Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919E3FB/FDD44C22266E11ECAC097C7BC4F9AE02/B4D8E692267111ECA0546981C4F9AE02.roa
File:                     B4D8E692267111ECA0546981C4F9AE02.roa (raw, json)
Hash identifier:          5Q4guNeQaB31WqKdHmdzuqJlgTxkvhYKs90qMoibdec=
Subject key identifier:   DC:FA:65:21:9E:F5:24:15:89:2A:F3:78:03:09:F1:A4:82:47:00:FD
Certificate issuer:       /CN=A919E3FB/serialNumber=5EB098EF4D5655CC66B6AF81C3CDE4062D802F3B
Certificate serial:       050E
Authority key identifier: 5E:B0:98:EF:4D:56:55:CC:66:B6:AF:81:C3:CD:E4:06:2D:80:2F:3B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XrCY701WVcxmtq-Bw83kBi2ALzs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919E3FB/FDD44C22266E11ECAC097C7BC4F9AE02/B4D8E692267111ECA0546981C4F9AE02.roa
Signing time:             Mon 06 Oct 2025 23:55:50 +0000
ROA not before:           Mon 06 Oct 2025 23:55:50 +0000
ROA not after:            Wed 30 Dec 2026 00:00:00 +0000
asID:                     147180
IP address blocks:        103.173.174.0/23 maxlen: 24
                          2001:df7:a280::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919E3FB/FDD44C22266E11ECAC097C7BC4F9AE02/XrCY701WVcxmtq-Bw83kBi2ALzs.crl
                          rsync://rpki.apnic.net/member_repository/A919E3FB/FDD44C22266E11ECAC097C7BC4F9AE02/XrCY701WVcxmtq-Bw83kBi2ALzs.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XrCY701WVcxmtq-Bw83kBi2ALzs.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 01:22:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1294 (0x50e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919E3FB, serialNumber=5EB098EF4D5655CC66B6AF81C3CDE4062D802F3B
        Validity
            Not Before: Oct  6 23:55:50 2025 GMT
            Not After : Dec 30 00:00:00 2026 GMT
        Subject: CN=68e45706-78ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:75:39:b7:7c:54:6a:9f:38:ee:6e:95:8f:54:
                    40:50:c4:da:7f:40:ba:5d:ea:03:aa:d2:58:90:c0:
                    67:d0:ee:fb:b9:df:06:ae:f9:be:22:43:bc:0b:8e:
                    05:bc:07:1f:ee:df:45:75:bb:f1:59:8b:59:16:de:
                    b6:5b:a2:02:f8:76:fe:c1:57:42:3a:17:65:11:77:
                    7f:cb:36:6f:74:e2:dd:33:57:42:39:76:5b:af:be:
                    be:25:a0:fc:33:fb:fc:6a:84:a5:18:85:d2:45:d5:
                    bf:a5:fa:a5:2e:eb:b0:d2:9d:7b:b6:f4:da:bf:0d:
                    6d:69:40:96:f7:4a:89:44:54:4b:5d:93:d3:58:c2:
                    55:f6:dc:48:75:de:aa:cc:a3:9e:87:d5:a1:0c:d3:
                    e6:26:53:1b:34:10:79:ca:6f:8e:8f:c5:6c:5c:af:
                    1d:37:e7:64:0b:be:1e:84:a0:7e:71:95:e0:3d:d3:
                    22:a6:f0:a6:7b:0d:c9:f8:cf:69:59:69:b0:8f:9c:
                    b8:0d:a8:1d:a7:90:ea:30:94:26:10:0c:b4:62:71:
                    ad:58:b2:6c:52:e9:80:f9:72:89:d6:f0:ee:c3:12:
                    f0:be:3a:2b:eb:a7:73:7d:0f:9e:a3:4f:f5:98:bb:
                    25:30:fa:37:4f:60:dd:4a:14:51:ef:d2:cd:d4:44:
                    b8:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:FA:65:21:9E:F5:24:15:89:2A:F3:78:03:09:F1:A4:82:47:00:FD
            X509v3 Authority Key Identifier:
