Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/B6193EAEA9C511F09E184A44C4F9AE02.roa
File:                     B6193EAEA9C511F09E184A44C4F9AE02.roa (raw, json)
Hash identifier:          ICS/kSmPGxTeB3htB7GP0dydiPm6U9ECVjxjKP8r5ms=
Subject key identifier:   2B:F9:76:88:68:A6:CB:78:C9:C6:6D:26:B0:8E:D5:E2:44:E4:81:24
Certificate issuer:       /CN=A91E4845/serialNumber=01A412EF416C884F6F637F1BDA800EB6EF67B6D6
Certificate serial:       2275
Authority key identifier: 01:A4:12:EF:41:6C:88:4F:6F:63:7F:1B:DA:80:0E:B6:EF:67:B6:D6
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AaQS70FsiE9vY38b2oAOtu9nttY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/B6193EAEA9C511F09E184A44C4F9AE02.roa
Signing time:             Wed 15 Oct 2025 12:51:48 +0000
ROA not before:           Wed 15 Oct 2025 12:51:48 +0000
ROA not after:            Sat 31 Jan 2026 00:00:00 +0000
asID:                     834
IP address blocks:        180.210.222.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/AaQS70FsiE9vY38b2oAOtu9nttY.crl
                          rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/AaQS70FsiE9vY38b2oAOtu9nttY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AaQS70FsiE9vY38b2oAOtu9nttY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 16:08:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8821 (0x2275)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E4845, serialNumber=01A412EF416C884F6F637F1BDA800EB6EF67B6D6
        Validity
            Not Before: Oct 15 12:51:48 2025 GMT
            Not After : Jan 31 00:00:00 2026 GMT
        Subject: CN=68ef98e4-d4d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:0c:29:a7:b1:16:c7:b4:51:bf:37:9e:26:99:
                    97:f8:6e:bc:d2:f0:35:38:23:5b:69:66:79:97:7b:
                    a8:99:78:87:c0:2c:a7:34:59:92:ec:89:5b:6e:d9:
                    bb:94:eb:81:26:a4:a0:f8:27:d9:16:7c:56:dd:f1:
                    cd:7a:83:49:a5:f6:6f:8c:23:9f:87:ed:34:c6:d1:
                    d7:6c:cd:69:6b:28:2c:43:90:74:52:65:90:a7:11:
                    98:6a:88:83:b3:83:af:38:5b:a4:96:47:fe:d6:d0:
                    ca:7c:b1:71:d7:55:45:3c:d8:c6:93:e9:2c:5f:60:
                    8f:0c:72:e1:b4:74:c0:89:2d:a9:7d:5c:c5:6f:32:
                    09:f7:91:8c:9f:15:fc:f8:f2:2d:68:36:67:5e:b1:
                    99:ce:1d:b6:8c:0e:18:75:7b:f1:d3:20:c7:89:fb:
                    02:a2:04:d0:a1:30:b2:ad:68:9a:e0:08:31:87:6d:
                    b2:12:38:96:34:13:3f:72:45:0e:86:ab:96:ad:9d:
                    b3:64:18:58:d4:5b:65:d7:80:34:51:7f:ea:8c:d8:
                    b9:c5:cb:f6:4c:59:14:2e:a8:72:ee:29:38:6d:3e:
                    64:63:42:79:51:0d:c6:38:dd:70:ea:5f:e0:6a:db:
                    c2:79:ce:ed:73:46:f5:d2:c0:a9:65:9b:b4:9a:d3:
                    5b:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:F9:76:88:68:A6:CB:78:C9:C6:6D:26:B0:8E:D5:E2:44:E4:81:24
            X509v3 Authority Key Identifier:
                keyid:01:A4:12:EF:41:6C:88:4F:6F:63:7F:1B:DA:80:0E:B6:EF:67:B6:D6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/AaQS70FsiE9vY38b2oAOtu9nttY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AaQS70FsiE9vY38b2oAOtu9nttY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/B6193EAEA9C511F09E184A44C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  180.210.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:c4:a2:f8:14:a8:55:30:f5:b0:eb:5f:ff:e5:68:88:f7:b9:
         d4:38:4e:66:3f:48:ee:39:3b:70:2d:00:9b:6a:bd:29:2c:f3:
         4d:c1:f3:b6:a2:d3:f4:de:d3:67:31:7e:2f:44:1c:35:2b:34:
         b1:1e:85:57:ce:0c:cd:23:c6:34:e7:b9:b7:76:1e:cf:95:af:
         41:cb:35:bf:b0:55:63:cc:48:44:19:6e:d1:f1:0f:78:50:57:
         61:7e:a7:8e:88:7c:36:db:72:93:4e:cb:ac:d3:cb:e0:9d:b7:
         8a:ce:d1:7d:23:c9:0a:2a:25:f5:83:64:7f:20:ee:61:a5:8a:
         0b:b3:11:3e:d1:4a:7c:1f:56:a5:b0:6e:58:c6:79:6f:48:b7:
         5d:95:77:de:2e:9c:19:8e:37:16:38:be:93:7c:6c:80:c9:0f:
         86:8c:96:c3:42:39:02:e9:1d:a4:60:24:2c:60:78:75:fb:ec:
         0b:32:5f:78:06:35:a8:20:bb:6b:e9:c4:e6:0c:6a:76:bd:70:
         a6:f5:0a:a4:4e:fe:74:86:ec:1a:c7:3c:0e:43:ef:d1:16:13:
         77:e0:69:a5:0e:77:47:91:6a:ed:09:8a:15:73:f9:2e:d9:ef:
         3a:d8:2a:fd:a4:c0:c3:62:05:62:22:36:82:e5:11:5f:ab:00:
         90:74:7a:dd
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICInUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTQ4NDUxMTAvBgNVBAUTKDAxQTQxMkVGNDE2Qzg4NEY2RjYzN0YxQkRBODAwRUI2
RUY2N0I2RDYwHhcNMjUxMDE1MTI1MTQ4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGVmOThlNC1kNGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqQwpp7EWx7RRvzeeJpmX+G680vA1OCNbaWZ5l3uomXiHwCynNFmS7Ilbbtm7
lOuBJqSg+CfZFnxW3fHNeoNJpfZvjCOfh+00xtHXbM1paygsQ5B0UmWQpxGYaoiD
s4OvOFuklkf+1tDKfLFx11VFPNjGk+ksX2CPDHLhtHTAiS2pfVzFbzIJ95GMnxX8
+PItaDZnXrGZzh22jA4YdXvx0yDHifsCogTQoTCyrWia4Agxh22yEjiWNBM/ckUO
hquWrZ2zZBhY1Ftl14A0UX/qjNi5xcv2TFkULqhy7ik4bT5kY0J5UQ3GON1w6l/g
atvCec7tc0b10sCpZZu0mtNbUQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCv5doho
pst4ycZtJrCO1eJE5IEkMB8GA1UdIwQYMBaAFAGkEu9BbIhPb2N/G9qADrbvZ7bW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDg0NS80MDAxNTNCNkQy
RUIxMUU1QjREMTVBNEVDNEY5QUUwMi9BYVFTNzBGc2lFOXZZMzhiMm9BT3R1OW50
dFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FhUVM3MEZzaUU5dlkzOGIyb0FPdHU5bnR0WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTQ4NDUvNDAwMTUzQjZEMkVCMTFFNUI0RDE1QTRFQzRGOUFFMDIvQjYxOTNFQUVB
OUM1MTFGMDlFMTg0QTQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAC00t4wDQYJKoZIhvcNAQELBQADggEBAEbEovgUqFUw9bDr
X//laIj3udQ4TmY/SO45O3AtAJtqvSks803B87ai0/Te02cxfi9EHDUrNLEehVfO
DM0jxjTnubd2Hs+Vr0HLNb+wVWPMSEQZbtHxD3hQV2F+p46IfDbbcpNOy6zTy+Cd
t4rO0X0jyQoqJfWDZH8g7mGliguzET7RSnwfVqWwbljGeW9It12Vd94unBmONxY4
vpN8bIDJD4aMlsNCOQLpHaRgJCxgeHX77AsyX3gGNaggu2vpxOYMana9cKb1CqRO
/nSG7BrHPA5D79EWE3fgaaUOd0eRau0JihVz+S7Z7zrYKv2kwMNiBWIiNoLlEV+r
AJB0et0=
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:41:37 2025 by rpki-client