Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/D29F544CFCD711EEB654B271C4F9AE02.roa
File:                     D29F544CFCD711EEB654B271C4F9AE02.roa (raw, json)
Hash identifier:          kMMi/8OmT0mR/VhcquuqdqDaCulBhHLbbmKSYFipaTY=
Subject key identifier:   6F:16:5B:C1:06:FB:72:54:E0:CA:E8:D3:4C:12:20:B5:74:CE:0B:91
Certificate issuer:       /CN=A9123F84/serialNumber=91C4976DEAD3DE8778E5C0DCFF2603971AC2D4DB
Certificate serial:       02B9
Authority key identifier: 91:C4:97:6D:EA:D3:DE:87:78:E5:C0:DC:FF:26:03:97:1A:C2:D4:DB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kcSXberT3od45cDc_yYDlxrC1Ns.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/D29F544CFCD711EEB654B271C4F9AE02.roa
Signing time:             Thu 25 Jun 2026 02:31:48 +0000
ROA not before:           Thu 25 Jun 2026 02:31:48 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     19198
IP address blocks:        203.55.215.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/kcSXberT3od45cDc_yYDlxrC1Ns.crl
                          rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/kcSXberT3od45cDc_yYDlxrC1Ns.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kcSXberT3od45cDc_yYDlxrC1Ns.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 12 Jul 2026 02:04:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 697 (0x2b9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9123F84, serialNumber=91C4976DEAD3DE8778E5C0DCFF2603971AC2D4DB
        Validity
            Not Before: Jun 25 02:31:48 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a3c9314-aacc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:e7:f1:bc:ef:41:42:04:28:eb:0e:21:9c:c6:
                    3f:8f:58:7b:72:3f:f2:f3:e0:8f:85:ab:3c:74:06:
                    bc:c5:6c:6f:27:58:0e:06:04:3f:ab:91:03:2c:88:
                    88:15:1d:f9:23:be:69:5e:fc:17:77:fb:8c:7d:5a:
                    5e:8a:89:b4:49:a6:67:aa:51:be:9a:23:d9:8a:b2:
                    4d:94:84:5d:f3:de:5c:e7:d0:8a:8c:b5:2b:c6:35:
                    19:30:cc:38:17:20:65:67:34:94:db:56:bf:da:f6:
                    3e:88:69:5f:f8:94:46:be:6c:8d:71:68:4a:2c:b3:
                    e7:51:f3:f5:a9:b3:a8:12:70:7d:e0:35:5e:6e:3b:
                    fb:04:a5:cd:1b:40:5b:84:ce:2e:0f:06:b2:95:f2:
                    db:0b:4d:02:b7:77:25:91:d2:1e:65:ed:d9:83:33:
                    29:34:54:93:b8:f9:a5:fc:4d:da:6b:a9:40:54:b1:
                    d2:06:54:78:12:9b:36:39:6c:f9:17:24:fb:dc:23:
                    8f:bb:46:8a:11:34:4e:3b:13:bd:cc:bc:48:4b:f6:
                    2f:3e:46:74:a1:00:bc:a4:76:9f:42:70:7e:d2:4e:
                    53:14:ca:b4:e0:ac:36:df:1f:c4:ec:b9:1f:3f:3b:
                    66:aa:b0:61:c8:52:fb:3f:ce:80:ae:50:5e:56:18:
                    ff:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:16:5B:C1:06:FB:72:54:E0:CA:E8:D3:4C:12:20:B5:74:CE:0B:91
            X509v3 Authority Key Identifier:
