Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912929D/6E050EF6B13011EFAA0BB53AC4F9AE02/AC205A92B13011EFB45E6B3BC4F9AE02.roa
File:                     AC205A92B13011EFB45E6B3BC4F9AE02.roa (raw, json)
Hash identifier:          v5s1QxIIpULAPj0sszFm1uj5Kywffv0SxSN9l4noDFA=
Subject key identifier:   C3:E4:8B:2A:18:9C:11:AA:83:D5:6D:79:CD:C9:97:DF:6B:FD:F3:8F
Certificate issuer:       /CN=A912929D/serialNumber=35841AE33DF6931201406798AE64FCC087F5A1E5
Certificate serial:       0132
Authority key identifier: 35:84:1A:E3:3D:F6:93:12:01:40:67:98:AE:64:FC:C0:87:F5:A1:E5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NYQa4z32kxIBQGeYrmT8wIf1oeU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912929D/6E050EF6B13011EFAA0BB53AC4F9AE02/AC205A92B13011EFB45E6B3BC4F9AE02.roa
Signing time:             Wed 01 Jul 2026 07:32:39 +0000
ROA not before:           Wed 01 Jul 2026 07:32:39 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     152851
IP address blocks:        202.58.227.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A912929D/6E050EF6B13011EFAA0BB53AC4F9AE02/NYQa4z32kxIBQGeYrmT8wIf1oeU.crl
                          rsync://rpki.apnic.net/member_repository/A912929D/6E050EF6B13011EFAA0BB53AC4F9AE02/NYQa4z32kxIBQGeYrmT8wIf1oeU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NYQa4z32kxIBQGeYrmT8wIf1oeU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 12 Jul 2026 05:54:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 306 (0x132)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912929D, serialNumber=35841AE33DF6931201406798AE64FCC087F5A1E5
        Validity
            Not Before: Jul  1 07:32:39 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a44c297-e548
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:df:54:e8:29:a9:93:84:b1:d2:66:1b:2a:db:
                    60:76:94:86:b7:53:15:2c:ce:8c:79:fb:1c:9f:96:
                    a6:fd:d2:39:ae:24:c9:2a:59:02:fd:e5:3c:ba:74:
                    ac:95:65:8f:22:b8:6f:a1:a0:80:b9:30:f7:c5:b7:
                    ab:b1:32:3a:e4:9a:2b:eb:4b:f0:4f:cd:5e:d8:d5:
                    a6:2c:f7:6c:29:99:29:32:3a:6b:29:20:4c:26:80:
                    0d:d0:46:31:f0:0c:c3:c4:44:8e:c7:37:96:d2:e9:
                    5a:86:0c:5a:ae:c0:77:89:7a:87:b1:e0:34:a5:b9:
                    e2:c2:cd:b7:e8:ba:79:20:f9:61:f0:91:a5:ff:4e:
                    d6:5d:87:e5:de:8b:7d:c2:7f:85:77:81:dd:78:d9:
                    6f:88:74:f5:45:b7:97:c6:bb:0e:7b:1b:c2:3b:98:
                    93:91:fa:8b:c3:d7:aa:06:8c:8f:fb:70:60:3d:5e:
                    50:20:5c:04:12:d0:ea:6a:ae:0b:63:26:54:7b:fb:
                    c5:42:da:aa:d8:6d:58:df:54:a9:44:63:ea:47:06:
                    dd:a5:4b:ae:42:00:d5:26:92:53:56:9f:16:7d:8d:
                    8f:53:05:1a:06:6d:88:bb:5b:b3:c7:9a:70:18:ac:
                    c5:22:9d:fe:6a:d4:d8:24:09:69:e6:8c:18:c2:95:
                    c6:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:E4:8B:2A:18:9C:11:AA:83:D5:6D:79:CD:C9:97:DF:6B:FD:F3:8F
            X509v3 Authority Key Identifier:
                keyid:35:84:1A:E3:3D:F6:93:12:01:40:67:98:AE:64:FC:C0:87:F5:A1:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912929D/6E050EF6B13011EFAA0BB53AC4F9AE02/NYQa4z32kxIBQGeYrmT8wIf1oeU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NYQa4z32kxIBQGeYrmT8wIf1oeU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912929D/6E050EF6B13011EFAA0BB53AC4F9AE02/AC205A92B13011EFB45E6B3BC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.58.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:09:b6:dd:d0:35:5a:29:70:6a:92:69:53:e0:53:70:de:60:
         bb:71:02:c0:8e:9d:bc:29:7e:67:f9:8e:5a:6e:e0:0a:70:0e:
         a1:af:d0:20:c1:02:ee:e5:1e:75:ce:84:cd:04:f8:6c:85:06:
         74:35:c7:75:4d:b4:d2:88:5e:38:b0:15:a4:d3:90:3c:5e:f7:
         9f:c4:b5:87:0c:2d:c2:16:58:21:08:88:b4:cc:af:06:6b:07:
         24:d9:a3:94:9f:65:c0:c4:ef:bd:73:60:59:f8:07:fb:97:be:
         ac:ac:4d:68:e0:ba:da:f7:01:ef:76:53:16:2e:06:cc:e0:ff:
         0f:bd:2e:f6:fa:58:86:8b:12:5a:92:3f:ff:bf:f8:24:ce:06:
         16:2b:0e:80:7a:e2:19:87:e3:bb:d4:68:02:c6:a4:97:3e:5c:
         09:1d:b7:70:44:20:be:44:d8:5d:b6:8a:e9:d7:47:3e:0e:9e:
         ce:86:87:f0:b6:6f:95:4e:24:25:21:3a:a3:a9:2b:1a:0a:2b:
         cd:d6:a6:84:4b:45:4b:12:89:50:76:eb:5a:fb:70:82:f7:b6:
         e6:c7:50:f5:42:f8:b5:01:42:68:4b:d5:67:c7:8e:91:0c:c2:
         6d:1d:78:33:e5:ce:56:78:27:d9:d6:8d:c7:2d:fb:bb:3a:a0:
         e8:f5:57:11
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICATIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjkyOUQxMTAvBgNVBAUTKDM1ODQxQUUzM0RGNjkzMTIwMTQwNjc5OEFFNjRGQ0Mw
ODdGNUExRTUwHhcNMjYwNzAxMDczMjM5WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ0YzI5Ny1lNTQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsN9U6Cmpk4Sx0mYbKttgdpSGt1MVLM6Mefscn5am/dI5riTJKlkC/eU8unSs
lWWPIrhvoaCAuTD3xbersTI65Jor60vwT81e2NWmLPdsKZkpMjprKSBMJoAN0EYx
8AzDxESOxzeW0ulahgxarsB3iXqHseA0pbniws236Lp5IPlh8JGl/07WXYfl3ot9
wn+Fd4HdeNlviHT1RbeXxrsOexvCO5iTkfqLw9eqBoyP+3BgPV5QIFwEEtDqaq4L
YyZUe/vFQtqq2G1Y31SpRGPqRwbdpUuuQgDVJpJTVp8WfY2PUwUaBm2Iu1uzx5pw
GKzFIp3+atTYJAlp5owYwpXGRwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFMPkiyoY
nBGqg9Vtec3Jl99r/fOPMB8GA1UdIwQYMBaAFDWEGuM99pMSAUBnmK5k/MCH9aHl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOTI5RC82RTA1MEVGNkIx
MzAxMUVGQUEwQkI1M0FDNEY5QUUwMi9OWVFhNHozMmt4SUJRR2VZcm1UOHdJZjFv
ZVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05ZUWE0ejMya3hJQlFHZVlybVQ4d0lmMW9lVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjkyOUQvNkUwNTBFRjZCMTMwMTFFRkFBMEJCNTNBQzRGOUFFMDIvQUMyMDVBOTJC
MTMwMTFFRkI0NUU2QjNCQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAyjrjMA0GCSqGSIb3DQEBCwUAA4IBAQCJCbbd0DVaKXBqkmlT4FNw
3mC7cQLAjp28KX5n+Y5abuAKcA6hr9AgwQLu5R51zoTNBPhshQZ0Ncd1TbTSiF44
sBWk05A8XvefxLWHDC3CFlghCIi0zK8Gawck2aOUn2XAxO+9c2BZ+Af7l76srE1o
4Lra9wHvdlMWLgbM4P8PvS72+liGixJakj//v/gkzgYWKw6AeuIZh+O71GgCxqSX
PlwJHbdwRCC+RNhdtorp10c+Dp7Ohofwtm+VTiQlITqjqSsaCivN1qaES0VLEolQ
duta+3CC97bmx1D1Qvi1AUJoS9Vnx46RDMJtHXgz5c5WeCfZ1o3HLfu7OqDo9VcR
-----END CERTIFICATE-----
Generated at Sun Jul 5 09:25:33 2026 by rpki-client