Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4B39/95074A0AAF5611EEA655B581C4F9AE02/6FABE96CA71811F09916DD25C4F9AE02.roa
File:                     6FABE96CA71811F09916DD25C4F9AE02.roa (raw, json)
Hash identifier:          t9kWjl6698MMDsKjpjg1eLkcpInMmBXoNYuTXae4/jw=
Subject key identifier:   EE:AC:A1:18:A7:2B:79:60:D8:97:39:3E:50:1C:53:5C:EA:73:25:30
Certificate issuer:       /CN=A91A4B39/serialNumber=BEFFBEF8EFC5027C34DFF704C79FB2812A71331E
Certificate serial:       0183
Authority key identifier: BE:FF:BE:F8:EF:C5:02:7C:34:DF:F7:04:C7:9F:B2:81:2A:71:33:1E
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vv---O_FAnw03_cEx5-ygSpxMx4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A4B39/95074A0AAF5611EEA655B581C4F9AE02/6FABE96CA71811F09916DD25C4F9AE02.roa
Signing time:             Sun 12 Oct 2025 03:06:25 +0000
ROA not before:           Sun 12 Oct 2025 03:06:25 +0000
ROA not after:            Fri 01 May 2026 00:00:00 +0000
asID:                     151629
IP address blocks:        157.10.135.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A4B39/95074A0AAF5611EEA655B581C4F9AE02/vv---O_FAnw03_cEx5-ygSpxMx4.crl
                          rsync://rpki.apnic.net/member_repository/A91A4B39/95074A0AAF5611EEA655B581C4F9AE02/vv---O_FAnw03_cEx5-ygSpxMx4.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vv---O_FAnw03_cEx5-ygSpxMx4.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 06:57:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 387 (0x183)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A4B39, serialNumber=BEFFBEF8EFC5027C34DFF704C79FB2812A71331E
        Validity
            Not Before: Oct 12 03:06:25 2025 GMT
            Not After : May  1 00:00:00 2026 GMT
        Subject: CN=68eb1b30-49a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:f1:05:7b:3a:7b:29:ee:9e:3d:da:4c:eb:58:
                    8c:98:1f:9d:9e:1b:45:2b:c3:62:b4:c8:85:cd:26:
                    6f:d4:8f:0d:d4:1b:44:42:c5:9b:8a:e9:28:28:27:
                    7e:f2:25:0a:94:76:b7:3a:4c:ad:93:9d:3a:74:ec:
                    06:d4:e2:f5:02:c7:4f:bc:4f:ef:a3:a9:af:26:8e:
                    9f:85:d4:35:18:5c:9a:aa:2c:d7:ec:5b:ea:3d:63:
                    6c:bb:79:e1:c6:bd:96:74:a4:e4:f7:21:23:bc:ca:
                    47:3e:f5:b6:4f:54:e7:1e:35:0f:9d:ec:5c:c8:09:
                    aa:87:f4:8a:f6:1d:d0:66:56:0b:da:cc:89:27:d5:
                    21:4d:5f:ca:64:8c:bd:b0:a2:a2:9e:31:ec:ab:88:
                    c8:bd:b7:3a:26:60:1f:68:54:89:8c:50:ce:0a:b9:
                    65:63:05:43:06:bc:a6:d9:6d:d2:c8:66:7d:28:69:
                    05:5d:cf:a7:b9:9d:59:41:4f:15:7a:90:00:81:86:
                    ea:cc:12:4c:fe:7b:92:d9:9e:de:5f:28:a5:7f:11:
                    9b:07:39:77:72:1c:0d:db:f0:7a:ff:70:18:b7:b2:
                    04:62:c4:5e:bd:57:7c:46:8a:c3:ed:de:9e:81:c4:
                    5a:b3:46:af:11:c9:75:0b:9a:54:a3:b6:4b:9f:66:
                    64:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:AC:A1:18:A7:2B:79:60:D8:97:39:3E:50:1C:53:5C:EA:73:25:30
            X509v3 Authority Key Identifier:
