Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91334F0/0D46CBE8340011EF94779540C4F9AE02/836F847C340011EFA88BE541C4F9AE02.roa
File:                     836F847C340011EFA88BE541C4F9AE02.roa (raw, json)
Hash identifier:          q/inWwagPqsJ9K+IB7d6o4TgPPjDhue6dL8dPifXSPs=
Subject key identifier:   A6:40:1F:57:A6:8F:D3:86:9B:AC:31:E8:36:C1:C5:D9:FE:5D:C6:A8
Certificate issuer:       /CN=A91334F0/serialNumber=1346F65D629FFF936B0FC4CF127509B682E8E3E4
Certificate serial:       0182
Authority key identifier: 13:46:F6:5D:62:9F:FF:93:6B:0F:C4:CF:12:75:09:B6:82:E8:E3:E4
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/E0b2XWKf_5NrD8TPEnUJtoLo4-Q.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91334F0/0D46CBE8340011EF94779540C4F9AE02/836F847C340011EFA88BE541C4F9AE02.roa
Signing time:             Mon 13 Jul 2026 05:31:39 +0000
ROA not before:           Mon 13 Jul 2026 05:31:38 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     152899
IP address blocks:        160.22.52.0/24 maxlen: 24
                          160.22.53.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91334F0/0D46CBE8340011EF94779540C4F9AE02/E0b2XWKf_5NrD8TPEnUJtoLo4-Q.crl
                          rsync://rpki.apnic.net/member_repository/A91334F0/0D46CBE8340011EF94779540C4F9AE02/E0b2XWKf_5NrD8TPEnUJtoLo4-Q.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/E0b2XWKf_5NrD8TPEnUJtoLo4-Q.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 05:35:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 386 (0x182)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91334F0, serialNumber=1346F65D629FFF936B0FC4CF127509B682E8E3E4
        Validity
            Not Before: Jul 13 05:31:38 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a54783a-ae7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:3c:05:7c:c8:a0:19:db:a5:21:d2:80:a5:a8:
                    ad:af:b1:92:7a:25:8d:58:25:fa:a9:90:42:fd:a8:
                    49:1b:c9:15:ce:fa:c0:64:dc:52:02:75:b0:d6:1e:
                    bd:d0:01:16:83:82:dd:2a:64:a3:e1:c0:2c:14:a8:
                    18:29:75:ec:cd:68:a3:06:e6:b1:aa:fd:4f:3b:77:
                    7e:6d:7a:33:e0:e0:5a:a9:14:32:c3:74:57:ce:50:
                    c6:08:25:ce:9b:c3:55:56:ed:02:9b:f4:4e:78:14:
                    29:7e:6e:af:10:b5:40:45:81:9a:f6:8f:00:c9:e2:
                    c3:71:44:6c:6f:f1:e3:d9:3e:47:ed:e7:85:1a:a5:
                    0b:53:c9:a6:e8:fb:4f:19:e3:4e:4a:1c:13:7b:5b:
                    fb:2e:c6:8c:fa:2f:e9:f3:7b:5e:08:90:b6:3b:db:
                    5e:36:b3:cf:97:5b:56:07:d3:04:39:40:2b:64:45:
                    18:a4:1d:7a:56:35:e0:55:42:42:a1:ba:6a:ef:2d:
                    1f:79:04:b8:89:2e:4c:0e:37:ee:38:5f:8e:45:58:
                    20:7a:2c:77:4e:c6:cb:ac:0a:a7:eb:cb:1d:5c:6c:
                    47:9b:59:9c:a0:ed:ab:c9:f0:7d:be:70:1b:08:85:
                    9b:c4:92:d0:92:ff:b6:80:65:97:87:4b:f9:03:eb:
                    53:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:40:1F:57:A6:8F:D3:86:9B:AC:31:E8:36:C1:C5:D9:FE:5D:C6:A8
            X509v3 Authority Key Identifier:
