Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D92/357798B0402A11EEA7161872C4F9AE02/FBE34DB8538011EFB6264579C4F9AE02.roa
File:                     FBE34DB8538011EFB6264579C4F9AE02.roa (raw, json)
Hash identifier:          TcFb5btGGuGcCTENXu84bKs3B+lnqciAGdu0W4Z7mP0=
Subject key identifier:   60:AA:CF:36:CC:F7:18:63:6B:CB:92:D4:F1:15:0D:0F:FA:3D:7C:4C
Certificate issuer:       /CN=A91B5D92/serialNumber=6111807E828AC4F9842693D38611952DF03D7247
Certificate serial:       01A7
Authority key identifier: 61:11:80:7E:82:8A:C4:F9:84:26:93:D3:86:11:95:2D:F0:3D:72:47
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YRGAfoKKxPmEJpPThhGVLfA9ckc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B5D92/357798B0402A11EEA7161872C4F9AE02/FBE34DB8538011EFB6264579C4F9AE02.roa
Signing time:             Tue 07 Oct 2025 04:00:50 +0000
ROA not before:           Tue 07 Oct 2025 04:00:50 +0000
ROA not after:            Tue 01 Dec 2026 00:00:00 +0000
asID:                     396982
IP address blocks:        2401:fa00:8000::/34 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B5D92/357798B0402A11EEA7161872C4F9AE02/YRGAfoKKxPmEJpPThhGVLfA9ckc.crl
                          rsync://rpki.apnic.net/member_repository/A91B5D92/357798B0402A11EEA7161872C4F9AE02/YRGAfoKKxPmEJpPThhGVLfA9ckc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YRGAfoKKxPmEJpPThhGVLfA9ckc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 05:58:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 423 (0x1a7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B5D92, serialNumber=6111807E828AC4F9842693D38611952DF03D7247
        Validity
            Not Before: Oct  7 04:00:50 2025 GMT
            Not After : Dec  1 00:00:00 2026 GMT
        Subject: CN=68e49072-a879
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:0f:8b:9c:b2:53:83:fc:35:30:d4:4d:0d:00:
                    6f:b7:f8:d5:3e:a1:65:79:87:03:5f:7e:fc:df:59:
                    56:7c:27:a1:77:65:d1:68:13:a5:94:8e:d0:1c:b3:
                    25:17:1c:96:74:af:f4:02:fd:32:93:ba:48:79:02:
                    14:5e:9a:32:cc:8e:fa:34:39:94:a9:cb:aa:8b:12:
                    3e:b1:f7:53:2c:27:2e:a8:f4:f0:89:fc:3d:f0:aa:
                    00:56:44:ae:23:22:e2:a2:0f:54:1b:96:a0:c9:78:
                    e1:2c:66:d0:bf:6b:bb:5a:53:58:02:a2:bc:49:e9:
                    1a:6f:6a:2c:24:0f:f5:d2:1a:32:f5:a4:f0:84:94:
                    ba:64:ec:4e:ae:97:1b:96:d0:34:74:10:2f:b2:fb:
                    12:95:7b:3b:68:7a:86:1a:05:f5:29:15:36:20:82:
                    d7:50:fc:46:9f:76:49:ef:a7:73:58:47:dd:46:e0:
                    1f:9a:4c:59:d1:96:f7:d0:f3:d9:c5:1c:58:da:53:
                    07:3a:c1:63:28:49:ab:90:da:d2:0d:33:7d:40:9a:
                    43:29:e6:bc:af:5a:7c:d6:89:75:04:cc:78:38:15:
                    07:94:90:6f:d6:f0:6b:43:20:dd:4c:b1:3c:99:e3:
                    a3:f9:2a:9e:7e:fc:34:9f:01:1c:6b:e0:e5:84:da:
                    0b:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:AA:CF:36:CC:F7:18:63:6B:CB:92:D4:F1:15:0D:0F:FA:3D:7C:4C
            X509v3 Authority Key Identifier:
