Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/25DD10F26F3211EDA3DCF033C4F9AE02.roa
File:                     25DD10F26F3211EDA3DCF033C4F9AE02.roa (raw, json)
Hash identifier:          u1hB8U1hN6pEx2UctdSv1a5Px7i9y+3zW2IYksB+Ljo=
Subject key identifier:   24:BD:A7:6A:3C:C7:E8:B0:BB:A2:E4:23:D4:5D:61:47:B1:64:06:CC
Certificate issuer:       /CN=A9123F84/serialNumber=91C4976DEAD3DE8778E5C0DCFF2603971AC2D4DB
Certificate serial:       02BA
Authority key identifier: 91:C4:97:6D:EA:D3:DE:87:78:E5:C0:DC:FF:26:03:97:1A:C2:D4:DB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kcSXberT3od45cDc_yYDlxrC1Ns.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/25DD10F26F3211EDA3DCF033C4F9AE02.roa
Signing time:             Thu 25 Jun 2026 02:31:50 +0000
ROA not before:           Thu 25 Jun 2026 02:31:50 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     54092
IP address blocks:        203.55.215.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/kcSXberT3od45cDc_yYDlxrC1Ns.crl
                          rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/kcSXberT3od45cDc_yYDlxrC1Ns.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kcSXberT3od45cDc_yYDlxrC1Ns.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 12 Jul 2026 02:04:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 698 (0x2ba)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9123F84, serialNumber=91C4976DEAD3DE8778E5C0DCFF2603971AC2D4DB
        Validity
            Not Before: Jun 25 02:31:50 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a3c9316-92dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:0a:a8:82:ff:7f:df:09:3d:ed:e4:17:a1:3a:
                    cd:c9:2e:9c:7a:f0:93:3b:e4:5d:f0:c5:e1:32:ac:
                    24:d6:90:62:6e:0d:eb:f0:c2:0c:4a:19:2d:09:97:
                    67:53:40:a5:6c:c4:f7:4e:8c:1b:b1:c1:a0:85:8b:
                    7c:3e:68:49:8e:54:ea:5a:c2:af:a0:f2:83:9d:90:
                    4f:46:f8:60:68:96:7f:80:78:82:48:c5:bd:c1:da:
                    25:2d:27:3b:eb:20:4c:d9:47:90:09:bb:65:29:d1:
                    75:3d:f5:fc:0f:53:17:29:2c:4d:e0:2e:a4:1e:2c:
                    6a:fe:f8:21:ab:8f:ed:87:61:99:e0:21:c3:46:18:
                    c2:61:53:77:20:f6:15:09:2c:53:ba:fb:5a:4e:77:
                    4b:fc:f3:58:b4:df:22:e7:0b:13:8c:a2:b2:2c:bc:
                    fa:fc:9b:5a:a1:52:a1:6f:35:17:84:a4:a6:84:36:
                    a0:d8:a0:f8:66:d7:06:1e:a5:1e:74:6a:a8:b2:bf:
                    b7:c9:36:9a:ee:a3:60:6b:7a:1f:76:af:8b:d6:fd:
                    d6:83:53:9c:d1:62:08:4f:07:95:5d:a2:2e:ad:12:
                    33:8b:58:5d:44:cb:5e:f3:65:2b:b7:56:4e:d2:ce:
                    21:ae:59:be:f5:d6:b5:51:0b:19:cd:39:a6:2d:cf:
                    60:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:BD:A7:6A:3C:C7:E8:B0:BB:A2:E4:23:D4:5D:61:47:B1:64:06:CC
            X509v3 Authority Key Identifier:
                keyid:91:C4:97:6D:EA:D3:DE:87:78:E5:C0:DC:FF:26:03:97:1A:C2:D4:DB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/kcSXberT3od45cDc_yYDlxrC1Ns.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kcSXberT3od45cDc_yYDlxrC1Ns.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/25DD10F26F3211EDA3DCF033C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.55.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:3d:e0:22:c5:1c:74:d8:48:0e:e7:dc:fa:25:c2:11:d0:98:
         97:b7:00:37:1e:7b:77:8c:95:92:26:43:d2:25:5f:f8:e3:6d:
         7b:12:4e:66:5d:a6:45:55:74:07:58:9f:46:7f:d4:cd:f6:a0:
         01:82:b2:22:42:a4:f0:50:f8:0c:91:ae:1f:38:2d:b8:fa:64:
         9e:5c:73:6c:2a:5f:b5:ce:02:b1:3e:24:d6:0f:f5:d6:b5:f6:
         29:24:44:01:18:61:3f:bc:e5:6c:ea:a3:d5:77:db:40:eb:2d:
         e0:66:f5:16:9c:45:73:25:ef:49:bf:64:83:eb:0a:1e:54:ec:
         78:b9:79:02:2b:03:3f:9a:14:cf:75:9a:36:4b:ea:b7:cb:75:
         6e:77:3a:a7:7e:af:66:8a:68:4f:72:b4:3b:78:48:11:fd:b4:
         b3:3d:b8:eb:eb:3e:77:be:d8:d8:c6:0f:60:68:82:33:3c:89:
         77:44:a1:1d:38:27:59:bd:cc:b9:a9:46:87:dd:cf:9a:2c:30:
         29:31:10:0b:aa:ed:9a:e0:98:75:59:bd:75:6a:9e:c9:27:d0:
         b8:70:cd:d1:fc:48:4e:93:ad:27:34:52:3a:8e:82:96:18:a6:
         ff:4a:45:b4:3a:66:54:d2:35:df:a5:2e:aa:e2:5e:53:24:e2:
         aa:7f:e3:32
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICArowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjNGODQxMTAvBgNVBAUTKDkxQzQ5NzZERUFEM0RFODc3OEU1QzBEQ0ZGMjYwMzk3
MUFDMkQ0REIwHhcNMjYwNjI1MDIzMTUwWhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTNjOTMxNi05MmRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmQqogv9/3wk97eQXoTrNyS6cevCTO+Rd8MXhMqwk1pBibg3r8MIMShktCZdn
U0ClbMT3TowbscGghYt8PmhJjlTqWsKvoPKDnZBPRvhgaJZ/gHiCSMW9wdolLSc7
6yBM2UeQCbtlKdF1PfX8D1MXKSxN4C6kHixq/vghq4/th2GZ4CHDRhjCYVN3IPYV
CSxTuvtaTndL/PNYtN8i5wsTjKKyLLz6/JtaoVKhbzUXhKSmhDag2KD4ZtcGHqUe
dGqosr+3yTaa7qNga3ofdq+L1v3Wg1Oc0WIITweVXaIurRIzi1hdRMte82Urt1ZO
0s4hrlm+9da1UQsZzTmmLc9gLQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFCS9p2o8
x+iwu6LkI9RdYUexZAbMMB8GA1UdIwQYMBaAFJHEl23q096HeOXA3P8mA5cawtTb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0Y4NC9GNDNBM0YwNDZG
MkYxMUVEQTg0QTY5MzNDNEY5QUUwMi9rY1NYYmVyVDNvZDQ1Y0RjX3lZRGx4ckMx
TnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tjU1hiZXJUM29kNDVjRGNfeVlEbHhyQzFOcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjNGODQvRjQzQTNGMDQ2RjJGMTFFREE4NEE2OTMzQzRGOUFFMDIvMjVERDEwRjI2
RjMyMTFFREEzRENGMDMzQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAyzfXMA0GCSqGSIb3DQEBCwUAA4IBAQB3PeAixRx02EgO59z6JcIR
0JiXtwA3Hnt3jJWSJkPSJV/44217Ek5mXaZFVXQHWJ9Gf9TN9qABgrIiQqTwUPgM
ka4fOC24+mSeXHNsKl+1zgKxPiTWD/XWtfYpJEQBGGE/vOVs6qPVd9tA6y3gZvUW
nEVzJe9Jv2SD6woeVOx4uXkCKwM/mhTPdZo2S+q3y3Vudzqnfq9mimhPcrQ7eEgR
/bSzPbjr6z53vtjYxg9gaIIzPIl3RKEdOCdZvcy5qUaH3c+aLDApMRALqu2a4Jh1
Wb11ap7JJ9C4cM3R/EhOk60nNFI6joKWGKb/SkW0OmZU0jXfpS6q4l5TJOKqf+My
-----END CERTIFICATE-----
Generated at Mon Jul 6 20:09:01 2026 by rpki-client