                keyid:13:46:F6:5D:62:9F:FF:93:6B:0F:C4:CF:12:75:09:B6:82:E8:E3:E4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91334F0/0D46CBE8340011EF94779540C4F9AE02/E0b2XWKf_5NrD8TPEnUJtoLo4-Q.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/E0b2XWKf_5NrD8TPEnUJtoLo4-Q.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91334F0/0D46CBE8340011EF94779540C4F9AE02/836F847C340011EFA88BE541C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.22.52.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3e:7a:b2:3d:30:f3:ab:1f:00:bf:56:a5:6a:c2:2f:b9:d8:97:
         de:dd:25:ec:26:38:38:91:2f:c3:30:73:14:6d:6f:db:63:b7:
         07:55:c4:ff:f2:e3:32:ca:bf:ba:07:db:d6:06:4e:2e:6e:0d:
         e1:a8:2f:37:6b:2e:8b:a8:97:00:dc:0a:a2:d7:b0:a8:98:7f:
         2a:e2:0e:c7:ed:bb:df:b1:d7:a3:0b:4c:6c:b3:33:cd:13:95:
         7e:47:43:52:60:ba:95:1e:48:4f:b4:07:1b:fd:f7:7e:82:26:
         eb:b0:e3:a8:35:9c:93:b0:d8:6d:f9:6a:4b:8b:b9:86:cc:3e:
         c4:a0:6f:01:d4:b5:44:f5:43:ff:3e:33:e9:69:41:e3:e1:a4:
         bb:ae:be:d6:9e:8f:5f:9b:e8:49:39:ce:af:6c:d7:d8:bf:96:
         58:c3:07:d9:13:04:60:ee:74:16:83:e6:90:f8:0b:e4:e3:35:
         08:a9:be:cf:7c:eb:2e:6c:5a:dc:3d:7a:f6:73:52:94:c2:4d:
         29:df:ae:c3:fb:3a:b5:59:ff:9a:cb:fa:9f:ea:0f:cd:ed:75:
         e2:7f:48:ae:d5:01:09:42:1a:3e:c5:be:0f:46:26:49:1f:07:
         58:2d:5d:d2:d2:46:13:c0:cf:c9:48:d8:8f:d5:63:7b:74:98:
         c5:2d:21:26
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICAYIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzM0RjAxMTAvBgNVBAUTKDEzNDZGNjVENjI5RkZGOTM2QjBGQzRDRjEyNzUwOUI2
ODJFOEUzRTQwHhcNMjYwNzEzMDUzMTM4WhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTU0NzgzYS1hZTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmDwFfMigGdulIdKApaitr7GSeiWNWCX6qZBC/ahJG8kVzvrAZNxSAnWw1h69
0AEWg4LdKmSj4cAsFKgYKXXszWijBuaxqv1PO3d+bXoz4OBaqRQyw3RXzlDGCCXO
m8NVVu0Cm/ROeBQpfm6vELVARYGa9o8AyeLDcURsb/Hj2T5H7eeFGqULU8mm6PtP
GeNOShwTe1v7LsaM+i/p83teCJC2O9teNrPPl1tWB9MEOUArZEUYpB16VjXgVUJC
obpq7y0feQS4iS5MDjfuOF+ORVggeix3TsbLrAqn68sdXGxHm1mcoO2ryfB9vnAb
CIWbxJLQkv+2gGWXh0v5A+tTrQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFKZAH1em
j9OGm6wx6DbBxdn+XcaoMB8GA1UdIwQYMBaAFBNG9l1in/+Taw/EzxJ1CbaC6OPk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMzRGMC8wRDQ2Q0JFODM0
MDAxMUVGOTQ3Nzk1NDBDNEY5QUUwMi9FMGIyWFdLZl81TnJEOFRQRW5VSnRvTG80
LVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0UwYjJYV0tmXzVOckQ4VFBFblVKdG9MbzQtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzM0RjAvMEQ0NkNCRTgzNDAwMTFFRjk0Nzc5NTQwQzRGOUFFMDIvODM2Rjg0N0Mz
NDAwMTFFRkE4OEJFNTQxQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBoBY0MA0GCSqGSIb3DQEBCwUAA4IBAQA+erI9MPOrHwC/VqVqwi+5
2Jfe3SXsJjg4kS/DMHMUbW/bY7cHVcT/8uMyyr+6B9vWBk4ubg3hqC83ay6LqJcA
3Aqi17ComH8q4g7H7bvfsdejC0xsszPNE5V+R0NSYLqVHkhPtAcb/fd+gibrsOOo
NZyTsNht+WpLi7mGzD7EoG8B1LVE9UP/PjPpaUHj4aS7rr7Wno9fm+hJOc6vbNfY
v5ZYwwfZEwRg7nQWg+aQ+Avk4zUIqb7PfOsubFrcPXr2c1KUwk0p367D+zq1Wf+a
y/qf6g/N7XXif0iu1QEJQho+xb4PRiZJHwdYLV3S0kYTwM/JSNiP1WN7dJjFLSEm
-----END CERTIFICATE-----
Generated at Sat Jul 18 04:32:31 2026 by rpki-client