Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C0AE95C836E111F0BD233B12C4F9AE02.roa
File:                     C0AE95C836E111F0BD233B12C4F9AE02.roa (raw, json)
Hash identifier:          Ke0hcASvc5KRJtPLfV59Ke8WRXcjEOwCBCdYMOE75Hg=
Subject key identifier:   80:C2:B7:0D:9A:1B:EE:B7:4E:86:27:02:A8:A5:CD:9B:5F:F6:2B:96
Certificate issuer:       /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial:       EEB5
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C0AE95C836E111F0BD233B12C4F9AE02.roa
Signing time:             Mon 06 Jul 2026 16:36:46 +0000
ROA not before:           Mon 06 Jul 2026 16:36:46 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     133689
IP address blocks:        163.227.206.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
                          rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 13:11:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 61109 (0xeeb5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
        Validity
            Not Before: Jul  6 16:36:46 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=6a4bd99d-1ff8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:96:ad:84:10:2a:47:46:28:91:6d:59:a9:b4:
                    a4:3a:b4:72:99:5b:b3:f7:21:d1:ca:41:30:ea:08:
                    98:54:f1:a5:2d:4e:f2:21:ca:39:08:39:f1:55:00:
                    4c:9f:04:50:c2:9f:68:42:e8:eb:0e:90:70:87:8b:
                    a7:d6:7a:f0:fb:65:84:14:ba:3b:ce:f2:d0:e8:76:
                    44:e4:bb:5e:aa:e3:04:4e:d6:0a:cf:00:aa:e3:d6:
                    cf:a6:d2:72:5f:71:82:41:6e:f6:78:26:80:63:1a:
                    c1:23:3b:89:c4:1b:39:ba:f9:58:83:1f:6d:cc:c1:
                    89:02:83:9e:aa:f5:2d:36:d1:82:0f:3d:26:30:bf:
                    a8:cc:03:11:90:d6:e5:ac:20:11:6d:a6:e3:9f:bd:
                    fa:5a:fd:64:d9:9d:db:40:4d:8e:f1:7c:31:84:5d:
                    72:50:ad:19:9f:58:9a:32:db:6a:f5:ec:1e:67:38:
                    f1:34:d9:ae:ca:93:8d:b0:13:7b:1a:ba:8c:48:a2:
                    a4:e0:83:f2:a0:1f:b8:e9:fe:e7:15:14:5f:f1:90:
                    f1:9f:7a:05:79:51:c6:e0:0f:f4:dc:1c:8c:93:43:
                    c6:7a:54:7e:81:60:4b:47:82:43:50:fb:8c:4a:a9:
                    0b:5b:7a:bf:66:32:07:18:5c:ce:5a:b1:f0:94:2e:
                    95:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:C2:B7:0D:9A:1B:EE:B7:4E:86:27:02:A8:A5:CD:9B:5F:F6:2B:96
            X509v3 Authority Key Identifier:
                keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C0AE95C836E111F0BD233B12C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.227.206.0/23

    Signature Algorithm: sha256WithRSAEncryption
         10:00:8e:de:5e:5c:da:e3:07:c4:0d:ca:ca:26:b3:18:76:3a:
         5d:c1:30:02:1c:21:c0:f4:b8:44:f8:6c:98:4e:fb:cf:ea:05:
         fa:e9:40:80:62:d7:98:b4:db:d9:56:76:0a:bd:9b:b0:13:b4:
         4d:98:37:7c:73:d2:ec:f2:75:5b:21:d2:68:d7:9b:10:be:30:
         8a:d2:16:2d:1d:4a:cd:3f:4d:5b:a3:40:39:2a:b6:d4:61:66:
         23:e8:d8:4e:c9:61:71:b5:21:64:1f:1d:77:12:84:13:75:dd:
         5e:69:4b:04:07:9b:2e:40:80:e8:3e:f1:21:7e:b4:a3:20:c2:
         40:6b:d6:14:e3:95:e7:49:a4:00:bb:bc:96:51:0c:af:fd:72:
         a0:26:5b:d0:d5:56:b4:9b:89:0d:71:e6:24:1e:7e:81:3d:bc:
         7d:5f:21:cd:e4:2a:2e:14:c2:90:35:ad:3c:0b:88:fd:46:ad:
         ea:39:8f:50:8d:fd:03:eb:f9:8f:76:10:56:31:d0:a6:8d:55:
         39:e1:e7:ca:78:bb:72:f7:d3:12:46:2d:70:74:2d:af:93:f3:
         87:0e:3f:96:7e:7b:3b:b4:d8:b9:2e:8d:39:60:bb:14:1b:fc:
         7f:a7:25:e2:c6:a9:e8:e2:74:d9:fb:03:e2:be:98:03:52:0e:
         da:72:08:0b
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIDAO61MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDcwNjE2MzY0NloXDTI3MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNmE0YmQ5OWQtMWZmODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJOWrYQQKkdGKJFtWam0pDq0cplbs/ch0cpBMOoImFTxpS1O8iHKOQg58VUA
TJ8EUMKfaELo6w6QcIeLp9Z68PtlhBS6O87y0Oh2ROS7XqrjBE7WCs8AquPWz6bS
cl9xgkFu9ngmgGMawSM7icQbObr5WIMfbczBiQKDnqr1LTbRgg89JjC/qMwDEZDW
5awgEW2m45+9+lr9ZNmd20BNjvF8MYRdclCtGZ9YmjLbavXsHmc48TTZrsqTjbAT
exq6jEiipOCD8qAfuOn+5xUUX/GQ8Z96BXlRxuAP9NwcjJNDxnpUfoFgS0eCQ1D7
jEqpC1t6v2YyBxhczlqx8JQulTECAwEAAaOCAmAwggJcMB0GA1UdDgQWBBSAwrcN
mhvut06GJwKopc2bX/YrljAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0MwQUU5NUM4
MzZFMTExRjBCRDIzM0IxMkM0RjlBRTAyLnJvYTAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaPjzjANBgkqhkiG9w0BAQsFAAOCAQEAEACO3l5c2uMHxA3Kyiaz
GHY6XcEwAhwhwPS4RPhsmE77z+oF+ulAgGLXmLTb2VZ2Cr2bsBO0TZg3fHPS7PJ1
WyHSaNebEL4witIWLR1KzT9NW6NAOSq21GFmI+jYTslhcbUhZB8ddxKEE3XdXmlL
BAebLkCA6D7xIX60oyDCQGvWFOOV50mkALu8llEMr/1yoCZb0NVWtJuJDXHmJB5+
gT28fV8hzeQqLhTCkDWtPAuI/Uat6jmPUI39A+v5j3YQVjHQpo1VOeHnyni7cvfT
EkYtcHQtr5Pzhw4/ln57O7TYuS6NOWC7FBv8f6cl4sap6OJ02fsD4r6YA1IO2nII
Cw==
-----END CERTIFICATE-----
Generated at Sat Jul 18 01:51:49 2026 by rpki-client