Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917BB9A/41390BCACFF311EF9062E521C4F9AE02/0CBF3110D59011EFB76D6824C4F9AE02.roa
File:                     0CBF3110D59011EFB76D6824C4F9AE02.roa (raw, json)
Hash identifier:          YjXpPUbmw3AhrjvHC2ktn+1vhr7KJz4YOUKhnqHxCV0=
Subject key identifier:   5E:6D:64:06:36:68:75:C5:BF:7F:8B:B5:56:AF:E6:69:A9:EC:D5:CE
Certificate issuer:       /CN=A917BB9A/serialNumber=838FBD0B395EA90706C6C289AC26B0D738A04241
Certificate serial:       0126
Authority key identifier: 83:8F:BD:0B:39:5E:A9:07:06:C6:C2:89:AC:26:B0:D7:38:A0:42:41
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/g4-9CzleqQcGxsKJrCaw1zigQkE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917BB9A/41390BCACFF311EF9062E521C4F9AE02/0CBF3110D59011EFB76D6824C4F9AE02.roa
Signing time:             Thu 25 Jun 2026 06:38:19 +0000
ROA not before:           Thu 25 Jun 2026 06:38:19 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     56209
IP address blocks:        160.22.46.0/23 maxlen: 23
                          160.22.46.0/24 maxlen: 24
                          160.22.47.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917BB9A/41390BCACFF311EF9062E521C4F9AE02/g4-9CzleqQcGxsKJrCaw1zigQkE.crl
                          rsync://rpki.apnic.net/member_repository/A917BB9A/41390BCACFF311EF9062E521C4F9AE02/g4-9CzleqQcGxsKJrCaw1zigQkE.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/g4-9CzleqQcGxsKJrCaw1zigQkE.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 06:58:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 294 (0x126)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917BB9A, serialNumber=838FBD0B395EA90706C6C289AC26B0D738A04241
        Validity
            Not Before: Jun 25 06:38:19 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a3cccda-6734
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:12:6c:8e:c1:32:e9:be:62:0a:89:ce:e9:24:
                    68:88:04:7c:a2:d0:83:1c:a9:a8:8b:37:be:2e:ba:
                    09:70:9b:83:e8:44:3c:ea:13:95:b6:e3:de:e9:19:
                    c5:6a:08:69:c5:17:03:f0:fa:63:98:5e:f8:44:ff:
                    3a:9b:33:f1:e3:3e:93:ac:99:60:ad:a7:c6:3a:99:
                    c3:0b:18:81:b8:95:77:3e:5e:53:b1:d0:27:7e:09:
                    9d:c2:3a:8b:db:78:ff:7a:a7:f8:55:ea:73:32:50:
                    ed:a5:67:ff:95:f8:c5:e3:8a:97:da:bb:26:cf:cc:
                    aa:39:5b:93:9e:78:7c:72:b6:ed:51:ee:67:4f:63:
                    51:13:17:c9:99:19:2a:e8:70:46:99:35:c5:53:18:
                    39:98:cb:4d:01:94:8a:4d:ad:da:b7:a4:c8:7b:4d:
                    a2:d4:c6:8c:60:f8:e2:e7:4a:89:7d:84:14:8a:0e:
                    92:7f:c6:98:15:b7:5b:27:90:8a:e3:7f:b9:d7:e1:
                    1b:a5:a3:f8:0a:26:42:92:05:cf:9c:61:21:28:65:
                    46:61:c4:0d:08:a5:c1:4d:d5:c8:0a:f9:a1:46:53:
                    b0:62:96:c9:1a:06:04:a5:ac:09:43:ef:b6:41:1b:
                    50:b8:4b:4a:3e:dc:f4:0e:4d:db:94:12:fe:95:2d:
                    c2:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:6D:64:06:36:68:75:C5:BF:7F:8B:B5:56:AF:E6:69:A9:EC:D5:CE
            X509v3 Authority Key Identifier:
                keyid:83:8F:BD:0B:39:5E:A9:07:06:C6:C2:89:AC:26:B0:D7:38:A0:42:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917BB9A/41390BCACFF311EF9062E521C4F9AE02/g4-9CzleqQcGxsKJrCaw1zigQkE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/g4-9CzleqQcGxsKJrCaw1zigQkE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BB9A/41390BCACFF311EF9062E521C4F9AE02/0CBF3110D59011EFB76D6824C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.22.46.0/23

    Signature Algorithm: sha256WithRSAEncryption
         35:b0:6c:3b:02:cc:02:81:6a:f1:e5:ff:51:48:4a:76:92:9d:
         01:30:24:01:2c:9c:21:58:b0:d7:db:f0:e0:c9:b1:d3:f7:c0:
         d8:76:cb:29:73:9b:42:09:24:63:47:94:be:ef:e7:24:94:34:
         9c:3e:a7:43:17:02:99:ed:6c:f3:c5:ea:3c:dd:56:02:c0:4f:
         33:ca:20:a5:4d:c2:a1:aa:e7:b1:11:68:c8:5c:a6:8d:fc:32:
         54:35:f2:dd:af:6d:77:86:2a:f2:13:92:22:a8:2d:ca:0c:2f:
         37:4d:32:b5:58:3c:ba:49:a6:02:68:5e:0e:8c:57:a2:d8:6a:
         1d:ea:ca:6f:22:c2:4a:bc:78:4b:07:7b:3a:a6:ed:bc:b5:69:
         db:d3:26:e9:75:ff:4d:84:1b:84:4c:98:38:16:99:76:d7:42:
         f0:2d:93:10:24:02:85:0e:8f:c7:c4:00:72:cf:50:ee:20:27:
         15:1c:a2:d3:d8:b4:97:10:c6:79:e9:cb:db:3a:ad:ba:68:64:
         a9:19:7a:a6:dc:0d:f7:37:5e:11:53:77:d5:0d:a1:bd:d9:e7:
         a5:8d:1b:6c:35:53:5b:2c:48:46:a7:c9:e0:8c:4c:dc:0d:64:
         d4:72:31:70:85:40:03:94:2e:1c:a0:fc:54:86:d5:a4:5e:78:
         61:ab:0a:7d
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICASYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0JCOUExMTAvBgNVBAUTKDgzOEZCRDBCMzk1RUE5MDcwNkM2QzI4OUFDMjZCMEQ3
MzhBMDQyNDEwHhcNMjYwNjI1MDYzODE5WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTNjY2NkYS02NzM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkBJsjsEy6b5iConO6SRoiAR8otCDHKmoize+LroJcJuD6EQ86hOVtuPe6RnF
aghpxRcD8PpjmF74RP86mzPx4z6TrJlgrafGOpnDCxiBuJV3Pl5TsdAnfgmdwjqL
23j/eqf4VepzMlDtpWf/lfjF44qX2rsmz8yqOVuTnnh8crbtUe5nT2NRExfJmRkq
6HBGmTXFUxg5mMtNAZSKTa3at6TIe02i1MaMYPji50qJfYQUig6Sf8aYFbdbJ5CK
43+51+EbpaP4CiZCkgXPnGEhKGVGYcQNCKXBTdXICvmhRlOwYpbJGgYEpawJQ++2
QRtQuEtKPtz0Dk3blBL+lS3CWQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFF5tZAY2
aHXFv3+LtVav5mmp7NXOMB8GA1UdIwQYMBaAFIOPvQs5XqkHBsbCiawmsNc4oEJB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QkI5QS80MTM5MEJDQUNG
RjMxMUVGOTA2MkU1MjFDNEY5QUUwMi9nNC05Q3psZXFRY0d4c0tKckNhdzF6aWdR
a0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2c0LTlDemxlcVFjR3hzS0pyQ2F3MXppZ1FrRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0JCOUEvNDEzOTBCQ0FDRkYzMTFFRjkwNjJFNTIxQzRGOUFFMDIvMENCRjMxMTBE
NTkwMTFFRkI3NkQ2ODI0QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBoBYuMA0GCSqGSIb3DQEBCwUAA4IBAQA1sGw7AswCgWrx5f9RSEp2
kp0BMCQBLJwhWLDX2/DgybHT98DYdsspc5tCCSRjR5S+7+cklDScPqdDFwKZ7Wzz
xeo83VYCwE8zyiClTcKhquexEWjIXKaN/DJUNfLdr213hiryE5IiqC3KDC83TTK1
WDy6SaYCaF4OjFei2God6spvIsJKvHhLB3s6pu28tWnb0ybpdf9NhBuETJg4Fpl2
10LwLZMQJAKFDo/HxAByz1DuICcVHKLT2LSXEMZ56cvbOq26aGSpGXqm3A33N14R
U3fVDaG92eeljRtsNVNbLEhGp8ngjEzcDWTUcjFwhUADlC4coPxUhtWkXnhhqwp9
-----END CERTIFICATE-----
Generated at Sat Jul 18 05:26:25 2026 by rpki-client