Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/24FDC2446F3211EDA3DCF033C4F9AE02.roa
File:                     24FDC2446F3211EDA3DCF033C4F9AE02.roa (raw, json)
Hash identifier:          cjwShy2R/IX4SYp59PfaHcQX7DFi++AhauYtmORNm1w=
Subject key identifier:   1C:4B:7C:9A:EB:E6:47:28:4E:1A:66:90:C9:5B:D7:45:6C:20:EA:D3
Certificate issuer:       /CN=A9123F84/serialNumber=91C4976DEAD3DE8778E5C0DCFF2603971AC2D4DB
Certificate serial:       02B8
Authority key identifier: 91:C4:97:6D:EA:D3:DE:87:78:E5:C0:DC:FF:26:03:97:1A:C2:D4:DB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kcSXberT3od45cDc_yYDlxrC1Ns.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/24FDC2446F3211EDA3DCF033C4F9AE02.roa
Signing time:             Thu 25 Jun 2026 02:31:46 +0000
ROA not before:           Thu 25 Jun 2026 02:31:46 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     16509
IP address blocks:        203.55.215.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/kcSXberT3od45cDc_yYDlxrC1Ns.crl
                          rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/kcSXberT3od45cDc_yYDlxrC1Ns.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kcSXberT3od45cDc_yYDlxrC1Ns.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 12 Jul 2026 02:04:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 696 (0x2b8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9123F84, serialNumber=91C4976DEAD3DE8778E5C0DCFF2603971AC2D4DB
        Validity
            Not Before: Jun 25 02:31:46 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a3c9312-9a3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:7a:ac:eb:b4:31:a5:5d:a5:0f:c0:d8:80:55:
                    bf:20:9c:07:dc:33:e4:ec:70:6c:30:5d:3a:5d:ec:
                    93:9b:fe:6f:54:fd:63:83:6a:f5:cc:78:3f:e0:dc:
                    e3:a3:2b:37:94:32:57:e5:d9:86:c1:a4:0b:73:99:
                    47:8a:29:51:94:65:db:d9:9d:23:fd:41:00:22:f8:
                    ca:75:c4:e9:de:f6:96:9a:56:db:92:a5:bf:83:10:
                    69:f9:49:c7:75:a5:c1:b4:25:18:9d:0a:a3:c5:2c:
                    bc:21:10:66:d4:04:1e:63:ae:06:10:f4:a3:43:a4:
                    87:56:ae:2d:a3:bf:dd:8f:73:8a:85:ab:d9:19:db:
                    fa:19:b1:b8:3a:c1:02:e6:f4:1a:53:03:ab:74:b9:
                    75:41:c1:e5:ad:0b:0d:bb:1f:9b:fe:93:ec:54:89:
                    a4:55:23:b1:e6:a6:e6:fe:76:b9:36:81:99:e1:8d:
                    7c:00:a2:03:4c:13:9e:38:10:c0:90:92:1a:39:89:
                    b5:39:08:af:1a:7d:2f:b0:63:76:61:3a:7c:76:94:
                    72:f9:fa:1a:2d:5f:84:8c:46:49:0e:e3:68:02:6e:
                    ca:2e:9a:e5:42:13:93:aa:92:cb:75:ee:78:33:01:
                    f0:0c:93:a8:f5:07:80:98:9d:2c:44:a1:34:eb:f9:
                    f2:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:4B:7C:9A:EB:E6:47:28:4E:1A:66:90:C9:5B:D7:45:6C:20:EA:D3
            X509v3 Authority Key Identifier:
