Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/663066BA8CFD11EEB48A7871C4F9AE02.roa
File:                     663066BA8CFD11EEB48A7871C4F9AE02.roa (raw, json)
Hash identifier:          jUmdUrO/ZB6ddNuXrDYsKn8zqKfTn+d4zv/BvJYsXuU=
Subject key identifier:   4D:61:F1:C7:75:DF:76:10:53:DE:FD:7B:1F:46:AE:D6:F5:1F:7A:C4
Certificate issuer:       /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial:       4DAC
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/663066BA8CFD11EEB48A7871C4F9AE02.roa
Signing time:             Thu 28 Aug 2025 14:55:47 +0000
ROA not before:           Thu 28 Aug 2025 14:55:47 +0000
ROA not after:            Sat 31 Oct 2026 00:00:00 +0000
asID:                     151868
IP address blocks:        36.50.62.0/23 maxlen: 24
                          210.79.176.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
                          rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 27 Oct 2025 14:35:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19884 (0x4dac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
        Validity
            Not Before: Aug 28 14:55:47 2025 GMT
            Not After : Oct 31 00:00:00 2026 GMT
        Subject: CN=68b06df3-a4d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:35:be:4a:2b:33:38:b6:9f:f4:41:86:50:76:
                    41:80:98:19:6d:a0:a7:a5:a0:b3:ea:6b:e4:c3:71:
                    ad:6f:16:73:34:80:56:84:b0:da:3c:a1:a7:b7:18:
                    2d:bd:e4:9a:0b:01:62:94:f6:4e:50:dd:ea:ae:d2:
                    65:16:19:17:93:f8:ce:31:c9:53:80:5e:75:ca:ab:
                    4e:a8:3a:ec:fd:aa:26:af:16:c4:3d:7e:97:74:e4:
                    5a:59:7a:78:2a:90:63:38:41:10:e8:74:5b:29:30:
                    53:b2:d9:aa:83:28:e0:8f:02:72:a2:f9:25:48:58:
                    c3:a2:7a:15:03:9c:1a:57:4e:3e:26:2e:d3:0d:c3:
                    8d:6b:7d:a0:7f:70:89:07:4b:84:70:9f:c2:0e:95:
                    8a:6b:48:be:ad:81:1e:94:27:47:6f:10:59:c0:f4:
                    a0:df:2f:49:ff:1a:17:c4:1a:37:5f:cc:bf:5a:36:
                    00:91:4e:ed:81:d1:41:1b:62:b3:cc:17:18:bf:87:
                    9c:5a:5d:34:9e:f6:a6:95:5e:70:a4:cc:04:38:b3:
                    7e:72:9a:30:86:9f:fe:b5:9b:80:ef:1f:9b:6c:2b:
                    09:7d:bc:ce:a1:88:66:15:c7:e7:1f:77:c3:01:ea:
                    8c:90:01:07:f8:73:5a:60:fb:02:cb:30:f9:79:43:
                    d4:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:61:F1:C7:75:DF:76:10:53:DE:FD:7B:1F:46:AE:D6:F5:1F:7A:C4
            X509v3 Authority Key Identifier:
                keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/663066BA8CFD11EEB48A7871C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  36.50.62.0/23
                  210.79.176.0/23

    Signature Algorithm: sha256WithRSAEncryption
         42:db:16:93:01:52:e8:49:72:1a:a7:c9:9a:f3:bb:5d:ae:1e:
         cc:ca:d9:ef:90:d3:75:4e:63:87:4a:58:36:bc:fe:ae:b7:7b:
         e5:6e:1d:5f:06:cc:d5:a4:90:cf:cc:5a:fa:1a:95:51:1f:6b:
         de:21:4b:7a:58:14:d3:48:b7:f2:6b:00:8c:bc:8f:c3:fa:c5:
         44:f3:43:0f:71:6a:0f:f4:b4:11:ea:1d:72:84:41:74:e0:03:
         b0:fb:22:18:9a:97:6c:4f:3a:62:5c:d9:ff:a2:6b:f1:de:75:
         8c:c6:13:67:89:e4:e9:c4:55:ab:c4:d9:24:1e:bd:27:b3:51:
         8c:52:ee:6b:84:ef:65:5d:87:f4:a8:d4:e2:c2:ad:c8:72:fe:
         40:ac:db:21:de:c1:a4:e7:05:6e:1b:63:db:3b:6b:0c:0e:84:
         20:9e:97:79:57:ee:7d:a5:0e:b1:76:ec:83:d3:be:78:e5:0a:
         12:f3:f1:5a:ff:e5:11:20:35:07:56:25:b9:f8:f7:89:5b:3c:
         50:ef:ac:37:34:a3:96:38:56:1f:29:ed:a9:98:8c:54:3d:1a:
         20:84:f3:5d:4e:0d:e6:00:c2:8d:b6:16:3d:fc:88:37:3b:82:
         c1:a9:20:0f:89:14:28:fb:9d:3a:ef:41:28:14:5b:e7:c1:70:
         b1:8a:e4:25
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICTawwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwODI4MTQ1NTQ3WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGIwNmRmMy1hNGQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxjW+SiszOLaf9EGGUHZBgJgZbaCnpaCz6mvkw3GtbxZzNIBWhLDaPKGntxgt
veSaCwFilPZOUN3qrtJlFhkXk/jOMclTgF51yqtOqDrs/aomrxbEPX6XdORaWXp4
KpBjOEEQ6HRbKTBTstmqgyjgjwJyovklSFjDonoVA5waV04+Ji7TDcONa32gf3CJ
B0uEcJ/CDpWKa0i+rYEelCdHbxBZwPSg3y9J/xoXxBo3X8y/WjYAkU7tgdFBG2Kz
zBcYv4ecWl00nvamlV5wpMwEOLN+cpowhp/+tZuA7x+bbCsJfbzOoYhmFcfnH3fD
AeqMkAEH+HNaYPsCyzD5eUPUywIDAQABo4ICmzCCApcwHQYDVR0OBBYEFE1h8cd1
33YQU979ex9Grtb1H3rEMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNjYzMDY2QkE4
Q0ZEMTFFRUI0OEE3ODcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAEkMj4DBAHST7AwDQYJKoZIhvcNAQELBQADggEBAELbFpMB
UuhJchqnyZrzu12uHszK2e+Q03VOY4dKWDa8/q63e+VuHV8GzNWkkM/MWvoalVEf
a94hS3pYFNNIt/JrAIy8j8P6xUTzQw9xag/0tBHqHXKEQXTgA7D7Ihial2xPOmJc
2f+ia/HedYzGE2eJ5OnEVavE2SQevSezUYxS7muE72Vdh/So1OLCrchy/kCs2yHe
waTnBW4bY9s7awwOhCCel3lX7n2lDrF27IPTvnjlChLz8Vr/5REgNQdWJbn494lb
PFDvrDc0o5Y4Vh8p7amYjFQ9GiCE811ODeYAwo22Fj38iDc7gsGpIA+JFCj7nTrv
QSgUW+fBcLGK5CU=
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:03:25 2025 by rpki-client