Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/C186DD80331A11EC8F33C209C4F9AE02.roa
File:                     C186DD80331A11EC8F33C209C4F9AE02.roa (raw, json)
Hash identifier:          SldeaCZGSwTt8m25XecGitCIUSJt0D3MD87GNQPgihE=
Subject key identifier:   B3:F9:D3:3A:E3:9D:12:02:61:F4:12:5A:3A:EF:46:FA:65:87:B9:79
Certificate issuer:       /CN=A9157D7A/serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Certificate serial:       08BD
Authority key identifier: 40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/C186DD80331A11EC8F33C209C4F9AE02.roa
Signing time:             Wed 08 Jul 2026 23:25:08 +0000
ROA not before:           Wed 08 Jul 2026 23:25:08 +0000
ROA not after:            Fri 28 May 2027 00:00:00 +0000
asID:                     134540
IP address blocks:        27.107.128.0/20 maxlen: 24
                          182.156.128.0/21 maxlen: 24
                          182.156.136.0/21 maxlen: 24
                          182.156.144.0/21 maxlen: 24
                          182.156.152.0/21 maxlen: 24
                          182.156.160.0/21 maxlen: 24
                          182.156.168.0/21 maxlen: 24
                          182.156.176.0/21 maxlen: 24
                          182.156.184.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
                          rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 22:34:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2237 (0x8bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9157D7A, serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
        Validity
            Not Before: Jul  8 23:25:08 2026 GMT
            Not After : May 28 00:00:00 2027 GMT
        Subject: CN=6a4edc54-02ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:2d:92:aa:f3:13:e6:af:28:5e:fe:f8:dd:de:
                    b0:42:58:db:34:9d:fe:7c:4e:0b:9d:db:e8:d9:e0:
                    d9:83:b9:b6:4f:c5:90:f8:21:0a:b4:f4:cb:df:f6:
                    d1:57:50:d4:bb:e1:8c:d5:ff:4a:cb:45:9f:3a:2a:
                    58:d4:e8:43:87:94:0f:76:3d:95:36:61:04:54:64:
                    eb:1b:33:13:84:fe:e0:cb:71:df:6f:f5:68:7d:5d:
                    aa:bc:44:43:c6:79:80:29:70:8f:c9:db:9e:83:73:
                    9b:41:bc:81:e9:d2:8a:a0:00:a6:c9:2b:5c:e1:e3:
                    a6:79:d2:0e:91:96:7c:cd:1a:41:5d:ee:6b:d7:86:
                    61:f1:35:42:f9:45:4e:28:41:83:4c:b6:64:64:50:
                    f6:f4:ff:a4:5a:ee:46:ad:d5:4b:6a:6b:b1:6d:bf:
                    37:b9:b3:0a:55:30:f3:04:94:11:0d:fa:9a:99:9a:
                    ed:bd:f9:09:40:be:8b:a9:fe:e4:9b:ee:c8:7a:c3:
                    6e:13:67:d3:7b:4b:1d:6e:4f:1b:7e:7c:fb:21:68:
                    c8:76:69:ea:db:dd:f2:a5:83:e8:21:00:19:fe:21:
                    db:99:64:f9:f0:95:0d:b4:72:10:16:54:c0:00:00:
                    63:e7:2e:06:67:e6:91:26:f3:eb:15:f0:6f:09:a7:
                    64:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:F9:D3:3A:E3:9D:12:02:61:F4:12:5A:3A:EF:46:FA:65:87:B9:79