                keyid:91:C4:97:6D:EA:D3:DE:87:78:E5:C0:DC:FF:26:03:97:1A:C2:D4:DB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/kcSXberT3od45cDc_yYDlxrC1Ns.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kcSXberT3od45cDc_yYDlxrC1Ns.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/24FDC2446F3211EDA3DCF033C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.55.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:34:a5:36:1a:d9:c4:ac:1d:b7:49:81:82:13:0e:65:a6:cd:
         82:4e:f8:bd:67:f2:01:db:3c:5b:cc:9a:46:18:bd:0f:c6:d7:
         8c:89:11:fc:a4:f5:ec:a3:bf:c2:f0:25:b6:4b:60:95:fd:de:
         e0:67:06:ab:cd:e2:c4:3b:56:6d:03:d0:18:4f:0a:44:d1:c5:
         1a:a4:25:95:2c:82:ea:51:3c:c7:de:da:b5:30:35:e2:3c:f0:
         51:c4:9e:a9:c4:29:18:b8:fe:06:b6:bb:79:94:89:31:89:f0:
         71:84:8a:10:fb:61:06:fe:f0:11:b5:b0:e4:be:4e:04:05:e8:
         bb:7a:0c:ad:e2:d1:db:5e:a1:a0:73:aa:f6:81:36:09:23:bd:
         5d:f1:b0:da:1d:68:b3:bb:e7:2e:16:16:e5:66:4a:f2:34:04:
         e2:6b:4d:98:cc:c9:c1:12:6a:79:ec:6a:6d:19:4c:08:0e:ed:
         72:3f:61:6c:20:4a:f2:73:d9:d6:a5:ee:04:2d:f8:6e:ff:42:
         c2:1c:6e:60:c6:8a:a5:26:8d:49:2d:b3:a9:0c:db:e0:90:d2:
         89:91:8c:0e:fc:7a:37:79:12:42:f2:3d:18:fc:6b:89:74:8c:
         b4:dc:35:24:b3:b1:65:33:4f:ba:f0:63:75:a5:ff:f6:9b:da:
         0e:56:24:ca
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICArgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjNGODQxMTAvBgNVBAUTKDkxQzQ5NzZERUFEM0RFODc3OEU1QzBEQ0ZGMjYwMzk3
MUFDMkQ0REIwHhcNMjYwNjI1MDIzMTQ2WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTNjOTMxMi05YTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq3qs67QxpV2lD8DYgFW/IJwH3DPk7HBsMF06XeyTm/5vVP1jg2r1zHg/4Nzj
oys3lDJX5dmGwaQLc5lHiilRlGXb2Z0j/UEAIvjKdcTp3vaWmlbbkqW/gxBp+UnH
daXBtCUYnQqjxSy8IRBm1AQeY64GEPSjQ6SHVq4to7/dj3OKhavZGdv6GbG4OsEC
5vQaUwOrdLl1QcHlrQsNux+b/pPsVImkVSOx5qbm/na5NoGZ4Y18AKIDTBOeOBDA
kJIaOYm1OQivGn0vsGN2YTp8dpRy+foaLV+EjEZJDuNoAm7KLprlQhOTqpLLde54
MwHwDJOo9QeAmJ0sRKE06/nyKwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFBxLfJrr
5kcoThpmkMlb10VsIOrTMB8GA1UdIwQYMBaAFJHEl23q096HeOXA3P8mA5cawtTb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0Y4NC9GNDNBM0YwNDZG
MkYxMUVEQTg0QTY5MzNDNEY5QUUwMi9rY1NYYmVyVDNvZDQ1Y0RjX3lZRGx4ckMx
TnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tjU1hiZXJUM29kNDVjRGNfeVlEbHhyQzFOcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjNGODQvRjQzQTNGMDQ2RjJGMTFFREE4NEE2OTMzQzRGOUFFMDIvMjRGREMyNDQ2
RjMyMTFFREEzRENGMDMzQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAyzfXMA0GCSqGSIb3DQEBCwUAA4IBAQAFNKU2GtnErB23SYGCEw5l
ps2CTvi9Z/IB2zxbzJpGGL0PxteMiRH8pPXso7/C8CW2S2CV/d7gZwarzeLEO1Zt
A9AYTwpE0cUapCWVLILqUTzH3tq1MDXiPPBRxJ6pxCkYuP4Gtrt5lIkxifBxhIoQ
+2EG/vARtbDkvk4EBei7egyt4tHbXqGgc6r2gTYJI71d8bDaHWizu+cuFhblZkry
NATia02YzMnBEmp57GptGUwIDu1yP2FsIEryc9nWpe4ELfhu/0LCHG5gxoqlJo1J
LbOpDNvgkNKJkYwO/Ho3eRJC8j0Y/GuJdIy03DUks7FlM0+68GN1pf/2m9oOViTK
-----END CERTIFICATE-----
Generated at Mon Jul 6 20:09:05 2026 by rpki-client