Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919EAF3/9D200DBC6D1811E7A815DA80C4F9AE02/361BDEB6315011F0A08FB267C4F9AE02.roa
File:                     361BDEB6315011F0A08FB267C4F9AE02.roa (raw, json)
Hash identifier:          hQaqyHy+IglmfnIs2mH5KDdafmYlJZXnRBxvCuoPjT4=
Subject key identifier:   51:5B:25:EF:72:F5:B9:EB:1C:40:49:B9:98:36:C3:9C:9E:2A:7B:68
Certificate issuer:       /CN=A919EAF3/serialNumber=ED3694218DCB1EAF3D1AF5C6ABC031A6DB7E6CE5
Certificate serial:       1A96
Authority key identifier: ED:36:94:21:8D:CB:1E:AF:3D:1A:F5:C6:AB:C0:31:A6:DB:7E:6C:E5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7TaUIY3LHq89GvXGq8Axptt-bOU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919EAF3/9D200DBC6D1811E7A815DA80C4F9AE02/361BDEB6315011F0A08FB267C4F9AE02.roa
Signing time:             Tue 14 Jul 2026 17:16:42 +0000
ROA not before:           Tue 14 Jul 2026 17:16:42 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     141109
IP address blocks:        43.255.58.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919EAF3/9D200DBC6D1811E7A815DA80C4F9AE02/7TaUIY3LHq89GvXGq8Axptt-bOU.crl
                          rsync://rpki.apnic.net/member_repository/A919EAF3/9D200DBC6D1811E7A815DA80C4F9AE02/7TaUIY3LHq89GvXGq8Axptt-bOU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7TaUIY3LHq89GvXGq8Axptt-bOU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 16:22:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6806 (0x1a96)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919EAF3, serialNumber=ED3694218DCB1EAF3D1AF5C6ABC031A6DB7E6CE5
        Validity
            Not Before: Jul 14 17:16:42 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a566efa-e49c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:4f:e2:21:f4:60:05:f5:76:7f:60:b4:a8:70:
                    b4:9e:b3:4d:44:6f:d6:da:9e:29:37:f2:4a:66:11:
                    29:6a:35:fe:99:45:62:03:e3:3a:0d:4e:f6:d4:fa:
                    6e:15:9d:f2:97:13:1d:79:22:98:7b:c4:ee:2d:fe:
                    1d:eb:e8:71:2a:07:de:76:74:49:af:32:79:1a:64:
                    b0:9f:87:75:a8:92:39:b3:5a:7d:92:d8:7a:23:15:
                    3d:02:2e:72:8c:ab:71:ae:70:05:d0:37:09:d7:cd:
                    f0:1a:70:0e:90:aa:54:93:d4:9c:11:1c:2f:7f:22:
                    4d:96:eb:aa:1b:bc:02:fb:35:87:05:14:ec:33:b2:
                    c8:a0:dd:36:19:a3:43:09:33:af:8a:86:b2:93:72:
                    21:6f:cb:f1:40:60:a0:1e:41:81:a1:b8:78:08:b8:
                    f5:a9:a9:82:b0:53:b2:6e:a9:e0:cd:ac:f5:5c:26:
                    fc:bc:9a:42:62:fc:08:ab:3d:28:39:1e:4f:f0:83:
                    3d:46:97:a8:1e:84:e1:82:f8:93:95:c4:fc:0e:05:
                    af:9e:53:fa:4b:18:14:6b:83:4b:17:1a:f5:c3:0b:
                    36:94:2f:40:42:c9:c0:81:6b:88:91:fa:48:fb:36:
                    36:60:60:8e:13:03:f5:c7:76:c3:5b:14:b4:5b:56:
                    09:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:5B:25:EF:72:F5:B9:EB:1C:40:49:B9:98:36:C3:9C:9E:2A:7B:68
            X509v3 Authority Key Identifier:
