Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5D53/FC7D6086AC8311EF8214972BC4F9AE02/916E1DB8C1D611EFB61BE32DC4F9AE02.roa
File:                     916E1DB8C1D611EFB61BE32DC4F9AE02.roa (raw, json)
Hash identifier:          f2L7OBQuOuTd2LqrR7JU6rutnUdXM8FYIeFEOoAz1u8=
Subject key identifier:   47:2B:2A:59:26:03:BC:4C:AE:B1:C8:37:71:F6:7A:93:1C:22:16:31
Certificate issuer:       /CN=A91C5D53/serialNumber=8F74C1755F188708CCE3A67DEC285993648DF183
Certificate serial:       74
Authority key identifier: 8F:74:C1:75:5F:18:87:08:CC:E3:A6:7D:EC:28:59:93:64:8D:F1:83
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/j3TBdV8YhwjM46Z97ChZk2SN8YM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C5D53/FC7D6086AC8311EF8214972BC4F9AE02/916E1DB8C1D611EFB61BE32DC4F9AE02.roa
Signing time:             Thu 03 Jul 2025 07:11:42 +0000
ROA not before:           Thu 03 Jul 2025 07:11:42 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     140704
IP address blocks:        160.30.7.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C5D53/FC7D6086AC8311EF8214972BC4F9AE02/j3TBdV8YhwjM46Z97ChZk2SN8YM.crl
                          rsync://rpki.apnic.net/member_repository/A91C5D53/FC7D6086AC8311EF8214972BC4F9AE02/j3TBdV8YhwjM46Z97ChZk2SN8YM.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/j3TBdV8YhwjM46Z97ChZk2SN8YM.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 10 Jul 2025 03:15:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 116 (0x74)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C5D53, serialNumber=8F74C1755F188708CCE3A67DEC285993648DF183
        Validity
            Not Before: Jul  3 07:11:42 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=68662d2e-799d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:37:21:ef:58:49:8e:e4:7c:4a:2a:6e:fd:38:
                    4a:da:e1:0b:e0:94:bd:43:e6:82:29:18:22:3b:a0:
                    b3:23:ca:e6:85:65:27:3a:e6:d5:56:13:ab:fb:05:
                    94:75:2e:d2:51:c7:f1:9d:da:ba:56:63:50:f6:e8:
                    c3:bd:6e:15:50:d7:95:b6:d4:c0:05:96:4f:83:9c:
                    ef:69:06:8c:db:0d:f1:a9:61:79:10:d0:3f:29:fa:
                    b6:85:9b:a1:de:22:42:16:44:65:27:76:22:c8:b5:
                    2d:8e:67:9b:c3:be:2c:5d:f5:d2:df:9c:9a:56:90:
                    68:03:c8:a8:a4:2a:85:ff:70:2d:37:93:7f:3f:77:
                    c9:00:1a:11:33:84:5a:17:c0:65:eb:86:f9:15:22:
                    67:b8:0a:de:77:ba:c1:d0:5c:35:f9:75:54:8b:43:
                    a3:b8:13:15:48:4d:f5:1f:13:8a:d3:75:c1:d9:86:
                    5f:29:50:6e:35:c5:84:c6:b0:51:9e:a9:7a:b0:77:
                    2b:49:f9:f8:76:3e:88:4f:aa:3f:b1:a4:19:58:b6:
                    66:91:70:74:36:88:df:23:19:dc:e4:4a:68:5b:44:
                    4a:5f:9a:67:6a:75:48:04:02:d1:3e:5d:81:ee:ae:
                    58:86:ec:2f:ad:05:a2:be:1e:ef:a7:0a:61:1d:9f:
                    e1:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:2B:2A:59:26:03:BC:4C:AE:B1:C8:37:71:F6:7A:93:1C:22:16:31
            X509v3 Authority Key Identifier:
                keyid:8F:74:C1:75:5F:18:87:08:CC:E3:A6:7D:EC:28:59:93:64:8D:F1:83

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C5D53/FC7D6086AC8311EF8214972BC4F9AE02/j3TBdV8YhwjM46Z97ChZk2SN8YM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/j3TBdV8YhwjM46Z97ChZk2SN8YM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5D53/FC7D6086AC8311EF8214972BC4F9AE02/916E1DB8C1D611EFB61BE32DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.30.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:0c:4e:15:af:0f:dd:d7:92:b0:c3:ec:71:5d:83:58:b2:f5:
         e7:6d:a9:22:99:a1:23:da:09:eb:af:63:40:ec:23:c7:77:38:
         0f:52:64:ee:ca:a9:cd:1b:42:6e:9f:dc:11:78:6e:e8:1a:43:
         f9:78:10:1d:40:6e:da:f1:f6:32:e4:aa:85:f6:c2:30:a0:c4:
         11:e0:4f:18:70:47:4d:90:62:52:0f:32:68:9a:34:26:91:12:
         1d:42:a3:51:2a:f9:2b:38:a8:62:26:f7:e9:6f:f9:05:9d:fb:
         a4:b6:8b:a9:6d:a2:2c:f8:2f:f4:f4:c9:99:90:36:41:17:fc:
         1b:56:8d:ad:d5:14:17:d6:0b:63:e5:82:91:0a:ce:90:f8:87:
         ce:91:2b:5a:2c:11:d5:01:84:53:8e:3c:e3:60:64:4f:f7:c2:
         3f:71:3a:21:45:48:39:ef:82:9c:5a:36:bf:92:bc:95:22:8f:
         dc:8f:0d:af:78:01:59:1e:71:ea:a8:1f:59:36:d9:4f:4f:6e:
         0d:ff:86:ff:a8:2e:42:64:12:0d:e9:67:c1:ec:34:6c:4e:a7:
         25:63:bf:c1:9c:6a:53:b4:c2:a0:42:42:25:cb:fc:3b:eb:38:
         18:8b:17:f1:d2:fc:3e:3d:9a:96:08:75:19:92:1d:36:35:c9:
         0f:c6:87:2f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBdDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
NUQ1MzExMC8GA1UEBRMoOEY3NEMxNzU1RjE4ODcwOENDRTNBNjdERUMyODU5OTM2
NDhERjE4MzAeFw0yNTA3MDMwNzExNDJaFw0yNjA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4NjYyZDJlLTc5OWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFNyHvWEmO5HxKKm79OEra4QvglL1D5oIpGCI7oLMjyuaFZSc65tVWE6v7BZR1
LtJRx/Gd2rpWY1D26MO9bhVQ15W21MAFlk+DnO9pBozbDfGpYXkQ0D8p+raFm6He
IkIWRGUndiLItS2OZ5vDvixd9dLfnJpWkGgDyKikKoX/cC03k38/d8kAGhEzhFoX
wGXrhvkVIme4Ct53usHQXDX5dVSLQ6O4ExVITfUfE4rTdcHZhl8pUG41xYTGsFGe
qXqwdytJ+fh2PohPqj+xpBlYtmaRcHQ2iN8jGdzkSmhbREpfmmdqdUgEAtE+XYHu
rliG7C+tBaK+Hu+nCmEdn+H7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQURysqWSYD
vEyuscg3cfZ6kxwiFjEwHwYDVR0jBBgwFoAUj3TBdV8YhwjM46Z97ChZk2SN8YMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM1RDUzL0ZDN0Q2MDg2QUM4
MzExRUY4MjE0OTcyQkM0RjlBRTAyL2ozVEJkVjhZaHdqTTQ2Wjk3Q2haazJTTjhZ
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvajNUQmRWOFlod2pNNDZaOTdDaFprMlNOOFlNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NUQ1My9GQzdENjA4NkFDODMxMUVGODIxNDk3MkJDNEY5QUUwMi85MTZFMURCOEMx
RDYxMUVGQjYxQkUzMkRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKAeBzANBgkqhkiG9w0BAQsFAAOCAQEAEAxOFa8P3deSsMPs
cV2DWLL1522pIpmhI9oJ669jQOwjx3c4D1Jk7sqpzRtCbp/cEXhu6BpD+XgQHUBu
2vH2MuSqhfbCMKDEEeBPGHBHTZBiUg8yaJo0JpESHUKjUSr5KzioYib36W/5BZ37
pLaLqW2iLPgv9PTJmZA2QRf8G1aNrdUUF9YLY+WCkQrOkPiHzpErWiwR1QGEU448
42BkT/fCP3E6IUVIOe+CnFo2v5K8lSKP3I8Nr3gBWR5x6qgfWTbZT09uDf+G/6gu
QmQSDelnwew0bE6nJWO/wZxqU7TCoEJCJcv8O+s4GIsX8dL8Pj2algh1GZIdNjXJ
D8aHLw==
-----END CERTIFICATE-----
Generated at Fri Jul 4 08:23:51 2025 by rpki-client