Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915B50D/E682683C7BBC11EF92EE1A66C4F9AE02/85CDB6087C1211EF8E490677C4F9AE02.roa
File:                     85CDB6087C1211EF8E490677C4F9AE02.roa (raw, json)
Hash identifier:          CDGrpJSPniMGtcipilejSGaCU2ymrM18PS+qEkb3ykI=
Subject key identifier:   C3:D0:BB:EB:0A:68:4F:67:DF:5E:01:E6:79:83:52:5E:1D:A0:27:EC
Certificate issuer:       /CN=A915B50D/serialNumber=B7CF0B270A7FDB1D717AE8B979D1EE0FF88BD44F
Certificate serial:       0159
Authority key identifier: B7:CF:0B:27:0A:7F:DB:1D:71:7A:E8:B9:79:D1:EE:0F:F8:8B:D4:4F
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t88LJwp_2x1xeui5edHuD_iL1E8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915B50D/E682683C7BBC11EF92EE1A66C4F9AE02/85CDB6087C1211EF8E490677C4F9AE02.roa
Signing time:             Sun 05 Jul 2026 06:32:05 +0000
ROA not before:           Sun 05 Jul 2026 06:32:05 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     153042
IP address blocks:        160.25.18.0/24 maxlen: 24
                          160.250.141.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A915B50D/E682683C7BBC11EF92EE1A66C4F9AE02/t88LJwp_2x1xeui5edHuD_iL1E8.crl
                          rsync://rpki.apnic.net/member_repository/A915B50D/E682683C7BBC11EF92EE1A66C4F9AE02/t88LJwp_2x1xeui5edHuD_iL1E8.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t88LJwp_2x1xeui5edHuD_iL1E8.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 06:12:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 345 (0x159)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915B50D, serialNumber=B7CF0B270A7FDB1D717AE8B979D1EE0FF88BD44F
        Validity
            Not Before: Jul  5 06:32:05 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a49fa65-c4df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:a2:e0:da:3d:ab:3b:44:be:62:45:6f:d5:9c:
                    de:42:69:d3:97:9b:fa:e7:90:b2:e2:69:70:47:d3:
                    6a:f7:4d:de:53:d7:29:6e:14:05:58:70:ae:fd:71:
                    14:21:49:1a:39:14:fd:41:87:91:35:60:25:84:c0:
                    05:c6:5f:e4:28:ec:71:bf:fd:ad:c3:4e:56:dd:07:
                    62:02:97:66:84:1b:8c:24:08:55:6c:86:43:50:95:
                    74:67:6d:f1:08:ad:49:0d:4b:ce:95:57:95:bb:08:
                    d0:5d:2e:b0:05:4b:fd:8e:17:f5:48:c4:62:2b:f4:
                    d1:30:8e:64:47:7f:bf:07:38:2a:f9:95:e7:e9:95:
                    27:be:23:0e:b0:85:f8:17:39:8a:8d:2e:66:1e:45:
                    40:f4:0f:f8:af:31:78:7c:87:de:70:55:dd:ee:25:
                    af:65:80:ea:af:f6:05:58:08:d5:0f:aa:21:e7:08:
                    1c:55:8b:16:10:81:7c:3c:7e:e9:be:ea:5a:ee:75:
                    e0:2c:35:a7:f0:78:40:3c:3f:ea:4b:73:7e:f2:4f:
                    9a:8e:76:fb:82:e8:b0:e1:30:00:75:6e:35:a3:b4:
                    e8:16:d9:29:ef:b3:96:1e:c6:56:4b:73:ca:59:94:
                    90:09:20:15:d2:18:5f:48:23:73:8d:f2:23:77:87:
                    f7:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:D0:BB:EB:0A:68:4F:67:DF:5E:01:E6:79:83:52:5E:1D:A0:27:EC
            X509v3 Authority Key Identifier:
                keyid:B7:CF:0B:27:0A:7F:DB:1D:71:7A:E8:B9:79:D1:EE:0F:F8:8B:D4:4F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915B50D/E682683C7BBC11EF92EE1A66C4F9AE02/t88LJwp_2x1xeui5edHuD_iL1E8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t88LJwp_2x1xeui5edHuD_iL1E8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915B50D/E682683C7BBC11EF92EE1A66C4F9AE02/85CDB6087C1211EF8E490677C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.25.18.0/24
                  160.250.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:44:23:bd:a8:91:e4:6d:b8:2f:66:b7:c2:93:95:7e:23:09:
         4b:95:91:f3:74:df:cc:24:a0:dc:c9:ee:2a:e1:03:ff:e6:3e:
         c7:7b:11:c7:9d:e5:db:4d:c9:6c:d6:3b:93:1b:8d:0b:28:72:
         28:3f:61:08:2a:67:ad:24:15:97:10:37:5d:f5:52:f8:f4:a5:
         49:07:b9:53:02:b4:1a:04:a0:ce:7f:56:ad:02:46:58:17:b9:
         02:d6:1a:44:fa:bf:db:ce:0f:f3:f3:48:e8:4f:7e:bd:a8:54:
         47:50:04:2d:af:a9:50:9c:b0:af:76:7a:78:d4:f2:ff:82:61:
         ba:11:e6:1f:4a:43:12:96:a3:b3:ae:e8:28:aa:d3:f1:40:8d:
         92:a3:e8:12:15:1c:ab:f0:28:e3:97:06:33:f3:7b:9c:f2:83:
         ea:b4:10:f0:a7:f3:e4:d0:8d:9e:f4:b1:83:e2:cf:b7:83:38:
         58:3a:b4:1e:10:92:9b:27:ef:2b:14:31:9d:5f:18:d2:0e:5c:
         63:eb:95:77:cc:51:c2:16:fe:f0:05:2a:55:9a:4d:78:35:01:
         2a:00:8e:19:96:01:af:fb:d4:02:e7:bb:16:0e:9b:ec:84:d8:
         dc:54:31:ef:0e:28:c4:b1:49:8a:6d:cc:20:b7:38:a6:e8:2f:
         e4:93:17:5c
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICAVkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUI1MEQxMTAvBgNVBAUTKEI3Q0YwQjI3MEE3RkRCMUQ3MTdBRThCOTc5RDFFRTBG
Rjg4QkQ0NEYwHhcNMjYwNzA1MDYzMjA1WhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ5ZmE2NS1jNGRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAl6Lg2j2rO0S+YkVv1ZzeQmnTl5v655Cy4mlwR9Nq903eU9cpbhQFWHCu/XEU
IUkaORT9QYeRNWAlhMAFxl/kKOxxv/2tw05W3QdiApdmhBuMJAhVbIZDUJV0Z23x
CK1JDUvOlVeVuwjQXS6wBUv9jhf1SMRiK/TRMI5kR3+/Bzgq+ZXn6ZUnviMOsIX4
FzmKjS5mHkVA9A/4rzF4fIfecFXd7iWvZYDqr/YFWAjVD6oh5wgcVYsWEIF8PH7p
vupa7nXgLDWn8HhAPD/qS3N+8k+ajnb7guiw4TAAdW41o7ToFtkp77OWHsZWS3PK
WZSQCSAV0hhfSCNzjfIjd4f3FwIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFMPQu+sK
aE9n314B5nmDUl4doCfsMB8GA1UdIwQYMBaAFLfPCycKf9sdcXrouXnR7g/4i9RP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QjUwRC9FNjgyNjgzQzdC
QkMxMUVGOTJFRTFBNjZDNEY5QUUwMi90ODhMSndwXzJ4MXhldWk1ZWRIdURfaUwx
RTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3Q4OExKd3BfMngxeGV1aTVlZEh1RF9pTDFFOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUI1MEQvRTY4MjY4M0M3QkJDMTFFRjkyRUUxQTY2QzRGOUFFMDIvODVDREI2MDg3
QzEyMTFFRjhFNDkwNjc3QzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQAoBkSAwQAoPqNMA0GCSqGSIb3DQEBCwUAA4IBAQCzRCO9qJHkbbgv
ZrfCk5V+IwlLlZHzdN/MJKDcye4q4QP/5j7HexHHneXbTcls1juTG40LKHIoP2EI
KmetJBWXEDdd9VL49KVJB7lTArQaBKDOf1atAkZYF7kC1hpE+r/bzg/z80joT369
qFRHUAQtr6lQnLCvdnp41PL/gmG6EeYfSkMSlqOzrugoqtPxQI2So+gSFRyr8Cjj
lwYz83uc8oPqtBDwp/Pk0I2e9LGD4s+3gzhYOrQeEJKbJ+8rFDGdXxjSDlxj65V3
zFHCFv7wBSpVmk14NQEqAI4ZlgGv+9QC57sWDpvshNjcVDHvDijEsUmKbcwgtzim
6C/kkxdc
-----END CERTIFICATE-----
Generated at Sat Jul 18 05:22:20 2026 by rpki-client