Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EFCFF/18ACE3F6821F11EFA1DB4C75C4F9AE02/F042F19A911311EF9A1A7F54C4F9AE02.roa
File:                     F042F19A911311EF9A1A7F54C4F9AE02.roa (raw, json)
Hash identifier:          CzzyWpV/kbPRrBt4wcSz4e9q0X8Oic3AxKbWsSi5+TY=
Subject key identifier:   28:87:60:DB:55:9B:85:37:E1:86:ED:F3:F0:FA:46:42:D3:D6:4C:53
Certificate issuer:       /CN=A91EFCFF/serialNumber=EBFBD4CB9B58AC082D3F382987A597A58C96BA91
Certificate serial:       B2
Authority key identifier: EB:FB:D4:CB:9B:58:AC:08:2D:3F:38:29:87:A5:97:A5:8C:96:BA:91
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6_vUy5tYrAgtPzgph6WXpYyWupE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EFCFF/18ACE3F6821F11EFA1DB4C75C4F9AE02/F042F19A911311EF9A1A7F54C4F9AE02.roa
Signing time:             Mon 01 Sep 2025 06:25:32 +0000
ROA not before:           Mon 01 Sep 2025 06:25:32 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     142165
IP address blocks:        2401:bfe0::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EFCFF/18ACE3F6821F11EFA1DB4C75C4F9AE02/6_vUy5tYrAgtPzgph6WXpYyWupE.crl
                          rsync://rpki.apnic.net/member_repository/A91EFCFF/18ACE3F6821F11EFA1DB4C75C4F9AE02/6_vUy5tYrAgtPzgph6WXpYyWupE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6_vUy5tYrAgtPzgph6WXpYyWupE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 08:55:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 178 (0xb2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EFCFF, serialNumber=EBFBD4CB9B58AC082D3F382987A597A58C96BA91
        Validity
            Not Before: Sep  1 06:25:32 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=68b53c5c-a5a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:87:29:ac:ff:9a:25:ea:1b:ea:ee:c5:c2:19:
                    bf:04:5b:1f:b7:d1:5c:f6:71:a5:30:1c:17:42:ec:
                    68:a6:41:89:1d:2c:52:53:51:56:bb:43:66:83:c6:
                    65:9b:86:1f:79:e4:37:5c:2e:05:48:69:a3:95:47:
                    db:15:a0:ca:93:e2:b1:86:33:a2:0f:f6:13:e2:71:
                    ae:b1:14:fd:e1:58:74:0f:d7:75:6a:55:a0:83:1b:
                    81:43:09:43:cd:a1:7a:32:69:8c:16:12:3f:20:67:
                    27:00:55:25:da:a1:d6:63:4f:3a:e6:66:ce:75:50:
                    f3:0a:64:e5:0d:17:8f:b5:e1:cf:de:69:c8:d3:cd:
                    d2:11:5e:c2:e3:c5:f5:5d:e4:de:2c:7e:0e:f2:00:
                    a1:c7:66:84:d6:f4:dd:e2:2e:76:f0:8c:f3:44:5b:
                    be:00:c2:7b:81:f4:dc:6a:50:64:00:d7:35:e2:12:
                    91:a0:2a:1e:41:79:3d:33:d4:08:99:c1:e7:c8:1e:
                    43:08:46:d9:b8:43:32:77:52:12:44:7f:91:86:0c:
                    87:de:c5:ab:78:01:13:46:b0:e7:46:9f:49:04:cd:
                    c6:e1:ee:3e:a9:66:32:b5:bf:f5:84:42:fe:1f:f4:
                    c1:c6:f7:68:59:2b:2e:7f:e8:77:ab:3f:f1:26:19:
                    54:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:87:60:DB:55:9B:85:37:E1:86:ED:F3:F0:FA:46:42:D3:D6:4C:53
            X509v3 Authority Key Identifier:
                keyid:EB:FB:D4:CB:9B:58:AC:08:2D:3F:38:29:87:A5:97:A5:8C:96:BA:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EFCFF/18ACE3F6821F11EFA1DB4C75C4F9AE02/6_vUy5tYrAgtPzgph6WXpYyWupE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6_vUy5tYrAgtPzgph6WXpYyWupE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EFCFF/18ACE3F6821F11EFA1DB4C75C4F9AE02/F042F19A911311EF9A1A7F54C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:bfe0::/32

    Signature Algorithm: sha256WithRSAEncryption
         d2:f4:87:7d:3a:84:b1:77:d5:d8:f6:94:60:46:cf:b7:49:2c:
         1b:7c:dd:7e:c8:11:c5:93:7f:14:7f:0f:e0:64:52:eb:8c:98:
         db:2b:45:5d:60:9e:20:82:02:85:0b:df:8d:21:09:81:be:bb:
         f2:32:b8:75:0d:4d:06:73:23:55:db:ea:a9:80:13:4f:e8:e8:
         97:8e:e9:3d:f6:42:e3:1c:5f:da:5a:a9:04:86:cf:45:fb:0a:
         3d:82:3a:48:8d:85:87:94:d1:f3:60:cb:34:f6:1e:bd:5d:03:
         10:ca:76:ab:51:56:6e:f2:b0:14:14:7f:f3:7d:a2:86:27:30:
         38:bb:3d:23:93:71:f8:bf:e4:79:8b:d8:76:a0:2b:6d:b2:95:
         a1:36:2a:b2:20:68:b4:6b:04:8c:4a:e0:13:41:82:cd:c7:dd:
         5d:95:cc:aa:fd:7f:88:2d:9f:95:e6:7a:f2:7d:b6:d0:45:de:
         e0:df:cd:0b:48:c8:fb:fb:f2:7a:3a:9f:bb:28:71:dc:07:44:
         e0:f1:f9:df:9c:f7:0e:27:a7:87:f5:b0:86:69:97:a9:d3:8d:
         ff:84:25:ae:d6:57:d9:1e:e2:01:ab:94:2e:0c:37:43:49:f3:
         40:98:db:dd:78:d3:93:2a:ab:a7:f9:a3:d5:84:47:60:9f:39:
         c3:b2:a8:63
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICALIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUZDRkYxMTAvBgNVBAUTKEVCRkJENENCOUI1OEFDMDgyRDNGMzgyOTg3QTU5N0E1
OEM5NkJBOTEwHhcNMjUwOTAxMDYyNTMyWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGI1M2M1Yy1hNWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuocprP+aJeob6u7Fwhm/BFsft9Fc9nGlMBwXQuxopkGJHSxSU1FWu0Nmg8Zl
m4YfeeQ3XC4FSGmjlUfbFaDKk+KxhjOiD/YT4nGusRT94Vh0D9d1alWggxuBQwlD
zaF6MmmMFhI/IGcnAFUl2qHWY0865mbOdVDzCmTlDRePteHP3mnI083SEV7C48X1
XeTeLH4O8gChx2aE1vTd4i528IzzRFu+AMJ7gfTcalBkANc14hKRoCoeQXk9M9QI
mcHnyB5DCEbZuEMyd1ISRH+RhgyH3sWreAETRrDnRp9JBM3G4e4+qWYytb/1hEL+
H/TBxvdoWSsuf+h3qz/xJhlUGwIDAQABo4ICljCCApIwHQYDVR0OBBYEFCiHYNtV
m4U34Ybt8/D6RkLT1kxTMB8GA1UdIwQYMBaAFOv71MubWKwILT84KYell6WMlrqR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRkNGRi8xOEFDRTNGNjgy
MUYxMUVGQTFEQjRDNzVDNEY5QUUwMi82X3ZVeTV0WXJBZ3RQemdwaDZXWHBZeVd1
cEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZfdlV5NXRZckFndFB6Z3BoNldYcFl5V3VwRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUZDRkYvMThBQ0UzRjY4MjFGMTFFRkExREI0Qzc1QzRGOUFFMDIvRjA0MkYxOUE5
MTEzMTFFRjlBMUE3RjU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAb/gMA0GCSqGSIb3DQEBCwUAA4IBAQDS9Id9OoSxd9XY
9pRgRs+3SSwbfN1+yBHFk38Ufw/gZFLrjJjbK0VdYJ4gggKFC9+NIQmBvrvyMrh1
DU0GcyNV2+qpgBNP6OiXjuk99kLjHF/aWqkEhs9F+wo9gjpIjYWHlNHzYMs09h69
XQMQynarUVZu8rAUFH/zfaKGJzA4uz0jk3H4v+R5i9h2oCttspWhNiqyIGi0awSM
SuATQYLNx91dlcyq/X+ILZ+V5nryfbbQRd7g380LSMj7+/J6Op+7KHHcB0Tg8fnf
nPcOJ6eH9bCGaZep043/hCWu1lfZHuIBq5QuDDdDSfNAmNvdeNOTKqun+aPVhEdg
nznDsqhj
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:41:05 2025 by rpki-client