            X509v3 Authority Key Identifier:
                keyid:40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/C186DD80331A11EC8F33C209C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.107.128.0/20
                  182.156.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         10:4e:5b:ab:93:99:bb:f6:db:23:a0:32:27:48:6b:fd:c1:78:
         32:d7:1b:fa:7c:8e:9d:c8:3b:68:f3:f8:c1:22:f8:c3:38:2c:
         32:e0:5c:fd:66:e3:6b:51:4b:fb:53:5f:48:63:98:9c:42:49:
         b5:9c:03:87:72:e3:20:cb:41:df:03:e9:59:13:96:ba:f2:07:
         b1:6a:78:0f:f9:98:f5:37:e1:c8:66:80:77:aa:8c:c8:df:54:
         62:f4:8c:95:68:89:b3:a6:2c:38:c0:2a:e9:ad:c4:1d:ab:91:
         7a:65:18:d4:a9:70:73:d9:59:a1:72:a5:b9:82:da:68:81:f4:
         34:ad:1b:f8:95:1f:29:04:4f:95:cd:23:c1:6d:0a:ba:38:b2:
         55:ae:e4:8c:e3:83:98:81:c5:e5:e6:2e:60:64:5d:16:53:41:
         79:c8:31:79:92:26:02:33:c1:1c:22:9b:41:01:35:77:5a:f8:
         de:12:71:64:06:eb:97:33:df:44:ae:67:b4:b5:a2:99:bf:2f:
         57:45:0c:20:b0:1c:14:9e:7e:50:eb:48:ec:5e:c0:e1:95:23:
         23:c8:26:27:c7:f6:1c:16:20:8f:a3:92:e1:6c:f4:a1:5c:04:
         a8:00:ef:48:91:43:6e:c4:1d:75:b0:ad:21:12:c5:9b:07:3e:
         f9:c7:20:32
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICCL0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdEN0ExMTAvBgNVBAUTKDQwMUI0Mjk5MDZDOTBFQTAzRUNGQzYxQjE1QkE0RUYx
MjM5MDMzNzkwHhcNMjYwNzA4MjMyNTA4WhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02YTRlZGM1NC0wMmFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4y2SqvMT5q8oXv743d6wQljbNJ3+fE4Lndvo2eDZg7m2T8WQ+CEKtPTL3/bR
V1DUu+GM1f9Ky0WfOipY1OhDh5QPdj2VNmEEVGTrGzMThP7gy3Hfb/VofV2qvERD
xnmAKXCPydueg3ObQbyB6dKKoACmyStc4eOmedIOkZZ8zRpBXe5r14Zh8TVC+UVO
KEGDTLZkZFD29P+kWu5GrdVLamuxbb83ubMKVTDzBJQRDfqamZrtvfkJQL6Lqf7k
m+7IesNuE2fTe0sdbk8bfnz7IWjIdmnq293ypYPoIQAZ/iHbmWT58JUNtHIQFlTA
AABj5y4GZ+aRJvPrFfBvCadkCwIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFLP50zrj
nRICYfQSWjrvRvplh7l5MB8GA1UdIwQYMBaAFEAbQpkGyQ6gPs/GGxW6TvEjkDN5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q3QS81RERDQ0NDNjk5
MTUxMUVCOTY3MjcyNDNDNEY5QUUwMi9RQnRDbVFiSkRxQS16OFliRmJwTzhTT1FN
M2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FCdENtUWJKRHFBLXo4WWJGYnBPOFNPUU0zay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdEN0EvNUREQ0NDQzY5OTE1MTFFQjk2NzI3MjQzQzRGOUFFMDIvQzE4NkREODAz
MzFBMTFFQzhGMzNDMjA5QzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQEG2uAAwQGtpyAMA0GCSqGSIb3DQEBCwUAA4IBAQAQTlurk5m79tsj
oDInSGv9wXgy1xv6fI6dyDto8/jBIvjDOCwy4Fz9ZuNrUUv7U19IY5icQkm1nAOH
cuMgy0HfA+lZE5a68gexangP+Zj1N+HIZoB3qozI31Ri9IyVaImzpiw4wCrprcQd
q5F6ZRjUqXBz2VmhcqW5gtpogfQ0rRv4lR8pBE+VzSPBbQq6OLJVruSM44OYgcXl
5i5gZF0WU0F5yDF5kiYCM8EcIptBATV3WvjeEnFkBuuXM99Erme0taKZvy9XRQwg
sBwUnn5Q60jsXsDhlSMjyCYnx/YcFiCPo5LhbPShXASoAO9IkUNuxB11sK0hEsWb
Bz75xyAy
-----END CERTIFICATE-----
Generated at Sat Jul 18 04:08:31 2026 by rpki-client