Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919536C/6DE3CE7C366011EE88E0F530C4F9AE02/95EA48DA366311EEB376DC3AC4F9AE02.roa
File:                     95EA48DA366311EEB376DC3AC4F9AE02.roa (raw, json)
Hash identifier:          +oI9oL8k3fL/BL33Vrpd0V8Yx/Ofa+KBM+eMKajmtho=
Subject key identifier:   C1:0B:F3:11:3B:A4:18:8F:D9:B6:CD:56:24:9C:9B:D2:67:82:C2:5E
Certificate issuer:       /CN=A919536C/serialNumber=71F40218C1AF47C5E993A21A2B29284E4C32C934
Certificate serial:       01A8
Authority key identifier: 71:F4:02:18:C1:AF:47:C5:E9:93:A2:1A:2B:29:28:4E:4C:32:C9:34
Authority info access:    rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/cfQCGMGvR8Xpk6IaKykoTkwyyTQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919536C/6DE3CE7C366011EE88E0F530C4F9AE02/95EA48DA366311EEB376DC3AC4F9AE02.roa
Signing time:             Mon 23 Jun 2025 03:21:54 +0000
ROA not before:           Mon 23 Jun 2025 03:21:54 +0000
ROA not after:            Mon 31 Aug 2026 00:00:00 +0000
asID:                     133328
IP address blocks:        83.118.101.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919536C/6DE3CE7C366011EE88E0F530C4F9AE02/cfQCGMGvR8Xpk6IaKykoTkwyyTQ.crl
                          rsync://rpki.apnic.net/member_repository/A919536C/6DE3CE7C366011EE88E0F530C4F9AE02/cfQCGMGvR8Xpk6IaKykoTkwyyTQ.mft
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/cfQCGMGvR8Xpk6IaKykoTkwyyTQ.cer
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 10 Jul 2025 03:15:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 424 (0x1a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919536C, serialNumber=71F40218C1AF47C5E993A21A2B29284E4C32C934
        Validity
            Not Before: Jun 23 03:21:54 2025 GMT
            Not After : Aug 31 00:00:00 2026 GMT
        Subject: CN=6858c851-f0d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:03:e7:26:40:79:1f:3c:0f:e6:2b:1c:e5:97:
                    28:e0:b8:47:b1:89:34:40:2c:48:6d:80:ce:3f:36:
                    1a:bc:82:15:35:a2:fa:5e:13:f7:5c:ba:64:1b:50:
                    53:80:b1:ec:29:a1:7e:91:ff:8f:8d:0b:1e:00:55:
                    e0:55:fa:b7:d7:4f:4c:da:07:58:92:ab:d6:ee:56:
                    12:7e:0a:52:2c:8c:6b:de:12:04:d5:ed:8f:00:77:
                    b6:87:c5:bd:9a:08:65:24:4f:07:7b:64:f7:90:d2:
                    40:3a:e8:f9:b7:e9:d8:61:40:ba:21:7e:d3:1e:20:
                    85:2e:2b:ec:77:2b:f9:8b:1c:49:40:c4:45:18:d4:
                    c0:9e:b5:41:e9:38:1d:c1:a9:a2:a5:72:ee:35:ba:
                    3c:b5:9f:92:c1:d5:bb:b5:c2:c5:26:65:9b:1c:5f:
                    9d:ee:14:73:7c:95:7a:76:67:a5:8d:2b:b2:a4:cc:
                    59:c6:65:a1:2b:e6:0e:73:e9:a6:bb:d6:a0:d1:a0:
                    e5:eb:bf:9d:d2:dc:46:91:5f:a5:83:a5:73:16:e0:
                    60:d0:0b:5b:c6:95:16:92:43:bf:5f:74:94:7a:57:
                    cd:5d:eb:de:6d:a3:e6:3f:b1:72:5f:f8:98:8c:de:
                    03:f3:df:f6:ed:28:48:9b:35:81:22:39:f5:9b:78:
                    ae:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:0B:F3:11:3B:A4:18:8F:D9:B6:CD:56:24:9C:9B:D2:67:82:C2:5E
