Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/03C522BA8CF211ED8699F014C4F9AE02.roa
File:                     03C522BA8CF211ED8699F014C4F9AE02.roa (raw, json)
Hash identifier:          hZnSGa5sJglM36JrWPW33FVeXKbAkLzdvimEBvYGRK0=
Subject key identifier:   26:A6:03:01:93:CB:1E:50:8D:96:CA:17:F8:7E:06:CC:BE:24:5D:84
Certificate issuer:       /CN=A914BC7A/serialNumber=5312F399A6F7EB0DDCD51C039F83F7B7A47A5F09
Certificate serial:       3668
Authority key identifier: 53:12:F3:99:A6:F7:EB:0D:DC:D5:1C:03:9F:83:F7:B7:A4:7A:5F:09
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/03C522BA8CF211ED8699F014C4F9AE02.roa
Signing time:             Mon 13 Jul 2026 03:16:55 +0000
ROA not before:           Mon 13 Jul 2026 03:16:55 +0000
ROA not after:            Tue 01 Dec 2026 00:00:00 +0000
asID:                     148000
IP address blocks:        36.50.36.0/24 maxlen: 24
                          36.50.50.0/24 maxlen: 24
                          2409::/32 maxlen: 32
                          2409::/40 maxlen: 40
                          2409::/48 maxlen: 48
                          2409:1::/48 maxlen: 48
                          2409:e:eb::/48 maxlen: 48
                          2409:e:ed::/48 maxlen: 48
                          240a:e000::/20 maxlen: 20
                          240a:eabc::/32 maxlen: 32
                          240a:eabc:abcd::/48 maxlen: 48
                          240a:eabc:d00d::/48 maxlen: 48
                          240a:eff0::/32 maxlen: 32
                          240a:eff1::/32 maxlen: 32
                          240a:eff2::/32 maxlen: 32
                          240a:eff4::/32 maxlen: 32
                          240a:eff5::/32 maxlen: 32
                          240a:eff6::/32 maxlen: 32
                          240a:eff8::/32 maxlen: 32
                          240a:eff9::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.crl
                          rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 15:22:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13928 (0x3668)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914BC7A, serialNumber=5312F399A6F7EB0DDCD51C039F83F7B7A47A5F09
        Validity
            Not Before: Jul 13 03:16:55 2026 GMT
            Not After : Dec  1 00:00:00 2026 GMT
        Subject: CN=6a5458a7-4a60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:f6:5a:a2:06:f8:75:ee:a2:d3:e1:9b:a2:26:
                    18:13:f3:f5:be:89:44:56:8e:75:c1:47:cc:78:db:
                    7d:31:3a:ba:1d:8e:0b:7f:53:aa:10:78:ed:ea:6f:
                    60:14:32:64:3d:94:c2:c3:d1:c7:76:b7:24:d6:87:
                    14:50:73:4d:f5:2c:78:d0:d2:b5:ec:67:6f:12:c3:
                    a9:d8:3e:21:39:4e:35:9a:10:80:d9:46:8b:8c:12:
                    a2:7d:68:9b:d4:56:50:89:88:23:48:9f:5d:a5:f0:
                    41:d3:da:c9:57:b3:52:b0:d6:08:e4:54:48:31:6b:
                    d1:29:74:d1:17:db:12:c3:bf:d5:4f:c6:15:6b:00:
                    83:31:24:93:62:6a:62:00:d8:92:ec:ab:f4:8e:b2:
                    04:88:6e:c1:ea:af:2e:cb:a8:a4:bc:7c:27:ae:41:
                    91:66:aa:75:58:cd:32:1a:b5:95:11:f6:dd:4d:e4:
                    1f:35:db:15:89:5d:98:9c:bd:02:7d:00:97:89:d3:
                    a7:69:88:90:19:67:54:a5:6a:95:ac:36:d4:03:b8:
                    8d:1a:7f:82:94:db:51:80:9f:dd:f5:63:b0:a7:98:
                    4d:25:c7:d4:d7:b9:bf:d6:70:7b:00:5c:50:e3:c6:
                    c8:67:f6:da:dc:6f:db:33:fe:0e:69:f0:bd:fa:26:
                    a9:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:A6:03:01:93:CB:1E:50:8D:96:CA:17:F8:7E:06:CC:BE:24:5D:84
            X509v3 Authority Key Identifier:
                keyid:53:12:F3:99:A6:F7:EB:0D:DC:D5:1C:03:9F:83:F7:B7:A4:7A:5F:09

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/03C522BA8CF211ED8699F014C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  36.50.36.0/24
                  36.50.50.0/24
                IPv6:
                  2409::-2409:1:0:ffff:ffff:ffff:ffff:ffff
                  2409:e:eb::/48
                  2409:e:ed::/48
                  240a:e000::/20

    Signature Algorithm: sha256WithRSAEncryption
         f1:c3:0b:07:61:19:c0:28:0a:5d:28:2b:b7:fe:62:c9:a2:29:
         9e:e2:f4:2e:8a:af:e7:39:ce:ef:fb:9f:e0:15:44:28:90:9a:
         7f:9c:9b:cb:13:5d:98:b4:25:cc:80:28:b8:95:76:a1:2a:34:
         f9:d2:2a:38:99:9a:2c:41:ab:b1:76:02:7f:6f:01:4b:48:5b:
         45:3f:49:d9:09:7b:a2:d8:09:82:e1:d4:3c:3f:ff:02:cb:17:
         fd:61:18:90:d0:9e:bb:e5:10:0e:02:54:86:83:d4:a8:e1:6d:
         3f:12:09:33:21:b6:de:a2:d9:9e:c8:7e:23:b3:56:ab:95:f2:
         b9:0a:0e:d2:01:68:13:85:b2:d5:52:80:a1:8b:02:b0:3b:71:
         ec:70:22:6a:43:08:96:b6:23:ec:9b:93:e0:fd:43:e0:28:05:
         a9:da:0e:78:d7:56:cd:1d:da:dc:eb:62:f8:98:cb:a1:20:d2:
         e6:66:fd:c3:63:b4:4b:c1:35:d0:62:21:15:b9:35:a1:7a:96:
         48:4f:da:19:05:4c:d3:0e:87:ae:cb:00:e3:95:18:a2:c1:77:
         d9:78:01:66:78:89:8e:db:71:3e:8e:7b:6a:1e:ab:4d:9d:ea:
         b5:47:4c:46:80:13:12:20:d0:34:ff:b9:9f:cb:94:c2:05:7c:
         1d:d6:eb:a9
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICNmgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEJDN0ExMTAvBgNVBAUTKDUzMTJGMzk5QTZGN0VCMEREQ0Q1MUMwMzlGODNGN0I3
QTQ3QTVGMDkwHhcNMjYwNzEzMDMxNjU1WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTU0NThhNy00YTYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1fZaogb4de6i0+GboiYYE/P1volEVo51wUfMeNt9MTq6HY4Lf1OqEHjt6m9g
FDJkPZTCw9HHdrck1ocUUHNN9Sx40NK17GdvEsOp2D4hOU41mhCA2UaLjBKifWib
1FZQiYgjSJ9dpfBB09rJV7NSsNYI5FRIMWvRKXTRF9sSw7/VT8YVawCDMSSTYmpi
ANiS7Kv0jrIEiG7B6q8uy6ikvHwnrkGRZqp1WM0yGrWVEfbdTeQfNdsViV2YnL0C
fQCXidOnaYiQGWdUpWqVrDbUA7iNGn+ClNtRgJ/d9WOwp5hNJcfU17m/1nB7AFxQ
48bIZ/ba3G/bM/4OafC9+iapMQIDAQABo4ICljCCApIwHQYDVR0OBBYEFCamAwGT
yx5QjZbKF/h+Bsy+JF2EMB8GA1UdIwQYMBaAFFMS85mm9+sN3NUcA5+D97ekel8J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkM3QS80QzUyOEY3ODQ1
MDMxMUUyQkRDQTFGNzMyOTc5QkIyMC9VeEx6bWFiMzZ3M2MxUndEbjRQM3Q2UjZY
d2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1V4THptYWIzNnczYzFSd0RuNFAzdDZSNlh3ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEJDN0EvNEM1MjhGNzg0NTAzMTFFMkJEQ0ExRjczMjk3OUJCMjAvMDNDNTIyQkE4
Q0YyMTFFRDg2OTlGMDE0QzRGOUFFMDIucm9hMFUGCCsGAQUFBwEHAQH/BEYwRDAS
BAIAATAMAwQAJDIkAwQAJDIyMC4EAgACMCgwDgMDACQJAwcAJAkAAQAAAwcAJAkA
DgDrAwcAJAkADgDtAwQEJArgMA0GCSqGSIb3DQEBCwUAA4IBAQDxwwsHYRnAKApd
KCu3/mLJoime4vQuiq/nOc7v+5/gFUQokJp/nJvLE12YtCXMgCi4lXahKjT50io4
mZosQauxdgJ/bwFLSFtFP0nZCXui2AmC4dQ8P/8Cyxf9YRiQ0J675RAOAlSGg9So
4W0/EgkzIbbeotmeyH4js1arlfK5Cg7SAWgThbLVUoChiwKwO3HscCJqQwiWtiPs
m5Pg/UPgKAWp2g5411bNHdrc62L4mMuhINLmZv3DY7RLwTXQYiEVuTWhepZIT9oZ
BUzTDoeuywDjlRiiwXfZeAFmeImO23E+jntqHqtNneq1R0xGgBMSINA0/7mfy5TC
BXwd1uup
-----END CERTIFICATE-----
Generated at Sat Jul 18 09:22:29 2026 by rpki-client