Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91698EC/3A8F8410214911EFBE88CF29C4F9AE02/206DB948214F11EFAB245D49C4F9AE02.roa
File:                     206DB948214F11EFAB245D49C4F9AE02.roa (raw, json)
Hash identifier:          lrxbuGY2PK1BQs//qiBiMMewL0JNYkGU90gNllT/uBc=
Subject key identifier:   76:6B:C9:29:4B:EB:D0:C1:95:9D:1F:29:28:25:F0:EE:F3:CF:4C:8D
Certificate issuer:       /CN=A91698EC/serialNumber=4DB3B2E3599B646E9F30AF74A58C6678FAF1D2B7
Certificate serial:       019B
Authority key identifier: 4D:B3:B2:E3:59:9B:64:6E:9F:30:AF:74:A5:8C:66:78:FA:F1:D2:B7
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TbOy41mbZG6fMK90pYxmePrx0rc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91698EC/3A8F8410214911EFBE88CF29C4F9AE02/206DB948214F11EFAB245D49C4F9AE02.roa
Signing time:             Fri 03 Jul 2026 05:31:56 +0000
ROA not before:           Fri 03 Jul 2026 05:31:56 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     152894
IP address blocks:        144.79.167.0/24 maxlen: 24
                          160.22.43.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91698EC/3A8F8410214911EFBE88CF29C4F9AE02/TbOy41mbZG6fMK90pYxmePrx0rc.crl
                          rsync://rpki.apnic.net/member_repository/A91698EC/3A8F8410214911EFBE88CF29C4F9AE02/TbOy41mbZG6fMK90pYxmePrx0rc.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TbOy41mbZG6fMK90pYxmePrx0rc.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 05:24:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 411 (0x19b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91698EC, serialNumber=4DB3B2E3599B646E9F30AF74A58C6678FAF1D2B7
        Validity
            Not Before: Jul  3 05:31:56 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a47494c-769a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:8e:80:34:ed:dd:af:52:57:ca:1f:27:bf:ff:
                    b3:d8:40:79:ab:1b:cc:18:74:ca:1a:4b:2d:1b:4c:
                    8a:d9:0b:5d:3c:b3:af:b8:19:bd:be:95:46:be:e1:
                    14:14:2a:c2:8e:97:33:40:27:af:9c:ef:30:ba:50:
                    b2:1b:3b:40:5e:0c:0d:fb:89:fa:f3:97:94:c0:de:
                    bd:e7:92:f6:6f:69:c8:54:ae:b4:87:7a:0b:a6:72:
                    79:ec:e9:86:75:4a:e2:bb:99:02:c7:16:95:5c:6e:
                    5c:e2:25:45:45:ba:49:58:48:1b:34:d7:69:55:09:
                    f8:1b:13:ed:3c:fb:48:7b:bf:c0:6f:7f:cf:a4:86:
                    df:1a:36:7a:e6:fe:46:59:51:70:13:71:47:5b:4e:
                    a0:3c:06:f7:cd:eb:68:f6:5a:2e:bd:f8:01:17:d4:
                    ce:b8:37:e6:97:d2:35:35:02:30:9a:c7:81:8a:d5:
                    53:6d:2e:81:39:be:e7:8e:b9:0c:3b:11:e9:fc:a7:
                    06:99:4c:93:93:4e:a9:2c:cc:a3:75:c2:16:16:79:
                    31:bd:8f:43:96:54:50:b7:12:1b:18:17:62:04:41:
                    c2:e6:e0:b1:64:82:02:bd:a4:4d:4e:79:29:5f:e7:
                    5d:b6:25:91:c9:e2:67:3f:8f:39:d7:83:52:e3:64:
                    1d:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:6B:C9:29:4B:EB:D0:C1:95:9D:1F:29:28:25:F0:EE:F3:CF:4C:8D
            X509v3 Authority Key Identifier:
                keyid:4D:B3:B2:E3:59:9B:64:6E:9F:30:AF:74:A5:8C:66:78:FA:F1:D2:B7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91698EC/3A8F8410214911EFBE88CF29C4F9AE02/TbOy41mbZG6fMK90pYxmePrx0rc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TbOy41mbZG6fMK90pYxmePrx0rc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91698EC/3A8F8410214911EFBE88CF29C4F9AE02/206DB948214F11EFAB245D49C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  144.79.167.0/24
                  160.22.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:f7:fa:1e:7c:3d:65:5e:f5:02:07:62:8d:f4:a8:38:da:3f:
         5f:4b:54:df:99:20:a5:95:9a:4a:f4:31:25:bb:9b:f7:cb:5b:
         17:90:58:a6:c1:45:55:88:c9:a4:fe:6d:b6:83:39:ab:bf:2d:
         2c:58:12:46:d9:1d:a6:95:26:84:bd:39:74:35:9a:fd:ed:72:
         ae:47:0b:dd:81:1f:a5:70:93:05:09:49:10:05:27:08:1c:81:
         32:22:4f:f4:d5:4a:c3:5e:77:31:f7:3e:1d:f5:1e:98:90:6c:
         b7:c8:87:6c:9a:32:f0:3b:66:70:a1:7c:fe:b7:0c:39:18:3d:
         ad:47:78:08:6f:37:70:e1:b1:28:a8:46:12:5b:bb:b5:08:62:
         4d:ff:56:7c:eb:43:d4:10:24:96:13:29:c1:63:1d:56:66:5d:
         8c:70:5c:e9:21:2a:20:c3:be:7f:12:a2:a2:65:51:80:2c:22:
         c3:77:c8:03:09:d4:4d:c2:1e:b0:5d:eb:4a:0c:b2:70:b8:9e:
         24:b3:cd:25:8f:96:31:03:af:e9:03:e3:a9:f4:4a:e4:af:cd:
         d8:2e:ea:22:76:7e:10:67:e2:9c:2f:f1:d9:3f:19:e1:76:1d:
         f6:70:8d:41:e5:ac:7b:8c:66:5a:17:71:e8:16:8b:51:3c:a1:
         c6:3e:01:80
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICAZswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njk4RUMxMTAvBgNVBAUTKDREQjNCMkUzNTk5QjY0NkU5RjMwQUY3NEE1OEM2Njc4
RkFGMUQyQjcwHhcNMjYwNzAzMDUzMTU2WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ3NDk0Yy03NjlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo46ANO3dr1JXyh8nv/+z2EB5qxvMGHTKGkstG0yK2QtdPLOvuBm9vpVGvuEU
FCrCjpczQCevnO8wulCyGztAXgwN+4n685eUwN6955L2b2nIVK60h3oLpnJ57OmG
dUriu5kCxxaVXG5c4iVFRbpJWEgbNNdpVQn4GxPtPPtIe7/Ab3/PpIbfGjZ65v5G
WVFwE3FHW06gPAb3zeto9louvfgBF9TOuDfml9I1NQIwmseBitVTbS6BOb7njrkM
OxHp/KcGmUyTk06pLMyjdcIWFnkxvY9DllRQtxIbGBdiBEHC5uCxZIICvaRNTnkp
X+ddtiWRyeJnP48514NS42Qd4QIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFHZrySlL
69DBlZ0fKSgl8O7zz0yNMB8GA1UdIwQYMBaAFE2zsuNZm2RunzCvdKWMZnj68dK3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OThFQy8zQThGODQxMDIx
NDkxMUVGQkU4OENGMjlDNEY5QUUwMi9UYk95NDFtYlpHNmZNSzkwcFl4bWVQcngw
cmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1RiT3k0MW1iWkc2Zk1LOTBwWXhtZVByeDByYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njk4RUMvM0E4Rjg0MTAyMTQ5MTFFRkJFODhDRjI5QzRGOUFFMDIvMjA2REI5NDgy
MTRGMTFFRkFCMjQ1RDQ5QzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQAkE+nAwQAoBYrMA0GCSqGSIb3DQEBCwUAA4IBAQBj9/oefD1lXvUC
B2KN9Kg42j9fS1TfmSCllZpK9DElu5v3y1sXkFimwUVViMmk/m22gzmrvy0sWBJG
2R2mlSaEvTl0NZr97XKuRwvdgR+lcJMFCUkQBScIHIEyIk/01UrDXncx9z4d9R6Y
kGy3yIdsmjLwO2ZwoXz+tww5GD2tR3gIbzdw4bEoqEYSW7u1CGJN/1Z860PUECSW
EynBYx1WZl2McFzpISogw75/EqKiZVGALCLDd8gDCdRNwh6wXetKDLJwuJ4ks80l
j5YxA6/pA+Op9Erkr83YLuoidn4QZ+KcL/HZPxnhdh32cI1B5ax7jGZaF3HoFotR
PKHGPgGA
-----END CERTIFICATE-----
Generated at Sat Jul 18 04:30:56 2026 by rpki-client