                keyid:ED:36:94:21:8D:CB:1E:AF:3D:1A:F5:C6:AB:C0:31:A6:DB:7E:6C:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919EAF3/9D200DBC6D1811E7A815DA80C4F9AE02/7TaUIY3LHq89GvXGq8Axptt-bOU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7TaUIY3LHq89GvXGq8Axptt-bOU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EAF3/9D200DBC6D1811E7A815DA80C4F9AE02/361BDEB6315011F0A08FB267C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.255.58.0/23

    Signature Algorithm: sha256WithRSAEncryption
         d5:c4:23:48:75:31:63:65:a3:cd:2c:4a:8e:bf:d6:fc:fb:7c:
         61:ce:5c:70:31:98:29:52:4e:20:46:de:1d:f3:93:32:9f:3e:
         7d:f3:cd:fd:d2:1b:38:c6:27:63:03:7f:c0:f6:71:47:ad:98:
         ce:19:89:39:7b:35:b8:06:b3:70:76:5d:14:dd:e9:0f:a1:1e:
         22:d4:a7:80:f4:7a:65:61:d4:17:be:15:87:6e:6f:5e:20:cc:
         7f:b3:3a:c5:80:ad:98:cc:2c:ee:5a:7a:08:c2:30:55:42:f9:
         4e:c1:e9:04:ac:29:8f:f5:80:d7:4e:8b:c1:06:54:db:12:6c:
         1d:59:e4:40:10:76:62:f5:f6:00:65:6f:ce:e7:1d:d9:c3:50:
         2d:d6:d2:4e:33:cd:42:b3:0b:99:57:64:bd:8c:73:79:c8:37:
         81:03:9b:28:ba:77:78:75:e5:af:c4:e6:10:1f:59:63:75:0e:
         f1:05:c4:b9:63:9a:0d:b5:2e:b9:ad:3e:7e:b3:06:ea:ea:1b:
         74:43:25:7f:38:d1:48:42:d0:44:64:dc:a6:19:7c:9c:34:37:
         04:89:b5:84:47:8c:56:fe:f9:99:f3:88:02:df:8d:7c:78:04:
         82:00:40:87:6c:6d:f3:68:17:0d:54:d6:98:49:49:75:18:9c:
         8c:94:c7:4c
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICGpYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVBRjMxMTAvBgNVBAUTKEVEMzY5NDIxOERDQjFFQUYzRDFBRjVDNkFCQzAzMUE2
REI3RTZDRTUwHhcNMjYwNzE0MTcxNjQyWhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTU2NmVmYS1lNDljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw0/iIfRgBfV2f2C0qHC0nrNNRG/W2p4pN/JKZhEpajX+mUViA+M6DU721Ppu
FZ3ylxMdeSKYe8TuLf4d6+hxKgfednRJrzJ5GmSwn4d1qJI5s1p9kth6IxU9Ai5y
jKtxrnAF0DcJ183wGnAOkKpUk9ScERwvfyJNluuqG7wC+zWHBRTsM7LIoN02GaND
CTOvioayk3Ihb8vxQGCgHkGBobh4CLj1qamCsFOybqngzaz1XCb8vJpCYvwIqz0o
OR5P8IM9RpeoHoThgviTlcT8DgWvnlP6SxgUa4NLFxr1wws2lC9AQsnAgWuIkfpI
+zY2YGCOEwP1x3bDWxS0W1YJ1QIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFFFbJe9y
9bnrHEBJuZg2w5yeKntoMB8GA1UdIwQYMBaAFO02lCGNyx6vPRr1xqvAMabbfmzl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUFGMy85RDIwMERCQzZE
MTgxMUU3QTgxNURBODBDNEY5QUUwMi83VGFVSVkzTEhxODlHdlhHcThBeHB0dC1i
T1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdUYVVJWTNMSHE4OUd2WEdxOEF4cHR0LWJPVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVBRjMvOUQyMDBEQkM2RDE4MTFFN0E4MTVEQTgwQzRGOUFFMDIvMzYxQkRFQjYz
MTUwMTFGMEEwOEZCMjY3QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBK/86MA0GCSqGSIb3DQEBCwUAA4IBAQDVxCNIdTFjZaPNLEqOv9b8
+3xhzlxwMZgpUk4gRt4d85Mynz5988390hs4xidjA3/A9nFHrZjOGYk5ezW4BrNw
dl0U3ekPoR4i1KeA9HplYdQXvhWHbm9eIMx/szrFgK2YzCzuWnoIwjBVQvlOwekE
rCmP9YDXTovBBlTbEmwdWeRAEHZi9fYAZW/O5x3Zw1At1tJOM81CswuZV2S9jHN5
yDeBA5sound4deWvxOYQH1ljdQ7xBcS5Y5oNtS65rT5+swbq6ht0QyV/ONFIQtBE
ZNymGXycNDcEibWER4xW/vmZ84gC3418eASCAECHbG3zaBcNVNaYSUl1GJyMlMdM
-----END CERTIFICATE-----
Generated at Sat Jul 18 00:45:54 2026 by rpki-client