                keyid:91:C4:97:6D:EA:D3:DE:87:78:E5:C0:DC:FF:26:03:97:1A:C2:D4:DB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/kcSXberT3od45cDc_yYDlxrC1Ns.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kcSXberT3od45cDc_yYDlxrC1Ns.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123F84/F43A3F046F2F11EDA84A6933C4F9AE02/D29F544CFCD711EEB654B271C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.55.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:58:9b:51:bb:0c:b8:69:60:40:fe:d3:7b:da:2c:14:a4:05:
         98:4f:3e:2e:d8:e5:54:4b:59:bd:02:ed:f3:cc:6b:70:1e:a1:
         35:7f:1c:1a:5c:86:be:15:99:44:53:6b:22:98:f7:4d:87:1e:
         1b:8d:63:32:fa:15:f7:80:b4:71:bb:ed:e3:ec:89:4e:57:5e:
         b7:76:c2:7d:dc:3f:4d:c3:e2:a7:d3:67:4d:9f:b6:55:ae:35:
         48:93:4c:f8:42:ce:2d:07:41:51:63:01:9a:e2:f4:6d:17:bf:
         0e:21:31:97:75:09:34:e5:7e:e8:80:0a:52:cb:0d:18:b6:bf:
         90:b4:4d:29:97:29:3b:97:31:8d:d8:5e:2c:0b:9c:90:37:bd:
         05:37:23:3a:ac:b4:15:12:77:01:38:eb:00:0c:67:59:37:92:
         b4:07:84:c1:6b:0a:c4:f4:1e:1b:f0:11:e8:d7:c0:fb:fe:8a:
         41:5a:46:82:9b:30:90:bf:a4:68:f9:d3:ba:44:a2:16:43:2f:
         2b:cf:11:d1:ab:fa:a1:cd:80:97:d8:f4:5f:69:ec:10:61:85:
         0a:f0:ad:0b:a4:31:da:ae:23:de:99:41:7a:76:12:ae:51:56:
         2f:d8:71:09:63:6c:4e:a2:4d:36:23:6f:08:87:27:76:72:a4:
         9b:b8:bb:d3
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICArkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjNGODQxMTAvBgNVBAUTKDkxQzQ5NzZERUFEM0RFODc3OEU1QzBEQ0ZGMjYwMzk3
MUFDMkQ0REIwHhcNMjYwNjI1MDIzMTQ4WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTNjOTMxNC1hYWNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAi+fxvO9BQgQo6w4hnMY/j1h7cj/y8+CPhas8dAa8xWxvJ1gOBgQ/q5EDLIiI
FR35I75pXvwXd/uMfVpeiom0SaZnqlG+miPZirJNlIRd895c59CKjLUrxjUZMMw4
FyBlZzSU21a/2vY+iGlf+JRGvmyNcWhKLLPnUfP1qbOoEnB94DVebjv7BKXNG0Bb
hM4uDwaylfLbC00Ct3clkdIeZe3ZgzMpNFSTuPml/E3aa6lAVLHSBlR4Eps2OWz5
FyT73COPu0aKETROOxO9zLxIS/YvPkZ0oQC8pHafQnB+0k5TFMq04Kw23x/E7Lkf
PztmqrBhyFL7P86ArlBeVhj/zQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFG8WW8EG
+3JU4Mro00wSILV0zguRMB8GA1UdIwQYMBaAFJHEl23q096HeOXA3P8mA5cawtTb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0Y4NC9GNDNBM0YwNDZG
MkYxMUVEQTg0QTY5MzNDNEY5QUUwMi9rY1NYYmVyVDNvZDQ1Y0RjX3lZRGx4ckMx
TnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tjU1hiZXJUM29kNDVjRGNfeVlEbHhyQzFOcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjNGODQvRjQzQTNGMDQ2RjJGMTFFREE4NEE2OTMzQzRGOUFFMDIvRDI5RjU0NENG
Q0Q3MTFFRUI2NTRCMjcxQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAyzfXMA0GCSqGSIb3DQEBCwUAA4IBAQBgWJtRuwy4aWBA/tN72iwU
pAWYTz4u2OVUS1m9Au3zzGtwHqE1fxwaXIa+FZlEU2simPdNhx4bjWMy+hX3gLRx
u+3j7IlOV163dsJ93D9Nw+Kn02dNn7ZVrjVIk0z4Qs4tB0FRYwGa4vRtF78OITGX
dQk05X7ogApSyw0Ytr+QtE0plyk7lzGN2F4sC5yQN70FNyM6rLQVEncBOOsADGdZ
N5K0B4TBawrE9B4b8BHo18D7/opBWkaCmzCQv6Ro+dO6RKIWQy8rzxHRq/qhzYCX
2PRfaewQYYUK8K0LpDHariPemUF6dhKuUVYv2HEJY2xOok02I28Ihyd2cqSbuLvT
-----END CERTIFICATE-----
Generated at Mon Jul 6 21:09:04 2026 by rpki-client