Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913C07A/F142614ABE6711EEB33C6D6EC4F9AE02/A1456A4CBE6811EEBFF35870C4F9AE02.roa
File:                     A1456A4CBE6811EEBFF35870C4F9AE02.roa (raw, json)
Hash identifier:          sg5RK8LADXzmH369qo3Kwz612CokrUc7M6Afz3E8p9w=
Subject key identifier:   81:F8:17:C3:6D:76:BE:5E:43:62:29:7C:4C:04:B8:86:BE:88:FB:68
Certificate issuer:       /CN=A913C07A/serialNumber=1218DE75B2588B6633A6BF88CD388F31C43AC9C0
Certificate serial:       01D0
Authority key identifier: 12:18:DE:75:B2:58:8B:66:33:A6:BF:88:CD:38:8F:31:C4:3A:C9:C0
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EhjedbJYi2Yzpr-IzTiPMcQ6ycA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913C07A/F142614ABE6711EEB33C6D6EC4F9AE02/A1456A4CBE6811EEBFF35870C4F9AE02.roa
Signing time:             Fri 03 Jul 2026 04:31:32 +0000
ROA not before:           Fri 03 Jul 2026 04:31:32 +0000
ROA not after:            Sun 01 Nov 2026 00:00:00 +0000
asID:                     152447
IP address blocks:        157.15.52.0/23 maxlen: 23
                          157.15.52.0/24 maxlen: 24
                          157.15.53.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A913C07A/F142614ABE6711EEB33C6D6EC4F9AE02/EhjedbJYi2Yzpr-IzTiPMcQ6ycA.crl
                          rsync://rpki.apnic.net/member_repository/A913C07A/F142614ABE6711EEB33C6D6EC4F9AE02/EhjedbJYi2Yzpr-IzTiPMcQ6ycA.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EhjedbJYi2Yzpr-IzTiPMcQ6ycA.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 04:41:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 464 (0x1d0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913C07A, serialNumber=1218DE75B2588B6633A6BF88CD388F31C43AC9C0
        Validity
            Not Before: Jul  3 04:31:32 2026 GMT
            Not After : Nov  1 00:00:00 2026 GMT
        Subject: CN=6a473b24-326e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:67:1e:bd:d5:ca:c8:2e:c8:80:4a:6d:7c:b3:
                    83:c6:3e:23:1b:0c:ac:11:2c:9a:86:72:2b:e6:a4:
                    c4:d7:7c:54:ef:ab:02:0b:43:0a:0d:e5:a9:33:f6:
                    4f:5c:8e:d3:29:ae:b9:77:cf:dd:d1:09:2b:b4:ee:
                    a2:6b:6c:01:d1:6c:d3:85:41:80:99:0b:3e:a6:31:
                    9c:ed:7e:04:4e:5a:08:8a:3f:a2:27:60:de:b3:2d:
                    14:1c:96:07:e0:47:80:bc:2a:1f:1d:98:3e:3a:6c:
                    67:0e:0b:ad:c1:10:c1:96:bd:ce:84:30:57:e9:c2:
                    0f:e0:3c:a5:c4:81:e2:00:70:8b:8c:24:ea:7e:06:
                    39:96:79:cd:59:ec:7f:ea:77:8d:89:bf:1a:9e:2d:
                    ce:61:35:db:a5:21:d0:25:0c:d3:44:6d:81:db:bf:
                    08:9d:27:c5:cf:f4:97:a2:8a:25:57:17:87:e6:59:
                    cd:7e:50:48:7c:9d:a0:93:69:80:38:d0:4e:9b:89:
                    e7:62:01:22:9d:c8:81:aa:c0:23:21:0e:b3:75:66:
                    aa:60:f6:5c:b4:88:af:27:ad:94:90:3c:74:61:b7:
                    cd:bb:65:b7:7a:f9:a7:db:ed:f4:ab:0b:0a:52:00:
                    90:5f:39:2a:55:6e:b9:90:4b:61:dd:95:be:ae:19:
                    51:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:F8:17:C3:6D:76:BE:5E:43:62:29:7C:4C:04:B8:86:BE:88:FB:68
