Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919EF51/A883E81C3D8211EA9F267370C4F9AE02/1671D380603711EF97BB395FC4F9AE02.roa
File:                     1671D380603711EF97BB395FC4F9AE02.roa (raw, json)
Hash identifier:          wcjq6nrAdlH8UWi0JyTi5KR6p/GMdWrETyKZJT7hWSI=
Subject key identifier:   82:62:DD:C5:4D:90:3E:EA:26:E3:D8:BA:50:D6:A0:56:28:00:DC:5C
Certificate issuer:       /CN=A919EF51/serialNumber=806706637950EF8DAE7BEBD1C9A74BB1F265D417
Certificate serial:       0B7D
Authority key identifier: 80:67:06:63:79:50:EF:8D:AE:7B:EB:D1:C9:A7:4B:B1:F2:65:D4:17
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gGcGY3lQ742ue-vRyadLsfJl1Bc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919EF51/A883E81C3D8211EA9F267370C4F9AE02/1671D380603711EF97BB395FC4F9AE02.roa
Signing time:             Fri 26 Sep 2025 19:20:14 +0000
ROA not before:           Fri 26 Sep 2025 19:20:14 +0000
ROA not after:            Tue 01 Dec 2026 00:00:00 +0000
asID:                     0
IP address blocks:        27.106.192.0/23 maxlen: 23
                          218.100.52.0/23 maxlen: 23
                          218.100.54.0/24 maxlen: 24
                          218.100.76.0/24 maxlen: 24
                          218.100.78.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919EF51/A883E81C3D8211EA9F267370C4F9AE02/gGcGY3lQ742ue-vRyadLsfJl1Bc.crl
                          rsync://rpki.apnic.net/member_repository/A919EF51/A883E81C3D8211EA9F267370C4F9AE02/gGcGY3lQ742ue-vRyadLsfJl1Bc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gGcGY3lQ742ue-vRyadLsfJl1Bc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 19:56:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2941 (0xb7d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919EF51, serialNumber=806706637950EF8DAE7BEBD1C9A74BB1F265D417
        Validity
            Not Before: Sep 26 19:20:14 2025 GMT
            Not After : Dec  1 00:00:00 2026 GMT
        Subject: CN=68d6e76e-6828
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:26:47:e6:71:26:1d:02:6b:16:43:f6:f2:f0:
                    2b:f5:3f:a8:69:73:71:dc:e6:f2:17:07:78:1d:8a:
                    c4:48:c4:d7:e1:e6:a5:9c:da:52:ac:92:51:a4:5e:
                    6f:5d:bd:c8:b9:75:ab:83:6d:57:7d:9a:95:c8:6f:
                    f2:f7:eb:79:12:50:2e:0b:69:0f:e3:bf:13:40:4c:
                    77:5a:a4:16:ac:22:52:59:45:db:c8:0b:a4:8f:b4:
                    ca:ad:19:17:e3:85:e9:12:37:9f:8c:13:33:72:8a:
                    3d:7e:28:fe:00:24:9f:02:9a:1d:24:73:39:d1:a6:
                    60:5b:76:47:2f:31:1d:54:b8:41:e1:87:3d:08:3d:
                    08:2f:0e:e2:f4:8e:e1:a0:d6:af:02:67:54:71:8c:
                    c5:0d:9a:c3:04:f9:1c:ba:52:f6:c1:40:89:9d:81:
                    24:84:37:42:20:55:f8:2c:e0:68:1b:76:36:1c:a8:
                    3d:b7:3a:86:49:29:cc:e2:5e:70:d7:c2:84:dc:74:
                    77:9f:c3:75:ec:0e:87:c1:e7:56:0d:db:46:00:73:
                    f9:71:19:65:de:e3:1d:72:9b:5d:ba:25:9b:12:e8:
                    01:28:d4:8a:26:38:e9:73:07:f7:9f:b1:79:96:36:
                    84:89:aa:e2:96:db:94:b6:70:b5:89:c8:01:25:63:
                    32:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:62:DD:C5:4D:90:3E:EA:26:E3:D8:BA:50:D6:A0:56:28:00:DC:5C
