZ9Pk
/jYwvfyt5iMwwQAhKREcrsvFjXh1VIg11OWbGFSWoSEgq41YQUvjgugWhOT87jjs
jlxi4Jid0IqSftVUzBjBAfpJc6sYkSJxfGe6pZxOSXyyjYPLcenhY6MGlx2V6hk0
vmGxdm2KTE1WUyXCUDsZxsm3BzNgJGVCUllxKteV1Iz/dZe6Ki5bt6+vWOpwIUhW
ZZvamequuG9q0hAW+DUTyFLv/SGt5uTYdK6nrBUTRBPjaWRdxjy68WOlOMbNCtpI
uYZPc8Y=
-----END CERTIFICATE-----
Generated at Mon Jun 30 12:31:08 2025 by rpki-client