                keyid:BE:FF:BE:F8:EF:C5:02:7C:34:DF:F7:04:C7:9F:B2:81:2A:71:33:1E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A4B39/95074A0AAF5611EEA655B581C4F9AE02/vv---O_FAnw03_cEx5-ygSpxMx4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vv---O_FAnw03_cEx5-ygSpxMx4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4B39/95074A0AAF5611EEA655B581C4F9AE02/6FABE96CA71811F09916DD25C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.10.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ce:fd:5d:df:44:a0:ea:91:87:58:9c:95:76:02:75:2a:2f:8b:
         be:71:9c:63:b2:8f:47:77:d5:f7:7e:23:29:a6:be:de:65:01:
         1f:aa:bb:a3:4d:f1:e3:d4:6f:cb:4a:fa:5e:fc:31:27:bb:16:
         0a:c5:fd:ba:c3:af:9d:f5:a8:ae:23:25:4e:7c:7a:ef:2f:10:
         3c:5b:71:bb:2d:f9:21:e6:94:20:62:33:8b:2e:c8:17:c6:08:
         f2:8d:34:70:e8:fd:b2:a9:e2:fd:87:99:83:6d:af:de:94:84:
         6d:ae:3a:f2:45:aa:6f:d6:1c:73:a8:04:fa:32:f2:3c:d0:17:
         cc:8e:89:ea:46:04:f1:42:d4:c3:db:ee:d4:a1:4f:0d:ee:16:
         a6:dd:d5:e7:a0:62:e1:82:db:ca:9d:92:ae:7f:ec:cf:ce:c7:
         ec:8c:15:ca:e0:d0:4f:cb:82:20:5c:42:e8:d5:57:98:7b:52:
         46:af:ca:4b:12:67:b2:96:af:4f:77:8c:20:52:78:4d:22:04:
         b6:f3:d6:83:33:81:a0:fe:ee:c1:74:b6:22:88:35:27:41:26:
         fb:92:99:4d:d1:c3:3b:d9:2a:30:c3:32:98:cb:8d:10:9d:b3:
         56:ec:af:f5:c5:73:14:44:c9:73:7e:88:48:d6:24:a2:06:0e:
         45:29:54:4a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAYMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTRCMzkxMTAvBgNVBAUTKEJFRkZCRUY4RUZDNTAyN0MzNERGRjcwNEM3OUZCMjgx
MkE3MTMzMUUwHhcNMjUxMDEyMDMwNjI1WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGViMWIzMC00OWEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxfEFezp7Ke6ePdpM61iMmB+dnhtFK8NitMiFzSZv1I8N1BtEQsWbiukoKCd+
8iUKlHa3Okytk506dOwG1OL1AsdPvE/vo6mvJo6fhdQ1GFyaqizX7FvqPWNsu3nh
xr2WdKTk9yEjvMpHPvW2T1TnHjUPnexcyAmqh/SK9h3QZlYL2syJJ9UhTV/KZIy9
sKKinjHsq4jIvbc6JmAfaFSJjFDOCrllYwVDBrym2W3SyGZ9KGkFXc+nuZ1ZQU8V
epAAgYbqzBJM/nuS2Z7eXyilfxGbBzl3chwN2/B6/3AYt7IEYsRevVd8RorD7d6e
gcRas0avEcl1C5pUo7ZLn2ZkiQIDAQABo4IClTCCApEwHQYDVR0OBBYEFO6soRin
K3lg2Jc5PlAcU1zqcyUwMB8GA1UdIwQYMBaAFL7/vvjvxQJ8NN/3BMefsoEqcTMe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEIzOS85NTA3NEEwQUFG
NTYxMUVFQTY1NUI1ODFDNEY5QUUwMi92di0tLU9fRkFudzAzX2NFeDUteWdTcHhN
eDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3Z2LS0tT19GQW53MDNfY0V4NS15Z1NweE14NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTRCMzkvOTUwNzRBMEFBRjU2MTFFRUE2NTVCNTgxQzRGOUFFMDIvNkZBQkU5NkNB
NzE4MTFGMDk5MTZERDI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACdCocwDQYJKoZIhvcNAQELBQADggEBAM79Xd9EoOqRh1ic
lXYCdSovi75xnGOyj0d31fd+Iymmvt5lAR+qu6NN8ePUb8tK+l78MSe7FgrF/brD
r531qK4jJU58eu8vEDxbcbst+SHmlCBiM4suyBfGCPKNNHDo/bKp4v2HmYNtr96U
hG2uOvJFqm/WHHOoBPoy8jzQF8yOiepGBPFC1MPb7tShTw3uFqbd1eegYuGC28qd
kq5/7M/Ox+yMFcrg0E/LgiBcQujVV5h7UkavyksSZ7KWr093jCBSeE0iBLbz1oMz
gaD+7sF0tiKINSdBJvuSmU3RwzvZKjDDMpjLjRCds1bsr/XFcxREyXN+iEjWJKIG
DkUpVEo=
-----END CERTIFICATE-----
Generated at Tue Oct 21 03:00:36 2025 by rpki-client