            X509v3 Authority Key Identifier:
                keyid:71:F4:02:18:C1:AF:47:C5:E9:93:A2:1A:2B:29:28:4E:4C:32:C9:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919536C/6DE3CE7C366011EE88E0F530C4F9AE02/cfQCGMGvR8Xpk6IaKykoTkwyyTQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/cfQCGMGvR8Xpk6IaKykoTkwyyTQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919536C/6DE3CE7C366011EE88E0F530C4F9AE02/95EA48DA366311EEB376DC3AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.118.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:48:1d:da:fd:08:ad:28:75:b4:fe:f4:b5:81:f6:b2:cf:61:
         d5:bf:7b:3f:eb:a8:1a:05:b8:c0:3c:8e:a4:f9:39:86:dd:39:
         55:3c:f1:d2:93:ef:24:3a:40:45:e7:ba:d0:6c:ca:73:33:1b:
         2d:fb:d0:b2:47:a6:35:de:b5:c9:f1:28:76:17:5d:72:d5:08:
         f7:2f:53:c5:68:38:b2:80:17:8f:9f:3d:4f:b5:4c:f3:df:b0:
         f9:39:2d:e6:29:e1:3d:01:14:06:d2:a9:58:24:2a:58:9e:eb:
         b1:9e:29:08:d9:f5:f0:f0:30:91:78:68:4a:69:d2:40:05:e1:
         cb:a3:50:2f:6c:5b:e0:88:b2:cf:5b:fc:04:6d:72:f0:08:8a:
         af:a8:7b:13:85:58:2c:0e:82:10:b3:fd:45:3c:42:03:ce:67:
         00:59:8a:bd:4e:6c:18:39:46:15:01:8b:b7:fa:be:6f:4a:76:
         43:3c:42:dc:36:7e:3c:d7:d2:e2:a1:a4:e5:93:ec:f4:f5:24:
         7f:e9:ca:df:da:ba:9d:3a:47:04:f0:1c:88:f1:e2:78:4e:99:
         a7:95:de:32:17:36:94:97:18:9a:17:d6:80:43:b9:9b:c4:fc:
         ad:d8:6a:a5:23:f1:f6:14:e2:58:db:f3:f4:d0:69:0e:a7:dc:
         c9:86:49:7a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAagwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTUzNkMxMTAvBgNVBAUTKDcxRjQwMjE4QzFBRjQ3QzVFOTkzQTIxQTJCMjkyODRF
NEMzMkM5MzQwHhcNMjUwNjIzMDMyMTU0WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODU4Yzg1MS1mMGQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1gPnJkB5HzwP5isc5Zco4LhHsYk0QCxIbYDOPzYavIIVNaL6XhP3XLpkG1BT
gLHsKaF+kf+PjQseAFXgVfq3109M2gdYkqvW7lYSfgpSLIxr3hIE1e2PAHe2h8W9
mghlJE8He2T3kNJAOuj5t+nYYUC6IX7THiCFLivsdyv5ixxJQMRFGNTAnrVB6Tgd
wamipXLuNbo8tZ+SwdW7tcLFJmWbHF+d7hRzfJV6dmeljSuypMxZxmWhK+YOc+mm
u9ag0aDl67+d0txGkV+lg6VzFuBg0AtbxpUWkkO/X3SUelfNXevebaPmP7FyX/iY
jN4D89/27ShImzWBIjn1m3iu8wIDAQABo4IClTCCApEwHQYDVR0OBBYEFMEL8xE7
pBiP2bbNViScm9JngsJeMB8GA1UdIwQYMBaAFHH0AhjBr0fF6ZOiGispKE5MMsk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTM2Qy82REUzQ0U3QzM2
NjAxMUVFODhFMEY1MzBDNEY5QUUwMi9jZlFDR01HdlI4WHBrNklhS3lrb1Rrd3l5
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL2NmUUNHTUd2UjhYcGs2SWFLeWtvVGt3eXlUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTUzNkMvNkRFM0NFN0MzNjYwMTFFRTg4RTBGNTMwQzRGOUFFMDIvOTVFQTQ4REEz
NjYzMTFFRUIzNzZEQzNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABTdmUwDQYJKoZIhvcNAQELBQADggEBALNIHdr9CK0odbT+
9LWB9rLPYdW/ez/rqBoFuMA8jqT5OYbdOVU88dKT7yQ6QEXnutBsynMzGy370LJH
pjXetcnxKHYXXXLVCPcvU8VoOLKAF4+fPU+1TPPfsPk5LeYp4T0BFAbSqVgkKlie
67GeKQjZ9fDwMJF4aEpp0kAF4cujUC9sW+CIss9b/ARtcvAIiq+oexOFWCwOghCz
/UU8QgPOZwBZir1ObBg5RhUBi7f6vm9KdkM8Qtw2fjzX0uKhpOWT7PT1JH/pyt/a
up06RwTwHIjx4nhOmaeV3jIXNpSXGJoX1oBDuZvE/K3YaqUj8fYU4ljb8/TQaQ6n
3MmGSXo=
-----END CERTIFICATE-----
Generated at Thu Jul 3 17:59:42 2025 by rpki-client