Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91676D4/E17ECE2EE2E611EBB7596A75C4F9AE02/57FD28280C8311ECB6423427C4F9AE02.roa
File:                     57FD28280C8311ECB6423427C4F9AE02.roa (raw, json)
Hash identifier:          hCZ59HInqz+hzzUi6bk2Ajd/c8yPp0xiZHmbVPzQeM8=
Subject key identifier:   23:9F:06:02:B7:A5:EA:CD:CD:2C:E5:12:C4:02:60:04:3A:B2:56:08
Certificate issuer:       /CN=A91676D4/serialNumber=835A6C96B20924C7E5D8F12F06DB9DD23E252F5D
Certificate serial:       0674
Authority key identifier: 83:5A:6C:96:B2:09:24:C7:E5:D8:F1:2F:06:DB:9D:D2:3E:25:2F:5D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g1pslrIJJMfl2PEvBtud0j4lL10.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91676D4/E17ECE2EE2E611EBB7596A75C4F9AE02/57FD28280C8311ECB6423427C4F9AE02.roa
Signing time:             Mon 06 Jul 2026 23:24:52 +0000
ROA not before:           Mon 06 Jul 2026 23:24:52 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     136041
IP address blocks:        101.234.4.0/24 maxlen: 24
                          101.234.5.0/24 maxlen: 24
                          101.234.10.0/24 maxlen: 24
                          101.234.12.0/24 maxlen: 24
                          101.234.13.0/24 maxlen: 24
                          101.234.27.0/24 maxlen: 24
                          101.234.28.0/24 maxlen: 24
                          101.234.33.0/24 maxlen: 24
                          101.234.43.0/24 maxlen: 24
                          119.234.224.0/19 maxlen: 19
                          119.234.224.0/24 maxlen: 24
                          119.234.225.0/24 maxlen: 24
                          119.234.226.0/24 maxlen: 24
                          119.234.227.0/24 maxlen: 24
                          119.234.228.0/24 maxlen: 24
                          119.234.229.0/24 maxlen: 24
                          119.234.230.0/24 maxlen: 24
                          119.234.231.0/24 maxlen: 24
                          119.234.232.0/24 maxlen: 24
                          119.234.233.0/24 maxlen: 24
                          119.234.234.0/24 maxlen: 24
                          119.234.235.0/24 maxlen: 24
                          119.234.236.0/24 maxlen: 24
                          119.234.237.0/24 maxlen: 24
                          183.81.224.0/24 maxlen: 24
                          183.81.225.0/24 maxlen: 24
                          183.81.226.0/24 maxlen: 24
                          183.81.227.0/24 maxlen: 24
                          183.81.228.0/24 maxlen: 24
                          183.81.229.0/24 maxlen: 24
                          183.81.230.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91676D4/E17ECE2EE2E611EBB7596A75C4F9AE02/g1pslrIJJMfl2PEvBtud0j4lL10.crl
                          rsync://rpki.apnic.net/member_repository/A91676D4/E17ECE2EE2E611EBB7596A75C4F9AE02/g1pslrIJJMfl2PEvBtud0j4lL10.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g1pslrIJJMfl2PEvBtud0j4lL10.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 23:11:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1652 (0x674)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91676D4, serialNumber=835A6C96B20924C7E5D8F12F06DB9DD23E252F5D
        Validity
            Not Before: Jul  6 23:24:52 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a4c3944-43b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:4d:ad:96:47:2b:59:71:c1:c5:32:6c:5b:91:
                    dc:6e:5b:98:37:72:1e:08:68:a8:ac:40:50:61:43:
                    3a:8d:2b:b7:55:a3:4f:66:d1:98:a1:24:2c:66:8d:
                    c3:9e:c5:76:90:83:6c:8c:29:fc:d7:ad:4c:f5:34:
                    af:b1:33:ff:f8:d7:4c:08:bf:b5:1b:97:6f:9b:c6:
                    73:9a:74:b1:8c:68:ca:35:ff:c9:f6:91:82:bc:11:
                    64:23:d9:47:df:df:a6:73:06:ef:66:5a:cb:8b:15:
                    af:0c:c6:d2:4f:bf:0a:20:f3:db:36:61:64:76:8f:
                    40:67:e7:55:80:e3:eb:2c:d9:7a:43:b9:e2:e4:fe:
                    45:0f:1d:36:ab:ab:82:fb:2a:bf:1c:ea:50:a5:70:
                    2b:ea:ea:a6:2a:74:dc:c4:a9:c9:16:29:ea:18:00:
                    59:51:19:07:96:49:aa:43:f7:82:2a:f7:11:80:6b:
                    cd:0d:e6:04:b3:72:f1:4b:84:15:ad:eb:65:8b:a2:
                    ba:f5:c1:6a:8b:83:8d:03:ed:e8:58:29:c7:49:f2:
                    3c:cf:bf:12:94:34:97:f9:b9:19:17:f1:82:a2:50:
                    be:91:25:f2:b2:dc:5e:6b:d0:35:80:c0:29:7c:1c:
                    ac:0b:e5:7f:a7:47:d3:46:df:de:f0:9c:4d:b9:c2:
                    a5:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:9F:06:02:B7:A5:EA:CD:CD:2C:E5:12:C4:02:60:04:3A:B2:56:08
            X509v3 Authority Key Identifier:
                keyid:83:5A:6C:96:B2:09:24:C7:E5:D8:F1:2F:06:DB:9D:D2:3E:25:2F:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91676D4/E17ECE2EE2E611EBB7596A75C4F9AE02/g1pslrIJJMfl2PEvBtud0j4lL10.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g1pslrIJJMfl2PEvBtud0j4lL10.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91676D4/E17ECE2EE2E611EBB7596A75C4F9AE02/57FD28280C8311ECB6423427C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  101.234.4.0/23
                  101.234.10.0/24
                  101.234.12.0/23
                  101.234.27.0-101.234.28.255
                  101.234.33.0/24
                  101.234.43.0/24
                  119.234.224.0/19
                  183.81.224.0-183.81.230.255

    Signature Algorithm: sha256WithRSAEncryption
         28:94:a4:1d:a6:de:bf:4a:24:07:89:29:91:c9:47:8e:50:fe:
         03:a2:d8:1e:29:c4:6a:f8:5d:2f:aa:2d:cd:e0:74:a4:f1:2a:
         80:25:fa:1b:31:bb:f3:42:14:7c:8d:b7:63:1c:0e:f9:96:ee:
         55:bd:23:d3:7c:4d:1e:c6:1c:8d:ab:a8:f8:34:cd:16:c6:b3:
         af:3d:77:36:93:4a:2d:a3:a6:a5:b5:3b:08:8a:e6:3a:85:98:
         cc:1b:8c:5f:82:0e:fc:7c:86:d7:87:68:2c:ec:fa:41:2d:bd:
         df:6b:3c:41:1e:d8:24:53:07:17:18:d5:83:21:21:78:d5:9e:
         e6:4a:76:01:a0:f3:f7:d2:2c:23:69:3e:6a:ae:3c:e0:85:f1:
         0e:de:17:02:36:ac:04:8a:33:19:d7:93:4a:c8:30:36:bc:05:
         43:00:4c:bb:c0:46:63:1d:c9:19:39:81:d1:b6:5d:0c:21:73:
         b8:aa:56:a8:e8:a8:7e:87:e7:04:1f:df:37:90:b7:42:b4:f8:
         33:87:f9:d3:0e:e5:82:e5:f3:23:51:57:b9:ee:89:9b:9b:da:
         40:c9:a3:75:1b:cd:35:77:69:2c:a1:75:92:02:8b:13:2f:98:
         4d:99:8d:41:e6:78:14:aa:5f:79:40:09:1d:eb:5e:a5:75:e9:
         88:dd:00:8c
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgICBnQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njc2RDQxMTAvBgNVBAUTKDgzNUE2Qzk2QjIwOTI0QzdFNUQ4RjEyRjA2REI5REQy
M0UyNTJGNUQwHhcNMjYwNzA2MjMyNDUyWhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTRjMzk0NC00M2IxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAl02tlkcrWXHBxTJsW5HcbluYN3IeCGiorEBQYUM6jSu3VaNPZtGYoSQsZo3D
nsV2kINsjCn8161M9TSvsTP/+NdMCL+1G5dvm8ZzmnSxjGjKNf/J9pGCvBFkI9lH
39+mcwbvZlrLixWvDMbST78KIPPbNmFkdo9AZ+dVgOPrLNl6Q7ni5P5FDx02q6uC
+yq/HOpQpXAr6uqmKnTcxKnJFinqGABZURkHlkmqQ/eCKvcRgGvNDeYEs3LxS4QV
retli6K69cFqi4ONA+3oWCnHSfI8z78SlDSX+bkZF/GColC+kSXystxea9A1gMAp
fBysC+V/p0fTRt/e8JxNucKl7QIDAQABo4ICmjCCApYwHQYDVR0OBBYEFCOfBgK3
perNzSzlEsQCYAQ6slYIMB8GA1UdIwQYMBaAFINabJayCSTH5djxLwbbndI+JS9d
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NzZENC9FMTdFQ0UyRUUy
RTYxMUVCQjc1OTZBNzVDNEY5QUUwMi9nMXBzbHJJSkpNZmwyUEV2QnR1ZDBqNGxM
MTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2cxcHNscklKSk1mbDJQRXZCdHVkMGo0bEwxMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njc2RDQvRTE3RUNFMkVFMkU2MTFFQkI3NTk2QTc1QzRGOUFFMDIvNTdGRDI4Mjgw
QzgzMTFFQ0I2NDIzNDI3QzRGOUFFMDIucm9hMFkGCCsGAQUFBwEHAQH/BEowSDBG
BAIAATBAAwQBZeoEAwQAZeoKAwQBZeoMMAwDBABl6hsDBABl6hwDBABl6iEDBABl
6isDBAV36uAwDAMEBbdR4AMEALdR5jANBgkqhkiG9w0BAQsFAAOCAQEAKJSkHabe
v0okB4kpkclHjlD+A6LYHinEavhdL6otzeB0pPEqgCX6GzG780IUfI23YxwO+Zbu
Vb0j03xNHsYcjauo+DTNFsazrz13NpNKLaOmpbU7CIrmOoWYzBuMX4IO/HyG14do
LOz6QS2932s8QR7YJFMHFxjVgyEheNWe5kp2AaDz99IsI2k+aq484IXxDt4XAjas
BIozGdeTSsgwNrwFQwBMu8BGYx3JGTmB0bZdDCFzuKpWqOiofofnBB/fN5C3QrT4
M4f50w7lguXzI1FXue6Jm5vaQMmjdRvNNXdpLKF1kgKLEy+YTZmNQeZ4FKpfeUAJ
HetepXXpiN0AjA==
-----END CERTIFICATE-----
Generated at Sat Jul 18 02:55:36 2026 by rpki-client