Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91169FB/20AD4834BF3711EAA3E3A36FC4F9AE02/99A80E166AD211F1892A90326B47A888.roa
File:                     99A80E166AD211F1892A90326B47A888.roa (raw, json)
Hash identifier:          U8Xv2GI61D8swh1fpd27sHFqyLEGO2FX3CjLCpWiajY=
Subject key identifier:   A4:56:54:12:67:59:28:5E:74:19:DF:17:75:3B:26:C6:59:36:11:AB
Certificate issuer:       /CN=A91169FB/serialNumber=A9F7B93E9524FC4F1681A892C47322155422B18E
Certificate serial:       0979
Authority key identifier: A9:F7:B9:3E:95:24:FC:4F:16:81:A8:92:C4:73:22:15:54:22:B1:8E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qfe5PpUk_E8WgaiSxHMiFVQisY4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91169FB/20AD4834BF3711EAA3E3A36FC4F9AE02/99A80E166AD211F1892A90326B47A888.roa
Signing time:             Thu 18 Jun 2026 05:00:18 +0000
ROA not before:           Thu 18 Jun 2026 05:00:18 +0000
ROA not after:            Fri 28 May 2027 00:00:00 +0000
asID:                     132827
IP address blocks:        123.253.164.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91169FB/20AD4834BF3711EAA3E3A36FC4F9AE02/qfe5PpUk_E8WgaiSxHMiFVQisY4.crl
                          rsync://rpki.apnic.net/member_repository/A91169FB/20AD4834BF3711EAA3E3A36FC4F9AE02/qfe5PpUk_E8WgaiSxHMiFVQisY4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qfe5PpUk_E8WgaiSxHMiFVQisY4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 11 Jul 2026 20:15:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2425 (0x979)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91169FB, serialNumber=A9F7B93E9524FC4F1681A892C47322155422B18E
        Validity
            Not Before: Jun 18 05:00:18 2026 GMT
            Not After : May 28 00:00:00 2027 GMT
        Subject: CN=6a337b62-623c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:5c:e2:1b:60:a2:14:15:ac:0e:e2:87:91:9d:
                    2e:e8:bf:c9:fb:03:f0:db:4f:b6:c2:cf:9c:15:ec:
                    25:94:f4:06:6e:98:df:05:25:d6:79:95:c3:d3:0f:
                    8f:bf:f1:96:ef:c1:6a:61:a2:67:c9:c6:dd:db:1a:
                    85:ae:8d:c2:65:05:ec:89:37:80:de:df:7b:57:0c:
                    9a:1d:df:29:89:98:86:e6:8d:4d:57:95:7d:1c:0a:
                    6d:52:33:26:7a:88:b1:98:aa:7b:a6:ef:67:de:ed:
                    4b:44:2c:c2:78:0c:fc:b8:b8:fe:67:88:ee:14:1f:
                    5e:ee:aa:f8:32:e5:88:49:a2:1f:51:61:7f:b8:5b:
                    de:bc:13:68:07:b5:13:5e:b7:61:7a:10:68:1c:d8:
                    5b:49:f4:42:be:da:94:0b:f8:58:1e:65:d6:88:7c:
                    84:d3:2f:04:52:5c:96:8f:29:98:6f:37:13:54:bf:
                    82:f8:1b:90:c0:db:76:45:0e:cd:73:94:40:81:c7:
                    12:85:84:1a:52:ba:35:5b:0a:e2:d1:d3:9d:a3:b8:
                    f0:ec:a1:92:4c:03:71:70:dd:24:63:af:c6:74:1a:
                    d3:48:ac:48:e4:a2:7c:a7:ee:06:a9:ae:8c:b1:01:
                    93:72:d8:f1:93:a9:98:91:05:d7:04:37:7e:36:60:
                    4d:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:56:54:12:67:59:28:5E:74:19:DF:17:75:3B:26:C6:59:36:11:AB
            X509v3 Authority Key Identifier:
                keyid:A9:F7:B9:3E:95:24:FC:4F:16:81:A8:92:C4:73:22:15:54:22:B1:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91169FB/20AD4834BF3711EAA3E3A36FC4F9AE02/qfe5PpUk_E8WgaiSxHMiFVQisY4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qfe5PpUk_E8WgaiSxHMiFVQisY4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91169FB/20AD4834BF3711EAA3E3A36FC4F9AE02/99A80E166AD211F1892A90326B47A888.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.253.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a7:87:7f:c2:46:9e:17:4d:c3:b3:5c:c1:e2:99:67:45:b1:e6:
         a7:30:55:aa:a7:3b:68:3f:be:de:12:ff:0f:3d:e5:d9:62:e5:
         45:fe:3c:c1:f3:cb:c7:0b:9a:47:d4:89:b4:69:da:43:3b:e4:
         cd:48:b5:da:77:38:ff:c1:fe:19:15:1c:d5:01:a1:94:2e:00:
         ab:32:75:29:1a:ae:59:b1:98:92:5c:45:cd:1f:bc:1c:5e:dc:
         d2:67:f0:b0:ba:8c:63:19:91:6a:ce:c8:fc:0a:04:b7:74:b0:
         7b:0c:cd:19:da:01:70:34:54:0b:50:54:ba:2c:c8:f0:da:41:
         6b:22:82:41:2d:d4:76:3d:c6:3a:80:51:85:77:cb:f9:1d:1f:
         7f:a9:6c:eb:42:cc:49:8b:3d:89:b9:fb:09:94:3b:43:f8:87:
         8f:e0:b9:5f:b4:39:14:86:2c:55:21:52:39:1e:3c:d4:9c:f2:
         77:04:16:44:b6:29:36:50:0b:15:3a:fb:c9:09:34:07:4a:24:
         13:a5:09:ea:43:52:91:75:11:38:c1:dd:b6:e4:17:75:00:b0:
         ff:d8:bd:c1:58:f2:b8:cc:b1:a2:43:3e:5e:f8:ba:de:43:96:
         c7:06:01:9d:88:57:a6:96:a1:08:66:b6:29:e9:4b:19:36:8b:
         89:a2:ab:21
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICCXkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTY5RkIxMTAvBgNVBAUTKEE5RjdCOTNFOTUyNEZDNEYxNjgxQTg5MkM0NzMyMjE1
NTQyMkIxOEUwHhcNMjYwNjE4MDUwMDE4WhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02YTMzN2I2Mi02MjNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2lziG2CiFBWsDuKHkZ0u6L/J+wPw20+2ws+cFewllPQGbpjfBSXWeZXD0w+P
v/GW78FqYaJnycbd2xqFro3CZQXsiTeA3t97VwyaHd8piZiG5o1NV5V9HAptUjMm
eoixmKp7pu9n3u1LRCzCeAz8uLj+Z4juFB9e7qr4MuWISaIfUWF/uFvevBNoB7UT
XrdhehBoHNhbSfRCvtqUC/hYHmXWiHyE0y8EUlyWjymYbzcTVL+C+BuQwNt2RQ7N
c5RAgccShYQaUro1Wwri0dOdo7jw7KGSTANxcN0kY6/GdBrTSKxI5KJ8p+4Gqa6M
sQGTctjxk6mYkQXXBDd+NmBNOQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFKRWVBJn
WShedBnfF3U7JsZZNhGrMB8GA1UdIwQYMBaAFKn3uT6VJPxPFoGoksRzIhVUIrGO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjlGQi8yMEFENDgzNEJG
MzcxMUVBQTNFM0EzNkZDNEY5QUUwMi9xZmU1UHBVa19FOFdnYWlTeEhNaUZWUWlz
WTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FmZTVQcFVrX0U4V2dhaVN4SE1pRlZRaXNZNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTY5RkIvMjBBRDQ4MzRCRjM3MTFFQUEzRTNBMzZGQzRGOUFFMDIvOTlBODBFMTY2
QUQyMTFGMTg5MkE5MDMyNkI0N0E4ODgucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCe/2kMA0GCSqGSIb3DQEBCwUAA4IBAQCnh3/CRp4XTcOzXMHimWdF
seanMFWqpztoP77eEv8PPeXZYuVF/jzB88vHC5pH1Im0adpDO+TNSLXadzj/wf4Z
FRzVAaGULgCrMnUpGq5ZsZiSXEXNH7wcXtzSZ/CwuoxjGZFqzsj8CgS3dLB7DM0Z
2gFwNFQLUFS6LMjw2kFrIoJBLdR2PcY6gFGFd8v5HR9/qWzrQsxJiz2JufsJlDtD
+IeP4LlftDkUhixVIVI5HjzUnPJ3BBZEtik2UAsVOvvJCTQHSiQTpQnqQ1KRdRE4
wd225Bd1ALD/2L3BWPK4zLGiQz5e+LreQ5bHBgGdiFemlqEIZrYp6UsZNouJoqsh
-----END CERTIFICATE-----
Generated at Sun Jul 5 10:20:43 2026 by rpki-client