                keyid:5E:B0:98:EF:4D:56:55:CC:66:B6:AF:81:C3:CD:E4:06:2D:80:2F:3B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919E3FB/FDD44C22266E11ECAC097C7BC4F9AE02/XrCY701WVcxmtq-Bw83kBi2ALzs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XrCY701WVcxmtq-Bw83kBi2ALzs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919E3FB/FDD44C22266E11ECAC097C7BC4F9AE02/B4D8E692267111ECA0546981C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.173.174.0/23
                IPv6:
                  2001:df7:a280::/48

    Signature Algorithm: sha256WithRSAEncryption
         86:07:f4:a5:0a:e5:4f:73:53:68:22:28:48:88:31:e3:c3:0d:
         47:01:c5:b8:36:93:16:4c:23:a3:02:fd:af:c8:7d:fb:a2:8e:
         b6:e4:df:8d:a3:d7:58:2a:89:f8:e7:39:b2:43:3d:c5:70:79:
         04:a5:32:a1:58:d6:b9:0b:e6:d6:46:e6:f0:b1:8e:e0:95:e2:
         4d:fa:8b:1a:62:d9:94:9d:3d:e4:30:93:68:e2:54:cc:7d:36:
         2b:40:61:8d:8a:7a:0a:df:b6:c1:46:b6:af:3f:f1:ca:2c:ac:
         df:6e:1e:13:05:05:5c:d7:9a:8b:d0:de:1d:e7:28:dc:2d:8b:
         48:2d:6c:3a:a0:e5:1f:38:fd:83:a0:55:4f:5b:a3:68:55:56:
         cd:71:d7:d7:7e:9e:18:eb:b5:4e:3d:a0:1c:ae:2b:c3:a6:12:
         4e:90:b3:c1:05:15:19:1b:52:a9:c7:7c:c7:53:7e:d4:f0:b9:
         de:47:d3:c0:43:6b:ac:b1:8d:21:c6:36:3c:2b:e5:e9:d6:2f:
         0f:d0:8e:a4:05:cd:a3:ea:da:0d:8e:1a:27:ef:c2:7c:2e:0d:
         1e:29:76:9a:f3:be:de:37:96:0f:8a:ae:79:b1:34:64:43:b8:
         d6:59:d0:98:4c:f8:3a:d7:41:89:b4:b1:57:ea:3d:ed:6b:45:
         e6:69:1a:95
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBQ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUUzRkIxMTAvBgNVBAUTKDVFQjA5OEVGNEQ1NjU1Q0M2NkI2QUY4MUMzQ0RFNDA2
MkQ4MDJGM0IwHhcNMjUxMDA2MjM1NTUwWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGU0NTcwNi03OGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAunU5t3xUap847m6Vj1RAUMTaf0C6XeoDqtJYkMBn0O77ud8Grvm+IkO8C44F
vAcf7t9FdbvxWYtZFt62W6IC+Hb+wVdCOhdlEXd/yzZvdOLdM1dCOXZbr76+JaD8
M/v8aoSlGIXSRdW/pfqlLuuw0p17tvTavw1taUCW90qJRFRLXZPTWMJV9txIdd6q
zKOeh9WhDNPmJlMbNBB5ym+Oj8VsXK8dN+dkC74ehKB+cZXgPdMipvCmew3J+M9p
WWmwj5y4Dagdp5DqMJQmEAy0YnGtWLJsUumA+XKJ1vDuwxLwvjor66dzfQ+eo0/1
mLslMPo3T2DdShRR79LN1ES4yQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNz6ZSGe
9SQViSrzeAMJ8aSCRwD9MB8GA1UdIwQYMBaAFF6wmO9NVlXMZravgcPN5AYtgC87
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RTNGQi9GREQ0NEMyMjI2
NkUxMUVDQUMwOTdDN0JDNEY5QUUwMi9YckNZNzAxV1ZjeG10cS1Cdzgza0JpMkFM
enMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hyQ1k3MDFXVmN4bXRxLUJ3ODNrQmkyQUx6cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUUzRkIvRkRENDRDMjIyNjZFMTFFQ0FDMDk3QzdCQzRGOUFFMDIvQjREOEU2OTIy
NjcxMTFFQ0EwNTQ2OTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnra4wDwQCAAIwCQMHACABDfeigDANBgkqhkiG9w0BAQsF
AAOCAQEAhgf0pQrlT3NTaCIoSIgx48MNRwHFuDaTFkwjowL9r8h9+6KOtuTfjaPX
WCqJ+Oc5skM9xXB5BKUyoVjWuQvm1kbm8LGO4JXiTfqLGmLZlJ095DCTaOJUzH02
K0BhjYp6Ct+2wUa2rz/xyiys324eEwUFXNeai9DeHeco3C2LSC1sOqDlHzj9g6BV
T1ujaFVWzXHX136eGOu1Tj2gHK4rw6YSTpCzwQUVGRtSqcd8x1N+1PC53kfTwENr
rLGNIcY2PCvl6dYvD9COpAXNo+raDY4aJ+/CfC4NHil2mvO+3jeWD4quebE0ZEO4
1lnQmEz4OtdBibSxV+o97WtF5mkalQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:14:36 2025 by rpki-client