Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9191136/03C4287A9AA911F095AA0480C4F9AE02/97B512889AA911F08374FE83C4F9AE02.roa
File:                     97B512889AA911F08374FE83C4F9AE02.roa (raw, json)
Hash identifier:          lrVsCGN6vE18SBXjQLOCGLgg3nz8J37VCsU/VIopgQI=
Subject key identifier:   12:55:6F:E5:DF:E5:47:7F:65:AB:BD:40:D2:E2:1F:2A:B7:C1:AB:1E
Certificate issuer:       /CN=A9191136/serialNumber=FFB8EBF7517594F41EB636573D96A357069749B9
Certificate serial:       91
Authority key identifier: FF:B8:EB:F7:51:75:94:F4:1E:B6:36:57:3D:96:A3:57:06:97:49:B9
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/_7jr91F1lPQetjZXPZajVwaXSbk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9191136/03C4287A9AA911F095AA0480C4F9AE02/97B512889AA911F08374FE83C4F9AE02.roa
Signing time:             Sat 27 Jun 2026 08:40:21 +0000
ROA not before:           Sat 27 Jun 2026 08:40:21 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     153969
IP address blocks:        165.99.250.0/23 maxlen: 23
                          165.99.250.0/24 maxlen: 24
                          165.99.251.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9191136/03C4287A9AA911F095AA0480C4F9AE02/_7jr91F1lPQetjZXPZajVwaXSbk.crl
                          rsync://rpki.apnic.net/member_repository/A9191136/03C4287A9AA911F095AA0480C4F9AE02/_7jr91F1lPQetjZXPZajVwaXSbk.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/_7jr91F1lPQetjZXPZajVwaXSbk.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 08:35:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 145 (0x91)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9191136, serialNumber=FFB8EBF7517594F41EB636573D96A357069749B9
        Validity
            Not Before: Jun 27 08:40:21 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a3f8c75-825e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:69:8f:bf:35:ed:37:2b:89:a1:97:9b:8d:af:
                    cf:33:67:c5:4f:3f:bd:74:c8:33:08:81:3e:6f:63:
                    f9:9f:eb:d2:e9:bc:fa:d5:bf:aa:62:d2:ec:53:55:
                    52:fb:bb:52:2b:56:e5:c9:41:0b:84:95:5c:da:20:
                    0f:98:33:5d:5b:0a:25:e2:7a:48:d5:d3:7a:95:dd:
                    7a:66:65:16:d4:b9:32:83:4e:b0:e5:f0:25:d4:df:
                    86:58:6f:f5:92:37:25:60:ba:4a:3f:5a:ce:f8:e2:
                    38:da:e3:a7:23:a0:fa:10:6b:5c:57:4a:8b:14:7c:
                    e0:63:8c:05:02:5e:63:11:5b:b5:ef:c3:ae:4c:a1:
                    f2:6c:ae:9f:76:83:9b:8d:6e:50:4c:a1:f0:38:b4:
                    0c:3d:87:06:1b:22:4e:2c:89:a5:ec:57:38:38:34:
                    16:ea:b3:f7:a8:b0:6c:e4:ca:64:70:0c:3c:6a:e3:
                    68:d6:9b:3e:75:af:f3:2f:d7:60:c2:4c:11:ad:9c:
                    e0:66:62:a9:c2:82:74:5d:38:b4:e7:a1:e1:21:a2:
                    3e:7f:e2:ea:9a:a8:98:4c:e7:03:54:e0:e4:62:bb:
                    41:e0:62:f1:1a:5e:8d:9e:e4:84:60:95:ef:82:54:
                    7c:d5:7b:c7:93:a8:1f:2a:63:42:4f:15:ce:9e:af:
                    7b:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:55:6F:E5:DF:E5:47:7F:65:AB:BD:40:D2:E2:1F:2A:B7:C1:AB:1E
            X509v3 Authority Key Identifier:
                keyid:FF:B8:EB:F7:51:75:94:F4:1E:B6:36:57:3D:96:A3:57:06:97:49:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9191136/03C4287A9AA911F095AA0480C4F9AE02/_7jr91F1lPQetjZXPZajVwaXSbk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/_7jr91F1lPQetjZXPZajVwaXSbk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191136/03C4287A9AA911F095AA0480C4F9AE02/97B512889AA911F08374FE83C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.99.250.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ba:31:7c:63:16:3f:77:dc:04:43:ba:66:dd:a4:8f:ef:46:b8:
         c8:77:97:25:ff:f9:41:d9:8a:2a:be:42:af:88:b2:22:7b:97:
         0b:ea:b0:e9:e2:8a:38:a1:3c:b9:5f:cb:e6:05:78:e6:ef:d0:
         de:8b:30:9f:43:55:32:0b:1c:bf:92:7f:24:70:39:ac:cb:37:
         bc:22:96:be:2f:7d:97:0c:63:d1:4f:82:e8:18:d8:c6:95:97:
         82:62:c5:17:c4:62:09:40:cc:8f:26:60:d8:b7:30:d5:b2:dc:
         3a:91:e7:26:c1:51:2f:0f:ef:d7:92:2e:7b:7e:af:56:84:ad:
         0a:d9:56:ab:75:30:17:7d:1f:32:6d:63:c1:9f:7c:d8:bf:23:
         bd:ec:c2:c5:fa:08:3d:f4:00:7e:2f:10:49:91:6a:61:6f:87:
         e3:e8:05:00:95:4d:d3:8f:22:13:07:9e:ef:cc:60:58:5f:c4:
         d4:8b:75:67:aa:66:fc:46:7d:f0:d1:17:c1:3c:9a:35:7b:43:
         d9:89:8d:83:7b:f3:c6:d0:e2:9b:cc:02:db:80:07:9f:75:32:
         3e:00:8d:c9:c6:94:8b:1e:b4:ad:fb:0f:b8:d8:17:21:cf:e1:
         47:b5:8e:e8:50:11:b4:06:a7:fa:c5:30:85:b8:eb:ae:f4:f1:
         33:a7:85:eb
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICAJEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTExMzYxMTAvBgNVBAUTKEZGQjhFQkY3NTE3NTk0RjQxRUI2MzY1NzNEOTZBMzU3
MDY5NzQ5QjkwHhcNMjYwNjI3MDg0MDIxWhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTNmOGM3NS04MjVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu2mPvzXtNyuJoZebja/PM2fFTz+9dMgzCIE+b2P5n+vS6bz61b+qYtLsU1VS
+7tSK1blyUELhJVc2iAPmDNdWwol4npI1dN6ld16ZmUW1Lkyg06w5fAl1N+GWG/1
kjclYLpKP1rO+OI42uOnI6D6EGtcV0qLFHzgY4wFAl5jEVu178OuTKHybK6fdoOb
jW5QTKHwOLQMPYcGGyJOLIml7Fc4ODQW6rP3qLBs5MpkcAw8auNo1ps+da/zL9dg
wkwRrZzgZmKpwoJ0XTi056HhIaI+f+LqmqiYTOcDVODkYrtB4GLxGl6NnuSEYJXv
glR81XvHk6gfKmNCTxXOnq97UQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFBJVb+Xf
5Ud/Zau9QNLiHyq3waseMB8GA1UdIwQYMBaAFP+46/dRdZT0HrY2Vz2Wo1cGl0m5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTEzNi8wM0M0Mjg3QTlB
QTkxMUYwOTVBQTA0ODBDNEY5QUUwMi9fN2pyOTFGMWxQUWV0alpYUFphalZ3YVhT
YmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL183anI5MUYxbFBRZXRqWlhQWmFqVndhWFNiay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTExMzYvMDNDNDI4N0E5QUE5MTFGMDk1QUEwNDgwQzRGOUFFMDIvOTdCNTEyODg5
QUE5MTFGMDgzNzRGRTgzQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBpWP6MA0GCSqGSIb3DQEBCwUAA4IBAQC6MXxjFj933ARDumbdpI/v
RrjId5cl//lB2YoqvkKviLIie5cL6rDp4oo4oTy5X8vmBXjm79DeizCfQ1UyCxy/
kn8kcDmsyze8Ipa+L32XDGPRT4LoGNjGlZeCYsUXxGIJQMyPJmDYtzDVstw6kecm
wVEvD+/Xki57fq9WhK0K2VardTAXfR8ybWPBn3zYvyO97MLF+gg99AB+LxBJkWph
b4fj6AUAlU3TjyITB57vzGBYX8TUi3Vnqmb8Rn3w0RfBPJo1e0PZiY2De/PG0OKb
zALbgAefdTI+AI3JxpSLHrSt+w+42Bchz+FHtY7oUBG0Bqf6xTCFuOuu9PEzp4Xr
-----END CERTIFICATE-----
Generated at Sat Jul 18 04:32:23 2026 by rpki-client