Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/92AEE092378211EFAEB6B36DC4F9AE02.roa
File:                     92AEE092378211EFAEB6B36DC4F9AE02.roa (raw, json)
Hash identifier:          4taf7ltYE6M7p58XiP5zUTTzb89QrcQbwrr0YABbhPc=
Subject key identifier:   3D:DF:CC:A4:A6:D1:61:95:12:EA:88:AC:94:23:7C:3A:2C:05:05:A7
Certificate issuer:       /CN=A919EAF3/serialNumber=29B6A8702A4AD644A871064B6407ADE493E63A8D
Certificate serial:       1A8C
Authority key identifier: 29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/92AEE092378211EFAEB6B36DC4F9AE02.roa
Signing time:             Tue 14 Jul 2026 17:16:38 +0000
ROA not before:           Tue 14 Jul 2026 17:16:38 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     9234
IP address blocks:        168.245.188.0/22 maxlen: 22
                          168.245.191.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.crl
                          rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 16:22:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6796 (0x1a8c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919EAF3, serialNumber=29B6A8702A4AD644A871064B6407ADE493E63A8D
        Validity
            Not Before: Jul 14 17:16:38 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a566ef6-bd42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:8b:5c:5f:89:a7:b4:f4:4c:f9:b0:45:ba:fe:
                    b3:33:7a:30:c4:e2:9a:db:64:10:29:a2:01:2f:d0:
                    34:d0:52:ad:93:27:7f:02:48:03:14:33:e9:4a:87:
                    b5:f3:23:ff:ae:c6:6c:0e:a5:e7:34:3a:66:f6:d7:
                    38:57:7c:ab:c1:2e:82:9c:b2:e1:10:39:12:b7:76:
                    8c:bb:d6:15:1f:e9:d2:1c:6b:5a:5e:7a:64:d7:b9:
                    16:e2:b7:40:fb:11:df:5e:b1:1c:b8:6b:2c:2c:57:
                    4d:d2:37:d3:0c:1b:54:8d:74:dc:6c:2d:13:e0:32:
                    09:fe:bf:a3:95:ed:0b:bf:d6:33:32:c7:96:2a:01:
                    58:39:2b:25:86:ac:80:25:aa:c2:a8:a8:40:02:67:
                    2e:de:90:0c:77:62:51:f3:f6:de:18:be:16:63:da:
                    15:a6:02:8c:1c:1b:10:d4:ea:62:4a:4f:d0:37:00:
                    42:38:d0:76:5d:a9:c9:5c:37:ec:c6:7c:88:5b:6b:
                    91:46:f3:74:a9:f9:0c:c1:ae:39:f5:7e:22:da:f7:
                    19:48:78:1c:93:7b:a7:0c:a7:14:19:51:80:d1:c4:
                    32:f4:6e:4a:0e:a0:13:64:b7:b1:95:c6:d2:18:ac:
                    a7:5a:e4:ba:ed:94:25:e8:97:f6:ee:2b:0a:df:18:
                    2d:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:DF:CC:A4:A6:D1:61:95:12:EA:88:AC:94:23:7C:3A:2C:05:05:A7
            X509v3 Authority Key Identifier:
                keyid:29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/92AEE092378211EFAEB6B36DC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.245.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         37:0f:30:b1:ba:84:48:1f:f4:af:51:6b:32:2b:d8:05:b4:a5:
         4f:69:84:93:92:37:72:e7:06:50:c4:ac:f5:f1:82:ee:4b:6d:
         23:c8:3c:10:59:ff:88:f9:a8:07:87:72:bb:28:e6:de:d5:1e:
         c8:45:15:a7:ab:af:cd:ee:a1:3d:8d:d9:80:42:51:fc:9d:56:
         27:71:d8:4d:3b:ba:52:18:c0:c3:14:3d:eb:85:8e:76:3c:97:
         a0:3b:b2:b3:c0:61:e3:d5:ff:b0:81:be:31:8d:73:54:6c:0f:
         da:ab:23:8b:e2:56:53:51:8c:56:73:55:50:26:f0:26:6c:cc:
         70:2b:d3:0c:4b:14:90:3b:7b:d3:cb:f9:64:0d:b6:6e:2e:e7:
         e1:f4:a0:76:26:94:1a:3a:d8:f0:e3:65:3e:a0:0e:5c:33:c6:
         1a:9a:6e:03:f4:44:d5:c0:38:ad:bb:a0:ec:83:c2:fd:7d:2c:
         23:f7:be:73:51:b1:94:e5:9c:bb:cd:3e:99:ac:3a:b2:2c:f2:
         9f:90:d3:b2:26:4b:11:41:98:b7:00:fa:7e:14:cf:3b:4c:a9:
         5b:75:27:27:e5:9f:4f:67:c6:67:6a:09:37:13:4f:fb:a1:f1:
         63:39:c4:b9:a6:11:5d:08:8e:3a:06:f8:fe:24:88:98:5e:74:
         e9:77:49:d0
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICGowwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVBRjMxMTAvBgNVBAUTKDI5QjZBODcwMkE0QUQ2NDRBODcxMDY0QjY0MDdBREU0
OTNFNjNBOEQwHhcNMjYwNzE0MTcxNjM4WhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTU2NmVmNi1iZDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo4tcX4mntPRM+bBFuv6zM3owxOKa22QQKaIBL9A00FKtkyd/AkgDFDPpSoe1
8yP/rsZsDqXnNDpm9tc4V3yrwS6CnLLhEDkSt3aMu9YVH+nSHGtaXnpk17kW4rdA
+xHfXrEcuGssLFdN0jfTDBtUjXTcbC0T4DIJ/r+jle0Lv9YzMseWKgFYOSslhqyA
JarCqKhAAmcu3pAMd2JR8/beGL4WY9oVpgKMHBsQ1OpiSk/QNwBCONB2XanJXDfs
xnyIW2uRRvN0qfkMwa459X4i2vcZSHgck3unDKcUGVGA0cQy9G5KDqATZLexlcbS
GKynWuS67ZQl6Jf27isK3xgtcwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFD3fzKSm
0WGVEuqIrJQjfDosBQWnMB8GA1UdIwQYMBaAFCm2qHAqStZEqHEGS2QHreST5jqN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUFGMy85M0JCNTAyRTZE
MTgxMUU3QTgxNURBODBDNEY5QUUwMi9LYmFvY0NwSzFrU29jUVpMWkFldDVKUG1P
bzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0tiYW9jQ3BLMWtTb2NRWkxaQWV0NUpQbU9vMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVBRjMvOTNCQjUwMkU2RDE4MTFFN0E4MTVEQTgwQzRGOUFFMDIvOTJBRUUwOTIz
NzgyMTFFRkFFQjZCMzZEQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCqPW8MA0GCSqGSIb3DQEBCwUAA4IBAQA3DzCxuoRIH/SvUWsyK9gF
tKVPaYSTkjdy5wZQxKz18YLuS20jyDwQWf+I+agHh3K7KObe1R7IRRWnq6/N7qE9
jdmAQlH8nVYncdhNO7pSGMDDFD3rhY52PJegO7KzwGHj1f+wgb4xjXNUbA/aqyOL
4lZTUYxWc1VQJvAmbMxwK9MMSxSQO3vTy/lkDbZuLufh9KB2JpQaOtjw42U+oA5c
M8Yamm4D9ETVwDitu6Dsg8L9fSwj975zUbGU5Zy7zT6ZrDqyLPKfkNOyJksRQZi3
APp+FM87TKlbdScn5Z9PZ8Znagk3E0/7ofFjOcS5phFdCI46Bvj+JIiYXnTpd0nQ
-----END CERTIFICATE-----
Generated at Sat Jul 18 05:22:05 2026 by rpki-client