Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9113BB0/9FFDAB76323A11F0BF9E1D36C4F9AE02/0B5EA7DA323B11F0A65FFB36C4F9AE02.roa
File:                     0B5EA7DA323B11F0A65FFB36C4F9AE02.roa (raw, json)
Hash identifier:          dQ05E6d0ZKkbsdzwglFucEgCK8PC9KMabloxf5330uY=
Subject key identifier:   C1:FE:99:D3:A3:0D:6A:3E:C0:74:8C:60:34:79:82:0A:41:B4:19:F8
Certificate issuer:       /CN=A9113BB0/serialNumber=45B18E209ECFDDA5CED78CF9D9810D611E6D4124
Certificate serial:       DC
Authority key identifier: 45:B1:8E:20:9E:CF:DD:A5:CE:D7:8C:F9:D9:81:0D:61:1E:6D:41:24
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RbGOIJ7P3aXO14z52YENYR5tQSQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9113BB0/9FFDAB76323A11F0BF9E1D36C4F9AE02/0B5EA7DA323B11F0A65FFB36C4F9AE02.roa
Signing time:             Tue 23 Jun 2026 07:36:42 +0000
ROA not before:           Tue 23 Jun 2026 07:36:42 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     29802
IP address blocks:        165.99.75.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9113BB0/9FFDAB76323A11F0BF9E1D36C4F9AE02/RbGOIJ7P3aXO14z52YENYR5tQSQ.crl
                          rsync://rpki.apnic.net/member_repository/A9113BB0/9FFDAB76323A11F0BF9E1D36C4F9AE02/RbGOIJ7P3aXO14z52YENYR5tQSQ.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RbGOIJ7P3aXO14z52YENYR5tQSQ.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 08 Jul 2026 08:22:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 220 (0xdc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9113BB0, serialNumber=45B18E209ECFDDA5CED78CF9D9810D611E6D4124
        Validity
            Not Before: Jun 23 07:36:42 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a3a378a-f673
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:cd:1b:9e:41:8a:d7:ad:10:a9:62:89:a2:39:
                    19:1f:61:53:ce:da:22:e1:d5:97:14:b1:ec:a0:ab:
                    53:e0:10:0e:ed:8e:62:6b:bd:35:5b:c3:33:72:52:
                    d8:5e:b2:20:5b:28:f0:2f:e7:44:51:ee:5d:06:28:
                    f6:ee:31:c6:81:ef:d0:f6:58:cd:06:b1:ca:a3:f6:
                    1d:a9:da:9b:fc:57:b7:05:21:59:64:74:2e:bf:d9:
                    c9:8e:72:b1:9d:8d:d6:03:68:1f:6b:8c:e4:bf:bf:
                    9b:e8:af:03:38:f9:bc:a0:25:da:cc:02:76:71:f6:
                    b7:2d:5b:f6:42:b0:e8:f2:47:e7:cc:04:63:97:58:
                    a5:1c:7e:d3:38:ba:86:f1:64:59:77:ba:d9:7d:b9:
                    fd:af:3b:f7:0c:52:ea:1c:67:bf:89:9c:f1:c3:6c:
                    39:4f:d8:b9:28:11:42:18:1b:e1:60:8d:20:75:74:
                    11:cd:e5:a4:94:0e:f7:45:c4:f0:3a:48:fd:c3:29:
                    59:fd:c1:dc:1e:6d:b9:52:0e:10:5f:d8:99:6b:da:
                    0a:08:e2:e2:31:33:4d:75:f3:1d:3c:d1:1b:1d:51:
                    9e:3e:f9:b0:63:5f:c1:32:6e:42:b0:89:93:ca:23:
                    09:d5:86:46:6d:d8:09:bd:83:8d:4c:b3:5e:87:e8:
                    8c:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:FE:99:D3:A3:0D:6A:3E:C0:74:8C:60:34:79:82:0A:41:B4:19:F8
            X509v3 Authority Key Identifier:
                keyid:45:B1:8E:20:9E:CF:DD:A5:CE:D7:8C:F9:D9:81:0D:61:1E:6D:41:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9113BB0/9FFDAB76323A11F0BF9E1D36C4F9AE02/RbGOIJ7P3aXO14z52YENYR5tQSQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RbGOIJ7P3aXO14z52YENYR5tQSQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9113BB0/9FFDAB76323A11F0BF9E1D36C4F9AE02/0B5EA7DA323B11F0A65FFB36C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.99.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:67:4b:7a:bf:a9:bd:d2:08:4d:13:2b:59:50:75:94:4c:3e:
         0c:bb:d2:ed:13:e1:a3:f1:1a:5c:a0:84:40:7c:d7:34:7d:14:
         0c:a2:62:04:31:bf:9a:c6:62:b5:fc:71:76:58:03:5b:6b:c5:
         a8:e1:32:fc:4e:78:e3:b3:c4:25:ef:39:0b:e8:7f:a0:91:50:
         93:b0:e0:54:6a:6d:85:b8:a0:fb:3f:13:29:3a:61:10:d4:d7:
         4a:bf:d5:b1:0d:b4:0c:86:b2:6a:8e:95:79:79:aa:63:89:28:
         4c:07:51:6d:13:50:61:01:ab:9e:70:bf:81:8e:14:1f:9d:a5:
         3c:8e:f8:0e:40:66:18:94:a0:16:3b:f2:73:67:eb:02:97:ff:
         2b:93:47:6a:3e:2b:a8:28:06:17:fd:b1:18:26:a1:1e:84:ad:
         b5:32:89:02:0d:01:75:83:78:9a:26:d7:f6:34:ab:53:d9:d3:
         e0:3d:3a:c5:7e:82:53:8d:66:6c:1e:c3:f3:37:f2:a3:03:f5:
         62:92:f7:37:cd:60:74:d4:d1:24:4a:cf:72:85:42:e4:03:0a:
         0a:f9:f0:5a:2b:ef:1e:22:34:00:54:06:32:54:db:cd:73:50:
         f1:b4:e0:28:89:9d:99:20:57:c9:c5:82:58:6e:43:96:22:39:
         16:f1:e5:ad
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICANwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTNCQjAxMTAvBgNVBAUTKDQ1QjE4RTIwOUVDRkREQTVDRUQ3OENGOUQ5ODEwRDYx
MUU2RDQxMjQwHhcNMjYwNjIzMDczNjQyWhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTNhMzc4YS1mNjczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu80bnkGK160QqWKJojkZH2FTztoi4dWXFLHsoKtT4BAO7Y5ia701W8MzclLY
XrIgWyjwL+dEUe5dBij27jHGge/Q9ljNBrHKo/Ydqdqb/Fe3BSFZZHQuv9nJjnKx
nY3WA2gfa4zkv7+b6K8DOPm8oCXazAJ2cfa3LVv2QrDo8kfnzARjl1ilHH7TOLqG
8WRZd7rZfbn9rzv3DFLqHGe/iZzxw2w5T9i5KBFCGBvhYI0gdXQRzeWklA73RcTw
Okj9wylZ/cHcHm25Ug4QX9iZa9oKCOLiMTNNdfMdPNEbHVGePvmwY1/BMm5CsImT
yiMJ1YZGbdgJvYONTLNeh+iM6QIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFMH+mdOj
DWo+wHSMYDR5ggpBtBn4MB8GA1UdIwQYMBaAFEWxjiCez92lzteM+dmBDWEebUEk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExM0JCMC85RkZEQUI3NjMy
M0ExMUYwQkY5RTFEMzZDNEY5QUUwMi9SYkdPSUo3UDNhWE8xNHo1MllFTllSNXRR
U1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1JiR09JSjdQM2FYTzE0ejUyWUVOWVI1dFFTUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTNCQjAvOUZGREFCNzYzMjNBMTFGMEJGOUUxRDM2QzRGOUFFMDIvMEI1RUE3REEz
MjNCMTFGMEE2NUZGQjM2QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQApWNLMA0GCSqGSIb3DQEBCwUAA4IBAQBNZ0t6v6m90ghNEytZUHWU
TD4Mu9LtE+Gj8RpcoIRAfNc0fRQMomIEMb+axmK1/HF2WANba8Wo4TL8Tnjjs8Ql
7zkL6H+gkVCTsOBUam2FuKD7PxMpOmEQ1NdKv9WxDbQMhrJqjpV5eapjiShMB1Ft
E1BhAauecL+BjhQfnaU8jvgOQGYYlKAWO/JzZ+sCl/8rk0dqPiuoKAYX/bEYJqEe
hK21MokCDQF1g3iaJtf2NKtT2dPgPTrFfoJTjWZsHsPzN/KjA/Vikvc3zWB01NEk
Ss9yhULkAwoK+fBaK+8eIjQAVAYyVNvNc1DxtOAoiZ2ZIFfJxYJYbkOWIjkW8eWt
-----END CERTIFICATE-----
Generated at Wed Jul 1 13:53:28 2026 by rpki-client