            X509v3 Authority Key Identifier:
                keyid:12:18:DE:75:B2:58:8B:66:33:A6:BF:88:CD:38:8F:31:C4:3A:C9:C0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913C07A/F142614ABE6711EEB33C6D6EC4F9AE02/EhjedbJYi2Yzpr-IzTiPMcQ6ycA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EhjedbJYi2Yzpr-IzTiPMcQ6ycA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C07A/F142614ABE6711EEB33C6D6EC4F9AE02/A1456A4CBE6811EEBFF35870C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.15.52.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b9:2d:3d:36:f8:72:60:9b:db:24:3b:56:0a:b0:6d:3c:9b:0a:
         a6:ba:bf:21:db:1b:4e:23:39:5e:c7:fd:21:c7:3e:48:34:5e:
         20:d6:30:3a:c9:f7:66:32:5b:ea:8d:e0:88:53:25:a3:9e:9e:
         00:c3:1d:5b:5b:9d:18:71:24:55:d3:de:03:ba:3f:57:02:d3:
         27:12:22:d2:fd:84:65:65:5f:49:d2:2c:65:3e:14:84:81:1e:
         06:0b:d2:b0:88:a6:55:46:3f:d8:79:b2:0a:49:1d:43:9f:31:
         bf:d2:e0:82:d7:52:38:a9:bd:e9:87:6f:35:67:37:11:af:c2:
         67:3c:5c:49:2e:55:e8:21:d8:49:da:c5:2c:f9:96:5f:7c:3c:
         b3:4e:a8:08:3d:f7:6c:f7:9a:dd:a4:04:12:34:55:b0:c4:d0:
         6f:86:49:37:90:b2:7b:dd:91:06:d1:24:82:b5:f1:0d:23:1c:
         83:42:a7:fb:2b:cf:65:5e:f6:1f:32:90:9b:b2:bf:81:89:41:
         7e:bc:fe:8c:07:d8:0f:7d:04:9b:d3:14:ac:87:25:1b:49:51:
         73:e7:d5:2c:65:1b:c9:5f:d1:09:94:f4:97:4f:67:d5:f3:b1:
         4b:56:d7:4d:cb:d2:b7:5a:40:f5:e3:7d:71:69:e4:cf:74:eb:
         f8:61:18:60
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICAdAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0MwN0ExMTAvBgNVBAUTKDEyMThERTc1QjI1ODhCNjYzM0E2QkY4OENEMzg4RjMx
QzQzQUM5QzAwHhcNMjYwNzAzMDQzMTMyWhcNMjYxMTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ3M2IyNC0zMjZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn2cevdXKyC7IgEptfLODxj4jGwysESyahnIr5qTE13xU76sCC0MKDeWpM/ZP
XI7TKa65d8/d0QkrtO6ia2wB0WzThUGAmQs+pjGc7X4ETloIij+iJ2Desy0UHJYH
4EeAvCofHZg+OmxnDgutwRDBlr3OhDBX6cIP4DylxIHiAHCLjCTqfgY5lnnNWex/
6neNib8ani3OYTXbpSHQJQzTRG2B278InSfFz/SXooolVxeH5lnNflBIfJ2gk2mA
ONBOm4nnYgEinciBqsAjIQ6zdWaqYPZctIivJ62UkDx0YbfNu2W3evmn2+30qwsK
UgCQXzkqVW65kEth3ZW+rhlR1QIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFIH4F8Nt
dr5eQ2IpfEwEuIa+iPtoMB8GA1UdIwQYMBaAFBIY3nWyWItmM6a/iM04jzHEOsnA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzA3QS9GMTQyNjE0QUJF
NjcxMUVFQjMzQzZENkVDNEY5QUUwMi9FaGplZGJKWWkyWXpwci1JelRpUE1jUTZ5
Y0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0VoamVkYkpZaTJZenByLUl6VGlQTWNRNnljQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0MwN0EvRjE0MjYxNEFCRTY3MTFFRUIzM0M2RDZFQzRGOUFFMDIvQTE0NTZBNENC
RTY4MTFFRUJGRjM1ODcwQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBnQ80MA0GCSqGSIb3DQEBCwUAA4IBAQC5LT02+HJgm9skO1YKsG08
mwqmur8h2xtOIzlex/0hxz5INF4g1jA6yfdmMlvqjeCIUyWjnp4Awx1bW50YcSRV
094Duj9XAtMnEiLS/YRlZV9J0ixlPhSEgR4GC9KwiKZVRj/YebIKSR1DnzG/0uCC
11I4qb3ph281ZzcRr8JnPFxJLlXoIdhJ2sUs+ZZffDyzTqgIPfds95rdpAQSNFWw
xNBvhkk3kLJ73ZEG0SSCtfENIxyDQqf7K89lXvYfMpCbsr+BiUF+vP6MB9gPfQSb
0xSshyUbSVFz59UsZRvJX9EJlPSXT2fV87FLVtdNy9K3WkD1431xaeTPdOv4YRhg
-----END CERTIFICATE-----
Generated at Sat Jul 18 04:34:23 2026 by rpki-client