Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4EF6/9380078E61D611EAB8D0155BC4F9AE02/377B6620506B11EBAD849641C4F9AE02.roa
File:                     377B6620506B11EBAD849641C4F9AE02.roa (raw, json)
Hash identifier:          lzUKRSmxvGEfweMuUaXbxsWlHdwgK7qhdoTfKi3EzzA=
Subject key identifier:   5A:9E:9E:A4:11:3D:D2:31:2C:4C:82:9C:C2:DA:F3:1C:9A:C7:05:31
Certificate issuer:       /CN=A91E4EF6/serialNumber=28CAEE8496569C573C3E5B1890C5A1B34CFC8E30
Certificate serial:       0723
Authority key identifier: 28:CA:EE:84:96:56:9C:57:3C:3E:5B:18:90:C5:A1:B3:4C:FC:8E:30
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KMruhJZWnFc8PlsYkMWhs0z8jjA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E4EF6/9380078E61D611EAB8D0155BC4F9AE02/377B6620506B11EBAD849641C4F9AE02.roa
Signing time:             Fri 12 Sep 2025 19:59:40 +0000
ROA not before:           Fri 12 Sep 2025 19:59:40 +0000
ROA not after:            Tue 01 Dec 2026 00:00:00 +0000
asID:                     133957
IP address blocks:        103.129.153.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E4EF6/9380078E61D611EAB8D0155BC4F9AE02/KMruhJZWnFc8PlsYkMWhs0z8jjA.crl
                          rsync://rpki.apnic.net/member_repository/A91E4EF6/9380078E61D611EAB8D0155BC4F9AE02/KMruhJZWnFc8PlsYkMWhs0z8jjA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KMruhJZWnFc8PlsYkMWhs0z8jjA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 20:26:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1827 (0x723)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E4EF6, serialNumber=28CAEE8496569C573C3E5B1890C5A1B34CFC8E30
        Validity
            Not Before: Sep 12 19:59:40 2025 GMT
            Not After : Dec  1 00:00:00 2026 GMT
        Subject: CN=68c47bab-cbc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:31:f2:a0:1d:da:f1:fc:80:9b:d7:fc:78:20:
                    50:ba:06:82:34:0b:30:6d:c5:58:92:42:52:9d:0d:
                    8e:9d:af:fc:3d:a6:1f:07:15:33:4e:6e:3d:3d:3d:
                    02:9e:f8:f9:43:b4:c1:11:4e:bc:03:fc:b5:06:39:
                    6f:ac:69:4a:a8:78:87:97:f0:09:2a:e0:60:b4:c8:
                    f6:a1:ca:c9:3b:6d:0d:cc:55:fe:9c:5a:34:aa:90:
                    34:8f:92:39:57:13:58:40:04:ef:88:16:ea:a1:d3:
                    5d:4c:09:90:fc:7a:40:31:36:82:fe:cf:71:73:d6:
                    d4:d7:76:33:97:25:a8:01:5a:ec:3e:d6:a5:67:3a:
                    a9:8c:e5:22:17:9f:6e:ed:5e:2f:84:d2:cc:0e:b1:
                    b3:8e:66:fa:f4:6f:44:6e:ea:dc:fc:b8:78:fa:9b:
                    1c:1d:dc:22:33:39:91:90:72:49:65:14:32:60:d8:
                    bc:57:67:c8:6e:30:8f:5a:db:22:f6:fd:16:9c:d7:
                    05:e9:33:0a:03:05:16:05:48:ba:1d:81:59:6f:a2:
                    b5:26:b6:0d:cf:a1:7a:f6:a1:a0:8e:6e:fb:6b:58:
                    98:67:28:4f:4c:4d:6d:44:7d:99:bb:c8:44:26:bb:
                    a1:36:23:8d:9c:05:51:62:08:72:70:b4:01:53:3e:
                    32:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:9E:9E:A4:11:3D:D2:31:2C:4C:82:9C:C2:DA:F3:1C:9A:C7:05:31
            X509v3 Authority Key Identifier:
                keyid:28:CA:EE:84:96:56:9C:57:3C:3E:5B:18:90:C5:A1:B3:4C:FC:8E:30

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E4EF6/9380078E61D611EAB8D0155BC4F9AE02/KMruhJZWnFc8PlsYkMWhs0z8jjA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KMruhJZWnFc8PlsYkMWhs0z8jjA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4EF6/9380078E61D611EAB8D0155BC4F9AE02/377B6620506B11EBAD849641C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.129.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:05:ff:0b:2e:ca:a3:fc:a5:08:a0:0f:0a:b1:07:81:a2:1b:
         c5:3f:5b:bd:67:2d:27:de:c3:8a:ca:4c:17:d2:9f:77:bb:de:
         cb:02:c2:9f:4b:58:7e:6c:e7:70:ef:a6:1e:7c:66:97:bc:2d:
         b0:a8:34:63:d7:12:e8:26:4d:9a:99:2e:55:7c:50:f6:c1:e2:
         f9:9e:d6:72:27:57:c1:61:9f:2e:04:71:3f:61:fe:69:59:37:
         b8:88:ac:20:8b:7e:59:ac:73:51:9d:be:1c:15:eb:6e:3f:f3:
         84:46:c3:ac:3a:9d:17:4f:8f:f3:fc:8b:3d:92:6f:1c:67:cf:
         cb:1e:99:3e:8d:dc:a2:5a:4d:a6:57:86:4b:e4:e6:56:bc:4c:
         15:db:38:a6:4f:a9:be:8a:80:9b:4a:bd:16:ca:8b:36:7e:32:
         5d:f8:4a:d6:7e:40:91:5b:f5:df:0f:cf:db:91:e6:29:80:93:
         b2:2a:98:4f:c5:f8:92:41:02:76:85:51:8f:3c:de:1a:37:96:
         70:ec:e3:d7:39:55:dd:34:1e:74:dd:d3:8a:e4:08:99:af:29:
         f0:61:b4:22:44:1c:03:56:23:9b:7e:75:bb:48:b7:37:4a:57:
         b7:a0:67:59:7d:00:93:3a:ab:9d:9d:fc:d3:d6:0e:12:d7:c7:
         70:45:5d:0f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICByMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRFRjYxMTAvBgNVBAUTKDI4Q0FFRTg0OTY1NjlDNTczQzNFNUIxODkwQzVBMUIz
NENGQzhFMzAwHhcNMjUwOTEyMTk1OTQwWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGM0N2JhYi1jYmM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2DHyoB3a8fyAm9f8eCBQugaCNAswbcVYkkJSnQ2Ona/8PaYfBxUzTm49PT0C
nvj5Q7TBEU68A/y1BjlvrGlKqHiHl/AJKuBgtMj2ocrJO20NzFX+nFo0qpA0j5I5
VxNYQATviBbqodNdTAmQ/HpAMTaC/s9xc9bU13YzlyWoAVrsPtalZzqpjOUiF59u
7V4vhNLMDrGzjmb69G9Eburc/Lh4+pscHdwiMzmRkHJJZRQyYNi8V2fIbjCPWtsi
9v0WnNcF6TMKAwUWBUi6HYFZb6K1JrYNz6F69qGgjm77a1iYZyhPTE1tRH2Zu8hE
JruhNiONnAVRYghycLQBUz4yYwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFqenqQR
PdIxLEyCnMLa8xyaxwUxMB8GA1UdIwQYMBaAFCjK7oSWVpxXPD5bGJDFobNM/I4w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEVGNi85MzgwMDc4RTYx
RDYxMUVBQjhEMDE1NUJDNEY5QUUwMi9LTXJ1aEpaV25GYzhQbHNZa01XaHMwejhq
akEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tNcnVoSlpXbkZjOFBsc1lrTVdoczB6OGpqQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRFRjYvOTM4MDA3OEU2MUQ2MTFFQUI4RDAxNTVCQzRGOUFFMDIvMzc3QjY2MjA1
MDZCMTFFQkFEODQ5NjQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABngZkwDQYJKoZIhvcNAQELBQADggEBAIcF/wsuyqP8pQig
DwqxB4GiG8U/W71nLSfew4rKTBfSn3e73ssCwp9LWH5s53Dvph58Zpe8LbCoNGPX
EugmTZqZLlV8UPbB4vme1nInV8Fhny4EcT9h/mlZN7iIrCCLflmsc1GdvhwV624/
84RGw6w6nRdPj/P8iz2Sbxxnz8semT6N3KJaTaZXhkvk5la8TBXbOKZPqb6KgJtK
vRbKizZ+Ml34StZ+QJFb9d8Pz9uR5imAk7IqmE/F+JJBAnaFUY883ho3lnDs49c5
Vd00HnTd04rkCJmvKfBhtCJEHANWI5t+dbtItzdKV7egZ1l9AJM6q52d/NPWDhLX
x3BFXQ8=
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:38:08 2025 by rpki-client