                keyid:61:11:80:7E:82:8A:C4:F9:84:26:93:D3:86:11:95:2D:F0:3D:72:47

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B5D92/357798B0402A11EEA7161872C4F9AE02/YRGAfoKKxPmEJpPThhGVLfA9ckc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YRGAfoKKxPmEJpPThhGVLfA9ckc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D92/357798B0402A11EEA7161872C4F9AE02/FBE34DB8538011EFB6264579C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:fa00:8000::/34

    Signature Algorithm: sha256WithRSAEncryption
         14:0d:cf:86:bc:3c:ca:18:25:86:fd:59:21:00:66:64:d6:cc:
         15:0f:f3:eb:21:14:36:ef:ba:70:4f:db:85:79:b6:dd:2a:e1:
         84:cb:f5:6d:65:a2:14:1a:70:8f:41:70:06:03:6a:b0:ab:7d:
         75:57:9b:5d:02:6a:ff:81:b0:35:a5:45:c1:40:52:aa:8d:bb:
         58:ab:8a:90:8c:be:a3:48:74:bc:24:bf:8d:d4:5c:53:38:01:
         83:63:76:e1:db:a4:b0:48:df:a4:6b:76:51:10:c5:0d:1d:8a:
         36:90:1a:c4:15:0a:04:d4:5f:d1:81:f3:3a:0f:cf:de:90:fb:
         f2:14:c5:8a:36:56:94:17:ce:53:c3:b6:ce:9c:70:97:d4:36:
         9c:e7:f9:72:2a:ed:d1:6c:d6:28:14:3c:80:1c:ae:84:85:99:
         65:c2:f0:ca:ec:89:ec:7c:f8:7c:69:c4:a9:03:62:fc:12:87:
         b3:7f:98:85:70:f7:e7:b5:92:81:16:db:48:1e:53:7a:58:6e:
         e6:1b:8b:31:c9:89:81:45:ac:00:94:77:49:9c:80:ef:ad:56:
         17:73:aa:b0:2a:ce:15:32:cf:9d:eb:c9:d2:ce:30:4c:1b:71:
         af:dc:77:c1:69:90:c2:52:cc:85:f9:e6:39:5b:28:11:48:14:
         96:d5:82:36
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgICAacwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEOTIxMTAvBgNVBAUTKDYxMTE4MDdFODI4QUM0Rjk4NDI2OTNEMzg2MTE5NTJE
RjAzRDcyNDcwHhcNMjUxMDA3MDQwMDUwWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGU0OTA3Mi1hODc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvA+LnLJTg/w1MNRNDQBvt/jVPqFleYcDX37831lWfCehd2XRaBOllI7QHLMl
FxyWdK/0Av0yk7pIeQIUXpoyzI76NDmUqcuqixI+sfdTLCcuqPTwifw98KoAVkSu
IyLiog9UG5agyXjhLGbQv2u7WlNYAqK8Sekab2osJA/10hoy9aTwhJS6ZOxOrpcb
ltA0dBAvsvsSlXs7aHqGGgX1KRU2IILXUPxGn3ZJ76dzWEfdRuAfmkxZ0Zb30PPZ
xRxY2lMHOsFjKEmrkNrSDTN9QJpDKea8r1p81ol1BMx4OBUHlJBv1vBrQyDdTLE8
meOj+Sqefvw0nwEca+DlhNoLvwIDAQABo4IClzCCApMwHQYDVR0OBBYEFGCqzzbM
9xhja8uS1PEVDQ/6PXxMMB8GA1UdIwQYMBaAFGERgH6CisT5hCaT04YRlS3wPXJH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ5Mi8zNTc3OThCMDQw
MkExMUVFQTcxNjE4NzJDNEY5QUUwMi9ZUkdBZm9LS3hQbUVKcFBUaGhHVkxmQTlj
a2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lSR0Fmb0tLeFBtRUpwUFRoaEdWTGZBOWNrYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEOTIvMzU3Nzk4QjA0MDJBMTFFRUE3MTYxODcyQzRGOUFFMDIvRkJFMzREQjg1
MzgwMTFFRkI2MjY0NTc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgYkAfoAgDANBgkqhkiG9w0BAQsFAAOCAQEAFA3Phrw8yhgl
hv1ZIQBmZNbMFQ/z6yEUNu+6cE/bhXm23SrhhMv1bWWiFBpwj0FwBgNqsKt9dVeb
XQJq/4GwNaVFwUBSqo27WKuKkIy+o0h0vCS/jdRcUzgBg2N24duksEjfpGt2URDF
DR2KNpAaxBUKBNRf0YHzOg/P3pD78hTFijZWlBfOU8O2zpxwl9Q2nOf5cirt0WzW
KBQ8gByuhIWZZcLwyuyJ7Hz4fGnEqQNi/BKHs3+YhXD357WSgRbbSB5Telhu5huL
McmJgUWsAJR3SZyA761WF3OqsCrOFTLPnevJ0s4wTBtxr9x3wWmQwlLMhfnmOVso
EUgUltWCNg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:10:19 2025 by rpki-client