            X509v3 Authority Key Identifier:
                keyid:80:67:06:63:79:50:EF:8D:AE:7B:EB:D1:C9:A7:4B:B1:F2:65:D4:17

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919EF51/A883E81C3D8211EA9F267370C4F9AE02/gGcGY3lQ742ue-vRyadLsfJl1Bc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gGcGY3lQ742ue-vRyadLsfJl1Bc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EF51/A883E81C3D8211EA9F267370C4F9AE02/1671D380603711EF97BB395FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.106.192.0/23
                  218.100.52.0-218.100.54.255
                  218.100.76.0/24
                  218.100.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:b4:66:fd:3d:22:d8:dd:fa:df:e3:54:49:39:82:fd:8e:e6:
         4d:c9:49:40:e7:d2:76:6b:9c:41:dd:76:4c:e0:42:bd:5f:c1:
         63:94:b9:b2:ad:b5:ee:7d:31:a6:11:87:cc:fb:15:0c:9a:50:
         9b:e2:0b:76:a7:b7:a0:1b:cc:7c:1f:3c:b5:bf:1d:2f:25:b0:
         07:4b:0f:2c:88:24:4c:82:bb:19:09:3e:3d:0f:ad:de:9f:bb:
         87:6f:8f:26:d1:80:66:0b:33:57:c9:25:48:ac:61:72:9c:fd:
         37:f0:b5:a4:ff:cc:c2:a3:e7:77:ee:e6:14:45:27:a4:30:b9:
         55:7f:f1:f5:5d:04:82:71:fd:5b:ba:ef:9a:98:ad:30:95:54:
         76:17:c8:26:c1:b8:5e:17:69:6c:a4:68:40:80:e3:b9:7c:3c:
         a5:d6:48:14:3f:fc:b9:4a:2b:52:5e:cd:00:3e:0d:ca:48:92:
         62:8e:0b:77:ef:9f:2a:c0:31:b8:b5:fc:04:29:67:40:3b:b9:
         bb:53:2b:e6:ad:2f:36:fe:6e:c9:ff:e2:9b:44:f7:b9:4d:e2:
         ff:89:5a:2c:ce:c0:62:8e:ed:96:75:d0:43:ce:64:44:38:f1:
         c7:0c:be:c9:b2:c1:5e:c6:f2:1c:d6:02:43:0b:4a:49:d4:4b:
         59:f5:3c:e2
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICC30wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVGNTExMTAvBgNVBAUTKDgwNjcwNjYzNzk1MEVGOERBRTdCRUJEMUM5QTc0QkIx
RjI2NUQ0MTcwHhcNMjUwOTI2MTkyMDE0WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGQ2ZTc2ZS02ODI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4CZH5nEmHQJrFkP28vAr9T+oaXNx3ObyFwd4HYrESMTX4ealnNpSrJJRpF5v
Xb3IuXWrg21XfZqVyG/y9+t5ElAuC2kP478TQEx3WqQWrCJSWUXbyAukj7TKrRkX
44XpEjefjBMzcoo9fij+ACSfApodJHM50aZgW3ZHLzEdVLhB4Yc9CD0ILw7i9I7h
oNavAmdUcYzFDZrDBPkculL2wUCJnYEkhDdCIFX4LOBoG3Y2HKg9tzqGSSnM4l5w
18KE3HR3n8N17A6HwedWDdtGAHP5cRll3uMdcptduiWbEugBKNSKJjjpcwf3n7F5
ljaEiariltuUtnC1icgBJWMyhQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFIJi3cVN
kD7qJuPYulDWoFYoANxcMB8GA1UdIwQYMBaAFIBnBmN5UO+Nrnvr0cmnS7HyZdQX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUY1MS9BODgzRTgxQzNE
ODIxMUVBOUYyNjczNzBDNEY5QUUwMi9nR2NHWTNsUTc0MnVlLXZSeWFkTHNmSmwx
QmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dHY0dZM2xRNzQydWUtdlJ5YWRMc2ZKbDFCYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVGNTEvQTg4M0U4MUMzRDgyMTFFQTlGMjY3MzcwQzRGOUFFMDIvMTY3MUQzODA2
MDM3MTFFRjk3QkIzOTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBAEbasAwDAMEAtpkNAMEANpkNgMEANpkTAMEANpkTjANBgkq
hkiG9w0BAQsFAAOCAQEATLRm/T0i2N363+NUSTmC/Y7mTclJQOfSdmucQd12TOBC
vV/BY5S5sq217n0xphGHzPsVDJpQm+ILdqe3oBvMfB88tb8dLyWwB0sPLIgkTIK7
GQk+PQ+t3p+7h2+PJtGAZgszV8klSKxhcpz9N/C1pP/MwqPnd+7mFEUnpDC5VX/x
9V0EgnH9W7rvmpitMJVUdhfIJsG4XhdpbKRoQIDjuXw8pdZIFD/8uUorUl7NAD4N
ykiSYo4Ld++fKsAxuLX8BClnQDu5u1Mr5q0vNv5uyf/im0T3uU3i/4laLM7AYo7t
lnXQQ85kRDjxxwy+ybLBXsbyHNYCQwtKSdRLWfU84g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:44:49 2025 by rpki-client